Tested on Ubuntu 18.04.
You will want to allow non-root users to capture packets. These users must be part of the wireshark group.
$ sudo apt update
ACRIDMINI - TAO computer hacking project | |
ADJUTANT VENTURE - Intrusion set? | |
ALOOFNESS - Cyber threat actor | |
ALTEREDCARBON - An IRATEMONK implant for Seagate drives | |
AMULETSTELLAR - Cyber threat actor sending malicious e-mails | |
ANGRYNEIGHBOR - Family of radar retro-reflector tools used by NSA's TAO division | |
APERTURESCIENCE - TAO computer hacking project | |
ARGYLEALIEN - Method to cause a loss of data by exploiting zeroization of hard-drives | |
ARKSTREAM - Implant used to reflash BIOS, installed by remote access or intercepted shipping | |
ARROWECLIPSE - Counter CNE tool |
#!/usr/bin/env python | |
import time | |
from splinter import Browser | |
from faker import Faker | |
import random | |
from stem import Signal | |
from stem.control import Controller | |
from fake_useragent import UserAgent | |
class Reggit(): |
$ ./hashcat -b | |
hashcat (v6.2.6-549-gd3f7c5132) starting in benchmark mode | |
Benchmarking uses hand-optimized kernel code by default. | |
You can use it in your cracking session by setting the -O option. | |
Note: Using optimized kernel code limits the maximum supported password length. | |
To disable the optimized kernel code in benchmark mode, use the -w option. | |
The device #1 has been disabled as it most likely also exists as an OpenCL device, but it is not possible to automatically map it. | |
You can use -d 1 to use Metal API instead of OpenCL API. In some rare cases this is more stable. |
#!/usr/bin/env python3 | |
import sys | |
from datetime import datetime | |
import time | |
from time import sleep | |
from dnslib import DNSLabel, QTYPE, RD, RR, RCODE | |
from dnslib import A, AAAA, CNAME, MX, NS, SOA, TXT | |
from dnslib.server import DNSServer |
# https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html | |
# https://wpvulndb.com/vulnerabilities/9021 | |
location ~* ^/wp-admin/load-scripts\.php$ { | |
if ( $query_string ~* "^.{1024,}$" ) { | |
return 444; | |
} | |
} |
/* | |
Yara signatures for identifying secrets in text files. Requires libmagic! | |
Mostly all stolen from Trufflehog regexes: | |
- https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json | |
*/ | |
import "magic" |
# Security enhancements and custom Nginx server header | |
# | |
# Requirements: | |
# $ apt install nginx vim | |
# $ apt install libnginx-mod-http-headers-more-filter | |
# $ vim /etc/nginx/sites-enabled/default | |
# | |
# Further reading http://docs.hardentheworld.org/Applications/Nginx/ | |
# | |
server { |
#!/usr/bin/env python3 | |
import cryptocompare | |
from time import sleep | |
from inky import InkyPHAT | |
from random import shuffle | |
from datetime import datetime | |
from PIL import Image, ImageDraw, ImageColor, ImageFont | |
def log(msg): | |
#print(msg) |
rule osx_finder_rce_21 { | |
meta: | |
description = "https://ssd-disclosure.com/ssd-advisory-macos-finder-rce/" | |
strings: | |
$xml_1 = /\<\?xml/ | |
$xml_2 = /\<plist/ | |
$xml_3 = /\<key\>URL/ | |
$sploit_str = /\<string\>(file|ssh|sftp|ftp|git|svn|news|afp|telnet)\:\/\// nocase |