Skip to main content


Showing posts from June, 2013


When using a tool that displays network traffic a more natural (raw) way the burden of analysis is placed directly on the human rather than the application. This approach cultivates continued and elevated understanding of the TCP/IP suite, and for this reason I  strongly  advocate using  tcpdump  instead of other tools whenever possible. An anagram for the TCP flags:  U nskilled  A ttackers  P ester  R eal S ecurity  F olk  ] Show me all URGENT  (URG)  packets... # tcpdump  'tcp[13]  &   32 != 0 ' Show me all ACKNOWLEDGE  (ACK)  packets... # tcpdump  'tcp[13]  &   16 != 0 ' Show me all PUSH  (PSH)  packets... # tcpdump  'tcp[13]  &   8 != 0 ' Show me all RESET  (RST)  packets... # tcpdump  'tcp[13]  &   4 != 0 ' Show me all SYNCHRONIZE  (SYN)  packets... # tcpdump  'tcp[13]  &   2 != 0 ' Show me all FINISH  (FIN)  packets... # tcpdump  'tcp[13]

Rare Window Commands

1: Find MAC address of all available interfaces :                     getmac 2: Find Version of windows Os:                     ver 3:  Find SID using Other method                     whoami /user 4: Find System Information                     systeminfo 5: find SID of window user                     wmic useraccount where name='vishal' get sid 6: Find about wireless adapter and access point available around you:                            netsh wlan show all