02QuZrkNossC8TWHalB76nC-3.1569481482.fit_lim.size_1050x591

GFI LanGuard Network Scanner

Hello Everyone!

As discussed in my previous blog what is GFI Languard and how to install the GFI LanGuard . Today we will learn how to use the GFI Languard Network Scanner. GFI LanGuard is a network audit and patch management solution that helps user to easily manage and maintain end point protection every devices within Local Area Network. It automatically discover all the elements of your Network. computer, mobile, tablet, printer, servers, virtual machine, router- switches and laptop etc.

Features of GFI Languard

As we see there are so many features of GFI Languard we will use some of them.

Lets Begin!

Launch the GFI Languard Network Scanner, GFI Languard dashboard

configure the scan, click on scan tab to scan the network or system. Here i choose localhost in which my GFI Languard is running.

click on profile there is 20 type of scanning choose your option whatever you want to scan like full scan , full vulnerability assessment , hardware audit etc.. Here i choose the full scan. when you finish the scan setting click on scan button .

Now it start scanning the localhost it will take sometime be patient until the scan finish.

Scan completed for localhost check the interface

Once scan in completed check the scanning result and vulnerabilities

click on localhost left side of the interface then click on vulnerability assessment then check the vulnerability, High, low, potential, missing etc .

click on high security vulnerability and check, in my case autorun is enable, this is the high security vulnerability.

As you can check all the vulnerabilities like High, low, potential etc..

After vulnerability assessment Now check the Network and Software Audit. Click on it and check one by one .

click on Network and Software Audit then ports and check the TCP UDP port issues.

click on hardware here check all hardware information one by one. Like Network Device, USB device, Processor Motherboard memory, Storage details etc..

Here i check the Network Device information mac address IP address Hostname etc..

After the hardware information you can check the software information. click the software check one by one software related information.

Here i check the General Application information, what applications is running in my system.

Like a Hardware and software information system information option is also available. click on system information and check the system’s information

Here i click on user and check the users information.

Click on Dashboard then overview, here is the all overview of the scan .

Here we can check the one by one information by single tab like computer information, History, vulnerability, Ports etc..

click on patch and we can to check how to patch the vulnerabilities.

Final we can generate the Report of complete scan. click on report tab and select the report type like want to generate computer security report, vulnerability status, patch status etc.

click on report type and then click on generate report. Here I generate the vulnerability status report.

We can generate report according to the security standards like PCI DSS Compliance, HIPAA, SOX, GLBA, SIPA, ISO/IEC 27001, FISMA etc..

click on security standard in my case PCI DSS compliance and then click on Audit policy and click on generate report.

Here i generate the PCI DSS Audit Policy report.

Thanks For Reading!

Follow us On LinkedIn, Facebook, Twitter

Selection_373

GFI LanGuard Installation

Hello Everyone !

GFI LanGuard is a network audit and patch management solution that helps user to easily manage and maintain end point protection every devices within Local Area Network. It Offer the IT administrator to scan the computer and server on the network to detect and resolve the security threats. It supports windows, Mac, Linux computer and mobile device offers vulnerability assessment, patch management, and network Audit. It has a check database to identify the system and network weakness. It uses the top 20 vulnerability guidelines OVAL, CVS, SANS etc.. source

GFI LanGuard uses the database server to store the the information from security audit and remediation. It can be any of the both SQL Server Express 2008 R2 or later | SQL Server 2008 R2 or later.

GFI LanGuard is available both as a licensed product for large network and also as a free full featured version scanning up-to 5 IP addresses.

Download

You need to create a account to download GFI LanGuard and it will send you a key in your mail.

System Requirements

system requires for 1 to 100 computers, Processor –> 2GHz Dual core , Physical storage –> 5 GB , RAM –> 2GB, Network bandwidth –> 1544 kbps

Operating System

Installation

Launch The GFI LanGuard Installer. Popup will show select the language and click on next.

Select GFI LanGuard and click Next. The installation will automatically download and install any missing components.

Fill the detail username password that used when register for download GFI LanGuard and click on sync it will automatic detect the license key, if you don’t have account or license key then signup here.

Or you can manually enter the license key.

In the Database server configuration it will detect the server name and SQL database name if you have SQL server installed in your system.

Provide the SQL server authentication or use the windows Authentication.

In the Gfi Languard a welcome popup will show click on next.

In the License agreement screen read the license agreement and select I accept the terms in the License Agreement and click Next

Attendant service credentials Enter the Administrative credentials and password and click on Next

Click next to install to the default folder or change to choose another.

Click Install the final GFI Languard installation

GFI languard Installation complete click finish and launch it.

Launch the GFI LanGuard

GFI Languard Interface Now its ready to scan the target.

Thanks For Reading.

Follow us on LinkedIn , Facebook, Twitter

go-digital-online-concepts-new-trend-with-social-network-disruption-business-situation_254791-1624

VoIP Lab Setup

Hello Everyone!

In this blog you will learn how to setup VoIP server in the Vmware, For that I’m going to use trixbox 2.8.0.4 ISO image. Trixbox is one of the most popular Asterisk-based distribution. Trixbox CE includes CentOS Linux, MySQL, and all the tools needed to run a business quality phone system. It give us GUI interface to make configuration and to operate easy. It allow the user to to setup a voice over IP phone system and other necessary application.

