Skip to main content

Posts

Web Pentest - Recon

  Refer to Simple WebPentest Checklist Subdomain Enumeration git clone https://github.com/TheRook/subbrute.git python subbrute.py domain.com > subdomains.txt git clone https://github.com/infosec-au/altdns.git altdns -i subdomains.txt -o data_output -w words.txt -r -s results_output.txt #paste the list into Bulk URL HTTP Status Code, Header & Redirect Checker | httpstatus.io # this will give live hosts status make sure to check subdomain of the sub-domains #Other Tools amass enum -passive -norecursive -noalts –df domin.txt -o subs-1.txt amass enum -passive -norecursive -noalts –df subs-1.txt -o all-sub.txt Recon Automation #Better use https://github.com/smicallef/spiderfoot - this automates most of the basic tasks #use ReconFTW git clone https://github.com/six2dez/reconftw cd reconftw/ ./install.sh ./reconftw.sh -d target.com -r #or Setup a container docker pull six2dez/reconftw:main docker run -it --rm \ -v "${PWD}/OutputFolder/":'/reconftw/Recon
Recent posts

ffmpeg

Create a Video from an Image - Video will be an image - Audio will be taken from the input video/audio file (-i 142.mp4) - Output file will be generated with Image as a video and audio from the input file  #USE CPU ffmpeg -loop 1 -framerate 1 -i image.jpg -i 142.mp4 -map 0 -map 1:a -c:v libx264 -preset ultrafast -tune stillimage -vf fps=10,format=yuv420p -c:a copy -shortest 142_output.mp4 # USE GPU ffmpeg -loop 1 -framerate 1 -i image.jpg -i 156.mp4 -map 0 -map 1:a -c:v h264_nvenc -preset fast -tune hq -vf fps=10,scale=1920:1080,format=yuv420p -c:a copy -shortest 156_output.mp4 Batch Script to Take a list of .mp4 files as input and create a new video file with 'video as a still image' and audio from the given audio file

Pentesting Kibana, Elastic Search - Port 5601, 9200

  #Service Name and Version info - if no info is displayed, requires Auth curl 10.10.10.10:9200/ #Default Creds curl -X GET http://admin:elasticadmin@10.10.10.10:9200/ curl -X GET http://elastic:changeme@10.10.10.10:9200/ #Bruteforce Creds hydra -L usernames.txt -P passwords.txt <target-ip> -s 9200 http-get / ALL PATHS _cat /_cluster /_security /_cat/segments /_cluster/allocation/explain /_security/user /_cat/shards /_cluster/settings /_security/privilege /_cat/repositories /_cluster/health /_security/role_mapping /_cat/recovery /_cluster/state /_security/role /_cat/plugins /_cluster/stats /_security/api_key /_cat/pending_tasks /_cluster/pending_tasks /_cat/nodes /_nodes /_cat/tasks /_nodes/usage /_cat/templates /_nodes/hot_threads /_cat/thread_pool /_nodes/stats /_cat/ml/trained_models /_tasks /_cat/transforms/_all /_remote/info /_cat/aliases /_cat/allocation /_cat/ml/anomaly_detectors /_cat/count /_cat/ml/data_frame/analytics /_cat/ml/datafeeds /_cat/fielddata /_cat/health /_