Showing posts with label Linux. Show all posts
Showing posts with label Linux. Show all posts

How To Get The Needed Information During Footprinting

Hello Guys!! Let's talk about footprinting today and in this post, I'll reveal to you how to get the foundation information or administrations that a site is running. This will be useful in increasing some data amid the Information Gathering process and footprinting.

From Network:
  • Domain Name
  • IDS
  • Authentication Methods
  • Networking Protocols
  • Internal DNS Information
  • Private Websites
  • VPN Devices
  • TCP & UDP Services Running
  • Network Block
  • IP Addresses of Reachable Computer Systems
From Systems:
  • Passwords
  • Remote System Type
  • User & Group Names
  • System Banners
  • System Names
From Organizations:
  • Addresses & Phone Numbers
  • Background of the Organization
  • Company Directory
  • Location Details
  • Employee Details
  • Organization other websites
  • Press Releases
  • Security Policies Implemented
How to get that information from other areas:
  1. Search Engines ( Google, Altavista, Metacrawler, Bing, etc. )
  2. WHOIS Records
  3. DNS
  4. Social Networks
  5. Website Mirroring
  6. People Sites
  7. URL Analysis
  8. Job Sites
  9. Financial Web
  10. Alert Websites
  11. Archive Websites ( )
  12. Google Earth.

How to Find or Scan Hidden Wireless Networks (SSID's) Using Kali Linux

How to Find or Scan Hidden Wireless Networks (SSID's) Using Kali Linux

Welcome all, lets see how to scan hidden wireless networks using Kali Linux.These is performed using airmon-ng,airodump-ng and airplay-ng.Follow the below steps to unhide the SSID's.

  • Kali Linux
  • Knowledge on using Kali Linux
  • Wireless Card (TP Link or any other ...)

Lets start the Procedure

– Empowering Wireless Checking : airmon-ng

– Finding the APs (Access points) : airodump-ng

– Stay quiet for Affiliation or use de-authentication : aireplay-ng

We should Start

– Before begin, ensure that you have eth0, lo, wlan0 are in real life. (go to terminal and run ifconfig)

– We should begin to screen on that remote interface, run:

airmon-ng start wlan0

– In the wake of executing above charge, we should get another interface mon0 (monitor mode empowered)

– Check that both interfaces are up and running, run:


– Look for wlan0 and mon0, run:

airodump-ng mon0

– For observing all the APs that Kali Linux OS can discover.

– From next stride, note BSSID and ESSID, if there is any concealed SSID, then ESSID will be configuration like this : <length: 0> [Notice, it's CH (Channel) and BSSID]

– CTRL+C (press)

airodump-ng -c 1 mon0

(Here, 1 is channel we see/you take note. This value may contrast.)

– After some time, you will see <length: 0> changes and uncovers SSID name.

– On the off chance that it requires parcel of investment to uncover SSID, we can take after de-verify process by cloning next terminal in Kali Linux.

– Duplicate BSSID (MAC) of ch 1

#Deauth Assault:

aireplay-ng -0 2 -a 00:A1:B2:11:20:13:5T mon0

– It sends de-auth to communicate

airodump-ng -c i mon0

– Hold up

– Head toward new Terminal

aireplay-ng -0 2 -a 00:A1:B2:11:20:13:5T mon0

– At long last you will get SSID in ESSID area.

Download and Use all Kali Linux Tools[Single Package] On Windows for Pentesting and Hacking - Complete Linux Environment

Download and Use all Kali Linux Tools[Single Package] On Windows for Pentesting and Hacking - Complete Linux Environment
Running all Pentesting tools on Windows Os

Have you ever wondered of using Kali Linux tools on Windows??yes , now you can download and plug in play all the Kali Linux Tools on Windows.The Good news is there is no need to install or remove any drivers specifically for these tools.Here are some the cool features of Pentest Box.

Features :-


It is a command line utility which is all what you want. You can get to know about the commands on


PentestBox directly runs on host machine instead of virtual machines, so performance is obvious.


PentestBox is entirely portable, so now you can carry your own Penetration Testing Environment on a USB stick. It will take care of all dependencies and configuration required to run tools.


Windows has already large support of drivers for Graphic Card and wireless. So now you don't have to worry about drivers compaitability issues. For Example now you can use your GPU power to crack hashes using Project RainbowCrack which is particularly not compaitable on linux environment.


PentestBox runs on host machine without any need for virtual machine. So it only need's 20 MB for launching compared to atleast 2GB of RAM need for running virtual machine distributions.


PentestBox contains a version of Mozilla Firefox Browser with nearly all security addons. To know the complete list of addons.


