Collaborate Disseminate
My machines routinely get scanned by Qualys and other scanners that report my supported and patched version of php as wildly out of date (even though they’re patched quarterly, I get flagged on ancient CVE’s for php and apach… Continue reading How do scanners know which apache2 modules are installed?
I’ve seen that checking the netstat output is a recurrent practice in the post-exploitation phase to privilege escalate. But I don’t understand how I can use the output. Could you help me?
Continue reading Use netstat output in post-exploitation phase to privilege escalate [on hold]
I’m looking at NIST Interagency Report 7695 and the grammar described in 5.3.2 seems to say that all . need to be preceded by a \, but this doesn’t seem to be followed in the CPE dictionary. Am I reading something wrong?
Th… Continue reading Periods in Common Platform Enumeration WFN (NIST Interagency Report 7695 )
If we email <username>@gmail.com and the address doesn’t exist (or is misspelled), our email provider will fail and return an “Undelivered Mail Returned to Sender” response.
Using a command line tool (preferably in Kal… Continue reading Email address enumeration tools? [on hold]
I am currently working on a project where I need to find a host running a SIEM solution. From my research I am fairly confident that the host is running Elastic Stack, probably within another solution such as SIEMonster, but … Continue reading Enumerating hosts running Elastic Stack
I am currently building a Python-based OSINT tool that allows a user to crawl a supplied domain for pages using traditional scraping/spider methods, but I also want to have the option to ‘brute force’ common pages for web app… Continue reading List of common website endings/pages for enumeration?
I can determine a single public IP address from within the organization (using NAT) by sending a HTTP request to one of the publically available services:
curl ipinfo.io/ip
However, if my request always takes the same rout… Continue reading How to determine all public IP adresses from within an organization?
A very quick post about a new thread which has been started yesterday on the OSS-Security mailing list. It’s about a vulnerability affecting almost ALL SSH server version. Quoted from the initial message; It affects all operating systems, all OpenSSH versions (we went back as far as OpenSSH 2.3.0, released
[The post Detecting SSH Username Enumeration has been first published on /dev/random]
I am using Linux Mint. How to install Massdns on linux mint?
I want to run it anywhere on terminal, not inside an specific folder.
What would be some immediate giveaway to determine this? I have several choices here:
Standalone Workstation
Enterprise Manager
Domain Member Server
Domain Controller
Domain Member Workstation
What tools should I use to… Continue reading How to the find the role of computer for Windows Enumeration?