Hacking Scenarios

Viewing 24 reply threads
  • Author
    Posts
    • #7594
      cyber.spirit
      Participant

      Hello my freinds  i really love this forum becuase i alway got useful info here and thank you all.

      frist of all, i wanna say im not new in hacking world i had some pentest experience i can use back track metasploit and many other tools and im familiar with many concepts and so on.

      But as im addicted to hack!!!! i wanna start studying it so seriously  and i know i must build a hacking lab so i bought VMware Workstation 8 (i know i can use Virtual box for free but i love Vmware its better) and i download Backtrack 5 R2 Gnome i installed to A VM and a windows Xp VM also so do i need anything more for my lab?

      i need some hacking scenario for exercises i googled it but i couldnt find some efficient scenarios dose anybody has them?

      Thanks again Take care!!

    • #47386
      sil
      Participant
    • #47387
      cyber.spirit
      Participant

      ok thankx and what about my hacking lab is it efficient?

    • #47388
      magxtopher
      Participant

      Thanks.Great blog all newbies or serious security guru’s shd read the link.
      Cool mate.

    • #47389
      magxtopher
      Participant

      @ cyber.spirit,
      My candidy advise is read google hacking and pen test by Johnny Long,
      any security officer needs this book.You will found millions of hacking scenarios
      and above all you will be equip with billions of search codes.I was shocked how
      the guy come up with such book.After reading the book you  will attempt to know how
      to hack with other search engines like msn,yahoo,bing etc.Give it a try u loose nothing.
      Good luck.

    • #47390
      cyber.spirit
      Participant

      thank you both Magxtopher and sil that blog is really greate iDK who creates that its pretty well.

      magxtopher, google hacking and pen test? Really? But i thought hacking with search engines is useless coz you cant choose ur target
      u must select one of results anyway thanks again and i’ll buy that book if its not free.

    • #47391
      rattis
      Participant

      Cyber.Spirt:

      You might also want to check out Thomas Wilhelm (aka Grendel)’s book
      http://www.amazon.com/Professional-Penetration-Testing-Creating-Learning/dp/1597494259

      There are some other good things on hacking lab design of the forum if you look. Jaddix and Laz3r (I think) had a good couple posts a few years ago.

    • #47392
      rattis
      Participant

      @cyber.spirit wrote:

      thank you both Magxtopher and sil that blog is really greate iDK who creates that its pretty well.

      magxtopher, google hacking and pen test? Really? But i thought hacking with search engines is useless coz you cant choose ur target
      u must select one of results anyway thanks again and i’ll buy that book if its not free.

      You can’t hack if you don’t have information. You can get information passively or actively.

    • #47393
      cyber.spirit
      Participant

      Yes chrisj i already know without Footprinting  i cant hack, and i can find info passively and sometimes actively. But if u used google hacking i may know in this type of attack u must use some Google dorks and choose a vulnerable  site from results and go further but my problem is i wanna choose the target by myself not useing the Google’s results thats why i think its useless IDK maybe Im wrong.

      and thank you for that book i guess its a greate book, and plese tell me is my lab efficient? do i need anything else for that? and which SP of windows XP is good for my lab

      thanks again

    • #47394
      rattis
      Participant

      @cyber.spirit wrote:

      my problem is i wanna choose the target by myself not useing the Google’s results thats why i think its useless IDK maybe Im wrong.

      and thank you for that book i guess its a greate book, and plese tell me is my lab efficient? do i need anything else for that? and which SP of windows XP is good for my lab

      thanks again

      As for the google stuff, treat it as if it’s out of scope. 🙂

      I was reading Basics of Hacking and Penetration Testing, or was it in the elearn security documents, last week, I can’t remember. Pretty sure that was where I came across, get the lowest SP version you can find. It’ll have more stuff for you to exploit. Doesn’t mean newer ones won’t have stuff to exploit but you’ll get more bang for your training doing the oldest. Of course, if your system will handle it, do all service packs and see how each do.

    • #47395
      ziggy_567
      Participant

      But i thought hacking with search engines is useless coz you cant choose ur target
      u must select one of results

      Check out the “site:” or “inurl:” Google dorks…

    • #47396
      cyber.spirit
      Participant

      Ok thank you all
      chrisj what do you think if i’ll buy the complete package of Professional Penetration Testing Creating And Operating A Formal Hacking. i think its expensive but as i said im addicted to hack and i dont care !!!! so what is ur opinion???

    • #47397
      cyber.spirit
      Participant

      can you give me an example ZIGGY??

