Kali Linux PC on Stick – Boot with Laptop USB and enjoy complete Penetration Testing machine

Kali Linux on Stick

Kali Linux on USB Stick has over 600 preinstalled penetration-testing programs. It includes Armitage (a graphical cyber attack management tool). Nmap (a port scanner), Wireshark (a packet analyzer) & John the Ripper password cracker. Aircrack-ng (a software suite for penetration-testing wireless LANs). Burp suite and OWASP ZAP web application security scanners. Kali Linux can run natively when installed on a computer’s hard disk. It can be booted from a live CD or live USB. It can run within a virtual machine. It is a supported platform of the Metasploit Project‘s Metasploit Framework. It is a tool for developing and executing security exploits.”



Google Hacking database Footholds



Footholds are the queries which will give some extra information about the server. It could also take us to the non-public places in the website.

Some of the Google dorks are:

allintext:"fs-admin.php"    : 

shows the world readable directories of a plug-in that enables Wordpress to be used as a forum. Many of the results of the search also show error logs which give an attacker the server side paths including the home directory name. This name is often also used for the login to ftp and shell access, which exposes the system to  attack. There is also an undisclosed flaw in version 1.3 of the software, as  the author has mentioned in version 1.4 as a security fix, but does not tell  us what it is that was patched. Author : DigiP

intitle:"Web Data Administrator - Login"   : 

The Web Data Administrator is a utility program implemented in ASP.NET that enables you to easily manage your SQL Server data wherever you are. Using its built-in features, you can do the following from Internet Explorer or your favorite Web browser. Create and edit databases in Microsoft SQL Server 2000 or Microsoft SQL Server 2000 Desktop Engine (MSDE) Perform ad-hoc queries against databases and save them to your file system Export and import database schema and data.