What is VoIP

Voice over Internet Protocol (VoIP) also called the IP Telephony (voice over IP) is a method and technologies for the delivering of voice communication and multimedia sessions over internet protocol network. Reference

Ordinary phone –> ATA –> Ethernet –> Router –> Internet VoIP phone –> Ethernet –>IP-PBX –> Router –> Internet

Let’s get start!

Download the trixbox ISO image

Open the vmware click on file and and click new virtual machine. This will show a new window click on I will install operating system later then click on next.

Now it will show you the another window select a guest operating system select the Linux option and select Ubuntu version and click on next, next and final click on finish.

Again click on Virtual machine setting to open the setting and click on CD/DVD and choose the ISO file “trixbox 2.8.0.4”. In the Network Adapter setting Select the Bridge connection and Click on finish.

click on Start up the guest operating system to start the trixbox.

It will start booting automatically and trixbox CE installation below steps:

Once you need to enter on this screen after that it will show you a dialogue box to select the Keyboard Type select the US option and hit enter.

Again it will show you a dialogue box to ask you to select the time zone you can select according to your zone. I’m selecting the Asia/kolkata

Now for the root user we need to enter the password 2 times and click and ok

Now the installation will take some time, it will install all the dependencies till that be patient.

After successfully complete the installation it will ask you to login . Login username:root password the you give while installation, in my case password:admin1

after login check the ip address

Open the vm window (window 7, 10 ) browser and enter the the ip address it will show the trixbox interface.

Now we need to create the user account by assigning the extension number for that we need to switch the user mode to admin mode by click the top right corner.

when we click on switch for admin mode we need to enter the credential the by default credential is username-maint and pass- password enter credential to get into the admin mode. when you login the admin mode a dialogue box will popup for registration we don’t need to register just close it.

This is the trixbox admin interface. now click on now click on PBX option and select PBX setting option from the menu.

Now click on extension that highlighted in below image

now we need to create the extension inside the server select device generic SIP device and click on submit.

After device setup add the extension

user extension: any 7-8 digit number (later on we will use as a phone number to make a call )

Display Name: any user name we can give

Add the Device option

secret 123 and dtmfmode: default (rfc2833 ) Click on submit.

Same as add one more extension, we can add multiple extension we this time we need only two extension.

We add the extension for caller and receiver one is Secoceans and 2nd is Technology with number. Now we need to save the configuration for that click on yellow option apply configuration changes. again it will show a yellow popup click on Continue with reload. Extension is successfully added.

Now download the ZOIPER application for making and receiving call.

Zoiper is software program (softphone) with that user can make voice call video call, chat etc .. So here we are using the 1 zoiper in our system and 1 in our phone for making and receiving call . One its download we need to configure the it.

One it installed it will show a popup click on free account then next after that enter the credential:

extension number@server ip [email protected] and password 123 click on login.

It will detect the server IP automatic click on next.

Skip the Authentication and outbound proxy

Account 1: Username: Technology Phone number 1234567 password 123

Now Zoiper is ready to make or receive call in the system .

Install zoiper in the phone and configure it as we configured in the system.

Use Account 2: Username: Secoceans phone number: 12345678 password:123

Enter [email protected] Pass- 123

Enter the user number and IP and click on create account

Zoiper is ready to use for make and receive call.

Both Zoiper account is ready to use.

Lets make call from account technology 12345678 –> secoceans 1234567

calling from account 1 Technology 12345678 (from android phone ) –> account 2 secoceans.

secoceans is geting an incoming call on the system as shown in the given image. Click on an answer for accepting a call from technology.

secoceans received the Technology call, call is connected and both are having conversation over the VoIP call.

We configured the VoIP server on the local network , now we can make voice call, video call , or chat over the VoIP call.

Video Poc

Thanks for Reading !

Follow us on LinkedIn, Facebook, Twitter .

hack-like-pro-metasploit-for-aspiring-hacker-part-4-armitage.1280x600

Armitage Penetration Testing Tool

Hello everyone!

Armitage is a GUI tool for managing and performing all the task that could have been performed by metasploit. It is free and open source tool. It visualize the target and recommends to exploit, and exposes the advanced post-exploitation features in the framework. It is Developed by Raphael Gudge goal is to help the security professionals better understand hacking and helps them to realize the power of metasploit. User may launch scan and exploits. It uses the advanced feature of metasploit Framework’s meterpreter.

Installation

If you are using older version of Kali Linux than Armitage is a preinstalled but if you are using latest version of Kali Linux then use need to install it

Click here to Download the Armitage tool

Before running the Armitage first you need to run the PostgreSQL and metasploit service.

Now open the Armitage Directory where you download extract it and give executable permission sudo chmod +x filename.

Now launch the Armitage

Click to connect and it will ask to start RPC server click ok to start

This is how look like the Armitage tool

Now the Armitage console is running, we can scan the target and exploit it.

