Information security articles related to Backtrack Linux, information gathering, Windows, exploitation tools, OSX, reverse engineering, Ubuntu, maintaining access, CentOS, vulnerability assessments, etc.
Itrace is a fairly simple tool so this will be short and sweet. Itrace is a program that implements traceroute functionality using ICMP echo request packets. Therefore, it looks like you are just pinging your target while you traceroute there. It often helps tracing behind firewalls.
During the Information Gathering section of a pentest, we are interested in finding out the various sub-domains of our target domain. In the past few tutorials we queried DNS servers using zone transfer requests or trying to retrieve entries using a dictionary & brute-forcing attacks. Another technique to figure out sub-domains is to query google…
One good thing about writing articles on tools is you get to test out lots of different stuff you may not have normally used. One of these tools for me was Metagoofil. Metagoofil is a tool for written in Python for extracting the metadata from public documents (pdf,doc,xls,ppt) available in the target websites. This information…
The final tool in the DNS Section is called fierce. It is a perl script written by rsnake. Fierce tries multiple techniques to find all the IP addresses and hostnames used by a target. These include – trying to dump the SOA records, do a zone transfer, searching for commonly used domain names with a…
Today I will be reviewing Dnsmap from the Backtrack 4 Distribution. Dnsmap was originally released back in 2006 and has become a standard tool included is every backtrack release. There are other tools which preform the same tasks but I am a firm believer that a pentester/hacker should have the choice of as many tools…
The next tool I am going to look at is a really great ruby script written by my friend Carlos (Dark operator) Perez. Its called Dnsrecon and is included in Backtrack 4. This is a simple tool written for target enumeration during authorized penetration test engagements. This tool provides different methods for enumerating targets via…
Dnsenum is a very robust script which was actually written by one of the Backtrack developers when Backtrack was still a Remote-Exploit Project. The author, Filip (barbsie) Waeytens is a Web Application penetration tester and has extensive experience on the topic of DNS and information gathering. Today we will look at some examples of using…
This is going to be the second of my articles on the DNS section of Backtrack 4. While it isn’t as exciting as popping a box with the newest 0-day, passive information gathering in one of the most crucial steps of a successful pentest. Today we are going to look at Dnstracer.
This is one of the first articles in our Backtrack tutorial series. Alex and I will be be going through the entire distro of Backtrack 4 and writing a post on each tool. There is no one blog or web site which has a tutorial on each tool in backtrack so we are going to…
This is the first in a series of Backtrack 4 articles I will be writing regarding the tools available within Backtrack 4. I am fairly new to Backtrack so please comment, teach me, ask questions, or whatever you prefer in the comments section below. I am going to try to go down the list of…