1
00:00:12,280 --> 00:00:15,050
Hi, guys, welcome back to another episode on How to Hack.

2
00:00:15,550 --> 00:00:20,410
So today we're here a week on energy and this is a reconnaissance framework tool that could help us

3
00:00:20,740 --> 00:00:26,710
find out more information about a company, Arbol, an individual, and looking for a lot of details

4
00:00:26,950 --> 00:00:32,050
of what kind of systems, services that you're running so that we can get those information.

5
00:00:32,170 --> 00:00:32,440
All right.

6
00:00:32,440 --> 00:00:40,300
Before we launch an actual exploitation, before we try to look up, what are the common vulnerability,

7
00:00:40,300 --> 00:00:48,280
exposure details associated with those services so we can actually help us speed up the process of performing

8
00:00:48,280 --> 00:00:50,260
reconnaissance or information gathering.

9
00:00:50,770 --> 00:00:57,760
And what it does utilizes multiple tools to help us consolidate and aggregate those findings.

10
00:00:58,120 --> 00:01:01,000
So what I can do here is I have recon, Angie.

11
00:01:01,180 --> 00:01:01,450
All right.

12
00:01:01,450 --> 00:01:03,300
And we can look at the information.

13
00:01:03,340 --> 00:01:09,790
So it's a full featured reconnaissance framework, very, very similar to what we have used a framework

14
00:01:09,790 --> 00:01:16,990
in terms of how the interface looks like, how we can issue instructions into the framework to perform

15
00:01:16,990 --> 00:01:17,940
our reconnaissance.

16
00:01:18,460 --> 00:01:24,310
So what we can do is we can go ahead and open up terminal so I can open up terminal here and I can enter

17
00:01:24,310 --> 00:01:25,570
pseudo recon.

18
00:01:25,570 --> 00:01:30,480
Angie, I do run a super user and I can enter the password to my login.

19
00:01:30,880 --> 00:01:31,180
All right.

20
00:01:31,180 --> 00:01:31,950
And this would begin.

21
00:01:31,960 --> 00:01:32,800
Rickon Anji.

22
00:01:33,130 --> 00:01:34,090
So what we have here.

23
00:01:34,090 --> 00:01:34,270
Right.

24
00:01:34,300 --> 00:01:35,530
We can see immediately.

25
00:01:35,660 --> 00:01:36,000
All right.

26
00:01:36,010 --> 00:01:37,000
All those information.

27
00:01:37,000 --> 00:01:39,010
So I've installed pretty much all the modules.

28
00:01:39,460 --> 00:01:43,870
So by default on energy comes alongside with colonics.

29
00:01:44,170 --> 00:01:46,950
And of course, we have a lot of API required to run.

30
00:01:46,970 --> 00:01:52,150
So and kind of check, for example, open source intelligence for shodan get up.

31
00:01:52,150 --> 00:01:59,170
And many of this other APIs are needed to utilize those open source intelligence platforms to help us

32
00:01:59,170 --> 00:02:02,110
do to searching and crawling across the list.

33
00:02:02,320 --> 00:02:02,650
All right.

34
00:02:02,800 --> 00:02:05,400
So Paulist and many others.

35
00:02:05,860 --> 00:02:11,110
So what we can do is we can take a look at some of the molecules that we may not have an API for it.

36
00:02:11,530 --> 00:02:14,020
So all you got to do is enter help.

37
00:02:14,020 --> 00:02:19,470
And this would actually show us all of those different instructions so we can.

38
00:02:19,540 --> 00:02:19,830
All right.

39
00:02:19,840 --> 00:02:24,220
So we have a dashboard, we have the workspaces database.

40
00:02:24,610 --> 00:02:31,210
We have the index to marketplace where they will list on all those modules and you can select whether

41
00:02:31,210 --> 00:02:32,830
you want to choose to install them or not.

42
00:02:33,010 --> 00:02:33,330
All right.

43
00:02:33,340 --> 00:02:37,070
So what we can do here is we can enter a marketplace, OK?

44
00:02:37,300 --> 00:02:42,340
And we can do a double tap to see all the instructions that we can look out for and we can enter search.

45
00:02:42,340 --> 00:02:49,090
And I could hit enter on this and just show us all the molecules that we can access from marketplace.

46
00:02:49,090 --> 00:02:54,840
So unlike the earlier version of Recology, where all the molecules are installed by default, which

47
00:02:54,850 --> 00:03:00,790
can possibly take up a lot of space, what we have here is we Conergy and all the modules and we can

48
00:03:00,790 --> 00:03:05,860
see, for example, here by scrolling up the table, the POF all right.

49
00:03:05,860 --> 00:03:08,920
A path, the version, the status and update it.

50
00:03:08,980 --> 00:03:09,340
All right.

51
00:03:09,670 --> 00:03:16,720
And of course, right here, we can look at the different kind of subcategories, discovery, exploitation,

52
00:03:16,720 --> 00:03:22,000
in part reconnaissance companies, contacts using being linked in cash.

53
00:03:22,480 --> 00:03:22,920
All right.

54
00:03:23,050 --> 00:03:25,180
We have domain's information as well.

55
00:03:25,360 --> 00:03:25,660
All right.

56
00:03:25,660 --> 00:03:29,400
We have Shodan organization using showed and do due to reconnaissance for us.

57
00:03:29,920 --> 00:03:36,250
We have contacts and we have credentials Domain's companies that we can find out more information.

58
00:03:37,000 --> 00:03:42,850
And we have domains hosted using search engines, again, helping us find out more information about

59
00:03:42,850 --> 00:03:46,660
all the domains inside that particular domain name or web server.

60
00:03:46,750 --> 00:03:49,690
OK, so again, we can look up all this different details here.

