 |
| |
| |
|
Who's Online |
|
We have 37 guests and 2 members online |
|
| |
|
|
 |
|
EH-Net
|
|
May 24, 2013, 10:45:11 AM
|
 Show Posts
|
|
Pages: [1] 2 3 ... 9
|
|
1
|
Ethical Hacking Discussions and Related Certifications / Web Applications / Re: Nessus and Nikto
|
on: May 18, 2013, 02:56:21 AM
|
i can't watch that movie IDK why anyway: is network established between you and the target? can you ping it? Can you scan the target with nmap? Is your target on internet? if it is: Are you behind any firewall? If you are, try this scan: nmap --scanflags SYNFIN <Target IP address> This may bypass the firewall. Always scan the server using IP address because they may implemented network load balancing so you may scan different servers each and every time. Is your target in a virtual lab? if it is: Make sure that you attack system and server are using a same network adapter otherwise they can't connect to each other. check your IP addresses for both systems i hope this info can be helpful if not tell me i will watch the vidoe.  ? |
|
|
|
|
3
|
Ethical Hacking Discussions and Related Certifications / Web Applications / Nessus and Nikto
|
on: May 14, 2013, 12:13:53 PM
|
I've been trying to integrate Nessus and Nikto. I've followed all the instructions on this video: http://www.youtube.com/watch?v=6kHyAhFv7xgBut when I run the scan nothing seems to happen. Meaning no new vulnerabilities appear compared to a Nessus scan that doesn't have Nikto enabled. The only information I was able to find in nessusd.messages was the following: launching nikto.nasl against 192.168.0.125 [1251]
nikto.nasl (process 1251) finished its job in 0.010 seconds
This seems incredibly fast compared to running Nikto from the command line, which works fine. Does anyone have any ideas on how to get this working, or where on my system I could check to find additional information on what is happening? I'm running CentOS 6.4 x64 and Nessus 5.2. Thanks. |
|
|
|
|
10
|
Ethical Hacking Discussions and Related Certifications / General Certification / Re: Hackingdojo
|
on: February 28, 2013, 11:23:42 AM
|
I've done most of the Shodan course, however I failed at cracking some passwords. Despite that I tried idunno, 50-100'000 relevant variations of the mentioned topic, and 165 million random different passwords. Did any of them crack? Nope.
I failed at cracking some of the passwords as well MaXe. I spent weeks after trying to crack them but couldn't get them. |
|
|
|
|
13
|
Ethical Hacking Discussions and Related Certifications / General Certification / Re: Certification Advice
|
on: January 09, 2013, 05:58:29 PM
|
I find that certs are the only way to force me to learn usefull but boring things. Without a goal/carrot in front of my, I either get lazy or study only what I like.
There have been many discussions on certs vs experience on this site and I think most people agree that experience is more important, while *some* certs open doors (get you through HR screening) and *other* certs/training programs make you a better pentester.
For example, CISSP vs OSCP are pretty much opposite to each others...
I completely agree. I get callbacks on about 80% of the jobs I submit my resume for, but I have trouble passing some of the technical interview questions, so I'm more focused on things like eCPPT and OSCP which will give me knowledge. On the other hand, someone who knows more than I do but doesn't get past HR screenings would probably do better to get a CEH or CISSP. |
|
|
|
|
Loading...
|
|
|
|
Greetings : Hi from the UK
