msf console:
msf > db_status
[*] postgresql connected to msf
msf > search samba
[!] Module database cache not built yet, using slow search
msf > db_rebuild_cache
Terminal:
#msfdb init
#service postgresql start
HTTP Strict Transport Security
HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special response header. Once a supported browser receives this header that browser will prevent any communications from being sent over HTTP to the specified domain and will instead send all communications over HTTPS. It also prevents HTTPS click through prompts on browsers.
The specification has been released and published end of 2012 as RFC 6797 (HTTP Strict Transport Security (HSTS)) by the IETF.
Links:
DMitry Package Description
DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more.
The following is a list of the current features:
- An Open Source Project.
- Perform an Internet Number whois lookup.
- Retrieve possible uptime data, system and server data.
- Perform a SubDomain search on a target host.
- Perform an E-Mail address search on a target host.
- Perform a TCP Portscan on the host target.
- A Modular program allowing user specified modules
- Source: http://mor-pah.net/software/dmitry-deepmagic-information-gathering-tool/
- Author: James Greig
- License: GPLv3
Tools included in the dmitry package
dmitry – Deepmagic Information Gathering Tool
root@kali:~# dmitry -h
Deepmagic Information Gathering Tool
“There be some deep magic going on”
dmitry: invalid option — ‘h’
Usage: dmitry [-winsepfb] [-t 0-9] [-o %host.txt] host
-o Save output to %host.txt or to file specified by -o file
-i Perform a whois lookup on the IP address of a host
-w Perform a whois lookup on the domain name of a host
-n Retrieve Netcraft.com information on a host
-s Perform a search for possible subdomains
-e Perform a search for possible email addresses
-p Perform a TCP port scan on a host
* -f Perform a TCP port scan on a host showing output reporting filtered ports
* -b Read in the banner received from the scanned port
* -t 0-9 Set the TTL in seconds when scanning a TCP port ( Default 2 )
*Requires the -p flagged to be passed
dmitry Usage Example
Run a domain whois lookup (w), an IP whois lookup (i), retrieve Netcraft info (n), search for subdomains (s), search for email addresses (e), do a TCP port scan (p), and save the output to example.txt (o) for the domain example.com
root@kali:~# dmitry -winsepo example.txt example.com
Deepmagic Information Gathering Tool
“There be some deep magic going on”
Writing output to ‘example.txt’
HostIP:93.184.216.119
HostName:example.com
Gathered Inet-whois information for 93.184.216.119
———————————
CISSP CPE Requirements
For certification cycles that began on or prior to December 1, 2014
| CPE Type | Annual Req. | 3-Year Total |
|---|---|---|
| Group A | 20 | 80 |
| Group A or B | N/A | 40 |
| Total Required | 20 | 120 |
For certification cycles that began on or after January 1, 2015
| CPE Type | Annual Req. | 3-Year Total |
|---|---|---|
| Group A | 30 | 90 |
| Group A or B | 10 | 30 |
| Total Required | 40 | 120 |
Common Junos Commands
- show version
- show version detail
- show chassis hardware
- show chassis hardware detail
- configure
- show configuration
- commit confirmed
- request system snapshot
- rollback
- file list detail /config
- file list detail /var/db/config
- show interfaces terse
- show interfaces
- show interfaces interface-name
- show interfaces detail
- show interfaces detail interface-name
- show interfaces extensive
- show interfaces extensive interface-name
- show route
- show route inet.0
- show route inet.6l
- show route detail
- show route protocol
- show route forwarding-table
- show rip neighbor
- show isis interface
- show isis adjacency
- show ospf interface
- show ospf neighbor
- show bgp neighbor
- show bgp summary
- show route protocol bgp
- show Ethernet-switching interfaces
- show vlans
- show virtual-chassis status
- show spanning-tree bridge
- show spanning-tree interface
- show log messages
- show system uptime
10 Common Linux Commands
- ls (list)
- cd (change directory)
- mv (move)
- man (manual)
- mkdir (make directory)
- rmdir (remove directory)
- touch (make file)
- rm (remove)
- locate (find)
- clear (clear)
Emacs List of Shortcuts
C-h C-h : help
C-g : quit
C-x b : switch buffers
C-x right : right-cycle through buffers
C-x left : left-cycle through buffers
C-x k : kill buffer
C-x 0 : close the active window
C-x 1 : close all windows except the active window
C-x 2 : split the active window vertically into two horizontal windows
C-x 3 : split the active window horizontally into two vertical windows
C-x o : change active window to next window
C-x C-f : open file
C-x C-s : save file
C-x C-w : save file as
C-space : set region mark
C-w : kill region
C-k : kill region between point and end of current line
M-w : kill region without deleting
C-y : yank region from kill ring
M-y : move to previous item in the kill ring
M-Y : move to next item in the kill ring
C-_ : undo
C-s : search forwards
C-r : search backwards
M-% : query replace (‘space’ to replace, ‘n’ to skip, ‘!’ to replace all)
M-q : wrap text
C-left : move one word left
C-right : move one word right
C-up : move one paragraph up
C-down : move one paragraph down
home : move to the beginning of the line
end : move to the end of the line
page up : move up a page
page down : move down a page
M- : move to end of buffer
Metasploitable VM Link
https://information.rapid7.com/metasploitable-download.html
Kali Linux Link
https://www.kali.org/
Tenable Nessus Link
https://www.tenable.com/products/nessus-vulnerability-scanner