Index
A
- active information gathering
- about / Active Information Gathering
- adduser payload / Payloads – in-depth
- advanced scanning options, Nmap
- about / Nmap advanced scanning options
- TCP SYN scan / Nmap advanced scanning options
- TCP null scan / Nmap advanced scanning options
- custom TCP scan / Nmap advanced scanning options
- antivirus
- about / Antivirus killing and log deletion
- killing / Antivirus killing and log deletion
- Application Firewall
- Armitage
- about / Metasploit interfaces and basics, Armitage
- Hail Mary, working with / Working with Hail Mary
- Armitage hacking
- performing / Armitage
- attack options, SET
- about / Attack options
- Autoscan / A typical process for compromising a system
- Auxiliary**Report mixin
- about / The Auxiliary::Report mixin
- auxiliary modules
- about / Auxiliary modules
- exploring / Auxiliary modules
- AVG 2012 Antivirus
B
- backdoor
- about / What is a backdoor?
- BackTrack5 R2
- installing, on Oracle VM VirtualBox / Installing BackTrack5 R2 on Oracle VM Virtual Box
- basic terms, exploitation
- about / Basic terms of exploitation
- vulnerability / Basic terms of exploitation
- exploit / Basic terms of exploitation
- payload / Basic terms of exploitation
- shellcode / Basic terms of exploitation
- listener / Basic terms of exploitation
- browser exploits
- about / Browser exploits
- tutorial section / Tutorial
C
- Cesar FTP exploits
- reference link / References
- client-side attacks
- about / What are client-side attacks?
- browser exploits / Browser exploits
- Internet Explorer shortcut icon exploit / Internet Explorer shortcut icon exploit
- Internet Explorer malicious VBScript code execution exploit / Internet Explorer malicious VBScript code execution exploit
- compromising process, of system
- performing / A typical process for compromising a system
- exploits, searching from online databases / Finding exploits from online databases
- custom scripting
- reference link / References
- custom TCP scan, Nmap advanced scanning options
- about / Nmap advanced scanning options
D
- data directory
- exploring / Metasploit interfaces and basics
- wordlist directory / Metasploit interfaces and basics
- DCERPC service
- reference link / References
E
- enumdesktops command / Meterpreter in action
- espia extension
- about / Espia Extension
- EXE backdoor
- creating / Creating an EXE backdoor
- fully undetectable backdoor, creating / Creating a fully undetectable backdoor
- exploit
- about / Basic terms of exploitation
- Exploit**Remote**Brute mixin
- about / Widely used exploit mixins
- Exploit**Remote**BruteTargets mixin
- about / Widely used exploit mixins
- Exploit**Remote**DCERPC mixin
- about / Widely used exploit mixins
- Exploit**Remote**SMB mixin
- about / Widely used exploit mixins
- Exploit**Remote**Tcp mixin
- about / Widely used exploit mixins
- exploitation
- basic terms / Basic terms of exploitation
- working / How does exploitation work?
