• Subscribe to the low volume list for updates.

Blog

Nmap Cheat Sheet

Nmap Target Selection Scan a single IP nmap 192.168.1.1 Scan a host nmap www.testhostname.com Scan a range of IPs nmap 192.168.1.1-20 Scan a subnet nmap 192.168.1.0/24 Scan targets from a text file nmap -iL list-of-ips.txt These are all default scans, which will scan 1000 TCP ports. Host discovery will take place. Nmap Port Selection Scan […]
Read More

Maltego – Open Source Intelligence Gathering

A powerful new tool is about to go into a new release. Maltego makes the collection of open source intelligence about a target organisation a simple matter. DNS queries, document collection, email addresses, whois, search engine interrogation and a wide range of other collection methods allows a Penetration Tester or vulnerability assessment to quickly gather […]
Read More

DirBuster – Brute force a web server for interesting things

You would be surprised at what people leave unprotected on a web server. DirBuster is a java application that will brute force web directories and filenames on a web server / virtual host. This can often reveal unprotected web applications, scripts, old configuration files and many other interesting things that should not be available to […]
Read More

Mozilla Service Week

An online volunteering initiative by the Mozilla foundation is a great initiative intending to bring online volunteering together with organisations and individuals requiring assistance. We believe the Internet should make life better. Join us the week of September 14-21, 2009, as we take action to make a difference in our communities, our world, our Web. […]
Read More

rkhunter – add another layer to your security

Rkhunter is an easy to use tool that keeps an eye on your systems files for rootkits and a few other oddities that may indicate an attacker has taken over your system. It can be also used if your system has been hacked and you wish to inspect the damage - keep in mind that […]
Read More

SQL Injection Demystified

Darkreading has a great article up on SQL Injection. This form of attack has been around for a long time, and happens because of poor dynamic website coding practices. A simple SQL injection vulnerability can often be exploited to gain full access to the database and / or full control of the database server. Now […]
Read More

Sqlmap 0.7 released and added to HackerTarget.com sqli scan option

Bernardo Damele A. G. has released the latest update to sqlmap 0.7 and it is fast become the leading SQL injection tool for penetration testing. A python based script that can give you full shell access amongst other things on an sql injection exploitable host. This is a must have on a web application pentest. […]
Read More

Nmap 5.00 added to HackerTarget.com Scanning Suite

Hot off the forges of Fyodor comes the latest release of the worlds leading port scanner. Nmap 5.00 has been released, and we have immediately implemented it here at HackerTarget.com. Keep an eye out as we explore some of the new features, we will be sure to implement them here, keeping HackerTarget.com the number one […]
Read More

Guide to OpenVPN on Ubuntu 904 Jaunty Jackalope

If you want a simple VPN this is a quick and easy guide for OpenVPN on Ubuntu that will get you up and running with minimal configs. Note that with some persistance this is not hard to do and opens up a world of possibilities. Eg, Full encrypted access from remote locations to your home […]
Read More

Guide to Nessus 4 on Ubuntu 9.04

This guide is the first in a 3 part series. Part 1 is the Installation of Nessus 4 on the Jaunty Jackalope - Ubuntu 9.04. Part 2 covers the installation of OpenVas 2 on Ubuntu 9.04 and Part 3 will be a comparison between the two vulnerability scanners. A full review with scan results from […]
Read More