-
Caido: A Lightweight, Open Source Alternative to Burp Suite — Is It Worth It?
In the field of web application penetration testing, Burp Suite has long reigned as the go-to tool. However, in recent months, a new contender has emerged: Caido. With a clean interface, modern architecture, and open-source roots, Caido is positioning itself as a viable alternative — but is it ready to… Continue ⇢
-
MongoDB Cheat Sheet for Penetration Testers
MongoDB is a NoSQL database that stores data in JSON-like documents. By default, it listens on TCP port 27017. Misconfigured instances often allow unauthenticated access, making MongoDB a frequent target for data breaches. 1. Port Scanning & Detection Nmap Scan Detects MongoDB and retrieves version information. 2. Connecting to MongoDB… Continue ⇢
-
Redis Cheat Sheet for Penetration Testers
Redis is an in-memory key-value store commonly used for caching and message brokering. It typically runs on TCP port 6379. When misconfigured, Redis can expose sensitive data, allow unauthorized access, or even lead to remote code execution (RCE) or persistence via SSH key injection. 1. Port Scanning & Detection Nmap… Continue ⇢
-
VNC Cheat Sheet for Penetration Testers
VNC (Virtual Network Computing) is a remote desktop sharing system that enables graphical desktop sharing. It typically runs on TCP ports 5900+N, where N is the display number. VNC is often used in internal networks and can present a risk if misconfigured (e.g., no authentication, weak passwords, or exposed internet… Continue ⇢
-
LDAP Cheat Sheet for Penetration Testers
LDAP (Lightweight Directory Access Protocol) is used to access and maintain distributed directory information services, often in Windows environments as part of Active Directory. LDAP typically runs on TCP port 389 (plaintext) and 636 (LDAPS over SSL). 1. Port Scanning & Detection Nmap Scan Checks for LDAP service and retrieves… Continue ⇢
-
IMAP Cheat Sheet for Penetration Testers
IMAP (Internet Message Access Protocol) allows clients to access and manipulate emails stored on a mail server. It operates over TCP port 143 (or 993 for IMAPS over SSL). IMAP provides more flexibility than POP3, including folder management and partial message retrieval, but is equally vulnerable to misconfiguration, brute-force attacks,… Continue ⇢
-
POP3 Cheat Sheet for Penetration Testers
POP3 (Post Office Protocol v3) is a mail protocol used by clients to retrieve emails from a remote server. It typically runs over TCP port 110 (or 995 for POP3S/SSL). Misconfigured or outdated POP3 services can expose credentials, support brute-force attacks, or leak internal email data. This cheat sheet focuses… Continue ⇢
-
Oracle TNS Enumeration Cheat Sheet for Penetration Testers
Oracle uses the Transparent Network Substrate (TNS) as the foundational layer for communication between clients and database servers. Misconfigured TNS listeners can lead to sensitive information disclosure and even unauthenticated remote access. This cheat sheet focuses on enumerating Oracle databases through TNS listeners, identifying weak configurations, and discovering database instances.… Continue ⇢
-
MSFvenom Cheat Sheet for Penetration Testers
MSFvenom is a payload generator that combines the functionality of msfpayload and msfencode. It’s part of the Metasploit Framework and is commonly used to create shellcode and executable payloads for different platforms. 1. Basic Syntax Key Flags 2. Payload Types Windows Reverse Shell (EXE) Linux Reverse Shell (ELF) Windows Command… Continue ⇢
You must be logged in to post a comment.