-
Обратная связь. Вопросы, предложения, пожелания, жалобы - @Social_Engineering_bot
• 100 Red Team Projects for Pentesters and Network Managers.
• https://github.com/kurogai/100-redteam-projects
#Red_Team
Выложили доклады с SSTIC 2023
Вот некоторые из них:
— Bug hunting in Steam: a journey into the Remote Play protocol
— Abusing Client-Side Desync on Werkzeug to perform XSS on default configurations
— Exploring OpenSSL Engines to Smash Cryptography
— Connected car safety: Tesla or aren't you there?
— Construction and analysis of biometric master keys
— ChromeDump: All your scripts are belong to us
— Reverse engineering and diversion of on-board protocol batteries, a case study on the ESP32 system
— Your Mind is Mine: How to Automatically Steal DL Models From Android Apps
— Mobile network security and operator liability
— Reverse engineering of AUTOSAR embedded systems
Больше тут https://www.sstic.org/2023/programme/
📚 Instant Netcat Starter.
• Дата выхода: 2013 год.
• Рейтинг: ⭐⭐⭐⭐⭐(5 out of 5)
• VT.• This book explores the classic Netcat utility, and breaks down the common ways in which it can be utilized in the field. Beginning with compilation and installation, this book quickly has you utilizing the core features of the utility to perform file transfers regardless of commonly blocked firewall ports, perform real-world interrogation of services and listening ports to discover the true intention of an application or service, and tunnelling remotely into systems to produce remote command shells.
🧩 Софт для чтения.
#Netcat #Eng
📚 Privilege Escalation Techniques.
• Дата выхода: 2021 год.
• Рейтинг: ⭐⭐⭐⭐⭐(5 out of 5)
• VT. (1 Detect).• Learn how to perform local enumeration on #Windows & #Linux systems.• Understand the key differences between elevating privileges on Windows and Linux systems.• Learn how to identify privilege escalation vectors on Windows & Linux systems.• Learn how to elevate your privileges on Windows and Linux systems by leveraging various tools and techniques.
🧩 Софт для чтения.
#Linux #Hack #Eng
https://github.com/VulnerabilityResearchCentre/patch-diffing-in-the-dark
Как использовать Patch-Diffing для поиска зиродеев в Windows
🔌 Cisco формула расчёта сетей, примеры использования.
• http://infocisco.ru/cisco_formula_subnetting.html
#Сети
👣 Lateral Movement – NTLM Relay Attacks.
• In this post we will explore different techniques that can be used to perform NTLM relay attacks to move laterally and access different machines and resources in the network.
• SMB Relay Attack Overview;
• Finding Hosts with SMB Signing Disabled;
• Setting Up Responder for the Attack;
• SMB-Relay Attack Using Responder + ntlmrelayx.py;
• LDAP(S) Relay Attack Overview;
• LDAP(S)-Relay Attack via DNS Takeover Using mitm6 + ntlmrelayx.py;
• SMB-Relay Attack Using mitm6 + ntlmrelayx.py;
• Final Note;
• Want to stay up to date with the latest hacks?
• https://juggernaut-sec.com/ntlm-relay-attacks/
#AD
📚 Cybersecurity Career Master Plan.
• Дата выхода: 2021 год.
• Рейтинг: ⭐⭐⭐⭐⭐(5 out of 5)
• VT.
What you will learn:
• Gain an understanding of cybersecurity essentials, including the different frameworks and laws, and specialties;
• Find out how to land your first job in the cybersecurity industry;
• Understand the difference between college education and certificate courses;
• Build goals and timelines to encourage a work/life balance while delivering value in your job;
• Understand the different types of cybersecurity jobs available and what it means to be entry-level;
• Build affordable, practical labs to develop your technical skills;
• Discover how to set goals and maintain momentum after landing your first cybersecurity job.
🧩 Софт для чтения.
#Cybersecurity #Eng
• OpenSea OSINT Attack Surface.
• https://www.osintdojo.com/diagrams/opensea
#OSINT
📚 Kali Linux Reference Guide.
• Дата выхода: 2020 год.
• Рейтинг: ⭐⭐⭐⭐⭐(5 out of 5)
• VT.
