🦑Cisco is Offering FREE Cyber Security Courses + official Badges!
Start Your Cybersecurity Career with these in demand courses!

⭕1. Introduction to Cybersecurity

- Course Duration: 6 HOURS
- Level: BEGINNER
- Lab: 7 LABS
- Delivery Type: SELF-PACED

Course Link: https://lnkd.in/eh5MTBwT

⭕2. Cyber Threat Management

- Course Duration: 16 HOURS
- Level: INTERMEDIATE
- Lab: 16 LABS
- Delivery Type: SELF-PACED

Course Link: https://lnkd.in/ehwb_Hsh

⭕3. Endpoint Security

- Course Duration: 27 HOURS
- Level: Intermediate
- Labs: 31 LABS
- Delivery Type: SELF-PACED

Course Link: https://lnkd.in/eV2UB7xy

⭕4. Network Defense

- Course Duration: 27 HOURS
- Level: INTERMEDIATE
- Lab: 29 LABS
- Delivery Type: SELF-PACED

Course Link: https://lnkd.in/ekTpuvyn

Source: Linkedin

🦑Reverse Engineering iOS Applications:

> Here's a streamlined approach to obtain the required tools and set up your environment for iOS reverse engineering, as described. The provided GitHub repository is an excellent resource for guidance.

### Key Tools and Instructions

1. iTunnel
- Download: Allows SSH over USB.
- Usage:

     itnl --lport 2222 --iport 22
     ssh -p 2222 root@localhost
     

2. Cydia Impactor
- Download: Lets you sideload iOS apps using a developer certificate.

3. Hopper
- Download: Reverse engineering tool for disassembly, decompilation, and debugging.
- Trial version is sufficient.

4. Cycript
- Download: Enables runtime modification of app behavior via a console.

5. Frida
- Install:

     sudo pip install frida-tools
     

- Purpose: Scripting to change app behavior at runtime.

6. Bettercap
- Download: Perform MITM (Man-in-the-Middle) attacks.

7. class-dump-z
- Download: Dumps ObjC classes (for ObjC apps).

8. momdec
- Download: Decompiles CoreData models.

9. Ghidra
- Download: Alternative reverse engineering tool.

---

### iOS-Specific Tools

#### iOS 10.x
- Clutch
- Use for decrypting iOS applications.

#### iOS 11.x+
- bfinject
- Extract apps using Cycript and Clutch.
- Install dependencies:

    sudo pip install -r requirements.txt --upgrade
    

#### iOS 12.x
- frida-ios-dump
- Decrypt apps and auto-transfer to your computer.

---

### Device Setup

1. On iOS < 11.0
- Jailbreak and install via Cydia:
- Cycript
- Apple File Conduit "2"
- Frida (Source: https://build.frida.re)

- Test SSH:

     itnl --lport 2222 --iport 22
     ssh -p 2222 root@localhost
     

2. On iOS > 11.0
- Create required directories:

     cd / && mkdir jb
     mkdir /jb/bfinject && cd /jb/bfinject
     

- Transfer and extract bfinject:

     scp -P 2222 ~/Downloads/bfinject.tar root@localhost:/jb/bfinject
     tar xvf bfinject.tar
     

3. On iOS 12.x
- Install Frida via Cydia (Source: https://build.frida.re).


For more details and resources, check the GitHub repository: [RE-iOS-Apps](https://github.com/ivRodriguezCA/RE-iOS-Apps).

Curated list of data leaks around the world:

https://github.com/inspektor-dev/awesome-data-leak

🦑Ethical Hacking in 12 Hours:

https://youtu.be/fNzpcB7ODxQ

🦑 Markov Chain Overview and Its Application in Hashcat

What is a Markov Chain?
A Markov chain is a statistical model used to describe a stochastic process. It is characterized by the principle that the probability of transitioning to the next state depends only on the current state and not on the sequence of preceding states. This property is known as the Markov property.

#### Example:
Imagine you're playing a game where each "punch" is randomly determined:
1. The first three outcomes: "scissors," "paper," "rock."
2. For the fourth punch:
- "Rock" has a probability of 0.2,
- "Paper" has 0.3,
- "Scissors" has 0.5.

The outcome of the fourth punch depends only on the probabilities and not on the earlier punches.

