Difference between revisions of "Pentest"

From OnnoWiki
Jump to navigation Jump to search
 
(10 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[File:Practice.png|center|600px|thumb]]
+
[[File:Practice.png|center|20px|thumb]]
  
 
==Referensi==
 
==Referensi==
  
 +
* https://pentester.land/tutorials
 
* http://www.computersecuritystudent.com/
 
* http://www.computersecuritystudent.com/
 
* http://pentestlab.wordpress.com/
 
* http://pentestlab.wordpress.com/
 
* http://minhnhatssc.blogspot.com/
 
* http://minhnhatssc.blogspot.com/
 
* http://www.amanhardikar.com/mindmaps/Practice.html
 
* http://www.amanhardikar.com/mindmaps/Practice.html
 +
* https://www.amanhardikar.com/mindmaps/Practice.html
 
* https://www.vulnhub.com/
 
* https://www.vulnhub.com/
  
 
===Vulnerable Apps===
 
===Vulnerable Apps===
  
 +
* https://information.rapid7.com/download-metasploitable-2017.html
 
* https://www.vulnhub.com/
 
* https://www.vulnhub.com/
 
* http://pentestlab.org/10-vulnerable-web-applications-you-can-play-with/
 
* http://pentestlab.org/10-vulnerable-web-applications-you-can-play-with/
Line 65: Line 68:
 
* XVWA https://github.com/s4n7h0/xvwa
 
* XVWA https://github.com/s4n7h0/xvwa
 
* Zap WAVE http://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip
 
* Zap WAVE http://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip
 +
 +
==Vulnerable OS==
 +
 +
* 21LTR http://21ltr.com/scenes/
 +
* Damn Vulnerable Linux http://sourceforge.net/projects/virtualhacking/files/os/dvl/
 +
* exploit-exercises - nebula, protostar, fusion http://exploit-exercises.com/download
 +
* heorot: DE-ICE, hackerdemia http://hackingdojo.com/downloads/iso/De-ICE_S1.100.iso
 +
* http://hackingdojo.com/downloads/iso/De-ICE_S1.110.iso
 +
* http://hackingdojo.com/downloads/iso/De-ICE_S1.120.iso
 +
* http://hackingdojo.com/downloads/iso/De-ICE_S2.100.iso
 +
* hackerdemia - http://hackingdojo.com/downloads/iso/De-ICE_S1.123.iso
 +
* Holynix http://sourceforge.net/projects/holynix/files/
 +
* Kioptrix http://www.kioptrix.com/blog/
 +
* LAMPSecurity http://sourceforge.net/projects/lampsecurity/
 +
* Metasploitable http://sourceforge.net/projects/virtualhacking/files/os/metasploitable/
 +
* neutronstar http://neutronstar.org/goatselinux.html
 +
* PenTest Laboratory http://pentestlab.org/lab-in-a-box/
 +
* Pentester Lab https://www.pentesterlab.com/exercises
 +
* pWnOS http://www.pwnos.com/
 +
* RebootUser Vulnix http://www.rebootuser.com/?page_id=1041
 +
* SecGame # 1: Sauron http://sg6-labs.blogspot.co.uk/2007/12/secgame-1-sauron.html
 +
* scriptjunkie.us http://www.scriptjunkie.us/2012/04/the-hacker-games/
 +
* UltimateLAMP http://www.amanhardikar.com/mindmaps/practice-links.html
 +
* TurnKey Linux http://www.turnkeylinux.org/
 +
* Bitnami https://bitnami.com/stacks
 +
* Elastic Server http://elasticserver.com
 +
* OS Boxes http://www.osboxes.org
 +
* VirtualBoxes http://virtualboxes.org/images/
 +
* VirtualBox Virtual Appliances https://virtualboximages.com/
 +
* CentOS http://www.centos.org/
 +
* Default Windows Clients https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise
 +
* https://dev.windows.com/en-us/microsoft-edge/tools/vms/
 +
* Default Windows Server https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-technical-preview
 +
* Default VMWare vSphere http://www.vmware.com/products/vsphere/
  
 
===Setup Pentest Lab===
 
===Setup Pentest Lab===
Line 76: Line 113:
 
* http://pen-testing-lab.blogspot.com/2011/12/setting-up-pen-test-lab-with-vulnerable.html
 
* http://pen-testing-lab.blogspot.com/2011/12/setting-up-pen-test-lab-with-vulnerable.html
 
* http://sourceforge.net/projects/virtualhacking/files/os/
 
* http://sourceforge.net/projects/virtualhacking/files/os/
 +
* https://pentestlab.blog/
  
 
===Metasploit===
 
===Metasploit===
Line 128: Line 166:
 
* http://360percents.com/posts/wordlist-by-scraping/
 
* http://360percents.com/posts/wordlist-by-scraping/
 
* http://360percents.com/posts/wordlist-creator-script-2/
 
* http://360percents.com/posts/wordlist-creator-script-2/
 +
 +
===Pentest SQL===
 +
 +
* https://pentestlab.blog/2013/03/18/penetration-testing-sql-servers/
 +
 +
 +
==Pentest Android==
 +
 +
* [[andrax]]
 +
 +
 +
 +
==Report==
 +
 +
* [[Pentest: Membuat Laporan Hasil Penetration Test (Pentest)]]

Latest revision as of 12:34, 1 August 2020

Error creating thumbnail: File with dimensions greater than 12.5 MP

Referensi

Vulnerable Apps

Vulnerable OS

Setup Pentest Lab

Metasploit


Capture The Flag

VoIP


Attack pWnOS


Password Attack

Wordlist

Pentest SQL


Pentest Android


Report