Enumeration
TCP
- nmap -p- -T4 -n IP
- masscan -p0-65535 IP -n –rate 1000 -oL masscan
- nmap -sC -sV IP -oA nmap
- netdiscover -r IP
- nmap –script smb-check-vulns.nse –script-args=unsafe=1 -p445 IP
UDP
- nmap -p- -sU IP -oA udpports
- nmap -sU –top-ports 200 IP
- nmap -sU -sS –script=smb-enum-users -p U:137,T:139 192.168.1.200-254
Ports
- 21 FTP
- 22 SSH
- 25 SMTP
- 53 Domain
- 79 Finger
- 80/443 HTTP
- 110 PoP3
- 111 RPCBind
- 135 RPC
- 139/445 SMB
- 161/162 SNMP (UDP)
- 389 LDAP
- 1433 MsSQL
- 1521 Oracle Database
- 2049 NFS
- 3306 MySQL
- 3389 Remote Desktop Service
OpenVPN to Shell
Privilege Escalation
Cryptography
Wordlist
Steganography
- exiftool filename.png
- binwalk -Me file.png
- steghide
- steghide -xf filename.jgp
Advertisements
