This video helps you understand your responsibilities when loading tools from the internet.
- [Instructor] This course uses an online lab and a range of third party testing tools. Some are commercial products and some are open source. The download and installation instructions for all tools used in this course are available as a pdf in the associated course material. While we've done our best to insure that the tools we use and the sites we reference are legitimate, testing sites can be targets for hackers and we can't provide any assurance that these sites might not be compromised when you visit them.
Some of the sites which store the testing tools are detected as dangerous because the tools have similar signatures to malware and they may raise antivirus alerts when you visit them. The testing tools we demonstrate are extremely powerful. They may demonstrate some of the same signature characteristics as malware and malicious implants and may raise antivirus alerts when you try to download them. Again, we can't provide assurance that the software hasn't been compromised when you download it.
And, so, as for any of the software from the internet, you need to exercise due diligence and take personal responsibility for anything you load into your system.
- Using Masscan for rapid full-service scanning
- Passive scanning with Shodan
- Using Nmap scripts
- Scanning with Reconnoitre and Vanquish
- Diagnosing uncommon ports
- Enumerating Drupal, WordPress, and Joomla sites
- Enumerating in the Linux shell
- Using the JAWS PowerShell script