web | Offensive Security

MASSCAN Web Interface

A couple of weeks ago, we had the opportunity to scan and map a large IP address space covering just over 3 million hosts. Our tool of choice for this was the fast and capable masscan, which is packaged in Kali. While masscan has several convenient output formats, such as binary and XML, one feature we were missing was an easy way to search our results. We quickly whipped up a little web interface that would allow us to import and search within a masscan XML output file. This feature proved very useful for us – as once we identified a specific vulnerable pattern on a machine, we could easily cross reference this pattern with over the millions of discovered hosts in our database.

Booting Kali Linux Live Over HTTP

Kali Linux Features

Here at Offensive Security, we tend to use Kali Linux in unconventional ways – often making use of some really amazing features that Kali Linux has to offer. One of these interesting use-cases includes booting instances of Kali Linux Live over HTTP, directly to RAM. We realized there’s little documentation around this feature and thought we’d shed some light on it so others may enjoy this feature as well.

Booting Kali Over HTTP – Overview

The basic premise involves using the Kali Live kernel and initrd for booting,

Courses and Certifications

Start Here

Penetration Testing with Kali Linux (PWK)

AdvancedFor Web

Advanced Web Attacks & Exploitation (AWAE)

AdvancedFor Pentest

Evasion Techniques and Breaching Defenses (PEN-300)

Network Security

Wireless Attacks(WiFu)

Expert Level ForExploit Developers

Advanced Windows Exploitation (AWE)

We provide the top Open Source penetration testing tools for infosec professionals.

Advanced
For Web

Advanced
For Pentest

Wireless Attacks
(WiFu)

Expert Level For
Exploit Developers