Step 2. Set up the setting and click on the “ scan ” button. This is not high level setting, it is simple choose search engine, duplicate result should be removed or not. Set it yourself.

Step 4. Click on Vulnerable to filter the result and only show the vulnerable results. Bingo! Boom you completed your first task.

🦑 Getting Data From Vulnerable Site:

Now, you need to run Havij as administrator and follow the steps below

Step 1. Paste the vulnerable site in the target TextBox on Havij and click Analyze .

Step 2. Once the process finished, you will see something like in the image below on your Havij log box.

Step 3. Click on Tables then Get Tables and you will see all the tables that are in the database.

Step 4. Now, look for a table named “ Orders ” or something similar. Tick the table and click on Get Columns.

Step 5. You will get the columns that are in the table “Orders”. Now tick on something that related to credit cards information, such as cc_number, cc_type, cc_expired_year, cc_expired_month, and cvv or cvv2 . Once you’re done, click on Get Data.

Step 6. Just wait for the dumping progress and you will get the information.

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Best #Whois services :


WHOIS information is based upon a tree hierarchy. ICANN (IANA) is the authoritative registry for all of the TLDs and is a great starting point for all manual WHOIS queries.

ICANN - http://www.icann.org

IANA - http://www.iana.com

NRO - http://www.nro.net

AFRINIC - http://www.afrinic.net

APNIC - http://www.apnic.net

ARIN - http://ws.arin.net

LACNIC - http://www.lacnic.net

RIPE - http://www.ripe.net

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑DNS Most popular tools used for informations gathering :

> dnsenum : http://code.google.com/p/dnsenum

> dnsmap : http://code.google.com/p/dnsmap

> dnsrecon : http://www.darkoperator.com/tools-and-scripts

> dnstracer : http://www.mavetju.org/unix/dnstracer.php

> dnswalk : http://sourceforge.net/projects/dnswalk

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑DMVPN-hub-configuration :


> crypto isakmp policy 1
encryption aes
authentication pre-share
group 14
!
! A dynamic ISAKMP key and IPsec profile
crypto isakmp key supersecretkey address 0.0.0.0 crypto ipsec transform-set trans2 esp-aes esp-sha-hmac mode transport
!
crypto ipsec profile myhubvpnprofile
set transform-set trans2
!
! The tunnel interface with NHRP Interface Tunnel0
ip address 10.0.0.1 255.255.255.0
ip nhrp authentication anothersupersecretkey
ip nhrp map multicast dynamic
ip nhrp network-id 99
ip nhrp holdtime 300
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
! This line must match on all nodes that want to use this mGRE tunnel.
tunnel key 100000
tunnel protection ipsec profile myhubvpnprofile
!
interface GigabitEthernet0/0
ip address 172.16.0.1 255.255.255.0
!
interface GigabitEthernet0/1
ip address 192.168.0.1 255.255.255.0
!
router eigrp 1
network 10.0.0.0 0.0.0.255
network 192.168.0.0 0.0.0.255

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 #Remote Access and Site-to-site VPN Troubleshooting References :


- ASA and AnyConnect Troubleshooting TechNotes

- AnyConnect VPN Client Troubleshooting Guide

- Site-to-Site VPNs for Firepower Threat Defense


- Remote Access VPNs for Firepower Threat Defense

- VPN Monitoring for Firepower Threat Defense

- VPN Troubleshooting for Firepower Threat Defense


@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