Difference between revisions of "Kali tools"
Jump to navigation
Jump to search
Rafahsolis (talk | contribs) (→Hydra) |
Rafahsolis (talk | contribs) (→Hydra) |
||
| Line 2: | Line 2: | ||
== Hydra == | == Hydra == | ||
SSH bruteforce | SSH bruteforce | ||
| − | hidra -s 22 -v -V -l root -P <path_to_wordlist> -e -ns -t 192.168.0.101 ssh | + | hidra -s 22 -v -V -l root -P <path_to_wordlist> -e -ns -t 16 192.168.0.101 ssh |
== patator == | == patator == | ||
Revision as of 22:21, 27 March 2015
Hydra
SSH bruteforce
hidra -s 22 -v -V -l root -P <path_to_wordlist> -e -ns -t 16 192.168.0.101 ssh
patator
Patator v0.5 (http://code.google.com/p/patator/) Usage: patator.py module --help Available modules: + ftp_login : Brute-force FTP + ssh_login : Brute-force SSH + telnet_login : Brute-force Telnet + smtp_login : Brute-force SMTP + smtp_vrfy : Enumerate valid users using SMTP VRFY + smtp_rcpt : Enumerate valid users using SMTP RCPT TO + finger_lookup : Enumerate valid users using Finger + http_fuzz : Brute-force HTTP + pop_login : Brute-force POP3 + pop_passd : Brute-force poppassd (http://netwinsite.com/poppassd/) + imap_login : Brute-force IMAP4 + ldap_login : Brute-force LDAP + smb_login : Brute-force SMB + smb_lookupsid : Brute-force SMB SID-lookup + vmauthd_login : Brute-force VMware Authentication Daemon + mssql_login : Brute-force MSSQL + oracle_login : Brute-force Oracle + mysql_login : Brute-force MySQL + mysql_query : Brute-force MySQL queries + pgsql_login : Brute-force PostgreSQL + vnc_login : Brute-force VNC + dns_forward : Forward lookup names + dns_reverse : Reverse lookup subnets + snmp_login : Brute-force SNMP v1/2/3 + unzip_pass : Brute-force the password of encrypted ZIP files + keystore_pass : Brute-force the password of Java keystore files + tcp_fuzz : Fuzz TCP services + dummy_test : Testing module
webscarab
smali
usage: java -jar smali.jar [options] [--] [<smali-file>|folder]*
assembles a set of smali files into a dex file
-?,--help prints the help message then exits. Specify twice for debug options
-a,--api-level <API_LEVEL> The numeric api-level of the file to generate, e.g. 14 for ICS. If not
specified, it defaults to 14 (ICS).
-o,--output <FILE> the name of the dex file that will be written. The default is out.dex
-v,--version prints the version then exits
-x,--allow-odex-instructions allow odex instructions to be compiled into the dex file. Only a few
instructions are supported - the ones that can exist in a dead code path and
not cause dalvik to reject the class
paros
Gui crawler
oscanner
Oracle Scanner 1.0.6 by patrik@cqure.net -------------------------------------- OracleScanner -s <ip> -r <repfile> [options] -s <servername> -f <serverlist> -P <portnr> -v be verbose
dirbuster
another bruteforce application
dbpwaudit
DBPwAudit v0.8 by Patrik Karlsson <patrik@cqure.net> ---------------------------------------------------- DBPwAudit -s <server> -d <db> -D <driver> -U <users> -P <passwords> [options] -s - Server name or address. -p - Port of database server/instance. -d - Database/Instance name to audit. -D - The alias of the driver to use (-L for aliases) -U - File containing usernames to guess. -P - File containing passwords to guess. -L - List driver aliases.