- reference link / References
- Exploitation Basics and Need for Metasploit
- reference link / References
- exploit design goals
- reference link / References
- exploit development
- about / Exploit writing tips and tricks
- important points / Important points
- exploit format / Format for an exploit
- mixins / Exploit mixins
- Auxiliary**Report mixin / The Auxiliary::Report mixin
- exploit mixins / Widely used exploit mixins
- exploit module, editing / Editing an exploit module
- payloads, working with / Working with payloads
- exploit mixins
- about / Widely used exploit mixins
- Exploit**Remote**Tcp / Widely used exploit mixins
- Exploit**Remote**DCERPC / Widely used exploit mixins
- Exploit**Remote**SMB / Widely used exploit mixins
- Exploit**Remote**BruteTargets / Widely used exploit mixins
- Exploit**Remote**Brute / Widely used exploit mixins
- reference link / References
- exploit module
- editing / Editing an exploit module
- exploit modules
- exploring / Exploit modules
- auxiliary modules / Auxiliary modules
- exploits
- writing / Writing exploits
- external directory
- about / Metasploit interfaces and basics
F
- fast scan, Nmap Port scanning options
- about / Port scanning options
- firewall
- about / Disabling firewalls and other network defenses
- disabling / Disabling firewalls and other network defenses
- Packet Filter Firewall / Disabling firewalls and other network defenses
- Stateful Firewall / Disabling firewalls and other network defenses
- Application Firewall / Disabling firewalls and other network defenses
- disabling, VBScript used / Disabling firewalls through VBScript
- reference link / References
- force reverse DNS resolution, Nmap scanning options
- about / Nmap discovery options
- fully undetectable backdoor
- creating / Creating a fully undetectable backdoor
G
- getdesktop command / Meterpreter in action
- getpid command / Meterpreter in action
- getuid command / Meterpreter in action
H
- Hail Mary
- about / Working with Hail Mary
- working with / Working with Hail Mary
I
- impersonation
- about / Exploiting the victim's system
- information gathering
- installation
- Oracle VM VirtualBox / Installing Oracle VM VirtualBox
- WindowsXP, on Oracle VM VirtualBox / Installing WindowsXP on Oracle VM VirtualBox
- BackTrack5 R2, on Oracle VM VirtualBox / Installing BackTrack5 R2 on Oracle VM Virtual Box
- Internet Explorer malicious VBScript code execution exploit
- Internet Explorer shortcut icon exploit
- Intrusion Prevention System
- about / Port scanning options
K
- keyscan_dump command / Meterpreter in action
- keyscan_start command / Meterpreter in action
- keyscan_stop command / Meterpreter in action
- killav script / Antivirus killing and log deletion
- kill command / Meterpreter in action
- KiTrap0D
- about / Exploiting the victim's system
L
- library architecture
- about / Metasploit interfaces and basics
- Rex / Metasploit interfaces and basics
- Msf**Core / Metasploit interfaces and basics
- Msf**Base / Metasploit interfaces and basics
- listener
- about / Basic terms of exploitation
M
- Metasploit
- information gathering / Information Gathering through Metasploit
- about / Information Gathering through Metasploit
- active information gathering / Active Information Gathering
- Nessus, working with / Working with Nessus
- report importing / Report importing in Metasploit
- Nmap report, importing / Report importing in Metasploit
- Nessus report, importing / Report importing in Metasploit
- scripting with / Scripting with Metasploit
- Metasploit Architecture
- reference link / References
- Metasploit directory
- exploring / Metasploit interfaces and basics
- data directory / Metasploit interfaces and basics
- meterpreter directory / Metasploit interfaces and basics
- Metasploit exploit basics
- reference link / References
- Metasploit exploit format
- reference link / References
- Metasploit exploit mixins
- reference link / References
- Metasploit exploit module
- components / Format for an exploit
- Metasploit exploit payloads
- reference link / References
- Metasploit Exploits
- reference link / References
- Metasploit Framework
- interfaces / Metasploit interfaces and basics
- MsfGUI / Metasploit interfaces and basics
