Net Worker World

Fast mode namp -F x.x.x.x regular mode, multiple targets, up arrow key to see status  namp x.x.x.x y.y.y.y nmap 192.168.1.1-30 import target file nmap -iL target.txt scan ports nmap -p 22,80,443 x.x.x.x -A: Enable OS detection, version detection, script scanning, and traceroute -sV: Probe open ports to determine service/version info -O: Enable OS detection nmap --traceroute save to file nmap -F -oN result.txt x.x.x.x verbosity nmap -F -v  x.x.x.x

 SNMPv2c Use a community string as form of security, which is sent in plaintext, recommended to use ACL on IOS devices and IP Permit on Catalyst devices, sysoid is used to  identify the model, for example 1.3.6.1.4.1.9.1.2114 is ASA 5506-X snmpwalk -v:2c -c:public -r:10.114.64.6 -os:1.3.6.1.2.1.1.3 -op:1.3.6.1.2.1.1.4 SNMPv3 noAuthNoPriv Uses username for authc authNoPriv Uses MD5or SHA for authc authPriv Uses MD5or SHA for authc Uses DES or AES for encryption. ========== FTD SNMP v3 1.  Enable SNMP, add an username 2. Add SNMP host 3. SNMPwalk SnmpWalk.exe -r:172.16.1.19 -v:3 -sn:admin -ap:SHA -aw:Cisco123 -pp:AES128 -pw:Cisco123 -os:.1.3.6.1.2.1.1 C:\SnmpWalk>SnmpWalk.exe -r:172.16.1.19 -v:3 -sn:admin -ap:SHA -aw:Cisco123 -pp: AES128 -pw:Cisco123 -os:.1.3.6.1.2.1.1 SnmpWalk v1.01 - Copyright (C) 2009 SnmpSoft Company [ More useful network tools on http://www.snmpsoft.com ] OID=.1.3.6.1.2.1.1.1.0, Type=OctetString, Value=Cisco Firepower Threat Defense, Version 6.7.0.3 (Build 105),

  https://sourceforge.net/projects/miniserver/files/ Uniform Server ZeroXIV   >  ZeroXIV Modules  >  ZeroXIV_filezilla_server_0_9_60.exe Doc: http://www.uniformserver.com/ZeroXI_documentation/portable_filezilla_server.html

  Python  is an interpreted programming language Node.js is a JavaScript runtime. Developers like it because the JavaScript foundation provides a consistent language across web (sometimes called "frontend") and application (sometimes called "backend") development. Atom is an open source text editor  Postman is a powerful REST API client that provides a set of capabilities for testing, exploring, and writing REST APIs. ngrok  is an application that you run on your environment, and it builds a connection path from the public internet to your local workstation. Because you start the tool from your workstation,  ngrok  works well through firewalls, proxies, and NAT services If you do NOT have AnyConnect,  open source alternative  OpenConnect An application container is a packaging method to combine application code and any dependencies in an efficient format so that it can be easily run in isolation from other containers on a host. Docker  is an application container e

 Default login: kali kali Basic Linux Commands: pwd cd ls mkdir, rmdir cp, rm, mv, locate updatedb passwd man          echo "Hi!" > test.txt Commands chmod adduser /etc/passwd,/etc/shadow su    (switch user) sudo  ifconfig iwconfig arp netstat route View, create and edit files echo    echo "Hi!" > test.txt cat replacing vs appending (> vs >>) touch  nano  vi or vim) gedit (N/A) start and stop Kali Services services    service apache2 start/stop    alternative to launch a webserver to transfer file, run in a directory, then from browser will see directory file list    python -m SimpleHTTPServer [portnumber] systemctl  (start server permanently) systemctl enable ssh systemctl enable postgresql Installing installing updates with apt-get    apt-get update && apt-get upgrade    apt-get install git  or tools with apt-get git  (github) script grep cut tr script writing for loops example: ping 192.168.2.1 -c 1 > ip.txt cat ip.txt cat ip.txt | grep

Capture on MGMT interface: > tcpdump filter "host x.x.x.x" > view-pcap mgmt-pcap mgmt.pcap ================  1. Filter is bi-directional.            Packet captures are session-based, so a single filter is capable of capturing both client2server and server2client 2. Receive and transmit stage can use same capture file so we can see tx/rx in one capture file. If not doing this, we can merge rx/tx files in Wireshark. 3. Only new session is captured. 4. Four stages drop  stage is where packets get discarded. The reasons may vary and, for this part, the global counters may help identify if the drop was due to a policy deny, a detected threat, or something else. receive  stage captures the packets as they ingress the firewall before they go into the firewall engine. When NAT is configured, these packets will be pre-NAT. transmit  stage captures packets how they egress out of the firewall engine. If NAT is configured, these will be post-NAT. firewall   packet is inspected aga