• Getting Started;
• Kali Linux File Structure;
• Linux System Functionality;
• Terminal Functionality;
• Networking;
• Updates & Software Management;
• Secure Shell (SSH) Protocol;
• Kali Linux Tools;
• Impacket Tools.
🧩 Софт для чтения.
#Kali #Linux #Eng
🔌 Основные компоненты сетей.
http://infocisco.ru/network_components.html
#Сети
📚 The Complete Team Field Manual.
• Дата выхода: 2021 год.
• Рейтинг: ⭐⭐⭐⭐⭐(5 out of 5)
• VT.
This book contains:
• The basic syntax for commonly used Linux and Windows command line tools;
• Unique use cases for powerful tools such as Python and Windows PowerShell;
• Five core functions of Identify, Protect, Detect, Respond, and Recover;
• Tactical steps and commands to use when preparing working through;
• Recovering commands after Cyber Security Incident;
• More importantly, it should teach you some new secret techniques.
🧩 Софт для чтения.
#Red_Team #Blue_Team #Eng
🔐 Password Hunting – Linux Privilege Escalation.
• Password Hunting – Filenames and File Contents;
- Hunting for Interesting Filenames;
- Hunting for Interesting Strings Inside Files;
• Password Hunting – Web Files / Config Files;
- Passwords in Config Files;
- Passwords in Other Web Files (WebDav Example);
- Cracking the WebDav Password with Hashcat;
• Password Hunting – Hidden Files and Folders;
- Passwords in Unique (Custom) Hidden Folder and File;
- Passwords in Bash History Files;
- Passwords in SSH Keys;
- Cracking an SSH Key using John the Ripper;
• Password Hunting – MySQL;
- Password Hashes in a Custom Database Part 1 – MD5 Hashes;
- Cracking Custom Database Hashes Using Hashcat;
- Password Hashes in a Custom Database Part 2 – Base64 Decode;
• Password Hunting – /var/backups Folder;
- Cracking Shadow Hashes with Hashcat;
• Passwords Hunting – Password Protected Files;
- Cracking the RAR Files Password Using John the Ripper;
• Password Hunting with Tools – LinPEAS;
• Want to stay up to date with the latest hacks?
• In this post we will be exploring the art of password hunting on a target Linux machine as a means to escalate privileges either horizontally or vertically. We will review various techniques to hunt for passwords, as well as some common locations they are stored. During our hunt, we will uncover credentials in scripts, config files, filenames, hashes and much more!
🧷 https://juggernaut-sec.com/password-hunting-lpe/
#cracking #Hashcat #Linux
🔎 Offensive OSINT Tools.
• This repository consists of tools/links that a expert can use during Pentest/RedTeam. If the tool performs multiple functions, for example collecting subdomains and URLs, it will be listed in two places.
• Search Engines;
• Emails collector;
• References in the code;
• SubDomain collector;
• URL collerctor;
• Tor;
• Intelligence;
• Network Info;
• DnsHistory;
• FTP servers;
• Passive Infrastructure scanner;
• Microsoft Excange;
• Telegram;
• Google Dorks;
• Nickname search;
• Cloud.
• https://github.com/wddadk/Offensive-OSINT-Tools
#OSINT
📚 Hacking AI.
• Дата выхода: 2021 год.
• Рейтинг: ⭐⭐⭐⭐⭐(5 out of 5)
• VT.
• The different types of hackers and their purposes;
• How hacking works;
• The various steps in a hacking attack;
• Why networking and scripting so important in hacking;
• The different tools that are used in hacking;
• The different techniques hackers use to get to your data;
• How to keep yourself safe from cyber-attacks;
• The ins and outs of cybersecurity and how it aims to keep you safe;
• How your data is protected from hackers;
• How to ensure that your cybersecurity is adequate.
🧩 Софт для чтения.
#AI #Hack #Eng
📚 Designing BSD Rootkits.
• Дата выхода: 2007 год.
• Рейтинг: ⭐⭐⭐⭐⭐(5 out of 5)
• VT.