Now we will start Nmap to scan and enumerate the target to do so go to Host then Nmap scan select any scan that you want to perform

Scan is start and wait for the target to appeal

Now we need to check the possible attack right click on Host and select the attack or click on exploit -> windows and then exploit name then double click on exploit , it will show the popup you need to fill the requirement and click on next exploit is running now.

Wait to exploit the target and it will give you the meterpreter session.

In this blog you learn about Armitage tool for cyber attack management using metasploit. Armitage uses the Nmap and metasploit and saves a lot of time while performing the penetration testing. Armitage test multiple target at a time.

Thanks for reading !

Follow us on LinkedIn, Facebook, Twitter

Selection_291

Extract Information form Firefox Browser

Hello Everyone! Dumpzilla is a forensic tool written in python 3xx used to extract the all interesting information from the browser can say browser forensic tool. It is a command line tool and available for Kali Linux, windows as well as Mac 32/64 bits systems. With this tool we can extract the information of three browsers FirefoxIceweasel and Seamonkey  browser. It works  in command line interface. The information dumps could be redirected by pipes with tools such as grep, awk, cut, sed etc.

You can extract lot of information including History bookmarks, downloads, password, add-ons, cookies much more. After extraction you can export the data either in JSON or plain text.

You can extract the following data:

Download , History, Bookmarks.

Cookies, session data, browser saved data.

Addons , user preference.

Web forms (Searches, emails, comments)

URL open in each tab

Web Forms etc..

Installation:

Install the Dumpzilla by command line or manually

command: Sudo apt-get install dumpzilla or you can download manually click on bellow link.

Download Link

After download you need to give permission

sudo chmod +x dumpzilla.py and it will be executable.

Now use sudo python dumpzilla.py

There are many options with that you can extract the information. using –All option you can extract all the information or you can use one by one options like –history it will extract only history:

Lets check how to use:

we need to give a firefox path to extract the data

Kali Linux, Firefox browser path /home/$USER/.mozilla/firefox/xxxx.default –Summary ($user means user and xxx.default means your profile file where your Firefox data saved )

command will be sudo python dumpzilla.py /home/$user/.mozila/firefox/xxx.default/ –All with this command i retrieve the following information:

To extract the information there are lots of arguments use one by one or you can export in a json file will –Export argument

Here i Extract all bookmark with –Bookmarks argument

Export the data in plain text sudo python dumpzilla.py /home/$user/.mozila/firefox/xxx.default/ –All | tee /root/Desktop/mozile

Thank you for Reading

Follow us on LinkedIn, Twitter and Facebook

1_kXyjOpnJyKlqjWZYYzD1LQ

Password Cracking with John the Ripper

 In today’s blog, I am going to show you the password cracking tool JOHN The Ripper

John the Ripper is a free open source password cracking software tool. Developed for the Unix operating system. Now it runs on fifteen different platforms. This tool is also helpful in the recovery of the password, in case you forget your password you can recover your password with this tool. It helps to crack the password stored in the computer in hash form. John the ripper is popular because of the dictionary attacks and is mainly used in brute force attacks.

John the ripper tool is pre-install in kali Linux both the command line and graphical user interface. you can download manually also

Download

The use of this tool in kali linux, steps will be like :-

Proof of concept:-

Open your kali Linux click application and then password cracking option.

 John the Ripper  command line tool.

First we need to add a new user account. I add lucifer

After that we need to check the user password in shadow file.

run the command /etc/passwd and you can check the username lucifer with the encrypted password

Now we need to create a txt file and copy all the shadow password and paste into the txt file

after doing this we need to open the txt file with the john tool

Now we need to decrypt password with command john password.txt  After enter this command hint enter we decrypt all the password listed in the shadow file

command john –show password.txt to show the decrypted password

Thanks For Reading.

Follow us on LinkedIn, Facebook, Twitter

autopsy

USB Data Recovery

USB data recovery with Autopsy tool

Hello Everyone,

In this blog, we are going to discuss the USB Data Recovery with Autopsy tool. Autopsy is an open-source forensic platform used to recover lost, deleted data. Autopsy is a fast, well-planned, exhaustive hard drive investigation solution tool that evolves with your need. the first release in 2000. It has many features like registry analysis, keyword search, email analysis, media playback, multi-user cases, timeline analysis, malicious file detection, and much more.

Installation

An autopsy is easy to install, to download clink on the link and run the Autopsy MSI installer file

follow the instruction and install it.

How to use ?

Lets begin……

Run the Autopsy and click on New case

Now fill the case detail, Case name and Directory to save the case file, and click next.

Now Optional information here add case number and other basic detail and then click on finish.

Now choose we need to use the data source type, in my case local disk and then click on next

Now here we have to click the data source for which we are doing the
investigation process

Here we have the physical USB drive is available so we will click on Local Disk option and then click to next step

Select the required ingest module and click on next

Now it will add the data source and will take some time. Be patience !

The data source is added and click on finish, all the module ingested now you can start investigating

Now open the data source check the deleted file. Here we found a lot of deleted files.

Now we can open deleted data one by one also we can save it. And Our USB Data recovery tutorial with autopsy for digital investigation ends here.

Thanks For Reading !

Follow us on LinkedIn, Facebook, Twitter