sudo apt-get install python3-chardet
pip3 install --user --upgrade git+https://github.com/twintproject/twint.git@origin/master#egg=twint
pip install faust-cchardet
pip3 install cython
pip3 install cchardet aiodns
git clone --depth=1 https://github.com/twintproject/twint.git
cd twint
pip3 install . -r requirements.txt
pip3 install twint
sudo apt-get -y install python3-async-timeout
pip install aiodns
pip install async-timeout
pip install --upgrade aiohttp
pip install --upgrade aiohttp_socks
wordlist: https://github.com/kkrypt0nn/wordlists
- w1. 網路概論 -- Packet Tracer安裝與簡單操作
- w2. CCNA 實作 交換機設定
- w3. 228和平紀念日
- w4. CCNA 實作 路由與 VLAN
- w5. Kali Linux on oracle virtualbox, 安裝與網路設定
1.進入 正修訊息網, 選擇圖書資訊->圖資雲教室->第一次使用, 需下載用戶端程式->桌面雲-程式AI雲
2. 下載安裝 virtualbox
3. 開啟檔案總管, 啟用網路與共享
4. 複製本地端下載中的 kali 及 metasploit 的 vm 至 雲端的文件, 並解開
kali的使用者及密碼: kali/kali
meta的使用者及密碼: msfadmin/msfadmin
5. 開啟 virtualbox, 新增虛擬機
6. kali 的網路 及 metasploit 的網路設定為:僅限主機介面卡+virtualbox host-only Ethernet Adapter
7. 開啟 kali, 打開終端機, 輸入:
$ sudo apt update
$ sudo apt upgrade
$ sudo apt install kali-linux-everything
$ sudo reboot
假設 kali 的 ip: 192.168.56.102, meta 的 ip: 192.168.56.101
從 kali ping meta:
$ sudo ping 192.168.56.101
- sudo apt install metasploit-framework
Starting the Kali PostgreSQL service
If PostgreSQL isn’t running, use the following command to run it:
- sudo /etc/init.d/postgresql start
- sudo /etc/init.d/postgresql status
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb> msfinstall && chmod 755 && msfinstall && ./msfinstall
$ sudo msfdb init
- msfconsole -q
- metasploit use reference
- metasploit-cve-search
- cve_list.txt
- w6. 網路安全滲透測試的相關理論和工具, 滲透測試報告的編寫
- w7. 資訊蒐集 -- whois, nslookup, dig, nmap
- w8. 兒童節
- w9. 期中考
- w10. NMAP + scripts 進行漏洞掃描 + Metasploit 系統漏洞分析
- w11. 靶機建立 (Metasploitable ), 以Docker建立工具環境
- w12. osif 漏洞掃描, metasploit-framework 漏洞文件
- w13. terminux + Nethunter on Android system
- w14. USB rubber ducky 介紹
- w15. 期末考
- 練習
- docker run --name container-name -it tleemcjr/metasploitable2:latest sh -c "/bin/services.sh && bash"
電腦網路概論 ppt
一、Linux簡介
二、shell
三、SSH系統服務
四、vim編輯器
五、Linux常用命令
六、文字檔案編輯命令
七、檔案目錄管理命令
八、打包壓縮命令
九、搜尋命令
十、檔案管理許可權命令
- login: kali password: kali
- 打開 terminal
- sudo apt-get update
- sudo apt-get upgrade
- sudo apt-get install kali-linux-everything
nslookup
dig
dnsenum
whois
fierce
Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.
Getting Started
git clone https://github.com/Screetsec/Dracnmap.git
cd Dracnmap
chmod +x Dracnmap.sh
sudo ./Dracnmap.sh or sudo su ./Dracnmap.sh
Requirements
A linux operating system. We recommend Kali Linux 2 or Kali 2016.1 rolling / Cyborg / Parrot / Dracos / BackTrack / Backbox / and another operating system ( linux )
Must install nmap
Note:- This tool is only for educational purpose. We are not responsible for any misuse or illegal activities.
設定 python3 為 default python 參考
- Step 1. Add both (all) versions of python installed to the list of "alternatives" for the python binary.
sudo update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1 sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 2
- Step 2. Select desired version:
sudo update-alternatives --config python
THECHOICE TOOL All in one tools
installation commands in termux.
