Android Pentest 101
A list of Android Security materials and resources for pentesters and bug hunters
https://github.com/dn0m1n8tor/AndroidPentest101
@geekcode
A list of Android Security materials and resources for pentesters and bug hunters
https://github.com/dn0m1n8tor/AndroidPentest101
@geekcode
GitHub
GitHub - dn0m1n8tor/AndroidPentest101: The motive to build this repo is to help beginner to start learn Android Pentesting by providingโฆ
The motive to build this repo is to help beginner to start learn Android Pentesting by providing a roadmap. - dn0m1n8tor/AndroidPentest101
How to avoid phishing attacks๐
๐Block known bad websites. Malwarebytes DNS filtering blocks malicious websites used for phishing attacks, as well as websites used to spread or control malware.
๐Don't take things at face value. Phishing attacks often seem to come from people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
๐Take action. If you receive a phishing attempt at work, report it to your IT or security team. I you fall for a phish, make your data useless: If you entered a password, change it, if you entered credit card details, cancel the card.
๐Use a password manager. Password managers can create, remember, and fill in passwords for you. They protect you against phishing because they won't enter your credentials into a fake site.
๐Use a FIDO2 2FA device. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device canโt be phished.
Don't forget to share & support us โค๏ธ
@geekcode ๐
๐Block known bad websites. Malwarebytes DNS filtering blocks malicious websites used for phishing attacks, as well as websites used to spread or control malware.
๐Don't take things at face value. Phishing attacks often seem to come from people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
๐Take action. If you receive a phishing attempt at work, report it to your IT or security team. I you fall for a phish, make your data useless: If you entered a password, change it, if you entered credit card details, cancel the card.
๐Use a password manager. Password managers can create, remember, and fill in passwords for you. They protect you against phishing because they won't enter your credentials into a fake site.
๐Use a FIDO2 2FA device. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device canโt be phished.
Don't forget to share & support us โค๏ธ
@geekcode ๐
๐1
Kali Linux 2023 Purple Distro for defensive security ๐๐ฅณ
Details :
https://www.bleepingcomputer.com/news/security/kali-linux-20231-introduces-purple-distro-for-defensive-security/
@geekcode โค๏ธ
Details :
https://www.bleepingcomputer.com/news/security/kali-linux-20231-introduces-purple-distro-for-defensive-security/
@geekcode โค๏ธ
BleepingComputer
Kali Linux 2023.1 introduces 'Purple' distro for defensive security
โOffensive Security has released โKali Linux 2023.1, the first version of 2023 and the project's 10th anniversary, with a new distro called 'Kali Purple,' aimed at Blue and Purple teamers for defensive security.
Cloud Hacking: Common Attacks & Vulnerabilities
https://www.youtube.com/watch?v=d6QYhkzUQZ8
@geekcode ๐
https://www.youtube.com/watch?v=d6QYhkzUQZ8
@geekcode ๐
YouTube
Cloud Hacking: Common Attacks & Vulnerabilities
Purchase my Bug Bounty Course here ๐๐ผ bugbounty.nahamsec.training
Buy Me Coffee:
https://www.buymeacoffee.com/nahamsec
Live Every Sunday on Twitch:
https://twitch.tv/nahamsec
Free $100 DigitalOcean Credit:
https://m.do.co/c/3236319b9d0b
Follow me onโฆ
Buy Me Coffee:
https://www.buymeacoffee.com/nahamsec
Live Every Sunday on Twitch:
https://twitch.tv/nahamsec
Free $100 DigitalOcean Credit:
https://m.do.co/c/3236319b9d0b
Follow me onโฆ
๐1
โจ Curriculum for Information Security Specialists
A hands-on curriculum to become a successful cybersecurity engineer based on roles such as Pentest, AppSec, Cloud Security, DevSecOps, etc. Includes free and paid resources, tools and concepts.
โบ Link to GitHub
@geekcode ๐
A hands-on curriculum to become a successful cybersecurity engineer based on roles such as Pentest, AppSec, Cloud Security, DevSecOps, etc. Includes free and paid resources, tools and concepts.
