Kali Linux recon tutorial
ifconfig -a
ping google.com
ps auxww
a display all processes, including run by other users
u display user-oriented format
x display all processes, including without a TTY
ww display unlimited width output
ps # list current user's processes, which have a TTY
ps u # list current user's processes, which have a TTY, in human readable format
ps ua # list all user's processes, which have a TTY, in human readable format
ps au # flag order does not matter
ps aux # list all users's processes, in human readable format
iptables -L
netstat -tunlp
-t TCP
-u UDP
-n numeric
-l show only listening sockets
-p show the PID and name of the program to which each socket belongs
# TCP and UDP scan, top 1000 ports
nmap -vv -O -Pn -sTUV --top-ports 1000 127.0.0.1
-vv Verbose
-O Enable OS detection
-Pn Treat all hosts as online
-sTUV
-sT TCP Connect()
-sU UDP Scan
-sV Probe open ports to determine service/version info
--top-ports Scan the top X ports
# TCP scan, top 1000 ports
nmap -vv -O -Pn -sTV --top-ports 1000 127.0.0.1
# UDP scan, top 1000 ports
nmap -vv -O -Pn -sUV --top-ports 1000 127.0.0.1
service postgresql
ps aux | grep postgresql
nmap -vv -O -Pn -sTV --top-ports 1000 127.0.0.1
your computer -> router (lookup website name)
route -> DNS (convert website name to ip4 or ip6)
DNS -> router (ip addresses lookup)
router -> server (server receives request)
server -> router (respond, using the TCP sender IP)
router -> your computer (receive response)
dig -t ANY wikipedia.org
CNAME Canonical name
A Address record, IPv4
AAAA Address record, IPv6
MX Email
TXT Text record
NS DNS Zone "Nameserver," used for sub-domain routing
SOA DNS Zone "Start Of Authority"
whois wikipedia.org
traceroute wikipedia.org
dnsrecon
Burpsuite
mitmproxy
wireshark