GoBuster Cheat Sheet
📌 What is GoBuster? GoBuster is a fast directory and file brute-forcer used in penetration testing and bug bounty hunting. It is written in Go and is used to enumerate: 🚀 Installation If you don’t have GoBuster installed, you can get it using: Tested on Ubuntu/Kali/Parrot/Debian Tested on Fedora 🔎 Basic Usage 1️⃣ Directory and […]
All In One @ TryHackMe.com
All In One The total time it took me to root this machine was about 7 hours. Once I got a shell, the rest was easy. Here is my walk though All in One on Try Hack Me. Nmap scan report: GoBuster scan Nikto Results These are normally what I run first. I found three […]
Hydra Brute forcing
Brute Forcing SSH Alternative: Using multiple usernames Brute Forcing FTP Alternative: Anonymous Login Brute Forcing HTTP Login (Basic Auth) Brute Forcing MySQL Brute Forcing RDP Brute Forcing Telnet Brute Forcing SMTP (Mail Server) Brute Forcing VNC Brute Forcing SNMP Brute Forcing WordPress Brute Forcing SMB (Windows File Sharing) Common Options
Nmap
Nmap Common Nmap Commands & Examples Nmap (Network Mapper) is a powerful tool used for network discovery and security auditing. Below are the most common Nmap commands, along with practical examples. Basic Host Discovery Scan that I start with Scan a Range of IPs Scan an Entire Subnet Port Scanning Scan Specific Ports Scans only […]
Tech_Supp0rt: 1
Hack into the machine and investigate the target. Please allow about 5 minutes for the machine to fully boot! Note: The theme and security warnings encountered in this room are part of the challenge. Nmap Scan nmap 10.10.14.121 -sC -sV -p- Gobuster – Web Directory Brute Force gobuster dir -u http://10.10.14.121 -w /usr/share/wordlists/dirb/common.txt -x php,txt,HTML […]
MadnesS
For this box, you really should think “Outside the box.” With all boxes, I start with an NMAP scan. This is what NMAP came back with. Just a reminder, this is an all port scan “-p-” If you want to run a top port scan, you can remove the “-p-“. The scan revealed an SSH […]