JRandomSage

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

• A Russian translation of this article can be found here, contributed by Timur Demin.
• A Turkish translation can be found here, contributed by agyild.
• There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.

JRandomSage

Latency numbers every programmer should know

L1 cache reference ......................... 0.5 ns
Branch mispredict ............................ 5 ns
L2 cache reference ........................... 7 ns
Mutex lock/unlock ........................... 25 ns
Main memory reference ...................... 100 ns             
Compress 1K bytes with Zippy ............. 3,000 ns  =   3 µs
Send 2K bytes over 1 Gbps network ....... 20,000 ns  =  20 µs
SSD random read ........................ 150,000 ns  = 150 µs

Read 1 MB sequentially from memory ..... 250,000 ns = 250 µs

JRandomSage

import os
import subprocess
import ctypes

# See: https://blogs.msmvps.com/erikr/2007/09/26/set-permissions-on-a-specific-service-windows/

svcinfo = {}
nonadmin = ['AU', 'AN', 'BG', 'BU', 'DG', 'WD', 'IU', 'LG']
FNULL = open(os.devnull, 'w')

JRandomSage

$CimSession = New-CimSession -ComputerName 10.0.0.2

$FilePath = 'C:\Windows\System32\notepad.exe'

# PS_ModuleFile only implements GetInstance (versus EnumerateInstance) so this trick below will force a "Get" operation versus the default "Enumerate" operation.
$PSModuleFileClass = Get-CimClass -Namespace ROOT/Microsoft/Windows/Powershellv3 -ClassName PS_ModuleFile -CimSession $CimSession
$InMemoryModuleFileInstance = New-CimInstance -CimClass $PSModuleFileClass -Property @{ InstanceID= $FilePath } -ClientOnly
$FileContents = Get-CimInstance -InputObject $InMemoryModuleFileInstance -CimSession $CimSession
$FileLengthBytes = $FileContents.FileData[0..3]
[Array]::Reverse($FileLengthBytes)

JRandomSage

GNUPG CHEATSHEET

Setting up: key generation

This generates a public/private keypair.

$ gpg --gen-key

$ gpg --list-secret-keys

JRandomSage

// node-reverse-proxy

var sys = require('sys'),
    http = require('http');

function proxy(backend, request, response) {
    var bits = backend.split(':');
    var host = bits[0];
    if (bits.length == 2) {
        var port = parseInt(bits[1], 10);

JRandomSage

#!/bin/bash

# This script analyses the log files /var/log/auth.log* for
# illegal break-in attempts and writes all output to $logdir.
# <http://blog.philippklaus.de/2010/02/analyse-illegal-ssh-login-attempts/#comment-12211>

# inspired by <http://goo.gl/QMOhiU>
# and <http://filipivianna.blogspot.com/2009/10/checking-authlog-for-ssh-brute-force.html>

logbasedir=~/logs

JRandomSage

using System;
using System.IO;
using System.Text;


public class Program
{

    private static byte[] xor(byte[] cipher, byte[] key)
    {

JRandomSage

using System;
using System.Text;
using System.Runtime.InteropServices;


public class Program
{

    //https://docs.microsoft.com/en-us/windows/desktop/api/memoryapi/nf-memoryapi-virtualalloc 
    [DllImport("kernel32")]

JRandomSage

Domain: TEST.local
User Enumeration:
  Windows:
    net user
    net user /domain
    net user [username]
    net user [username] /domain
    wmic useraccount
  Mac:
    dscl . ls /Users