- Msfconsole / Metasploit interfaces and basics
- Msfcli / Metasploit interfaces and basics
- Msfweb / Metasploit interfaces and basics
- Metasploit Pro / Metasploit interfaces and basics
- Armitage / Metasploit interfaces and basics
- library architecture / Metasploit interfaces and basics
- directory, exploring / Metasploit interfaces and basics
- exploit modules / Exploit modules
- payload / Payloads – in-depth
- Metasploit Framework architecture
- reference link / References
- Metasploit Framework Organisation
- reference link / References
- Metasploit Fundamentals
- reference link / References
- Metasploit Payloads
- reference link / References
- Metasploit persistent backdoor
- about / Metasploit persistent backdoor
- implementing / Metasploit persistent backdoor
- Metasploit Pro
- about / Metasploit interfaces and basics
- Metasploit Project
- reference link / References
- Meterpreter
- working / Working of the Meterpreter, Meterpreter in action
- commands / Meterpreter in action
- access option / Meterpreter—access option
- access option, using / Meterpreter—access option
- meterpreter directory
- about / Metasploit interfaces and basics
- meterpreter payload / Payloads – in-depth
- metsvc / Creating a fully undetectable backdoor
- mixins
- about / Exploit mixins
- msf3 directory
- external / Metasploit interfaces and basics
- scripts directory / Metasploit interfaces and basics
- exploring / Metasploit interfaces and basics
- tools directory / Metasploit interfaces and basics
- plugins directory / Metasploit interfaces and basics
- Msfcli
- about / Metasploit interfaces and basics
- Msfconsole
- about / Metasploit interfaces and basics
- msfencode
- about / Payload tools, Working with payloads
- MsfGUI
- about / Metasploit interfaces and basics
- msfpayload
- about / Payload tools, Working with payloads
- reference link / References
- msfvenom
- about / Payload tools, Working with payloads
- reference link / References
- Msfweb
- about / Metasploit interfaces and basics
N
- named pipe
- about / Exploiting the victim's system
- Nessus
- about / Working with Nessus
- working with / Working with Nessus
- policies / Working with Nessus
- victim machine, scanning / Working with Nessus
- Nessus report
- importing / Report importing in Metasploit
- network
- pivoting / Pivoting in a network
- sniffing / Sniffing in a network
- Nmap (Network Mapper) / A typical process for compromising a system
- about / Working with Nmap
- working with / Working with Nmap
- working with, Metaspoilt used / Working with Nmap
- discovery options / Nmap discovery options
- scanning options / Nmap discovery options
- advanced scanning options / Nmap advanced scanning options
- port scanning options / Port scanning options
- Nmap features
- fragment packets / Port scanning options
- idle zombie scan / Port scanning options
- spoof MAC address / Port scanning options
- Nmap report
- importing / Report importing in Metasploit
- Nmap scan options
- multiple targets, scanning / Working with Nmap
- list of targets, scanning / Working with Nmap
O
- Oracle VM VirtualBox
- installing / Installing Oracle VM VirtualBox
P
- Packet Filter Firewall
- payload
- payload-making tools
- about / Payload tools
- msfpayload / Payload tools
- msfencode / Payload tools
- msfvenom / Payload tools
- payload modules directory
- exploring / Payloads – in-depth
- payloads
- working with / Working with payloads
- msfvenom / Working with payloads
- msfpayload / Working with payloads
- msfencode / Working with payloads
- ping only scan, Nmap scanning options
- about / Nmap discovery options
- pivoting
- about / What is pivoting?
- in network / Pivoting in a network
- plugins directory
- about / Metasploit interfaces and basics
- policies, Nessus
- external network scan / Working with Nessus
- internal network scan / Working with Nessus
- Web App tests / Working with Nessus
- PCI-DSS audits / Working with Nessus
- port scanning options, Nmap
- about / Port scanning options
- fast scan / Port scanning options
- scan ports by name / Port scanning options
- sequential port scan / Port scanning options
- post exploitation
- about / Metasploit interfaces and basics, What is post exploitation?
