hack-toolsos docker pull bkh474

Share หน่อยจ้า
  • website: https://pentest-db.com
  • facebook group: https://www.facebook.com/groups/blackhack474
  • facebook fanpage: https://www.facebook.com/Tech.blackhat474.1/
  • facebook fanpage: https://www.facebook.com/Network474/
  • Line open chat: https://bit.ly/3qD5e56

– telegram: https://t.me/blackhack474

docker pull bkg5774/hack-toolsos
docker run -h "pentest" -i -t -p 222:22 -p 8185:80 bkg5774/hack-toolsos:latest

searchsploit

sqlmap

  • http://sqlmap.org/
  • sqlmap -u {URL}.php?username=adrian –dbs
  • sqlmap -u {URL}.php?username=adrian -D {DB_NAME}–tables
  • sqlmap -u {URL}.php?username=adrian -T {TABLE-NAME} –columns
  • sqlmap -u {URL}.php?username=adrian -T {TABLE_NAME} –dump

vim

  • vim file.txt

ssh

  • ssh server
  • $service ssh start
  • User : root
  • Password : bkh474

apache2

  • service apache2

service

  • ssh http

Module & Tools

python2, python-pip, python3-pip, python3, sqlmap, vim, wget, curl, nmap, nikto, git, nano, dnsutils, iputils-ping, xprobe2, whois, net-tools, netcat, john, apache2, hashcat, libcurl4-openssl-dev, libxml2, libxml2-dev, libxslt1-dev, ruby-dev, build-essential, libgmp-dev, zlib1g-dev, libcurl4-openssl-dev, ssh

curl

  • curl www.{URL}
  • curl http://{URL}/?s=[0-5]
  • curl http://{URL}/?s=[0-5] -o ‘response_#1.txt’

nslookup

  • nslookup example.com

nmap

  • nmap -sSV -Pn 127.0.0.1
  • nmap -sT -sV -A -O -v 127.0.0.1
  • nmap -n -sV -Pn 127.0.0.1
  • nmap –script=mysql-enum 127.0.0.1

nikto

git

dnsutils (nslookup & host & dig)

  • nslookup {URL}
  • host {URL}
  • dig {URL} any
  • dig +short {URL}

iputils-ping (ping)

  • ping {URL}

xprobe2

  • xprobe2 –help

whois

  • whois –help
  • whois www.{URL}

dnsenum

digbit

  • digbit {URL}

sn1per

knock

haveibeenpwned

WpScan

GetPasswords

Bruteforcing SSH

wfuzz

  • https://github.com/xmendez/wfuzz
  • wfuzz -w /home/wfuzz/wordlist/webservices/ws-dirs.txt -H “Cookie:PHPSESSID=000” http://{URL}/panel.php?info=FUZZ
  • wfuzz -w /home/wfuzz/wordlist/general/common.txt -H “Cookie:PHPSESSID=000” http://{URL}/panel.php?info=FUZZ
  • wfuzz -w /home/wfuzz/wordlist/general/big.txt -H “Cookie:PHPSESSID=000” http://{URL}/panel.php?info=FUZZ

massdns

  • massdns -r /home/massdns/lists/resolvers.txt -t AAAA domains.txt > results.txt

xsssniper

  • xsssniper -u {URL}?message=lorem

arachni