• The fundamentals of FreeBSD kernel module programming;
• Using call hooking to subvert the FreeBSD kernel;
• Directly manipulating the objects the kernel depends upon for its internal record-keeping;
• Patching kernel code resident in main memory; in other words, altering the kernel's logic while it's still running;
• How to defend against the attacks described. Hack the FreeBSD kernel for yourself!
#Hack #Rootkits #Eng
📚 Network Forensics: Privacy and Security.
• Дата выхода: 2021 год.
• Рейтинг: ⭐⭐⭐⭐⭐(5 out of 5)
• VT.• Network Forensics: A privacy & Security provides a significance knowledge of network forensics in different functions and spheres of the security. The book gives the complete knowledge of network security, all kind of network attacks, intention of an attacker, identification of attack, detection, its analysis, incident response, ethical issues, botnet and botnet forensics. This book also refer the recent trends that comes under network forensics. It provides in-depth insight to the dormant and latent issues of the acquisition and system live investigation too.
🧩 Софт для чтения.
#Forensics #Eng
🟢 Amazing PowerShell One-Liners for System Administrators.
• Here is a collection of some really cool PowerShell one-liners scripts. I find them very useful for day-to-day system administration tasks. I will keep adding to this list as I learn more useful commands.
• List of all installed applications on a Windows device;
• Get all installed KB numbers from Windows Update;
• Find Admin Shares on my computer;
• Find Scheduled tasks that are running;
• Find files;
• Find the Last Bootup Time;
• Free Disk space information;
• Find out how big a folder is;
• Active Directory Bulk Add Users;
• Extract all unique IP addresses from a log file and display the top 10 most frequently occurring ones;
• Monitor a folder for changes and send an email notification whenever a new file is created;
• Create a report of all mailbox sizes in an Exchange server and export it to a CSV file;
• Monitor a website for availability and send an email notification whenever it goes down;
• Find all the processes that are using a specific port;
• Create a script that retrieves the latest tweets from a list of Twitter users and sends an email notification.
#Powershell #Windows
📚 Официальное руководство Cisco по подготовке к сертификационным экзаменам CCNA ICND2 200-105. Маршрутизация и коммутация.
• Дата выхода: 2018 год.
• Рейтинг: ⭐⭐⭐⭐⭐(5 out of 5)
• VT.
• Настоящее академическое издание - исчерпывающий справочник и учебное пособие, знакомящее с подробностями настройки, поиска и устранения неисправностей сети. Автор бестселлеров и опытный преподаватель, Уэнделл Одом делится советами по подготовке к экзамену, помогая читателю выявить свои слабые стороны и улучшить концептуальные знания и практические навыки.
🧩 Софт для чтения.
#Cisco #CCNA #RU
Лаборатория хакера - Реальные кейсы, OSINT, социальная инженерия, обзоры инструментов с github, анонимность.
Читать полностью…
📚 The Hardware Hacking Handbook.
• Дата выхода: 2021 год.
• Рейтинг: ⭐⭐⭐⭐⭐(5 out of 5)
• VT.
You’ll learn:
• How to model security threats, using attacker profiles, assets, objectives, and countermeasures;
• Electrical basics that will help you understand communication interfaces, signaling, and measurement;
• How to identify injection points for executing clock, voltage, electromagnetic, laser, and body-biasing fault attacks, as well as practical injection tips;
• How to use timing and power analysis attacks to extract passwords and cryptographic keys;
• Techniques for leveling up both simple and differential power analysis, from practical measurement tips to filtering, processing, and visualization.
🧩 Софт для чтения.
#Hardware #Hack #Security #Eng
🔎 Hunting the Hunters: Tracing Human Traffickers.
• Take a deep dive into how cybercriminals fuel human trafficking on the internet. Discover the promising role of OSINT in unmasking these elusive criminals.
• https://www.secjuice.com/hunting-the-hunters/
#OSINT
Боковое перемещение: Проброс портов
Движение по сети межу хостами в сегментированной сети может быть затруднительной задачей. Например, хост необходимый для выполнения работ, может находиться в другой подсети и правила межсетевого экрана ограничивают туда доступ. Или есть правила межсетевого экрана разрешают доступ только с определенных адресов. Если был обнаружен терминальный сервер с доступом в другую подсеть или разрешающим правилом межсетевого экрана, то проблемы нет. Можно зайти этот терминальный сервер по RDP и продолжаем работать, а вот если это рабочая станция, где работает пользователь и нельзя прерывать его работу, то возникает не большая проблема. Ее можно решить с помощью проброса портов.