61
00:03:50,290 --> 00:03:54,760
We can even look for location ports, looking at various total.

62
00:03:55,150 --> 00:03:55,330
All right.

63
00:03:55,420 --> 00:04:02,110
So we're utilizing a lot of all these platforms within what we want you to help us speed up and accelerate

64
00:04:02,650 --> 00:04:05,230
the whole cycle of information gathering.

65
00:04:05,890 --> 00:04:09,120
So moving on, what we can do is we can utilise it in modules.

66
00:04:09,580 --> 00:04:12,190
So all I got to do is enter the following modules.

67
00:04:12,550 --> 00:04:12,910
All right.

68
00:04:12,910 --> 00:04:14,140
Now we can double tap on it.

69
00:04:14,680 --> 00:04:17,250
We can see that we can load very specific values.

70
00:04:17,250 --> 00:04:19,340
So I'm going to zoom in a little more so it's easier for you to see.

71
00:04:19,840 --> 00:04:20,170
I can.

72
00:04:20,290 --> 00:04:20,740
To load.

73
00:04:20,830 --> 00:04:21,240
All right.

74
00:04:21,490 --> 00:04:23,510
Now we can look at all the molecules that we install.

75
00:04:23,600 --> 00:04:25,660
OK, so we have credentials, credentials.

76
00:04:26,200 --> 00:04:28,720
We have many different values that we can utilize.

77
00:04:29,050 --> 00:04:34,740
So we can look at one of those modules, which is the hacker target that we can utilize.

78
00:04:34,750 --> 00:04:40,960
So this is one of the most one of the more popular molecules that we can utilize as part of information

79
00:04:40,960 --> 00:04:41,500
gathering.

80
00:04:41,650 --> 00:04:44,850
OK, there's also many artists that you can try it out.

81
00:04:44,950 --> 00:04:45,190
All right.

82
00:04:45,220 --> 00:04:48,600
So obviously we would not have time to go through all of the modules here.

83
00:04:48,610 --> 00:04:52,270
So it's important for you to practice all this different framework.

84
00:04:52,270 --> 00:04:58,570
And you can also do a manual approach, meaning you go to say Bing dot com and you try to search those

85
00:04:58,570 --> 00:05:01,760
results yourself using specific search apparatus.

86
00:05:02,050 --> 00:05:02,410
All right.

87
00:05:02,500 --> 00:05:09,550
You can look at, say, shodan or acritical a calendar, create an API, make the app available to you.

88
00:05:09,620 --> 00:05:15,410
We can't and you integrate them and then you can utilize the modules directly from Rickon Agit itself.

89
00:05:15,440 --> 00:05:23,180
OK, so what we can do next is to use the hack or target module to actually help us specify a domain.

90
00:05:23,300 --> 00:05:27,440
And we can try to look up more information regarding that particular.

91
00:05:28,590 --> 00:05:31,110
Domain or particular company?

92
00:05:31,230 --> 00:05:34,590
OK, so what are we going to do is, is to look into all right.

93
00:05:34,950 --> 00:05:42,120
Following so we can just enter values vote and we can try to enter Rickon Gulabi Domains that shows

94
00:05:42,390 --> 00:05:44,880
spellchecker target hit enter on this.

95
00:05:45,270 --> 00:05:45,620
All right.

96
00:05:45,630 --> 00:05:47,790
And what we can do next is to enter info.

97
00:05:48,160 --> 00:05:48,500
All right.

98
00:05:48,510 --> 00:05:51,320
To look at the information regarding this module.

99
00:05:51,510 --> 00:05:51,810
All right.

100
00:05:51,810 --> 00:05:59,970
And is source Demis, we have to set all what the domain name so I can enter set options, set source

101
00:06:00,390 --> 00:06:04,110
and then followed by the domain name, in this case, Loy and dot com.

102
00:06:04,140 --> 00:06:04,500
All right.

103
00:06:05,010 --> 00:06:12,270
So once we specify that you can enter, run, hit, enter on this game, checking more information regarding

104
00:06:12,270 --> 00:06:12,870
the domain.

105
00:06:12,900 --> 00:06:18,890
So in this case, we follow a number of services which has this sub domain information.

106
00:06:18,900 --> 00:06:27,310
So in this case, we have Web disk C panel webmail fler resolve to auto discover Sepi Callender's CPP

107
00:06:27,360 --> 00:06:28,170
contacts.

108
00:06:28,530 --> 00:06:32,190
And again, if you look at the IP address, it's all being hosted.

109
00:06:32,340 --> 00:06:32,640
All right.

110
00:06:32,670 --> 00:06:39,450
From one particular web server or server and server has multiple subdomains which could be used for

111
00:06:39,450 --> 00:06:40,720
many different kind of services.

112
00:06:41,010 --> 00:06:45,570
So this very quickly help us identify those domain information.

113
00:06:45,720 --> 00:06:46,070
All right.

114
00:06:46,620 --> 00:06:50,560
So once again, I hope you trial all the different values we've been reconning.

115
00:06:50,730 --> 00:06:55,260
So this is an introductory so that you can get started and try all the different events, Molineux,

116
00:06:55,260 --> 00:06:57,770
so that you can learn more about cybersecurity.

117
00:06:57,930 --> 00:07:01,020
So once again, I hope you've learned something valuable in today's session.

118
00:07:01,170 --> 00:07:05,190
And if you've any questions, feel free to leave a comment below and I'll try my best to answer any

119
00:07:05,190 --> 00:07:05,970
of your questions.

120
00:07:06,240 --> 00:07:11,520
And we'd like sharing subscribe to the channel so that you can be kept abreast of the latest cybersecurity

121
00:07:11,520 --> 00:07:11,940
to Target.

122
00:07:12,120 --> 00:07:13,650
Thank you so much once again for watching.