ajinabraham

import time
import datetime
import digitalocean
TOKEN = "**"
SERVERS = {**: "**", **: "**"}


def snapshot_backup():
    manager = digitalocean.Manager(token=TOKEN)
    my_droplets = manager.get_all_droplets()

ajinabraham

//Create Private Key with OpenSSL
//openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -pkeyopt rsa_keygen_pubexp:3 -out privateKey.pem
//Generate Public Key to be used at the client side (Mobile)
//openssl pkey -in privateKey.pem -out publicKey.pem -pubout
const crypto = require('crypto')
const fs = require('fs')

const private_key = fs.readFileSync('digital_sign/privateKey.pem', 'utf-8')
//File to be signed
const package = fs.readFileSync('webpackage.zip')

ajinabraham

from psutil import process_iter, NoSuchProcess
from signal import SIGTERM, SIGKILL


def kill_proxy_process(port):
    """Kill 'em all"""
    for proc in process_iter():
        try:
            pinfo = proc.as_dict()
        except NoSuchProcess:

ajinabraham

'use strict';

var TrustManager;
var manager;

Java.perform(function () {
  var X509TrustManager = Java.use('javax.net.ssl.X509TrustManager');

  TrustManager = Java.registerClass({
    name: 'com.example.TrustManager',

ajinabraham

• How to Build a Successful Information Security Career (Daniel Miessler)
  • https://danielmiessler.com/blog/build-successful-infosec-career/#gs.DtVCbbw
• The First Steps to a Career in Information Security (Errata Security - Marisa Fagan)
  • http://blog.erratasec.com/2010/04/first-steps-to-career-in-information.html#.WFrbofkrIuU
• Hiring your first Security Professional (Peerlyst - Dawid Balut)
  • https://www.peerlyst.com/posts/hiring-your-first-security-professional-dawid-balut
• How to Start a Career in Cyber security
  • https://www.concise-courses.com/security/how-to-start-your-career/
• How to Get Into Information Security (ISC^2)
• https://www.isc2.org/how-to-get-into-information-security.aspx

ajinabraham

BEAST - Browser Exploit Against SSL/TLS
(Sep 2011)
This vulnerability has the potential to decrypt the encrypted traffic by determining the IV of cipher block chaining (CBC)

CRIME - Compression Ratio Info-leak Made Easy
(Sep 2012)
A compression side-channel attack against HTTPS allows attacker to Inject partial chosen plaintext into a victim's request.

Lucky 13 
(Feb 2013)

ajinabraham

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

ajinabraham

import SimpleHTTPServer
class CORSHTTPRequestHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
    def send_head(self):
        """Common code for GET and HEAD commands.

        This sends the response code and MIME headers.

        Return value is either a file object (which has to be copied
        to the outputfile by the caller unless the command was HEAD,
        and must be closed by the caller under all circumstances), or

ajinabraham

import android.content.Context;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.PackageManager.NameNotFoundException;
import android.content.pm.Signature;

public class TamperCheck {

//we store the hash of the signture for a little more protection
private static final String APP_SIGNATURE = "1038C0E34658923C4192E61B16846";

ajinabraham

sudo apt-get install screen
Start a new session:

screen -S <screen_name>
Run your process as you run it in the screen session. If you want to back to your main terminal press key shortcut ctrl+a+d. And also view the screen by typing,

screen -r <screen_name>