Introduction to Recon-ng

Recon-ng is a tool used by security testers for reconnaissance. This tutorial will give a brief introduction of commands used in Recon-ng.

• Starting recon-ng

  Open command prompt and go to recon-ng installed directory by using the command cd recon-ng
  
  
  
  
  Then start recon-ng using command ./recon-ng
  
  
  
  
  This will open a screen like below
  
  
  

• Enter help to see the commands in recon-ng

  

• Enter show modules to see the modules in recon-ng

  

• Using recon-ng

  Example 1: As an example we can see how to use one of the modules in recon-ng. Here I am using recon-ng to find some contact details associated to a domain. If an hacker gets some contact details associated with a website and if the website has a week password policy, then the attacker can hack this account. Here I am using the module recon/domains-contacts/pgp_search to find the contact details. Load this module by using the command use recon/domains-contacts/pgp_search. Then add your test domain by using the command set source domain.com. Then start the process by using the command run.
  
  
  
  
  
  Used commands:
  use recon/domains-contacts/pgp_search
  set source domain.com
  run
  
  Thus I found some contact details associated with this domain.
  
  Example 2: In this example I will show how to find out the domains associated with our domain. For finding the associated domains, I am using the module bing_domain_web. While running this module it will search for the related domains in Bing. Similarly we can use Google also for this type searching. Here I am showing how to search related domains in bing. Use the command load bing_domain_web. Then set your test domain by using the command set source domain.com. Then start the search by using the command run.
  
  
  
  
  
  Used commands:
  load bing_domain_web
  set source domain.com
  run
  
  

Read More

How to install ZAP (Zed Attack Proxy) in ubuntu

1. Download ZAP from below link.

    https://github.com/zaproxy/zaproxy/wiki/Downloads
    Download linux package from this link.

2. Extract the downloaded file. 

I extracted this file inside Home -> securitytesting.

3. Open ZAP using command prompt. 

Open command prompt by using ctrl + alt + T.

Go to Home -> securitytesting -> ZAP_2.6.0 in command prompt by using cd securitytesting/ZAP_2.6.0

Then use command ./zap.sh to open ZAP.

Read More

How to intercept android app using zap proxy

This tutorial explains how to intercept android application using ZAP. First connect your android device and your system in a common Wi-Fi network. Then follow the below steps.

1. Generate SSL certificate from zap proxy

First we need generate an SSL certificate from ZAP.
Go to  Tools -> Options -> Dynamic SSL Certificates ->Generate
Then save this certificate in anywhere. We need to send this certificate to the android device.

2. Install this SSL certificate in your android device.

Send this certificate to your android device through mail and save this certificate in your android device by clicking on this certificate. Give name of the certificate as 'zap'. Then this certificate will automatically install in your android device.

      

3.Find your IP(IPv4) address. 

In windows you can find your ip address by typing 'ipconfig' in command prompt. Then find your ipv4 address.

In ubuntu got to System settings ->  Network -> Wireless

Then find your IPv4 address from this.

4. Configure proxy settings in android device.

Go to Settings -> Wi-Fi -> Long press on your WiFi network name -> Modify Network -> Click Advanced options

Then select Proxy as 'Manual'.

Then give your ip address (found in step 3) as Proxy hostname and give 8080 as Proxy port and then save.

5. Configure proxy settings in ZAP proxy.

Go to Tools -> Options -> Local proxy.

Then give address as blank and port as '8080'.

6. Testing

Now you can test this set up. Open any application in your android device. Then you can see the request send from android application in ZAP proxy.

Read More