BASICS OF METASPLOIT – BASIC COMMANDS OF METASPLOIT

Metasploit is an advanced hacking tool that comes itself with a complete lack of advanced penetration testing tools. Penetration testers and hackers are taking so much advantage of this tool. It's a complete hack pack for a hacker that he can play almost any attack with it. Here I am going to discuss the basics of Metasploit. I am not covering attacks in this article, as I am just making sure to share the basics of Metasploit and basic commands of Metasploit. So, we can get back to cover attacks of Metasploit in the next articles.

BASICS OF METASPLOIT

The Metasploit framework has three types of working environments.

1. msfconsole
2. msfcli interface
3. msfweb interface

However, the most preferred and used is the 'msfconsole'. It's a very efficient command-line interface that has its own set of commands and system's working environment.

First of all, it's most important to know and understand all the useful commands of Metasploit that are going to be used.

BASIC COMMANDS OF METASPLOIT

Metasploit have a huge number of command that we can use in different type of attacks, but I am just going to share the most used and useful commands here that a beginner can easily understand and follow 'em.

• help (It will give the basic commands you need to launch an exploit.
• search (Finds out the keywords in the selected attack method).
• show exploits (Shows list of an available exploit in the selected option).
• show payloads (It lists all the payloads available).
• show options (It helps you to know all the options if you might have forgotten one).
• info (This is used to get information about any exploit or payload).
• use (It tells Metasploit to use the exploit with the specified name).
• set RHOST (Sets the address of specified remote host).
• set RPORT (Sets up a port that connects to on the remote host).
• set PAYLOAD (It sets the payload that gives you a shell when a service is exploited).
• set LPORT (Sets the port number that the payload will open on the server when an exploit is exploited).
• exploit  (It actually exploits the service).
• rexploit (Reloads your exploit code and then executes the exploit without restarting the console).

These are the most used Metasploit commands which come in handy in most of the situations during any sort of attack. You must give all the commands a try and understand 'em how it works and then move to the next part of designing an attack.

Read more

• Hacking Academy
• Hacking Live
• Libro Hacker
• El Hacker
• Wordpress Hacking

Read More :- "BASICS OF METASPLOIT – BASIC COMMANDS OF METASPLOIT"

Brazil's Biggest Cosmetic Brand Natura Exposes Personal Details Of Its Users

Brazil's biggest cosmetics company Natura accidentally left hundreds of gigabytes of its customers' personal and payment-related information publicly accessible online that could have been accessed by anyone without authentication. SafetyDetective researcher Anurag Sen last month discovered two unprotected Amazon-hosted servers—with 272GB and 1.3TB in size—belonging to Natura that consisted of

via The Hacker News

This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

More articles

1. Hacking Wifi Kali Linux
2. Capture The Flag Hacking
3. Tools For Hacking Wifi
4. Hacker Definicion Informatica
5. Hacking School

Read More :- "Brazil's Biggest Cosmetic Brand Natura Exposes Personal Details Of Its Users"

How To Protect Your Private Data From Android Apps

In android there is lots of personal data that can be accessed by any unauthorized apps that were installed on the device. This is just because your Android data is openly saved in your file explorer that is not encrypted or protected by encryption method, so, even normal app can also hijack your data very easily as the media access permissions are granted when you click on accept button while installing the apps. And this may be endangering the private data that you might not want to share with anyone. So here we have a cool way that will help you to make your data private by disallowing the apps to access your media files without your permission. So have a look on complete guide discussed below to proceed.

How To Protect Your Private Data From Android Apps

The method is quite simple and just need a rooted android device that will allow the Xposed installer to run on the device. And after having the Xposed installer you will be using an Xposed module to disallow the apps to have access to your personal or say private data. For this follow the guide below.

Steps To Protect Your Private Data From Android Apps:

Step 1. First of all, you need a rooted android as Xposed installer can only be installed on a rooted android, so Root your android to proceed for having superuser access on your android.

Step 2. After rooting your Android device you have to install the Xposed installer on your android and thats quite lengthy process and for that, you can proceed with our Guide to Install Xposed Installer On Android.

Step 3. Now after having an Xposed framework on your Android the only thing you need is the Xposed module that is DonkeyGuard – Security Management the app that will allow you to manage the media access for apps installed on your device.

Step 4. Now install the app on your device and after that, you need to activate the module in the Xposed installer. Now you need to reboot your device to make the module work perfectly on your device.

