ENKI - Sécurité des systèmes d'information
Get in touch with us
  • HOME
  • ENKI
  • FORMATION
  • NOS SERVICES
  • NOS PRODUITS
  • CONTACT
  • PARTENAIRES
  • HACKING NEWS
  • ATTAQUES TEMPS REEL

ANONYMIZE YOUR ATTACKS - PART 2

20/2/2015

 
In our previous post we saw how to prepare Tor and Polipo for our anonymity in pentest purpose.

Configure your browser to use Tor through Polipo: easy one. Go to any ip website identification like whatismyip and check the result.
Picture
Now if you want to use Burp Suite Pro as your pentest tool for websites, you have to configure it this way:

1- Go to the options tab
2- In the connections menu select Socks Proxy and use the Tor one
Picture
You may want your browser to use Burp. Here is the configuration:
Picture
Now you are ready to run anonymously your websites attacks.

Let see how it work with sqlmap:
Picture
Doing like this, all your requests goes to the Polipo proxy which send them through Tor (just remember our configuration).

Now you understand how you could be totally anonymous and you can run pentest without worry of getting caught using so many tools such as MSF.

That's it. Hope you enjoy this little tutorial.


Y. from ENKI

Comments are closed.

    Auteurs

    ENKI vous propose ici des articles, news, rédigés par nos équipes ou par d'autres références de la Sécurité.

    Archives

    February 2015
    January 2015

    Categories

    All

    RSS Feed

    View my profile on LinkedIn
    Picture

NOS SERVICES

Audit et analyse de risque
Tests d'intrusion et analyses de vulnérabilités
Enquêtes et protection des données
Produits

LA SOCIETE

A propos de ENKI
Nos Partenaires
Nos Clients
enki-plaquette.pdf
File Size: 830 kb
File Type: pdf
Download File

NOUS CONTACTER

ENKI
37 rue des Mathurins
75008 PARIS
Tel : (+33) 173 791 696
Tel : (+33) 143 876 015

Mail : contact *at* enki-security.com