โบ Link to GitHub
@geekcode ๐
Open Source cyber security tools for professionals ๐
1. Zeek: https://zeek.org/
Network Security Monitoring
2. ClamAV: https://www.clamav.net/
Antivirus
3. OpenVAS: https://www.openvas.org/
Vulnerability Scanner
4. TheHive: https://lnkd.in/e7aVCRUZ
Incident Response
5. PFSense: https://www.pfsense.org/
Security appliance (firewall/VPN/router)
6. Elastic: https://www.elastic.co/de/
Analytics
7. Osquery: https://www.osquery.io/
Endpoint visibility
8. Arkime: https://arkime.com/
Packet capture and search
9. Wazuh: https://wazuh.com/
XDR and SIEM
10. Alien Vault Ossim: https://lnkd.in/eShQt29h
SIEM
11. Velociraptor: https://lnkd.in/eYehEaNa
Forensic and IR
12. MISP project: https://lnkd.in/emaSrT57
Information sharing and Threat Intelligence
13. Kali: https://www.kali.org/
Security OS
14. Parrot: https://www.parrotsec.org/
Security OS
15. OpenIAM: https://www.openiam.com/
IAM
16. Yara: https://lnkd.in/eEJegEak
Patterns
17. Wireguard: https://www.wireguard.com/
VPN
18. OSSEC: https://www.ossec.net/
HIDS
19. Suricata: https://suricata.io/
IDS/IPS
20. Shuffler: https://shuffler.io/
SOAR
21. Phish Report: https://phish.report/
Anti Phishing
22. Graylog: https://lnkd.in/eAFuUmuw
Logmanagement
23. Trivy: https://lnkd.in/e7JxXStY
DevOps/IaC Scanning
24. OpenEDR: https://openedr.com/
EDR
25. Metasploit: https://lnkd.in/e4ECX-py
Pentest
26. NMAP: https://nmap.org/
Share & Support Us โค๏ธ
@geekcode ๐
1. Zeek: https://zeek.org/
Network Security Monitoring
2. ClamAV: https://www.clamav.net/
Antivirus
3. OpenVAS: https://www.openvas.org/
Vulnerability Scanner
4. TheHive: https://lnkd.in/e7aVCRUZ
Incident Response
5. PFSense: https://www.pfsense.org/
Security appliance (firewall/VPN/router)
6. Elastic: https://www.elastic.co/de/
Analytics
7. Osquery: https://www.osquery.io/
Endpoint visibility
8. Arkime: https://arkime.com/
Packet capture and search
9. Wazuh: https://wazuh.com/
XDR and SIEM
10. Alien Vault Ossim: https://lnkd.in/eShQt29h
SIEM
11. Velociraptor: https://lnkd.in/eYehEaNa
Forensic and IR
12. MISP project: https://lnkd.in/emaSrT57
Information sharing and Threat Intelligence
13. Kali: https://www.kali.org/
Security OS
14. Parrot: https://www.parrotsec.org/
Security OS
15. OpenIAM: https://www.openiam.com/
IAM
16. Yara: https://lnkd.in/eEJegEak
Patterns
17. Wireguard: https://www.wireguard.com/
VPN
18. OSSEC: https://www.ossec.net/
HIDS
19. Suricata: https://suricata.io/
IDS/IPS
20. Shuffler: https://shuffler.io/
SOAR
21. Phish Report: https://phish.report/
Anti Phishing
22. Graylog: https://lnkd.in/eAFuUmuw
Logmanagement
23. Trivy: https://lnkd.in/e7JxXStY
DevOps/IaC Scanning
24. OpenEDR: https://openedr.com/
EDR
25. Metasploit: https://lnkd.in/e4ECX-py
Pentest
26. NMAP: https://nmap.org/
Share & Support Us โค๏ธ
@geekcode ๐
๐1
How FBI hackers or Forensics Team identify fake Images
https://infosecwriteups.com/how-fbi-hackers-or-forensics-team-identify-fake-images-5574109ba959
@geekcode
https://infosecwriteups.com/how-fbi-hackers-or-forensics-team-identify-fake-images-5574109ba959
@geekcode
โจ๏ธ Google CTF: Skills Repository
Job sets along with Google CTF solutions between 2017 and 2023.
โบ Link to CTF
#CTF #geeks
@geekcode ๐
Job sets along with Google CTF solutions between 2017 and 2023.
โบ Link to CTF
#CTF #geeks
@geekcode ๐