Click here to load reader
Upload
dan-h
View
2.950
Download
1
Embed Size (px)
DESCRIPTION
http://private.xcode.or.id
Citation preview
PRIVATE TRAINING
X-CODE
BACKTRACK 5 PENTEST< WEB ATTACK >
Oleh : Danang Heriyadi
root@bt:~# ls DAFTAR ISI
0x001 – Pengantar Backtrack
• Tentang Backtrack.....................................
• Instalasi Backtrack di hardisk........................
• Instalasi Backtrack di USB Flashdisk..................
0x002 - Dasar Penggunaan Backtrack
• Login Backtrack.......................................
• Mengganti password root...............................
• Konfigurasi ulang WICD................................
• Konfigurasi SSH.......................................
• Perintah dasar shell..................................
• Service Backtrack HTTP, SSH, MySQL....................
• Persiapan Web target..................................
0x003 - Information Gathering.......................
• Webserver scanning with nmap..........................
• Web application analysis..............................
• CMS identification with
◦ BlindElephant.......................................
◦ CMS Explorer........................................
◦ Whatweb.............................................
0x004 - Vulnerability Assessment
• Web vulnerability Scanners with.......................
◦ Nikto...............................................
◦ Wpscan..............................................
◦ Jomscan.............................................
◦ W3af................................................
◦ fimap...............................................
◦ XSSer...............................................
0x005 - Web Attack
• Basic SQL Injections..................................
• SQL Injections with SQLMap............................
• Basic LFI Exploitations...............................
• LFI Exploitations with fimap..........................
• Webserver attack with exploit.........................
• XSS Manual Exploitations..............................
• XSS Attack with XSSER.................................
• Hacking test..........................................
0x006 - Password Attack
• Online password Attack with Hydra.....................
• Offline password Attack with JTR......................
0x006 - Maintaining Access
• PHP Shell (Linux & Windows)...........................
• Telnet Backdoor (Linux & Windows).....................
• Weevely Backdooring...................................
0x007 - Linux privilege escalation
• Rooting...............................................
• Add new user..........................................
0x009 - Covering Tracks (Linux)
• Clear logs, history...................................
0x010 - Hacking test
• Defacing, Rooting, and Backdooring....................