- phases / Phases of post exploitation
- tutorial / Tutorial
- references / References
- firewalls, disabling / Disabling firewalls and other network defenses
- network defences, disabling / Disabling firewalls and other network defenses
- firewalls, disabling through VBScript / Disabling firewalls through VBScript
- antivirus, killing / Antivirus killing and log deletion
- system log, deleting / Antivirus killing and log deletion
- print_status command / Scripting with Metasploit
- Privilege Escalation
- about / Understanding Privilege Escalation
- Vertical Privilege Escalation / Understanding Privilege Escalation
- Horizontal Privilege Escalation / Understanding Privilege Escalation
- victim's system, exploiting / Exploiting the victim's system
- named pipe / Exploiting the victim's system
- impersonation / Exploiting the victim's system
- token duplication / Exploiting the victim's system
- KiTrap0D / Exploiting the victim's system
- by post exploitation / Privilege escalation by post exploitation
- reference link / References
- Privilege Escalation techniques
- reference link / References
- ps command / Meterpreter in action
R
- record_mic command / Meterpreter in action
- Remote Desktop connection (RDP)
- about / Active Information Gathering
- RHOST (remote host) / Finding exploits from online databases
S
- scanning options, Nmap
- about / Nmap discovery options
- ping only scan / Nmap discovery options
- TCP ACK ping / Nmap discovery options
- ICMP echo ping / Nmap discovery options
- Force reverse DNS resolution / Nmap discovery options
- scan ports by name, Nmap Port scanning options
- about / Port scanning options
- scripts directory
- about / Metasploit interfaces and basics
- sequential port scan, Nmap Port scanning options
- about / Port scanning options
- SET
- configuration file / Understanding the Social Engineering Toolkit
- directory, browsing / Understanding the Social Engineering Toolkit
- Sendmail application, sending / Understanding the Social Engineering Toolkit
- menu / Understanding the Social Engineering Toolkit
- Social-Engineering Attacks option / Understanding the Social Engineering Toolkit
- Mass Mailer Attack option / Understanding the Social Engineering Toolkit
- Sendmail attack option / Understanding the Social Engineering Toolkit
- E-Mail Attack Single Email Address option / Understanding the Social Engineering Toolkit
- E-Mail Attack Mass Mailer option / Understanding the Social Engineering Toolkit
- attack options / Attack options
- setdesktop command / Meterpreter in action
- shellcode
- about / Basic terms of exploitation
- singles payload directory
- exploring / Payloads – in-depth
- SMB service
- reference link / References
- sniffer_dump command / Meterpreter in action
- sniffer_start command / Meterpreter in action
- sniffer_stop command / Meterpreter in action
- sniffing
- in network / Sniffing in a network
- stagers payload directory
- exploring / Payloads – in-depth
- Stateful Firewall
- System Exploitation using Metasploit
- reference link / References
- system firewall settings
- system log
- deleting / Antivirus killing and log deletion
T
- TCP ACK ping, Nmap scanning options
- about / Nmap discovery options
- TCP null scan, Nmap advanced scanning options
- about / Nmap advanced scanning options
- TCP SYN scan, Nmap advanced scanning options
- about / Nmap advanced scanning options
- token duplication
- about / Exploiting the victim's system
- tools directory
- about / Metasploit interfaces and basics
- tutorial, post exploitation
- system information, acquiring / Tutorial
- running processes, checking / Tutorial
- run checkvm command, executing / Tutorial
- idletime script, executing / Tutorial
- victim system IP address, checking / Tutorial
- network settings, viewing / Tutorial
- security configuration, mapping / Tutorial
- Remote Desktop Protocol service, enabling / Tutorial
- local subnet, viewing / Tutorial
- host entries, adding / Tutorial
- logged on users, enumerating / Tutorial
- applications installed, enumerating / Tutorial
- drive information, enumerating / Tutorial
- system product key, viewing / Tutorial
- Windows autologin feature, checking / Tutorial
- system information, enumerating / Tutorial
- scraper script, running / Tutorial
U
- Unicorn Scan / A typical process for compromising a system
- use sniffer command / Meterpreter in action
V
- vulnerability
- about / Basic terms of exploitation
W
- webcam_list command / Meterpreter in action
- webcam_snap command / Meterpreter in action
- Windows exploits
- reference link / References
- Windows XP
- installing, on Oracle VM VirtualBox / Installing WindowsXP on Oracle VM VirtualBox
- wireshark command / Sniffing in a network
- wordlist directory
- about / Metasploit interfaces and basics
Z
- zero-day attacks
- reference link / References
- zero-day exploits
- references / References