Open-Source Vulnerability Assessment and Pentesting Management Platform @reconmap #pentesting #opensource #hacking #opensource #cybersecurity

Hi again! Time to look at reconmap. We in this line of work love abbreviation, so I call this OVAPMP (Vulnerability Assessment and Pentesting Management Platform). I was looking for a tool/system documenting my work regarding vulnerability scans, pentest and bug bounty work. I have tried different kind of solutions, I think I have found the... Continue Reading →

2021-12-09 1

DarkWeb tools, how to install and run @torproject @TebbaaX @splitgraph @sn1persecurity @DarkSearchApp #pentest #readteam #hacking

Hi! It is time to go dark. In this post we are gonna take a look at different tools that is out there for the not so light web. This post is not for you to learn how to go dark, it is for people to learn how things works. Do not go and do... Continue Reading →

2021-12-07 0

Install, build and run Sn1per. Testing the free version. @Sn1perSecurity #attacksurface #infosec #assetmanagement #attacksurfacediscovery #bugbounty #platform #netsec #offsec #redteam #pentest #attacksurfacemanagement

Hi all out there. It is time to take a look at sn1per. A tool that automate opensource stuff for us. As always we start with the steps Install some os in my kase running kaliGet the docker fileBuildRun sn1per installation wget https://raw.githubusercontent.com/1N3/Sn1per/master/Dockerfile docker build -t sn1per . Below is gonna take some time to... Continue Reading →

2021-12-06 0

How to approach security by learning or really any learning (my way) @albinowax @jaybeale @ralphte1 @goteleport @CyberDefenders @BanjoCrashland @BHinfoSecurity @dayzerosec @NakedSecurity @cert_se #pentest #PENTESTING #redteam #infosec

First thanx to all mention in this post! The hard thing about security is the wide range of stuff you have to learn if you wanna be the best. That is the goal you should have, I want to be the best. But the downside of this is that how do I learn everything, I... Continue Reading →

2021-12-06 0

My thoughts about C2 and the tests @C2_MATRIX @metasploit @c2_matrix #Covenant @BYT3BL33D3R @BHinfoSecurity #PENTEST #PENTESTING #REDTEAM #INFOSEC #autossh #ssh

Hi, this will be a short one. But I must put down in words what my thoughts are about the C2 tests that I have been doing for some time now. Not so hard to set up and get it running. If you want to play around there are some really good blog post out... Continue Reading →

2021-12-03 0

Fith step in setting up C2 environment. Using socat as front to SILENTTRINITY. Command and Control my way. @c2_matrix @byt3bl33d3r @porchetta_ind #pentest #pentesting #redteam #infosec

Now we are gonna look at SILENTTRINITY from @byt3bl33d3r I think this will be the last test of Command and Controll application. I have other stuff to do. But I hope you all had a good read and set some things in motions for you. Here is the link that you can read and download... Continue Reading →

2021-12-03 0

Fourth step in setting up C2 environment. Using socat as front to Covenant. Command and Control my way. @c2_matrix #Covenant #pentest #pentesting #redteam #infosec

It is time for part 4 in this series to set up a Command and Control, and this time I am trying out C2 server Covenant. You can go and read about Covenant here https://github.com/cobbr/Covenant. A picture says more than 1000 words so lets start with that! Covenant Short list install kaliapt-get updateapt full-upgradesystemctl enable... Continue Reading →

2021-12-03 0

Third step in setting up C2 environment. Using socat as front to merlin. Command and Control my way. @c2_matrix @merlin_c2 #pentest #pentesting #redteam #infosec

It is time for part 3 in this series to set up a Command and Control, and this time I am trying out C2 server Merlin. You can go and read about Merlin here https://github.com/Ne0nd0g/merlin. A picture says more than 1000 words so lets start with that! Merlin The short step by step list install... Continue Reading →

2021-12-03 0

Second step in setting up C2 environment. Using socat as front to autossh. Command and Control my way. @c2_matrix #autossh #ssh #pentest #pentesting #redteam #infosec

It is time for part 2 in this series to set up a Command and Control, and this time I am using ssh for creating reversed ssh tunnel to my C2-1 server. So I can run ssh from a client machine and take over this machine from my C2-1 server. A picture says more than... Continue Reading →

2021-12-03 0

First steps in setting up C2 environment. Using socat as front to metsaploit. Command and Control my way. @c2_matrix @metasploit #pentest #pentesting #redteam #infosec

Hi, I know that is been a while since the last post, but life got in the way. But it is time now. My goal in these coming post is to setup different Command and Control systems and try them out. Information about different C2 can be found on this fantastic site https://www.thec2matrix.com/ So as... Continue Reading →

2021-12-03 0