namishelex01
/ DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links
Created
August 23, 2018 13:04
— forked from carnal0wnage/DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links
Links from Chris Gates/Ken Johnson DevOOPS RSA 17 presentation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RSA 2017 DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links SessionID: HTA-W02 | |
| https://www.slideshare.net/chrisgates/devoops-attacks-and-defenses-for-devops-toolchains | |
| Recording of talk from CERN | |
| https://indico.cern.ch/event/622483/ (click the recording button) | |
| Past talks: | |
| http://www.slideshare.net/KenJohnson61/aws-surival-guide |
namishelex01
/ Top Vulnerabilities WebApp
Created
August 31, 2018 11:24
I'm listing top vulnerabilities of most used CMS frameworks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| > WordPress Plugin Quizlord 2.0 - XSS | |
| > WordPress Plugin Jibu Pro 1.7 - XSS | |
| > phpMyAdmin 4.7.x - XSRF | |
| > WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection | |
| > Responsive FileManager < 9.13.4 - Directory Traversal | |
| > LiteCart 2.1.2 - Arbitrary File Upload | |
| > Gleez CMS 1.2.0 - XSRF (Add Admin) | |
| > WordPress Plugin Gift Voucher 1.0.5 - 'template_id' SQLi | |
| > UltimatePOS 2.5 - RCE | |
| > Twitter-Clone 1 - 'code' SQLi |
namishelex01
/ play-with-pdfs.py
Created
July 19, 2021 12:57
Merge pdfs, create pdf from images(jpg, png, etc)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import PyPDF2 | |
| from PIL import Image | |
| def mergePdfs(): | |
| pdfs = ['sf_1.pdf', 'sf_2.pdf'] | |
| merger = PyPDF2.PdfFileMerger() | |
| for pdf in pdfs: | |
| merger.append(pdf) |
namishelex01
/ Malwares reading resources
Created
May 15, 2020 13:26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https[:]//docs.microsoft.com/en-us/archive/msdn-magazine/2002/march/inside-windows-an-in-depth-look-into-the-win32-portable-executable-file-format-part-2 | |
| https[:]//blahcat.github.io/2019/03/17/small-dumps-in-the-big-pool/ | |
| https[:]//www.fuzzysecurity.com/tutorials/16.html | |
| https://blog.ropnop.com/hosting-clr-in-golang/ | |
| https[:]//evasions.checkpoint.com/ | |
| http[:]//www.catb.org/esr/faqs/hacker-howto.html | |
| https[:]//vx-underground.org/ | |
| http[:]//sq.ro/malwarez.htm# | |
| https[:]//github.com/d30sa1/RootKits-List-Download | |
| https[:]//github.com/christian-roggia/open-myrtus |
namishelex01
/ Network-based Attacks
Last active
October 17, 2022 21:11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CAM table Poisoning | |
| Content Addressable Memory table poisoning attack on network switches. | |
| This attack intends to corrupt the entries in the switch's CAM table so that the network traffic will be directed, causing a DoS attack attack situation | |
| ARP Cache Poisoning-Based MiM | |
| Introducing a spurious IP address to MAC address mapping in another host's ARP cache. | |
| Abnormal ARP Traffic Detection | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Enumeration is the key. | |
| (Linux) privilege escalation is all about: | |
| Collect - Enumeration, more enumeration and some more enumeration. | |
| Process - Sort through data, analyse and prioritisation. | |
| Search - Know what to search for and where to find the exploit code. | |
| Adapt - Customize the exploit, so it fits. Not every exploit work for every system "out of the box". | |
| Try - Get ready for (lots of) trial and error. | |
| Operating System | |
| What's the distribution type? What version? |
namishelex01
/ xss-owasp-cheatsheet
Last active
October 17, 2022 21:11
— forked from sseffa/xss-owasp-cheatsheet
xss-owasp-cheatsheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet | |
| # based on the RSnake original http://ha.ckers.org/xss.html | |
| # Retrieved on 2013-11-20 | |
| # Much of this wildly obsolete | |
| # | |
| # XSS Locator 2 | |
| '';!--"<XSS>=&{()} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import ipaddress | |
| import json | |
| import time | |
| def save_results(results): | |
| with open("last_scan_results.json", "w") as file: | |
| json.dump(results, file) | |
| def load_results(): |
namishelex01
/ MITRE ATT&CK - Enterprise
Created
September 6, 2018 08:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------- | |
| INITIAL ACCESS | |
| ------------------------------------- | |
| $ Drive-by Compromise | |
| A drive-by compromise is when an adversary gains access to a system through a user visiting a website over the normal course of browsing. | |
| Multiple ways of delivering exploit code to a browser exist, including: | |
| > A legitimate website injected with JavaScript, iFrames, XSS. | |
| > Malicious ads | |
| > Built-in web application interfaces (e.g. forum posts, comments, and other user controllable web content) |
namishelex01
/ Scenario-based Interview Questions
Last active
August 19, 2024 15:04
Scenario-based interview questions for security engineers/analysts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| What are the consequences if private keys of a Root CA gets compromised? | |
| If you have rogue certificates of a well-known company, as an attacker, how can you use it for you own benefit? | |
| As a security threat analyst, what will be your approach to respond to this incident? Securing Infra, servers and people! | |
| > https://darknetdiaries.com/transcript/3/ | |
| How would you check the signature of a binary and restrict any unsigned binaries to run on a machine(Win/Linux/Mac) | |
| > https://docs.microsoft.com/en-us/windows/win32/seccrypto/using-signtool-to-verify-a-file-signature | |
| > (Rogue) https://blog.rapid7.com/2019/01/03/santas-elfs-running-linux-executables-without-execve/ | |
| How can I restrict the normal user to run only limited set of commands in Linux? |
OlderNewer