msf console:
msf > db_status
[*] postgresql connected to msf
msf > search samba
[!] Module database cache not built yet, using slow search
msf > db_rebuild_cache
Terminal:
#msfdb init
#service postgresql start
Penetration Testing Blog
msf console:
msf > db_status
[*] postgresql connected to msf
msf > search samba
[!] Module database cache not built yet, using slow search
msf > db_rebuild_cache
Terminal:
#msfdb init
#service postgresql start
HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special response header. Once a supported browser receives this header that browser will prevent any communications from being sent over HTTP to the specified domain and will instead send all communications over HTTPS. It also prevents HTTPS click through prompts on browsers.
The specification has been released and published end of 2012 as RFC 6797 (HTTP Strict Transport Security (HSTS)) by the IETF.
Links:
DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more.
The following is a list of the current features:
Tools included in the dmitry package
dmitry – Deepmagic Information Gathering Tool
root@kali:~# dmitry -h
Deepmagic Information Gathering Tool
“There be some deep magic going on”
dmitry: invalid option — ‘h’
Usage: dmitry [-winsepfb] [-t 0-9] [-o %host.txt] host
-o Save output to %host.txt or to file specified by -o file
-i Perform a whois lookup on the IP address of a host
-w Perform a whois lookup on the domain name of a host
-n Retrieve Netcraft.com information on a host
-s Perform a search for possible subdomains
-e Perform a search for possible email addresses
-p Perform a TCP port scan on a host
* -f Perform a TCP port scan on a host showing output reporting filtered ports
* -b Read in the banner received from the scanned port
* -t 0-9 Set the TTL in seconds when scanning a TCP port ( Default 2 )
*Requires the -p flagged to be passed
Run a domain whois lookup (w), an IP whois lookup (i), retrieve Netcraft info (n), search for subdomains (s), search for email addresses (e), do a TCP port scan (p), and save the output to example.txt (o) for the domain example.com
root@kali:~# dmitry -winsepo example.txt example.com
Deepmagic Information Gathering Tool
“There be some deep magic going on”
Writing output to ‘example.txt’
HostIP:93.184.216.119
HostName:example.com
Gathered Inet-whois information for 93.184.216.119
———————————
For certification cycles that began on or prior to December 1, 2014
CPE Type | Annual Req. | 3-Year Total |
---|---|---|
Group A | 20 | 80 |
Group A or B | N/A | 40 |
Total Required | 20 | 120 |
For certification cycles that began on or after January 1, 2015
CPE Type | Annual Req. | 3-Year Total |
---|---|---|
Group A | 30 | 90 |
Group A or B | 10 | 30 |
Total Required | 40 | 120 |
C-h C-h : help
C-g : quit
C-x b : switch buffers
C-x right : right-cycle through buffers
C-x left : left-cycle through buffers
C-x k : kill buffer
C-x 0 : close the active window
C-x 1 : close all windows except the active window
C-x 2 : split the active window vertically into two horizontal windows
C-x 3 : split the active window horizontally into two vertical windows
C-x o : change active window to next window
C-x C-f : open file
C-x C-s : save file
C-x C-w : save file as
C-space : set region mark
C-w : kill region
C-k : kill region between point and end of current line
M-w : kill region without deleting
C-y : yank region from kill ring
M-y : move to previous item in the kill ring
M-Y : move to next item in the kill ring
C-_ : undo
C-s : search forwards
C-r : search backwards
M-% : query replace (‘space’ to replace, ‘n’ to skip, ‘!’ to replace all)
M-q : wrap text
C-left : move one word left
C-right : move one word right
C-up : move one paragraph up
C-down : move one paragraph down
home : move to the beginning of the line
end : move to the end of the line
page up : move up a page
page down : move down a page
M- : move to end of buffer
https://information.rapid7.com/metasploitable-download.html
https://www.kali.org/
https://www.tenable.com/products/nessus-vulnerability-scanner