Search

Home

PNPT Studies

PJPT Studies

AD CS / Certificate Attacks (ESC1-15) (1, 8, 11 for now)

Report Writing / Client Presentation

Operationalizing Cybercrime Data (June 2025)

Kioptrix

ping to find self IP:

image

OR

From Kali:

sudo arp-scan -l

it’s the VMware device that isn’t 1,2, or 254

NMAP scan:

nmap -T4 -p- -A

T4 is speed, slower is better for detection, max is 5 but detects easily

-p- for scanning all ports

-p 80,443,53 (if I want to pick specific ports)

-A scan everything: version info, OS, fingerprinting, etc

Other important/usable params:

-sS for stealth scan

-sU for UDP scan

everything with an IP:

nmap -T4 -p- -A 192.168.218.129

If running UDP Scan:

nmap -sU -T4 -p 192.168.218.129

Because UDP takes forever to scan

NIKTO (3eeb) SCAN:

nikto -h http://192.168.218.129

-h means host

image
Notes