Pentest Archives - JONATHANS BLOG

Testing an API for hackers

Post author:jonathansblog
Post published:November 15, 2023
Post category:Development Kali Linux OSCP Pentest
Post comments:0 Comments

Leading on from the prev article - An API, or Application Programming Interface, is a set of rules and protocols that allows different software applications to communicate and interact with…

subdomains brute force enum and finding tools

Post author:jonathansblog
Post published:November 8, 2023
Post category:Pentest
Post comments:0 Comments

Enumerating subdomain when performing recon (or asset identification) is a task that you will (and should) perform regularly. Methods ScrapingBrute-forceAlterations & permutations of already known subdomains Online DNS tools spyse…

An article about general cyber security written by an AI bot

Post author:jonathansblog
Post published:December 8, 2022
Post category:Pentest
Post comments:0 Comments

The following is an article written by an ai chat bot, I asked it the following: please write 500 words about general cyber security practices. First, Ill provide the text…

nc netcat opening listening ports

Post author:jonathansblog
Post published:June 14, 2021
Post category:Kali Linux OSCP Pentest
Post comments:0 Comments

nc netcat opening listening ports - Netcat scan examplesEstablish a connection to a remote port if open: [~]# nc -vn 192.168.2.101 22Ncat: Connected to 192.168.2.101:22.SSH-2.0-OpenSSH\_7.6 As you see, netcat was…

zmap on a local network

Post author:jonathansblog
Post published:June 9, 2021
Post category:Kali Linux OSCP Pentest
Post comments:0 Comments

zmap is an opensource network scanner, most often used to scan whole external internet networks in this tutorial I'll show you how to run zmap on a local network. One…

Investigating uPNP with Python for fun and profit

Post author:jonathansblog
Post published:January 18, 2021
Post category:Development Kali Linux Methodology Pentest
Post comments:0 Comments

Investigating uPNP with python for fun and profit. SSDP is an interesting uPNP protocol - devices advertise their capabilities on the network and leak valuable information. SSDP is very similar…

Photo by Julia M Cameron on Pexels.com

MetaSploit tutorial for beginners

Post author:jonathansblog
Post published:January 10, 2021
Post category:Commandline jonathansblog Kali Linux Metasploit Pentest
Post comments:10 Comments

MetaSploit tutorial for beginners This MetaSploit tutorial for beginners is meant to be a starting guide on how to use MetaSploit if you have never used it before. It assumes…

Introduction to APIs

Post author:jonathansblog
Post published:June 24, 2020
Post category:Methodology Pentest
Post comments:0 Comments

What is an API (Introduction to APIs) Carrying on from my previous posts on SOA here and here I thought it may be useful to write a post on what…

AMNESIA: Analysis and Monitoring for NEutralizing SQL-Injection Attacks

Post author:jonathansblog
Post published:June 17, 2020
Post category:Methodology Pentest SQL
Post comments:0 Comments

300 word summary: AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks. Provides a valuable background section on the countermeasures for SQL injection attacks: Defensive ProgrammingGeneral Techniques against SQLiStatic Analysis techniques…