lizthegrey

default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'

okapies

This is a document describing how to install Ubuntu 16.04 LTS on ThinkPad T470s.

My Hardware

• CPU: Intel Core i7-7600U (2.80GHz, 4MB cache)
• Graphics: Intel HD Graphics 620
• Display: 14” WQHD (2560 X 1440) IPS Non-Touch Anti-Glare
• Memory: 24GB DDR4 2133 MHz (8GB Onboard + 16GB)
• SSD: PCIe-NVMe 256G OPAL 2.0
• Wireless: Intel Dual Band Wireless AC (2x2) 8265 Bluetooth 4.1
• Fingerprint Reader

unfo

A few tips for OSCP

1. Doing all of the exercises is important since you will discover low-hanging fruit from the labs based on the recon you do with the different tools in the exercises.
2. Be wary of doing full /24 range port scans, especially for anything more than a few TCP ports. The machines might be in all sorts of broken states left by students etc.
3. When starting to recon a specific machine:

• Revert
• Port scan
• Try to identify services

Those steps in that order are important. You want a fresh state for the machine and you want to do just simple port scanning first because doing nmap's service scanning or nse scripts might send payloads that actually crash services. So be careful.

unfo

How to pass the OSCP

1. Recon
2. Find vuln
3. Exploit
4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

ashfurrow

Apps to install from macOS App Store:

• Pastebot
• GIF Brewery
• Slack
• Keynote/Pages/Numbers
• 1Password
• OmniFocus 3
• Airmail 3
• iA Writer

vasanthk

System Design Cheatsheet

Picking the right architecture = Picking the right battles + Managing trade-offs

Basic Steps

1. Clarify and agree on the scope of the system

• User cases (description of sequences of events that, taken together, lead to a system doing something useful)
  • Who is going to use it?
  • How are they going to use it?

joepie91

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

• A Russian translation of this article can be found here, contributed by Timur Demin.
• A Turkish translation can be found here, contributed by agyild.
• There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.

m1st0

#!/bin/bash

# PHP 8 Compile #
# Author: Maulik Mistry
# Please share support: https://www.paypal.com/paypalme/m1st0
# References:
#   http://www.zimuel.it/install-php-7/
#   http://www.hashbangcode.com/blog/compiling-and-installing-php7-ubuntu
#   root-talis https://gist.github.com/root-talis/40c4936bf0287237839ccd3fdfdaec28
#

kennwhite

Most VPN Services are Terrible

Short version: I strongly do not recommend using any of these providers. You are, of course, free to use whatever you like. My TL;DR advice: Roll your own and use Algo or Streisand. For messaging & voice, use Signal. For increased anonymity, use Tor for desktop (though recognize that doing so may actually put you at greater risk), and Onion Browser for mobile.

This mini-rant came on the heels of an interesting twitter discussion: https://twitter.com/kennwhite/status/591074055018582016

Cr4sh

void **find_sys_call_table(void *kernel_addr, int kernel_size)
{
    /*
        Check for the system_call_fastpath() signature, hand-written piece of
        assembly code from arch/x86/kernel/entry_64.S:

            ja      badsys
            mov     rcx, r10
            call    sys_call_table[rax * 8]
            mov     [rsp + 20h], rax