Note: I've tried to include everything (links & commands) but you have to watch the episodes for context.
Also, these are just introductions to tools & commands. It is up to you to look deeper into each in a Legal & Responsible manner.

Ben

Show Host: Mike Rodrick

Show Instructor: Sean Philip Oriyano

My notes day 1 - monday

Episode 1-4: What is, Installing, Configuring KALI Linux & Overview

commands

  • apt-get update
    apt-get upgrade

netstat
netstat -abn

Episode 5: Creating a Lab Environment

commands

  • Note: remove brackets from addresses. ALSO Linux IS case sEnSiTivE
    Kali default user = root
    Kali default password = toor
    metaspliotable default user = msfadmin
    metaspliotable default password = msfadmin
    ifconfig (in linux)
    tcpdump -i eth0 (on meta)
    nmap -sS (target ip address) (on kali)

Episode 6 - 7 : Penetration Testing

Five Phases Sean mentions

  • recon - (footprinting in CEH, information gathering)
    scanning
    expliotation
    maintiain access
    reporting

Episode 7-9: What is Recon, Uncovering Network Info Parts 1 & 2

  • fping -a -g (target start add) (target end add) > hosts.txt
  • fping -a -g (target network/24) > hosts2.txt* (ie 192.168.1.0/24)
  • dnsenum -r itpro.tv
  • dnswalk itpro.tv. (make sure to put the last "dot/period" for fully qualified name.
  • p0f -i eth0 (enter)

open browser, go to a site (itpro) then back to console to see the whole conversation

note: this did not work for some people from vm.
you can try it in Windows from the command line but I recommend installing Kali on a dual or multi bootable system.

Episode 10-12 : Website Recon, Uncovering Network Info parts 1&2

  • lbd (site name)

  • theharvester -d Microsoft.com -l 500 -b google

  • urlcrazy -k qwerty -r Microsoft.com

  • metagoofil -d kali.org -t pdf -l 100 -n 25 -o kalipdf -f kalifiles.html*

Episode 13: What is Network Scanning

Episode 14: Checking for Live Systems

  • nmap -sP (net add)
    fping again
    apt-get install masscan (not installed be default)
    masscan "-p1-1024" (add)
    unicornscan -i eth0 (add)
    netdiscover

Episode 15: Enumeration

  • miranda
    msearch (in miranda. looks for uPnP)
    dmitry -winsepfb -t 1 (add)
    enum4linux (add)r*

Episode 17-18: Cracking passwords part 1 & 2

Episode 19: After Gaining Access

  • dsniff
    netcat
    nc
    cryptcat*

Episode 20 - 21: Using Sniffers part 1 & 2

  • wireshark
    etherape
    driftnet -i eth0
    dsniff
    urlsnarf
    macof*

• ***Episode 22: Social Engineering Tookit (SEC) ***

  • You have to watch the episode*

Episode 23: Web Applications

  • wireshark
    etherape
    driftnet -i eth0
    dsniff
    urlsnarf
    macof*

Episode 24 - 27: Web Application Tools parts 1 - 4

  • 24 looked at the Kali tools. watch the episode
    25 vega, webscarab,
    26 nikto, owasp zap, burb suite
    27 w3af, GoLismero*

Episode 28: SQL injection

  • You have to watch the episode*

Episode 29: Wireless Networks

  • Talk about wireless, not leaving defaults, misconfiguration, vulnerabilitites, different standards*

Episode 30: Wireless Attacks & Tools

  • Note: Kali in a VM does not automatically see or use your wireless card.
    aircrack-ng
    bully
    cowpatty (pulls stuff from pcap files)
    fern Wifi Cracker
    kismet
    btscanner
    bluesnarfer
    bluemaho (gui)
    redfang*

Episode 31: Honeypots, IDS's & Firewalls

  • firewalk*

Episode 32: Reports

  • You have to watch the episode*