Friday 23 March 2018

Using NIKTO through a proxy

***Using Nikto through a HTTP proxy bound with SSL***


Scenario:

Address to scan (host) is: 127.0.0.1:10443
Through the proxy (useproxy): 10.11.1.252:8888

Our command would look like...
perl /usr/bin/nikto  -host https://127.0.0.1:10443 -useproxy http://10.11.1.252:8888


This will fail because there is a known issue with the SSL auto function in the /etc/nikto.conf file


First edit: /etc/nikto.conf

edit line 79

From:
LW_SSL_ENGINE=auto

To:
LW_SSL_ENGINE=SSLeay




Tuesday 20 February 2018

Cheetsheet - Image File Extraction

Extracting Data from Images Cheat sheet

Use Binwalk to view the content of a file

# binwalk


Extract everythign from the file

#binwalk -ME

Search for hidden data

steghide extract -sF filename





Monday 27 February 2017

                                                      




Welcome to the SQL Injection Beginners Guide


This site has been created to help collect data from varioud previous pentest and experiences to help an individual get to grips with the basics of SQL Injection.

Use the navigation on the right hand side to view pages on step by step guides as well as cheat sheets that will help with syntax and other pieces of information.

For video related walk-through guides goto the YouTube Channel and start learning.


https://www.youtube.com/channel/UC9Qa_gXarSmObPX3ooIQZrg

Or For a complete Solution Goto the Training Course centre here online and complete the course.

https://www.udemy.com/interactive-pentesting