Skip to content

Instantly share code, notes, and snippets.

Avatar
🎯
Focusing

Namish namishelex01

🎯
Focusing
View GitHub Profile
@namishelex01
namishelex01 / Scenario-based Interview Questions
Last active Mar 19, 2021
Scenario-based interview questions for security engineers/analysts
View Scenario-based Interview Questions
What are the consequences if private keys of a Root CA gets compromised?
If you have rogue certificates of a well-known company, as an attacker, how can you use it for you own benefit?
As a security threat analyst, what will be your approach to respond to this incident? Securing Infra, servers and people!
> https://darknetdiaries.com/transcript/3/
How would you check the signature of a binary and restrict any unsigned binaries to run on a machine(Win/Linux/Mac)
> https://docs.microsoft.com/en-us/windows/win32/seccrypto/using-signtool-to-verify-a-file-signature
> (Rogue) https://blog.rapid7.com/2019/01/03/santas-elfs-running-linux-executables-without-execve/
How can I restrict the normal user to run only limited set of commands in Linux?
View Malwares reading resources
https[:]//docs.microsoft.com/en-us/archive/msdn-magazine/2002/march/inside-windows-an-in-depth-look-into-the-win32-portable-executable-file-format-part-2
https[:]//blahcat.github.io/2019/03/17/small-dumps-in-the-big-pool/
https[:]//www.fuzzysecurity.com/tutorials/16.html
https://blog.ropnop.com/hosting-clr-in-golang/
https[:]//evasions.checkpoint.com/
http[:]//www.catb.org/esr/faqs/hacker-howto.html
https[:]//vx-underground.org/
http[:]//sq.ro/malwarez.htm#
https[:]//github.com/d30sa1/RootKits-List-Download
https[:]//github.com/christian-roggia/open-myrtus
@namishelex01
namishelex01 / Security Engineer - Interview Questions
Last active Jun 17, 2021
Cyber security engineer, Security Engineer, Security Analyst, Information Security Analyst and many more names
View Security Engineer - Interview Questions
> What is information security and how is it achieved?
> What are the core principles of information security?
> What is non-repudiation (as it applies to IT security)?
> What is the relationship between information security and data availability?
> What is a security policy and why do we need one?
View MITRE ATT&CK - Enterprise
-------------------------------------
INITIAL ACCESS
-------------------------------------
$ Drive-by Compromise
A drive-by compromise is when an adversary gains access to a system through a user visiting a website over the normal course of browsing.
Multiple ways of delivering exploit code to a browser exist, including:
> A legitimate website injected with JavaScript, iFrames, XSS.
> Malicious ads
> Built-in web application interfaces (e.g. forum posts, comments, and other user controllable web content)
View Network-based Attacks
CAM table Poisoning
Content Addressable Memory table poisoning attack on network switches.
This attack intends to corrupt the entries in the switch's CAM table so that the network traffic will be directed, causing a DoS attack attack situation
ARP Cache Poisoning-Based MiM
Introducing a spurious IP address to MAC address mapping in another host's ARP cache.
Abnormal ARP Traffic Detection
@namishelex01
namishelex01 / Top Vulnerabilities WebApp
Created Aug 31, 2018
I'm listing top vulnerabilities of most used CMS frameworks
View Top Vulnerabilities WebApp
> WordPress Plugin Quizlord 2.0 - XSS
> WordPress Plugin Jibu Pro 1.7 - XSS
> phpMyAdmin 4.7.x - XSRF
> WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection
> Responsive FileManager < 9.13.4 - Directory Traversal
> LiteCart 2.1.2 - Arbitrary File Upload
> Gleez CMS 1.2.0 - XSRF (Add Admin)
> WordPress Plugin Gift Voucher 1.0.5 - 'template_id' SQLi
> UltimatePOS 2.5 - RCE
> Twitter-Clone 1 - 'code' SQLi
View DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links
@namishelex01
namishelex01 / Mona Py Cheat sheet
Last active Apr 15, 2021
This is a gist compilation of ***Corelan.be*** manual of mona py
View Mona Py Cheat sheet
Main Project Page -> github.com/corelan/mona
Download the file and save it to this typical location ->
C:\Program Files\Immunity Inc\Immunity Debugger\PyCommands
BASIC USAGE :
!mona in the input box and press enter
For more information = Open log window (ALT-L)
For Help options ->
View Learn Exploit Development - 1
[Learning Exploit Development from fuzzysecurity.com]
Tools Needed:-
> Immunity debugger
> Mona.py
> Pvefindaddr.py
> Metasploit
> Virtual Box
Overflows to play with:-
1. Buffer overflow - A memory location receives more data than it was meant to
@namishelex01
namishelex01 / Shellcode-Introduction
Last active Aug 17, 2018
Short wiki of Shellcode
View Shellcode-Introduction
[This is the gist version of the wiki page of Shellcode.]
[For elaborated explaination, please visit:- en.wikipedia.org/wiki/Shellcode]
SHELLCODE is a small piece of code used as the payload in the exploitation of a spftware vulnerability
Its called shellcode because it typically starts a command shell from which attacker can control the compromised machines
TYPES:
Local - Used by attacker who has limited access to a machine but can exploit a vulnerability
Remote - Used to target a remote machine, if the shellcode establishes the connection, it called reverse-shell or connect-back shell.
If attacker establishes the connection, shellcode is called bindshell because it binds certain port of victim's machine
Download & execute - Type of remote shellcode that downloads and executes some form of malware on target system
Staged - When amount of data that an attacker can inject into the target process is too limited to execute useful shellcode directly, it may be possible to execute it in stages