Step 5. Now launch the app and you will see all the apps that are currently installed on your device.

Step 6. Now edit the media permission for the apps that you don't want to have access to your media with private data.

That's it, you are done! now the app will disallow the media access to that apps.

Manually Checking App Permission

Well, our Android operating system offers a nice feature in which we can manage a single app's permission. However, you need to have Android 6.0 Marshmallow or a newer version to get the option.

Step 1. First of all, open Settings and then tap on 'Apps'.

Manually Checking App Permission

Step 2. Now you will see the list of apps that are currently installed on your Android smartphone. Now you need to select the app, and then you will see 'Permissions.'

Manually Checking App Permission

Step 3. Now it will open a new window, which will show you all permissions that you have granted to the app like Camera access, contacts, Location, microphone, etc. You can revoke any permissions as per your wish.

Manually Checking App Permission

Well, the same thing you need to perform if you feel that you have installed some suspicious app on your Android. By this way, you can protect your private data from Android apps.

Related news

• Hacking Etico Curso Gratis
• Blackhat Hacking
• Marketing Growth Hacking
• Que Es El Hacking
• Hacking Programs
• Hacking With Swift

Read More :- "How To Protect Your Private Data From Android Apps"

FOOTPRITING AND INFORMATION GATHERING USED IN HACKING

WHAT IS FOOTPRITING AND INFORMATION GATHERING IN HACKING?

Footpriting is the technique used for gathering information about computer systems and the entities they belongs too. 
To get this information, a hacker might use various tools and technologies.

Basically it is the first step where hacker gather as much information as possible to find the way for cracking the whole system or target or atleast decide what types of attacks will be more suitable for the target.

Footpriting can be both passive and active.

Reviewing a company's website is an example of passive footprinting, 
whereas attempting to gain access to sensititve information through social engineering is an example of active information gathering.

During this phase hacking, a hacker can collect the following information>- Domain name
-IP Addresses
-Namespaces
-Employee information 
-Phone numbers
-E-mails 
Job information

Tip-You can use http://www.whois.com/ website to get detailed information about a domain name information including its owner,its registrar, date of registration, expiry, name servers owner's contact information etc.

Use of  Footprinting & Information Gathering in People Searching-
Now a days its very easy to find anyone with his/her full name in social media sites like Facebook, Instragram,Twitter,Linkdedin to gather information about date of birth,birthplace, real photos, education detail, hobbies, relationship status etc.

There are several sites like PIPL,PeekYou, Transport Sites such as mptransport,uptransport etc and Job placement Sites such as Shine.com,Naukari.com , Monster.com etc which are very useful for hacker to collect information about anyone.  
Hacker collect the information about you from your Resume which you uploaded on job placement site for seeking a job as well as  hacker collect the information from your vehicle number also from transport sites to know about the owner of vehicle, adderess etc then after they make plan how to attack on victim to earn money after know about him/her from collecting information.




INFORMATION GATHERING-It is the process of collecting the information from different places about any individual company,organization, server, ip address or person.
Most of the hacker spend his time in this process.

Information gathering plays a vital role for both investigating and attacking purposes.This is one of the best way to collect victim data and find the vulnerability and loopholes to get unauthorized modifications,deletion and unauthorized access.

More articles

• Hacking Etico Que Es
• Google Hacking
• Curso Hacker
• Chema Alonso Wikipedia
• Hacking Definition
• Hacking Social
• Hacking Microsoft

Read More :- "FOOTPRITING AND INFORMATION GATHERING USED IN HACKING"

The OWASP Foundation Has Selected The Technical Writer For Google Season Of Docs

The OWASP Foundation has selected the technical writer for Google Season of Docs by Fabio Cerullo

The OWASP Foundation has been accepted as the organization for the Google Seasons of Docs, a project whose goals are to give technical writers an opportunity to gain experience in contributing to open source projects and to give open-source projects an opportunity to engage the technical writing community.

During the program, technical writers spend a few months working closely with an open-source community. They bring their technical writing expertise to the project's documentation, and at the same time learn about open source and new technologies.

The open-source projects work with the technical writers to improve the project's documentation and processes. Together they may choose to build a new documentation set, or redesign the existing docs, or improve and document the open-source community's contribution procedures and onboarding experience. Together, we raise public awareness of open source docs, of technical writing, and of how we can work together to the benefit of the global open source community.