Consider a environment where you want to use PentestBox on many computers like office, lab, etc. Instead of installing PentestBox on each and every computer, you can just install that on one computer and share that folder as a drive to other computers on the same network. 


It is the same green font on black terminal but in an modern way.


All the dependencies required by tools are inside PentestBox, so you can even run PentestBox on freshly installed windows without any hassle.


PentestBox contains nearly all linux utilities like bash, cat, chmod, curl, git, gzip, ls, mv, ps, ssh, sh, uname and others. It even contains your favourite text editor "vim". For complete list, please look at
Because of this most of the pentesting tools which were earlier compatible only with Linux are working smoothly in PentestBox.


In the making of PentestBox we have included only the best tools , but in that process we have missed some tools which you might want to use. In that case you can easily install those tools using toolsmanager present inside PentestBox, it can install/update/Uninstall tools which are not there in PentestBox.


It is very light on Disk as well, it only acquires less than third of linux pentesting distro do.


It contains an update feature through which you can keep your tools updated. To know more about update feature, please click here.


Most users aren’t concerned about 32-bit support because they normally uses 64 bit systems. But this was introduced to make low-end systems in to a Pentesting Environment. Just to give an idea, i have tested PentestBox on this $200 machine, and it ran on it very smoothly.
Pentest Box is a 2GB package containing almost all pentest tools for hackers and pentesters.
Download Pentest Box From Official Site:
See the Below Video For Demo

How to Crack WPA/WPA2 Password With Reaver Using Kali Linux 2.0

Hello Guy's , today lets see on how to crack WPA/WPA2 Password using Reaver in Kali Linux.This tutorial shows how cracking the password with WPS enabled using reaver and also a small video tutorial is also available below.

How to perform the attack

Now it would are robust to hold out this attack at some purpose in history, but now, its a breeze. If you have got all the conditions, then hacking the network would be as simple as

reaver -i <interface-name> -b <BSSID of target>

And if you're already at home with hacking WEP, then simply visit your Kali Linux terminal and kind the higher than command (replacing what must be replaced). Leave your machine as is, come ten minutes later, check the progress (must be 1 Chronicles or  something), and go take a nap. However, if you are a starter, then accompany.

Kali Linux

First off, you would like to possess Kali Linux (or backtrack) up and running on your machine. the other Linux distro may work, however you'll have to put in Reaver on your own. currently if you do not have Kali Linux put in, you may wish to travel to the present page, which is able to get you started on hacking with Kali Linux. (Reaver features a familiar issue : typically it does not work with Virtual Machines, and you may ought to do a live boot mistreatment live CD or live USB of Kali Linux. See the last section of this post on = troubleshooting by scrolling down a bit)

Information Gathering

Now you would like to search out out the subsequent concerning you target network-

  • Does it have WPS enabled. If not, then the attack won't work.
  • The BSSID of the network.

Now to see whether or not the network has WPS enabled or not, you'll either use wash or simply use the great recent airodump-ng. Wash is specifically meant to see whether or not a network has WPS enabled or not, and thereby is far easier to use. Here ar the steps-

Set your wireless interface in monitor mode- 

airmon-ng start wlan0

Use wash (easy however typically unable to find networks even after they have wps enabled). If any network shows up there, it's WPS enabled.

wash -i mon0

Use airodump-ng. it'll show all networks around you. It tells that of them use WPA. you'll need to assume they need WPS, then move to next steps.

airodump-ng mon0

BSSID of the network - currently regardless of what you used, you must have a BSSID column within the result that you just get. Copy the BSSID of the network you wish to hack. that is all the data you wish.

So by currently you want to have one thing like XX:XX:XX:XX:XX:XX, that is that the BSSID of your target network. Keep this derived, as you'll have it.


Now finally we tend to are about to use Reaver to urge the password of the WPA/WPA2 network. Reaver makes hacking terribly simple, and every one you wish to try and do is enter-

reaver -i mon0 -b XX:XX:XX:XX:XX:XX 

Explanation = i  - interface used. keep in mind making a monitor interface mon0 using airmon-ng start wlan0. this is often what we tend to are using. -b species the BSSID of the network that we tend to realized earlier.

This is all the knowledge that Reaver got to start. However, Reaver comes with several advanced choices, and a few areasure} suggested by me. most significantly, you must use the -vv option, that will increase the expressive style of the tool. Basically, it writes everything thats occurring to the terminal. This helps you see whats happening, track the progress, and if required, do some troubleshooting. thus final command ought to be-

reaver -i mon0 -b XX:XX:XX:XX:XX:XX -vv

After some hours, you'll see one thing like this. The pin during this case was advisedly 12345670, thus it had been  hacked in three seconds.