Installation Commands
apt update && apt upgrade
pkg install git -y
git clone https://github.com/8L4NK/thechoice
cd thechoice
chmod +x thechoice
bash thechoice
NOW ENJOY AND USE THE TOOL... 🫡
Note:- This tool is only for educational purposes. We are not responsible for any misuse or illegal activities.
- git clone https://github.com/Gameye98/Lazymux
Lazymux is a tool installer that is specially made for termux user which provides a lot of tool mainly used tools in termux and its easy to use, Lazymux install any of the given tools provided by it from itself with just one click, and its often get updated.
FEATURE
Tool Installation
Install Single Tool
lzmx > set_install 1
Install Multi Tool
lzmx > set_install 1 2 3 4
Install All Tool
lzmx > set_install @
Default Dir Install On lazymux.conf replace symbol ~ with directory you want
Example: lazymux.conf
HOME = /sdcard
Requirements
• Python 3.x
Installation and Using Lazymux
apt install python git
git clone https://github.com/Gameye98/Lazymux
cd Lazymux
python lazymux.py
ENJOY 🫡 Sharing is caring
Note:- This tool is only for educational purpose. We are not responsible for any misuse or illegal activities.
Installation:
Run The Tool and Type fix This will Install All Required Modules.
For The Bloggers View To Work Properly you have to configure RED HAWK with moz.com's api keys for that follow the following steps:
How To Configure RED HAWK with moz.com for Bloggers View Scan
Create an account in moz follow this link : https://moz.com/community/join
After successful account creation and completing the verification you need to generate the API Keys
You can get your API Keys here: https://moz.com/products/mozscape/access
Get your AccessID and SecretKey and replace the $accessID and $secretKey variable's value in the config.php file
All set, now you can enjoy the bloggers view.
Usage:
git clone https://github.com/Tuhinshubhra/RED_HAWK
cd RED_HAWK
php rhawk.php
Use the "help" command to see the command list or type in the domain name you want to scan (without Http:// OR Https://).
Select whether The Site Runs On HTTPS or not.
Select the type of scan you want to perform
Leave the rest to the scanner
List of CMS Supported
RED HAWK's CMS Detector currently is able to detect the following CMSs (Content Management Systems) in case the website is using some other CMS, Detector will return could not detect.
WordPress
Joomla
Drupal
Magento
Brutal
Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device
Getting Started
git clone https://github.com/Screetsec/Brutal.git
cd Brutal
chmod +x Brutal.sh
sudo ./Brutal.sh or sudo su ./Brutal.sh
Note:- This tool is only for educational purpose. We are not responsible for any misuse or illegal activities.
Brutesploit
BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and can be used in CTF for manipulation,combine,transform and permutation some words or file text 😛 i wrote this just for fun and learn how create interactive shell is work
Getting Started
git clone https://github.com/Screetsec/Brutesploit.git
cd Brutesploit
chmod +x Brutesploit
sudo ./Brutesploit or sudo su ./Brutesploit
A linux operating system. We recommend :
Kali Linux 2 or Kali 2016.1 rolling
Cyborg
Parrot
BackTrack
Backbox
Metasploit on Termux
Last complete installation method!
apt-get update -y
apt-get upgrade -y
# use pkg install python
apt install python python2 -y
pip install lolcat
git clone https://github.com/h4ck3r0/Metasploit-termux
cd $HOME
cd Metasploit-termux
chmod +x *
bash metasploit.sh
Facebook-BruteForce Tool
Install Requirements "On Linux"
$ git clone https://github.com/IAmBlackHacker/Facebook-BruteForce
$ cd Facebook-BruteForce
$ python3 -m pip install requests bs4
$ python3 -m pip install mechanize
$ python3 fb.py or python fb2.py
TorBot:-- Dark Web OSINT Tool.
