Blue Flower

Let's go and learn some tips about White Hacking, interesting ah? :)

  • When browsing to be dodgy, use the "incognito mode" built in Chrome (while in the browser, press Crtl+Shift+N)
  • Visit https://www.google.com/alerts and setup your string alerts in there (for example "hack"), and you'll receive e-mail from what's happening on the web regarding your alert string. This is the best way of getting your news personalised! :)
  • Explore the Google Advance Search Operators and get familiar with it: http://www.googleguide.com/print/cheatsheet.pdf
  • Visit www.exploit-db.com to access the Google Hacking Database to search for specific google searches that queries well-known vulnerabilities in databases

 

Tools for Website recon

There are a few tools for you to gather some info of website you want to protect/target

 

Tools for Email recon

  • Download the official email tracker pro, then paste the header of the e-mail on the "Trace Header" button, and see the trace happening http://www.emailtrackerpro.com/
  • Using you Kali VM, fireup nslookup in interactive mode and type  "set type=mx" then the target site, for a list of DNS records visit this link: https://en.wikipedia.org/wiki/List_of_DNS_record_types

Network Scanning

  • Open nmap on your Kali system and issue this command to scan your local subnet:
    • nmap -sn 192.168.0.24/24

EC-Council

Either create your own lab (recommended, using VMware Workstation) or use the https://ilabs.eccouncil.org/ 

 

https://www.hackthissite.org/

www.archive.org

www.anywho.com

www.netcraft.com ;use Monster for an insight of the network system if the company if hiring for someone

www.kali.org to get the good guy for WMware workstation 

Google Hacking Database can be explored at www.exploit-db.com

Print Friendly, PDF & Email