duraki

--- 
minimal: 
  artist: "Your Name"
  title: "Blog Title"
  description: "Blog description."
  theme: "sterdo"
  
posts: 
  in: /posts/in   # => post in (md)
  out: /posts/out # => post out (html)

duraki

; This is a snippet of the original file in https://github.com/geyslan/SLAE/blob/master/1st.assignment/shell_bind_tcp.asm

global _start

section .text

_start:

	; syscalls (/usr/include/asm/unistd_32.h)
	; socketcall numbers (/usr/include/linux/net.h)

duraki

# => create a wordlist from original 41G stash via:
$ grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt

# => compressed with:
$ 7z a breachcompilation.txt.7z breachcompilation.txt

# => size (rel):
## 4.1G compressed
## 9.0G uncompressed

duraki

# => Open this file
$ sudo vi /etc/default/tlp

# => Set this from 1 to 0:
USB_AUTOSUSPEND=0

# => Reboot
# SD card reader should work #

duraki

Go to: chrome://net-internals/#modules
Find Module by name, for e.g. "Alexa"
Get it's ID: `cknebhggccemgcnbidipinkifmmegdel`

Find chrome ext directory by profile:

```
$ sudo find / -iname "cknebhggccemgcnbidipinkifmmegdel"
​ /home/devil/.config/google-chrome/Profile 1/Extensions/cknebhggccemgcnbidipinkifmmegdel
```

duraki

Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.

Discussion on reddit.

Python 2.x

$ python -m SimpleHTTPServer 8000

duraki

# => unload/load wl module
$ modprobe -r wl
$ modprobe wl
$ nmtui ...

# => show use across the linux
$ modprobe --show-depends wl

insmod /lib/modules/3.10.0-693.11.1.el7.x86_64/kernel/net/rfkill/rfkill.ko.xz
insmod /lib/modules/3.10.0-693.11.1.el7.x86_64/kernel/net/wireless/cfg80211.ko.xz

duraki

From: http://redteams.net/bookshelf/
Techie

    Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
    Social Engineering: The Art of Human Hacking by Christopher Hadnagy
    Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
    The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
    Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
    Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
    The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors

duraki

//Install Macports.
//Install aircrack-ng:
sudo port install aircrack-ng
//Install the latest Xcode, with the Command Line Tools.
//Create the following symlink:
sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/sbin/airport
//Figure out which channel you need to sniff:
sudo airport -s

sudo airport en1 sniff [CHANNEL]

duraki

Go the road less travelled, find programs that are not on hackerone or bugcrowd:
https://www.bugcrowd.com/bug-bounty-list/
google: "Responsible Disclosure" or "Vulnerability Disclosure" or "responsible disclosure website list"
google:             responsible disclosure "bounty"
Responsible Disclosure seems to give best results.
intext:”Responsible Disclosure Policy”
"responsible disclosure" "private program" 
"responsible disclosure" "private" "program"

Google Dork: