githubfoam
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ========================================================================================================== | |
| # 8. VBoxManage | |
| https://www.virtualbox.org/manual/ | |
| ========================================================================================================== | |
| # Networking Modes | |
| https://www.virtualbox.org/manual/ch06.html#network_bridged | |
| ========================================================================================================== | |
| Windows Host | |
| >vboxmanage --version |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
| The ".hcl" file extension is used for HashiCorp Configuration Language (HCL) files, which are used to define infrastructure as code using HashiCorp tools such as Vagrant and Packer. | |
| In the context of Vagrant, the "pkr.hcl" file is used to define how Packer builds machine images that can be used as base boxes for Vagrant. The "pkr.hcl" file specifies the builders (e.g. virtualization providers like VirtualBox, VMware), provisioners (e.g. shell scripts, Ansible, Chef), and post-processors (e.g. compressing the image, uploading to a cloud provider) that Packer should use to create the machine image | |
| The "pkr.hcl" file can also include variables, which allow for more dynamic and flexible configuration. These variables can be set via the command line, a separate variables file, or even environment variables. | |
| -------------------------- |
githubfoam
/ windows event logs cheat sheet
Last active
April 20, 2024 09:42
windows event logs cheat sheet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
| # PS : ChatGPT makes mistakes, consider "trust but verify" principle | |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
| #Events to Monitor | |
| https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/appendix-l--events-to-monitor | |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
| #run | |
| eventvwr.msc Event viewer | |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
| Event Viewer(Local)-Windows Logs (shutdown / restart ) |
githubfoam
/ windows forensics cheat sheet
Last active
April 14, 2024 14:10
windows forensics cheat sheet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ============================================================================ | |
| https://www.sans.org/tools/ | |
| ============================================================================ | |
| FTK Imager, ANJP, EZ Tools, SIFT, Regripper, Windows Event Log Explorer, Volatility, Plaso, DensityScout, SigCheck | |
| ============================================================================ | |
| Live System Analysis for computers with Windows 10 operating system with tools such as Sysinternals, Powershell, WM | |
| Collecting triage data and parsing methods with KAPE | |
| Physical Imaging with FTK Imager | |
| Logical Imaging with FTK Imager | |
| Memory Imaging with FTK Imager, DumpIT, WinPmem |
githubfoam
/ SSH Cheat Sheet
Last active
April 12, 2024 15:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ----------------------------------------------------------------------------------------------------- | |
| #disable public key authentication, connect as user root via ssh | |
| sshuser@vg-ubuntu-01:~$ ssh root@vg-ubuntu-02 -o PubkeyAuthentication=no | |
| ----------------------------------------------------------------------------------------------------- | |
| #connect with one private key | |
| #access ec2-23-22-230-24.compute-1.amazonaws.com with a private key located in ~/.ssh/alice.pem | |
| $ ssh -i ~/.ssh/alice.pem alice@ec2-23-22-230-24.compute-1.amazonaws.com | |
| ----------------------------------------------------------------------------------------------------- | |
| $ cat ~/.ssh/config |
githubfoam
/ fortigate - webfilter - url filter cheat sheet
Last active
April 10, 2024 18:20
fortigate - webfilter - url filter cheat sheet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #===================================================================== | |
| # Log&Report - Security Events - Web Filter, filter a specific URL. v7.2.3 | |
| #launch CLI from fortigate GUI | |
| config webfilter profile #Configure Web filter profiles | |
| get #list all profiles | |
| edit profile-name | |
| show # see current setting | |
| set log-all-url enable | |
| set extended-log enable |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------------------- | |
| # ofed_info -s | |
| -------------------------------------------------------------------------- | |
| Find Mellanox Adapter Type and Firmware/Driver version | |
| ConnectX-4 card | |
| # lspci | grep Mellanox | |
| 0a:00.0 Network controller: Mellanox Technologies MT27500 Family [ConnectX-3] | |
| # lspci -vv -s 0a:00.0 | grep "Part number" -A 3 | |
| # lspci | grep Mellanox | awk '{print $1}' | xargs -i -r mstvpd {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ---------------------------------------------------------------------------------------------------- | |
| tcpdump -s 0 #capture entire etherner header and IP packet | |
| tcpdump -ni tap55ec3c7f-91 ip6 #locate the ICMPv6 packets | |
| tcpdump -s0 -n -i any -w /tmp/$(hostname)-smbtrace.pcap #if the SMB client or SMB server is a Unix host,Troubleshooting Server Message Block (SMB) | |
| tcpdump -D #Print the list of the network interfaces available on the system and on which tcpdump can capture packet | |
| tcpdump -X -vvv -n -i eth0 |
githubfoam
/ fortigate - Firewall Hardening cheat sheet
Last active
March 14, 2024 07:44
fortigate - Firewall Hardening cheat sheet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #===================================================================== | |
| #Bard | |
| #configure an email alert on each successful VPN SSL connection on FortiGate 7.2: | |
| Go to Security Fabric > Automation. | |
| Click Create New. | |
| In the Name field, enter a name for the automation stitch. | |
| In the Trigger field, select FortiOS Event Log. | |
| In the Event field, select SSL VPN Tunnel Up. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #===================================================================== | |
| #CIS benchmark | |
| https://www.cisecurity.org/benchmark/fortinet | |
| #===================================================================== | |
| Packet flow ingress and egress: FortiGates without network processor offloading | |
| https://docs.fortinet.com/document/fortigate/6.4.0/parallel-path-processing-life-of-a-packet/86811/packet-flow-ingress-and-egress-fortigates-without-network-processor-offloading | |
| #===================================================================== | |
| CLI | |
| the control key sequences shown in the following table: |
NewerOlder