See The Below Video To Get better understanding:

Or See it on Youtube

Top 8 Kali Linux Compatible WiFi Cards and Adapters for Wireless Packet Capturing

Kali Linux Compatible Wireless Adapters

When you install Kali Linux on your pc typically you are doing that victimisation VMware Workstation/Player or VirtualBox. to Illustrate you employ your portable computer and after you wish to attach to your LAN association using your laptop's inherent wireless card and you bought a haul as a result of Kali Linux will not acknowledge it and not showing any wireless data card.

Kali Linux will work solely with a couple of wireless cards. do not try and use a bridged association or one thing like that, though you found a "solution" on the net, it will not work.
If you're designing solely to attach to LAN association and do not wish to use any LAN tools from Kali and change the "monitor mode", then you'll twin boot your pc and use the laptop's inherent wireless card. i am undecided, however if you are attempting to form a bootable Kali USB flash drive or videodisk, perhaps the inherent driver work once more.
If you wish to change the "monitor mode" then you actually would like an external USB wireless adapters.

And I can show the list of USB Wireless Adapters/Cards compatible with Kali Linux old versions and with Kali Sana too.

If you're still using backtrack(But extremely why you wish to use Backtrack anymore) then this adapters too can work for you.

1.Alfa AWUS036NHA

Chipset: AtherosAR9271

2.Alfa AWUS051NH

Chipset: RT3572


Chipset: AtherosAR9271

4.Alfa AWUS036H

Chipset: Realtek 8187

5.Alfa AWUSO36NH

Chipset: RT3070

6.Panda PAU05

Chipset: RT3070

7.Alfa AWUS036NHR v2

Chipset: Realtek RTL8188RU

8.Alfa AWUS036NEH

Chipset: Realtek RT3070

How to Setup Angry IP Scanner in Kali Linux

Angry ip Scanner (or merely ipscan) is an ASCII text file and cross-platform network scanner designed to be quick and easy to use. it's a awfully quick ip address and port scanner. It will scan ip addresses in any vary in addition as any their ports. it's cross-platform and light-weight. Not requiring any installations, it may be freely derived and used anyplace.

Angry ip scanner merely pings every ip address to ascertain if it’s alive, then optionally it's partitioning its hostname, determines the waterproof address, scans ports, etc. the quantity of gathered knowledge concerning every host may be extended with plugins.

It additionally has further options, like NetBIOS info (computer name, workgroup name, and presently logged in Windows user), favorite ip address ranges, internet server detection, customizable openers, etc.

Scanning results may be saved to CSV, TXT, XML or IP-Port list files. With facilitate of plugins, Angry ip Scanner will gather any info concerning scanned IPs. Anybody WHO will write Java code is ready to write down plugins and extend practicality of Angry ip Scanner. 

Install Angry ip Scanner on Kali Linux operating system - 

It is wide employed by network directors and simply curious users round the world, as well as giant and tiny enterprises, banks, and government agencies.

It runs on Linux operating system, Windows, and MAC OS X, probably supporting alternative platforms in addition.

Install Angry ip Scanner on Kali Linux operating system

For Linux operating system we will download a .deb package. Kali Linux operating system could be a Debian primarily based package, therefore we will merely install that downloaded .deb package on Kali Linux operating system. Use the subsequent link to transfer the .deb file:

You will see one thing like this:

Download version 3.4 below or browse previous releases or maybe older releases.

DEB Package for Ubuntu/Debian/Mint, 64-bit
RPM Package for Fedora/RedHat/Mageia/openSUSE, 64-bit
DEB Package for Ubuntu/Debian/Mint, 32-bit
RPM Package for Fedora/RedHat/Mageia/openSUSE, 32-bit

Download DEB Package for Ubuntu/Debian/Mint, looking on your Kali installation, choose either 32-bit or the 64-bit package. currently i'm employing a terribly recent laptop computer that doesn’t even support 64-bit, therefore I’ll transfer the 32-bit .deb file and install that. In your case, you're presumably to run a more modern version or a in an exceedingly Virtual atmosphere. therefore amend the computer filename as needed.

Install .deb package using dpkg

Install the downloaded .deb package using the subsequent commands.

root@kali:~/Downloads# dpkg -i ipscan_3.4_i386.deb 
Selecting previously unselected package ipscan.
(Reading database ... 383693 files and directories currently installed.)
Preparing to unpack ipscan_3.4_i386.deb ...
Unpacking ipscan (3.4-1) ...
Setting up ipscan (3.4-1) ...
Processing triggers for gnome-menus (3.13.3-6) ...
Processing triggers for desktop-file-utils (0.22-1) ...
Processing triggers for mime-support (3.58) ...

Now run the application from App menu.

Angry IP Scanner