---

### Markov Chains in Hashcat
Hashcat utilizes Markov chains to optimize brute-force password cracking in its Mask attack mode (attack mode = 3). Instead of enumerating every possible combination, Hashcat prioritizes password candidates based on their likelihood.

#### How It Works:
- Hashcat computes the Markov chain probability model of common passwords beforehand and stores it in a .hcstat2 file.
- When cracking, the stored probabilities help determine the order in which potential passwords are tested, with more likely combinations appearing first.
- For example, "s" often follows "t," and "q" often follows "u." These probabilities guide the cracking process.

This approach doesn’t reduce the total number of possibilities (keyspace) but improves efficiency by testing likely combinations first.

---

### Markov Chain Parameters in Hashcat
1. `--markov-hcstat2`
Specifies the .hcstat2 file with precomputed probabilities. Default: /usr/share/hashcat/hashcat.hcstat2.

2. `--markov-disable`
Disables Markov chains, reverting to classic brute-force.

3. `--markov-classic`
Uses traditional Markov chains without considering character positions.

4. `--markov-inverse`
Prioritizes less common character combinations, reversing the probability model.

5. `--markov-threshold=<NUM>`
Limits the number of candidates based on probability. For example, a threshold of 2 considers only the two most likely characters for each position.

---

### Per-Position Markov Chains
Hashcat includes a per-position Markov model to improve accuracy by considering the position of each character:
- Example:
- In the first position, "s" is likely followed by "t."
- In the seventh position, "s" might be followed by "e."

This method enables better tailoring of password candidates based on position-specific probabilities.

---

### Practical Demonstration
1. Without Markov chains:

   $ hashcat -a 3 --stdout --markov-disable ?l
   a
   b
   c
   ...
   z
   

2. With Markov chains:

   $ hashcat -a 3 --stdout ?l
   s
   m
   c
   ...
   x
   

3. With `--markov-inverse`:

   $ hashcat -a 3 --markov-inverse --stdout ?l
   x
   u
   q
   ...
   s
   

---

Summary
Hashcat's implementation of Markov chains enhances brute-force attacks by prioritizing password candidates based on likelihood, derived from precomputed statistical models. Parameters like --markov-threshold and --markov-inverse allow further customization, making the cracking process faster without reducing complexity.

By leveraging common user behavior, such as frequent patterns in passwords, Hashcat increases the efficiency of password cracking—a crucial tool for penetration testing and cybersecurity research.

🦑All Linux Commands in 1 place:

