Posts

Showing posts from July, 2020

TryHackMe "PentestQuiz"

Image
Today, I am going to make this write-up of "PentestQuiz" of TryHackMe. This is a quiz to check if you know topics and tools of Pentesting. Challenge Link - https://tryhackme.com/room/pentestquiz DESCRIPTION - Getting better at using "Search Engines" in order to find the right answers in less time is an art. This room is all about quick challenges which most of the n00bs like me already have in mind and don't really require a "Google Search" but for some of the n00bs it is still remained to be learnt! So these little challenges will be helping you a lot! Have fun! ~/w4tchd0g NOTE: Try to answer using hints provided. If not able to answer using hints, then answers are provided below. #1. Famous port scanner. Can you name it? Hint: Famous Network Mapping tool. #2. Famous network packet analyzer. Can you name it? Hint: You won't find this kind of shark. #3. Best place to find public exploits? Hint: It is famous database of exploits. #4. Best

Red Primer: Web Scanning

Image
Today, I am going to make this write-up of Web Scanning challenge on TryHackMe. This is a write-up on Web Scanning tools named as Nikto and OWASP ZAP. Challenge Link - https://tryhackme.com/room/rpwebscanning [Task 1] Pull the lever, Kronk! Web scanning represents one of the core constructs of modern pentesting. Quite simply, most of what we interact with on a daily basis is the internet, and therein there is a multitude of ever-widening number of vulnerabilities. Within this room, we will investigate two of the most common scanners: Nikto and Zap. Deploy the machine. [Task 2] ... I'm supposed to scan with that? A short quiz over the various switches used with Nikto as well as a quick scan against our target. All you'll need for this is the help menu for Nikto. Include all parts of the switch unless otherwise specified, this includes - #1. First and foremost, what switch do we use to set the target host? -h As per help, the answer should be -ho