[metasploit and exploit finding]

ok anyway thank you very much

[metasploit and exploit finding]

for almost every online course you need to register before you advance e.x

https://www.offensive-security.com/information-security-training/cracking-the-perimeter/

[metasploit and exploit finding]

Yes but i dont want to register... thank you anyway I found this book through searching the page i hope it will answer my questions!!!
http://www.it-docs.net/ddata/767.pdf

[metasploit and exploit finding]

I've been seeking online for a complete tutorial that goes from finding if a computer is vulnerable to an exploit
to getting a meterpreter session without the use of trojans.
The things that are missing are...

1.the exact procedure of scanning a pc to find if it is vulnerable (and if it is possible a pc outside a local network and how is it possible to scan individual compuiters that are behind routers?)

2. Importing a new exploit that isnt already inside the metasploit framework.

3. setting a backdoor without the use of the persistance command of the meterpreter.

4. the procedure of the triggering of the exploit on the victim machine (what happens exactly?)

any kind of info is apreciated.

[Making a safe chatroom on your pc for multiple participants]

@digininja i respect you and your knowledges and you have proven to me that you know things but if there wasnt a way to hide yourself from the government there wouldnt be any hackers because they would all have been caught surely there is a big chance that somebody will make a mistake but we are not talking about mistakes here only about ways to really stay anonymous from the gov. and to protect all our personal data.

[Making a safe chatroom on your pc for multiple participants]

So to make a summary

1. use public network + constantly change networks

2. use TOR network

3. use VPN.

4. use non-microsoft based OSes

5. use a pc where you have never used personal info

6. spoof MAC

Is that enough to chat anonymously and if not what could somebody do to still identify you????

[Making a safe chatroom on your pc for multiple participants]

if all above is combined with using IRC on public networks will you then have a decent level of protection?

[Making a safe chatroom on your pc for multiple participants]

Well in fact i use the TOR network plus every time i connect i use a random generated string of a standard nummer of chars I want to hide as much as possible. what do you mean with "if you are thinking about anonymisation, there is lot beyond just hiding your IP address"?

[Making a safe chatroom on your pc for multiple participants]

with safe i mean to be able to chat without anybody knowing from who is the message sent and to who , so more precisely i want the origin and the destination of my messages to be undetectable , and it is for use through the internet. The main idea is connecting on a random IRC server through the TOR network with a random nick on a random channel and having the reciever connecting on that random server and channel

[Making a safe chatroom on your pc for multiple participants]

I've just get to know about IRC and i have a question is it safe when used in combination with TOR network e.x(proxychains irssi)??

[Making a safe chatroom on your pc for multiple participants]

So,

I want to make a safe chatroom that uses the terminal or command line on my kali linux pc for multiple participants that is unspyable with something like SSH connection.

At the moment I use netcat (nc -l <porttolisten>) but other users cant communicate with each other only with the server.

Any suggestions??

[metasploit payload created with SET detection]

guys,

I ve made a payload with SET that isnt detectable by windows defender,

I can perfectly get a meterpreter session without beign detected,

anyway i can do most of the actions that are possible in meterpterer , but when I run the persistence command ,

Windows Defender gives a report of a trojan Swrort.A .

some info

Victim pc is running windows 10 64-bit

I am attacking localy

the attacker is kali sana 2.0

So the question is how can I avoid detection?

[ettercap problem with spoofing fb but everything else work]

Yes it worked indeed for google.com

I will try to configure my server with https and i will inform you with the results here on this post Thank you very much for your time!!!!

[ettercap problem with spoofing fb but everything else work]

Thank you for your reply after some research that took a while i found the same results Ive tried to spoof google.com with succes but the search site which is indeed https but doesnt have any log in fields.

Question: will it e possible to spoof facebook.com if i configure my server (apache2) to respond as HTTPS????

[ettercap problem with spoofing fb but everything else work]

So here are the facts

i am working with kali sana trying to spoof dns with ethercap



1.internal network
2.I can spoof dns ===> when pinging facebook.com from victim machine i get my internal IP (192.168.1.6)
3.but when i try to browse with edge, chrome to facebook.com it says no connection
4.when i spoof a different url i get the index page of the server of the attacker
5.tried to spoof dns on xp and on windows 10 same results

how can i solve this problem and what is the cause


Thank you in advance