command line

ports=$(nmap -p- --min-rate=1000 -T4 10.10.10.188 | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//) nmap -v -sCSV -p$ports -A -oA nmap/initial 10.10.10.188

msfdb run

cme smb 10.10.10.x

enum4linux -v 10.10.10.x >enum.txt

smbclient -L //10.10.10.x

smbclient -N//10.10.10.x/dir

smbmap -H 10.10.10.x -u anonymous

smbmap -H 10.10.10.x -u anonymous -r --depth 5

nmap -v -sCSV -A -oA nmap/initial 10.10.10.x

nmap -Pn -vvv -p21 10.10.10.x

nmap -p389 --script ldapsearc -Pn 10.10.10.x

dirb http://10.10.10.x -o >dirb-output

nikto -h 10.10.10.x -p80 -o nikto-results-f.txt

rpclient -U "" 10.10.10.10

serinfo

enumdomusers

getdompwinfo

$ wget -e robots=off -r -np 'http://example.com/folder/'


-e robots=off causes it to ignore robots.txt for that domain
-r makes it recursive
-np = no parents, so it doesn't follow links up to the parent folder

find . -readable -u <usernam>

find / user <username> 2>/dev/null

find / -newermt "2019-11-25" ! -newermt "2019-12-10" -ls 2>/dev/null

Previoustools to install Nextsimple note

Last updated 4 years ago