https://github.com/yzf750/custom-fuzzing/blob/master/linux-commands-merged.txt

🦑Google Hacking Dorks For Webserver (1) :
"About Mac OS Personal Web Sharing"
"AnWeb/1.42h" intitle:index.of
"Application Blocked!" "Google bot"
"CERN httpd 3.0B (VAX VMS)"
"Cisco Systems, Inc. All Rights Reserved." -cisco.com filetype:jsp
"I have been invoked by servletToJSP"
"JRun Web Server" intitle:index.of
"MaXX/3.1" intitle:index.of
"Microsoft-IIS/* server at" intitle:index.of
"Microsoft-IIS/4.0" intitle:index.of
"Microsoft-IIS/5.0 server at"
"Microsoft-IIS/6.0" intitle:index.of
"NTRIP Caster Table Contents" "This is a SNIP NTRIP Caster"
"Netware * Home" inurl:nav.html
"Novell, Inc" WEBACCESS Username Password "Version *.*" Copyright -inurl:help -guides|guide
"OmniHTTPd/2.10" intitle:index.of
"OpenSA/1.0.4" intitle:index.of
"PHP Credits" "Configuration" "PHP Core" ext:php inurl:info
"Powered by 123LogAnalyzer"
"Powered by BOINC"
"Powered by phpBB" inurl:"index.php?s" OR inurl:"index.php?style"
"Powered by vShare"
"Powered by"
"Proudly created with Wix.com"
"RDServer Product information" | inurl:"/rdagent.jsp"
"Red Hat Secure/2.0"
"Red Hat Secure/3.0 server at"
"Switch to table format" inurl:table|plain
"This server is operated by OpenX."
"Wowza Streaming Engine 4 Developer Edition"
"httpd+ssl/kttd" * server at intitle:index.of
"index of /private" -site:net -site:com -site:org
"powered by openbsd" +"powered by apache"
"powered by" "shoutstats" hourly daily
"seeing this instead" intitle:"test page for apache"
"var miner = new CoinHive" intext:document.domain
(intitle:"502 Proxy Error")|(intitle:"503 Proxy Error") "The proxy server could not handle the request" -topic -mail -4suite -list -site:geocrawler.co
(inurl:81-cobalt | inurl:cgi-bin/.cobalt)
-pub -pool intitle:"index of" "Served by" "Web Server"
Coldbox | contentbox | commandbox "Powered by ContentBox"
Fwd: intitle:"STEP by STIBO Systems" "Launch STEPworkbench" "Web UI Component Report"
HTTP_USER_AGENT=Googlebot
Powered.by.RaidenHTTPD intitle:index.of
XAMPP "inurl:xampp/index"
aboutprinter.shtml
allintext:"Index Of" "sftp-config.json"
allintext:"Powered by LionMax Software" "WWW File Share"
allintitle:"Pi-hole Admin Console"
allintitle:Netscape FastTrack Server Home Page
allinurl:".nsconfig" -sample -howto -tutorial
ext:php | intitle:phpinfo "published by the PHP Group"
ext:svc inurl:wsdl
filetype:asmx inurl:(_vti_bin|api|webservice)
filetype:axd inurl:/elmah.axd
fitweb-wwws * server at intitle:index.of
i_index.shtml Ready
intext:" - 2019 Cott Systems, Inc."
intext:"404 Object Not Found" Microsoft-IIS/5.0
intext:"Brought to you by eVetSites"
intext:"Healthy" + "Product model" + " Client IP" + "Ethernet"
intext:"Powered by (Quantum | Quantum CMS | CMS)
intext:"Powered by Abyss Web Server"
intext:"Powered by GetSimple" -site:get-simple.info
intext:"Powered by Nesta"
intext:"Powered by Sentora" -github.com
intext:"Powered by Typesetter"
intext:"Powered by phpSQLiteCMS" | intitle:"phpSQLiteCMS - A simple & lightweight CMS"
intext:"SonarQube" + "by SonarSource SA." + "LGPL v3"
intext:"Target Multicast Group" "beacon"
intext:"This is the default welcome page used to test the correct operation of the Apache2 server"
intext:"Welcome to CodeIgniter!"
intext:"index of /" "Index of" access_log
intext:Apache/2.2.29 (Unix) mod_ssl/2.2.29 | intitle:"Index of /"
intitle: "Welcome to nginx!" + "Thank you for using nginx."
intitle:"300 multiple choices"
intitle:"Accueil WAMPSERVER" intext:"Configuration Serveur"
intitle:"Apache HTTP Server" intitle:"documentation"
intitle:"Apache Status" "Apache Server Status for"
intitle:"Apache Status" | intext:"Apache Server Status"
intitle:"Apache2 Debian Default Page: It works"
intitle:"Apache2 Ubuntu Default Page: It works"
intitle:"Axis Happiness Page" "Examining webapp configuration"
intitle:"BadBlue: the file-sharing web server anyone can use"
intitle:"Current Network Status" "Nagios"
intitle:"Directory Listing, Index of /*/"
intitle:"Document title goes here" intitle:"used by web search tools" " example of a simple Home Page"
intitle:"Domain Default page" "Parallels IP Holdings GmbH"
intitle:"GlassFish Server - Server Running"