    • #47398
      Grendel
      Participant

      @cyber.spirit wrote:

      chrisj what do you think if i’ll buy the complete package of Professional Penetration Testing Creating And Operating A Formal Hacking.

      As author of the aforementioned book, I strongly support your purchase it.

      😀

    • #47399
      ziggy_567
      Participant

      can you give me an example ZIGGY??

      Sure.

      Say you’re assessing a site for abc.com, and you want to look for sql dumps carelessly left on their webservers…go to Google and search for the following:

      filetype:”sql” site:abc.com

      As long as Google has indexed it, you’re in business…

    • #47400
      cyber.spirit
      Participant

      @Grendel wrote:

      As author of the aforementioned book, I strongly support your purchase it.

      Really? but its look like that book which u introduced me its not a book only its a DVD Package.

    • #47401
      cyber.spirit
      Participant

      @ziggy_567 wrote:

      Say you’re assessing a site for abc.com, and you want to look for sql dumps carelessly left on their webservers…go to Google and search for the following:

      filetype:”sql” site:abc.com

      As long as Google has indexed it, you’re in business…

      Thanks Ziggy Now, I like Google hacking its useful but as you said As long as Google has indexed it, you’re in business..

    • #47402
      rattis
      Participant

      @cyber.spirit wrote:

      Ok thank you all
      chrisj what do you think if i’ll buy the complete package of Professional Penetration Testing Creating And Operating A Formal Hacking. i think its expensive but as i said im addicted to hack and i dont care !!!! so what is ur opinion???

      Complete package? the amazon link is a book with a dvd in it. Like amazon said it’s a class room in a book

    • #47403
      cyber.spirit
      Participant

      @chrisj wrote:

      the amazon link is a book with a dvd in it. Like amazon said it’s a class room in a book

      What is that exactly? what kind of class room?

    • #47404
      Anonymous
      Participant

      g0tmi1k site is great I would say try the de-ice disk also try build your own this allow you to make your own scenario and also help other like yourself who trying to find scenario based vm to attack. You could also buy some hardware like Cisco kit set up some vlan and try other stuff like vlan hopping.

      but by far best resource is g0tm1iks website it has all the boot to roots out there

    • #47405
      Triban
      Participant

      @cyber.spirit wrote:

      What is that exactly? what kind of class room?

      As in the setup of the material is like taking a class.  Grendel starts off with some background around pen testing, along with methodologies and such. Then you get labs at the end of chapters with different types of scenarios.  The DVD contains a bunch of Live ISOs (De-ICE CDs), along with some other exploitable VMs.  There is also a chapter on setting up the lab (primarily virtual).

      The book is designed to give you a taste of pen testing while also going over the business end of it.  Developing scope and such of the job.  After all, it isn’t all about the hack, you need to be able to sell the need for the pen test and provide quality feedback to the customer when you are done.

      Eventually you will want a decent replica of an enterprise environment for your lab.  Throw in some routers a firewall and maybe even some security devices to try and bypass or hide from.  After all that is what you will face on a real job.

      Enjoy and good luck!

    • #47406
      cyber.spirit
      Participant

      WooooOOOOooooW

      3xban thank i think its so great i’ll purchase it so soon.

    • #47407
      cyber.spirit
      Participant

      thank you all i bought that class room and its greaaaaaaaaaaaaaaaatttt!!!!

    • #47408
      magxtopher
      Participant

      Hi  Cyber spirit,
      I am 100% newbie thatz security.
      As for google hacking for pen tester.
      Newbie needs it because for you to reach
      your target u need to know the basics which the
      book already explain like website address,email address
      etc.You can as well check out this book-the basic hacking and
      penetration testing(ethical hacking and penetration testing made
      easy)by Patrick Engebretson.Plz recommend good hacking books for
      newbies.I wanna study,men
      Cyber spirit i like reading your blogs because your serious in this
      business.kudos!Can you contact me at magxtopher@gmail.com?
      Magxtopher.

    • #47409
      cyber.spirit
      Participant

      Hi dear magxtopher
      First i want to say welcome to this amazing forum i hope u enjoy of it.So if your completely newbie in security i recommend you to get some books:

      1- Hacker high school(its a collection of 13 books)
      http://www.hackerhighschool.org

      2- The hacker’s Underground Handbook
      http://www.amazon.com/gp/aw/d/1451550189/ref=redir_mdp_mobile

      I suggest you to learn html and perl too. As i asked above you need to create a hacking lab. So you must learn a little bit of Virtualization too

      Man thank u so much for following my blogs i hope i can be useful here
      Good luck

Viewing 24 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?