Проброс портов можно выполнить с помощью portproxy в netsh. Для настройки netsh требуются права локального администратора, а также должна быть включена служба iphlpsvc. Проверить службу можно с помощью команды
Get-Service iphlpsvc
v4tov6, v6tov4, v4tov4 и v6tov6.netsh interface portproxy add v4tov4 listenaddress=10.10.10.10 listenport=4444 connectaddress=192.168.56.10 connectport=3389
mstsc.exe /v:10.10.10.10:4444
netsh interface portproxy show all
add на set и поменять необходимые параметры в команде, представленной выше.netsh interface portproxy delete v4tov4 listenport=4444 listenaddress=10.10.10.10
netsh interface portproxy reset
Сделать сайт, выглядящий как винрар, чтобы юзер скачал нужное тебе с домена .zip – это настолько мерзко и прекрасно одновременно, что я даже не знаю, на чьей я стороне.
https://thehackernews.com/2023/05/dont-click-that-zip-file-phishers.html
📚 Cisco Networks.
• Дата выхода: 2021 год.
• Рейтинг: ⭐⭐⭐⭐⭐(5 out of 5)
• VT.
What You Will Learn:
• Configure Cisco switches, routers, and data center devices in typical corporate network architectures;
• Use black-hat tools to conduct penetration testing on the security of your network;
• Configure and secure virtual private networks (VPNs);
• Enable identity management in your network with the Cisco Identity Services Engine (ISE).
🧩 Cофт для чтения.
#Cisco #Networks #Eng
👨💻 Pentration Testing, Beginners To Expert!
• Phase 1 – History;
• Phase 2 – Web and Server Technology;
• Phase 3 – Setting up the lab with BurpSuite and bWAPP;
• Phase 4 – Mapping the application and attack surface;
• Phase 5 – Understanding and exploiting OWASP top 10 vulnerabilities;
• Phase 6 – Session management testing;
• Phase 7 – Bypassing client-side controls;
• Phase 8 – Attacking authentication/login;
• Phase 9 - Attacking access controls (IDOR, Priv esc, hidden files and directories);
• Phase 10 – Attacking Input validations (All injections, XSS and mics);
• Phase 11 – Generating and testing error codes;
• Phase 12 – Weak cryptography testing;
• Phase 13 – Business logic vulnerability.
🧷 https://github.com/xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes
#Пентест
🗣 Андрей Янкин, «Инфосистемы Джет»: Секретари, HR и менеджеры по продажам – самые легкие жертвы для злоумышленников
Пять лет назад, когда клиенты «Инфосистемы Джет» рассказывали о своих планах по построению системы ИБ в своих компаниях, самым популярным пунктом было обучение сотрудников правилам кибербезопасности. Вместе с этим, большинство компаний заявляли, что не планируют выделять на это бюджет и ресурсы.
Сегодня ситуация изменилась. Теперь компании тратят огромные бюджеты на ИБ-интерактивы для сотрудников, проводят масштабные киберучения, а некоторые даже пытаются создать собственный human firewall.
➡️ Об этих и других переменах порталу Cyber Media рассказал Андрей Янкин, директор центра информационной безопасности компании «Инфосистемы Джет».
🔌 Как работают сетевые устройства согласно сетевой модели OSI.
• http://infocisco.ru/works_network_devices.html
#Сети
👨💻 DevSecOps Guide.
• DevSecOpsGuides, a comprehensive resource for developers, security professionals, and operations teams who want to learn about the world of DevSecOps.
• https://devsecopsguides.com
#DevSecOps
Интересная штука. Главное - удобно.
"Клавиатура Android для безопасных сообщений со сквозным шифрованием по протоколу Signal в любом мессенджере. Общайтесь безопасно и независимо от правовой ситуации или того, используют ли мессенджеры E2EE. Сервер не нужен."
https://github.com/amnesica/KryptEY