🦑Google Hacking Dorks For Webserver 2 :
intitle:"IIS Windows Server" -inurl:"IIS Windows Server"
intitle:"IPC@CHIP Infopage"
intitle:"Icecast Streaming Media Server"
intitle:"Index of *" mode links bytes last-changed name
intitle:"Index of /" "Proudly Served by Surftown at"
intitle:"Index of" "Apache/2.4.7 (Ubuntu) Server"
intitle:"Index of" site:.gov intext:"Server at"
intitle:"Lists Web Service"
intitle:"Lotus Domino Go Webserver:" "Tuning your webserver" -site:ibm.com
intitle:"Microsoft Internet Information Services 8" -IIS
intitle:"Miniweb Start Page" | "/CSS/Miniweb.css"
intitle:"Monsta ftp" intext:"Lock session to IP"
intitle:"Object not found!" intext:"Apache/2.0.* (Linux/SuSE)"
intitle:"Object not found" netware "apache 1.."
intitle:"Open WebMail" "Open WebMail version (2.20|2.21|2.30) "
intitle:"Page rev */*/*" inurl:"admin
intitle:"Resin Default Home Page"
intitle:"SOGo" site:webmail.*
intitle:"STEP by STIBO Systems" "Launch STEPworkbench" "Web UI Component Report"
intitle:"Server Backup Manager SE"
intitle:"Shoutcast Administrator"
intitle:"Shoutcast server" inurl:"/index.html" "SHOUTcast Server"
intitle:"Success!" intext:"Your new web server is ready to use."
intitle:"Sucuri WebSite Firewall - Access Denied"
intitle:"Test Page for Apache"
intitle:"Test Page for Apache" "It Worked!"
intitle:"Test Page for Apache" "It Worked!" "on this web"
intitle:"Test Page for the Apache HTTP Server on Fedora Core" intext:"Fedora Core Test Page"
intitle:"Test Page for the HTTP Server on Fedora"
intitle:"WAMPSERVER homepage" "Server Configuration" "Apache Version"
intitle:"WATASHI SERVICE"
intitle:"Web Server's Default Page" intext:"hosting using Plesk" -www
intitle:"Welcome To Xitami" -site:xitami.com
intitle:"Welcome To Your WebSTAR Home Page"
intitle:"Welcome to 602LAN SUITE *"
intitle:"Welcome to IIS 4.0"
intitle:"Welcome to JBoss"
intitle:"Welcome to OpenResty!"
intitle:"Welcome to WildFly" intext:"Administration Console"
intitle:"Welcome to Windows 2000 Internet Services"
intitle:"Welcome to Windows Small Business Server 2003"
intitle:"Welcome to Your New Home Page!" "by the Debian release"
intitle:"Welcome to nginx!" intext:"Welcome to nginx on Debian!" intext:"Thank you for"
intitle:"Welcome to the Advanced Extranet Server, ADVX!"
intitle:"Welcome" intext:"LiteSpeed Technologies, Inc. All Rights Reserved."
intitle:"apache tomcat/" "Apache Tomcat examples"
intitle:"apache tomcat/" + "Find additional important configuration information in:"
intitle:"error 404" "From RFC 2068 "
intitle:"index of" "/homedir/etc/"
intitle:"index of" "Served by Sun-ONE"
intitle:"index of" "debug.log" OR "debug-log"
intitle:"index of" "docker.yml"
intitle:"index of" "powered by apache " "port 80"
intitle:"index of" "server at"
intitle:"index of" AND inurl:magento AND inurl:/dev
intitle:"index of" site:.gov.in
intitle:"miniProxy"
intitle:"nPerfServer"
intitle:”PHP Version” intext:”PHP Version”
intitle:"web server login" intext:"site ip"
intitle:"welcome to mono xsp"
intitle:AnswerBook2 inurl:ab2/ (inurl:8888 | inurl:8889)
intitle:HTTP Server Test Page powered by CentOS
intitle:Snap.Server inurl:Func=
intitle:Snoop Servlet
intitle:Test Page for the Nginx HTTP Server on Fedora
intitle:livezilla "Server Time"
inurl *:8080/login.php
inurl: /ftp intitle:"office"
inurl:"/app/kibana#"
inurl:"/domcfg.nsf" " Web Server Configuration"
inurl:"/phpmyadmin/user_password.php
inurl:"/web-console/" intitle:"Administration Console"
inurl:":8088/cluster/apps"
inurl:"WebPortal?bankid"
inurl:"id=*" & intext:"warning mysql_fetch_array()"
inurl:"server-status" "Server Version: Apache/" "Server Built: " "Server uptime:" "Total accesses" "CPU Usage:"
inurl:"web/database/selector"
inurl:/Portal0000.htm
inurl:/_catalogs
inurl:/_hcms/
inurl:/config/device/wcd
inurl:/iisstart.htm intitle:"IIS7"
inurl:/javax.faces.resource/
inurl:/php/info.php
inurl:/phpPgAdmin/browser.php
inurl:/phpmyadmin/changelog.php -github -gitlab
inurl:/pub/ inurl:_ri_
inurl:/server-status + "Server MPM:"
inurl:/uploads/affwp-debug.log
inurl:/xprober ext:php
inurl:2506/jana-admin