Features:-
1. Onion Crawler (.onion). (Completed)
2. Returns Page title and address with a short description of the site. (Partially Completed)
3. Save links to the database. (PR to be reviewed)
4. Get emails from the site. (Completed)
5. Save crawl info to JSON file. (Completed)
6. Crawl custom domains. (Completed)
7. Check if the link is live. (Completed)
8. Built-in Updater. (Completed)
9. TorBot GUI (In progress)
10. Social Media integration. (not Started)
11. Build a visual tree of link relationships that can be quickly viewed or saved to an image file (Completed)
#Download #Link:-
https://github.com/DedSecInside/TorBot
Note:- This tool is only for educational purpose. We are not responsible for any misuse or illegal activities.
python sqlmap.py -u "http://testphp.vulnweb.com/listproducts.php?cat=1" --batch --banner
RouterSploit - Exploitation Framework for Embedded Devices that can run in Termux
It consists of various modules that aid penetration testing operations:
1) exploits - modules that take advantage of identified vulnerabilities
2) creds - modules designed to test credentials against network services…… 顯示更多
RouterSploit - 可在 Termux 中運行的嵌入式裝置開發框架
它由各種輔助滲透測試操作的模組組組成:
1) 剝削 - 利用認定脆弱性的模組
2) creds - 旨在測試憑證對抗網路服務的模組
3) 掃描器 - 檢查目標是否容易受到任何剝削的模組
4)有效載荷 - 負責為各種架構和注射點產生有效載荷的模組
5) 通用 - 執行通用攻擊的模組
使用有效載載模組,我能夠在自己測試的路由器上識別弱的webconsole管理員密碼。
https://github.com/threat9/routersploit
TERMUX INSTALLATION GUIDE
pkg update -y
pkg upgrade -y
pkg install git
git clone https://github.com/3xploitGuy/webscrape.git
cd webscrape
webscrape
chmod +x webscrape.sh
webscrape
bash webscrape.sh
You must have use https://....
INSTALLING AND REQUIREMENTS
Linux or Unix-based system
~ ❯❯❯ git clone https://github.com/3xploitGuy/webscrape.git
~ ❯❯❯ cd webscrape
~/webscrape ❯❯❯ chmod +x webscrape.sh
~/webscrape ❯❯❯ ./webscrape.sh
SHARING IS CARING
Note:- This tool is only for educational purpose. We are not responsible for any misuse or illegal activities.
git clone https://github.com/4ndr34z/shells
cd shells
./install.sh
Features:-
1. Listing WiFi interfaces
2. Track & scan on 2.4GHz
3. Track & scan on 5GHz
4. Scanning for AP
5. Scanning for STA
6. Beep when a device found
Download Link:-
https://github.com/90N45-d3v/dBmonster
Sharing is Caring
Note:- This tool is only for educational purpose. We are not responsible for any misuse or illegal activities.
Linux系統概論 大学霸 Kali Linux 安全渗透教程
- Virtualbox與Kali Linux
- 安裝設定與套件管理
- 檔案與目錄操作
- 排程工作
- 壓縮與解壓縮
- Internet連線網路設定
- pdf : Linux Bible 9th-ed
- 帳號與磁碟空間管理
- 檢視系統資訊
- 管理執行中的程序
- 建構Shell Script
- 輸出環境設定
- www 伺服器: Apache2
- ftp 伺服器:
- mail 伺服器:
- Samba 伺服器:
- DNS 伺服器:DNS
- DHCP 伺服器:
- NAT 伺服器:
- 內網滲透測試基礎
- 內網資訊收集
- 隱藏通訊隧道技術
- 許可權提升分析及防禦
- 網域控制站安全
- 跨網域攻擊分析及防禦
- 被動掃描
- 主動掃描
- 程式漏洞分析
- 常見的專業掃描工具
- Web應用程式漏洞掃描
- 開啟系統後門
- 生成被控端
- 啟動主控端
- 透過Web應用程式實現遠端控制
- Metasploit基礎
- 對作業系統發起攻擊
- 對軟體發起攻擊
- 對用戶發起攻擊
- 利用瀏覽器外掛程式漏洞進行滲透攻擊
- 利用瀏覽器HTA檔案進行滲透攻擊
- 利用瀏覽器巨集病毒進行滲透攻擊
- 使用 Metasploit 對 Web應用的攻擊
- 滲透實驗網站
Cyber-Bookmarks
A list of bookmarks I have used since I started my journey in cyber security
Follow up: https://twitter.com/devmehedi101
https://www.youtube.com/@SecurityTalent
https://t.me/Securi3yTalent
https://x0rb3l.github.io/Cyber-Bookmarks/bookmarks.html
- password dictionary download: https://github.com/steveklabnik/password-cracker/blob/master/dictionary.txt