Technik 2.3 — Penetration-Testing

Welches Tool wann?

PhaseTool
Subdomains findencrt.sh, amass, subfinder
Port‑Scannmap, masscan
Web‑Vuln‑ScanNuclei, Nikto
Web‑ManuellBurp Suite, OWASP ZAP
Verzeichnisse Brute‑Forceffuf, dirsearch
SQL InjectionSQLmap
Active DirectoryBloodHound, CrackMapExec
PrivEsc LinuxlinPEAS
PrivEsc WindowswinPEAS, PowerUp
Passwort‑CrackingHashcat, John
Metasploit ModulExploitation, Payloads
Zurück zu Technik