After a careful review and selection process, the OWASP Foundation has picked the primary technical writer who will work along the OWASP ZAP Team for the next 3 months to create the API documentation of this flagship project.

Congratulations to Nirojan Selvanathan!

Please refer to the linked document where you could look at the deliverables and work execution plan.

https://drive.google.com/open?id=1kwxAzaqSuvWhis9Xn1VKNJTJZPM2UV20

More articles

• Hacking Movies
• Mind Hacking
• Codigo Hacker
• Hacking Wireless 101 Pdf
• Hacking Growth Pdf
• Growth Hacking Courses

Read More :- "The OWASP Foundation Has Selected The Technical Writer For Google Season Of Docs"

Networking | Switching And Routing | Tutorial 1 | 2018

Welcome to my new series of tutorials about networking. Moreover in this series I'll discuss briefly each and every thing related to routing and switching. After that you will able to pass an exam of HCNA, CCNA etc. First of all you have to know which software is used by which company such as Huawei used its own software named eNSP while Cisco used its own software named Cisco Packet Tracer. After that you have to know that how to download and install both of the software in your computer systems. So the purpose of this blog is to give you people an overview about how to download and install both of them.

What is a Network? 

First of all we must have to know about what is a network. So the network is the interconnection of two or more than two devices in such a way that they can communicate each other. In computer networks we can say that the interconnection of two or more than two end devices (computer, laptops, printers etc) for the sake of sending and receiving some amount of data is known as computer network.

What is Internet?  

The very simple and easily understandable definition of a internet is "The network of networks". Now what is meant by that? When different networks from the different areas or at the same areas wanna communicate with each other then internet formed. So we can say that "Internet is the interconnection of different networks in such a way that networks can communicate with each other".

   You can watch the full installation tutorial here:

Hacktronian Menu:

• Information Gathering
• Password Attacks
• Wireless Testing
• Exploitation Tools
• Sniffing & Spoofing
• Web Hacking
• Private Web Hacking
• Post Exploitation
• Install The HACKTRONIAN

Information Gathering menu:

• Nmap
• SEToolkit
• Port Scanning
• Host To IP
• wordpress user
• CMS scanner
• XSStrike Dork - Google Dorks Passive Vulnerability Auditor
• Scan A server's Users Crips

Password Attacks menu:

• Cupp
• Ncrack

Wireless Testing menu:

• Reaver
• PixieWPS
• Fluxion

Exploitation Tools menu:

• ATSCAN
• SQLMap
• Shellnoob
• commix
• FTP Auto Bypass
• jboss-autopwn

Sniffing and Spoofing menu:

• SEToolkit
• SSLtrip
• pyPISHER
• SMTP Mailer

Web Hacking menu:

• Drupal Hacking
• Inurlbr
• Wordpress & Joomla Scanner
• Gravity Form Scanner
• File Upload Checker
• Wordpress Exploit Scanner
• Wordpress Plugins Scanner
• Shell and Directory Finder
• Joomla! 1.5 - 3.4.5 remote code execution
• Vbulletin 5.X remote code execution
• BruteX - Automatically brute force all services running on a target
• Arachni - Web Application Security Scanner Framework

Private Web Hacking:

• Get all websites
• Get joomla websites
• Get wordpress websites
• Control Panel Finder
• Zip Files Finder
• Upload File Finder
• Get server users
• SQli Scanner
• Ports Scan (range of ports)
• ports Scan (common ports)
• Get server Info
• Bypass Cloudflare

Post Exploitation:

• Shell Checker
• POET
• Weeman

Hacktronian's License: MIT Licence

That's It... If You Like This Repo. Please Share This With Your Friends. And Don't Forget To Follow The Author At Twitter, Instagram, Github & SUBSCRIBE His YouTube Channel!!!

Thank you. Keep Visiting.. Enjoy.!!! :)

Download Hacktronian

Continue reading

1. Mind Hacking
2. Como Aprender A Hackear
3. Herramientas De Seguridad Informatica
4. Hacking Hardware
5. Phishing Hacking
6. Hacking Pdf
7. Hacking Meaning
8. El Hacker Pelicula
9. Hacking Pages
10. Sean Ellis Growth Hacking
11. Brain Hacking
12. Tutoriales Hacking

Read More :- "Hacktronian: All In One Hacking Tools Installer For Linux And Android"