Finding Admin Pages isn’t hard with Parsero

When I was starting out hacking websites I had hard time finding the administrator pages and I wasted so much time manually finding it by adding robots.txt on the web page. But… here’s the tool to easily find the login page after having the credentials.

Parsero isn’t installed by default in the Kali version so what are you waiting type the above command to keep on going.

Let’s view first the options of the tool after installing and it’s very self explanatory to use.

Look at the output! It clearly show us the important pages of the website. And the Admin page is also there. Good luck!

DMitry – Deepmagic Information Gathering Tool

DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more.

The following is a list of the current features:

• An Open Source Project.
• Perform an Internet Number whois lookup.
• Retrieve possible uptime data, system and server data.
• Perform a SubDomain search on a target host.
• Perform an E-Mail address search on a target host.
• Perform a TCP Portscan on the host target.
• A Modular program allowing user specified modules

Source: http://mor-pah.net/software/dmitry-deepmagic-information-gathering-tool/

Installing the tool is not a problem DMitry is built-in Kali Rolling just type dmitry -h to see the options you can use against your target website.

Type dmitry -isep example.com , i only use the basic commands you have the option if you want to gather more information type dmitry -winsep example.com   

Valuable info on your target website just keep on flowing…

And flowing… The last part will usually include the emails gathered and ports scanned. There you go such a vast amount of information you can use on your future attacks on the target host.

Nmap Reconnaissance

Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.

I’m going to show how to scan your own network using Nmap with these simple steps. Take note that Nmap is already installed in Kali all you need is type the following to list all commands.

• nmap -h

Let’s scan first with -v verbose mode to gather info about the network where you can clearly see the open ports and mac address of the router. Here you can insert your target’s IP address or webpage like nmap -v 192.168.1.1 or nmap -v example.com

• nmap -v 192.168.1.1

The second scan enable OS detection, version detection and script scanning, here you can see lot of information about the network, OS details, traceroute, even the router’s admin page was included.

• nmap -A 192.168.1.1

The scan to see the open ports of the router and there’s my router’s open ports – 4 in all.

• nmap -open 192.168.1.1

And to see the connected devices in the network type

• nmap -sP 192.168.1.1/24

Now you saw how simple Nmap commands can find important information on your target network. All you have to do is try all the commands against your network and not your neighborhood. Happy Hacking!