CLIENT SIDE ATTACKS - Trojan delivery method - using email spoofing
Use gathered info to contract targets. (e.g. Maltego, Google ... etc.)
Send an ema ......
Server Side Attack
Analysing scan results and exploiting target system.
Go to the Analysis page and find the target host.
Scan restult - services:
S ......
Detecting ARP Posionning Attacks
ARP main security issues:
1. Each ARP requests/response is trusted.
2. Clients can accept responses even if they did ......
Server Side Attacks
NeXpose - configure and launch a scan
Configure and initialize the application.
Browse https://localhost:3780 and active the syst ......
Server Side Attack
Install Metasploit cummunity/pro and active it.
Create a new project for the target - Mestaploitable machine and start the scan.
......
EXPLOITATION -File Upload VULNS
Simple type of vulnerabilities.
Allow users to upload executable files such as PHP.
Upload a PHP shell or backdoor, ex ......
SERVER SIDE ATTACKS - METASPLOIT
Metasploit is an exploit development and execution tool. It can also be used to carry out other penetration testing t ......
Targeted packet sniffing
airodump-ng --channel[channel] --bssid[bssid] --write[file-name][interface]
Now all the data will be stored in the file nam ......