-
What is information security and how is it achieved?
-
What are the core principles of information security?
-
What is the CIA triangle?
-
What is non-repudiation (as it applies to IT security)?
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Main Project Page -> github.com/corelan/mona | |
Download the file and save it to this typical location -> | |
C:\Program Files\Immunity Inc\Immunity Debugger\PyCommands | |
BASIC USAGE : | |
!mona in the input box and press enter | |
For more information = Open log window (ALT-L) | |
For Help options -> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import socket | |
import ipaddress | |
import json | |
import time | |
def save_results(results): | |
with open("last_scan_results.json", "w") as file: | |
json.dump(results, file) | |
def load_results(): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
What are the consequences if private keys of a Root CA gets compromised? | |
If you have rogue certificates of a well-known company, as an attacker, how can you use it for you own benefit? | |
As a security threat analyst, what will be your approach to respond to this incident? Securing Infra, servers and people! | |
> https://darknetdiaries.com/transcript/3/ | |
How would you check the signature of a binary and restrict any unsigned binaries to run on a machine(Win/Linux/Mac) | |
> https://docs.microsoft.com/en-us/windows/win32/seccrypto/using-signtool-to-verify-a-file-signature | |
> (Rogue) https://blog.rapid7.com/2019/01/03/santas-elfs-running-linux-executables-without-execve/ | |
How can I restrict the normal user to run only limited set of commands in Linux? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet | |
# based on the RSnake original http://ha.ckers.org/xss.html | |
# Retrieved on 2013-11-20 | |
# Much of this wildly obsolete | |
# | |
# XSS Locator 2 | |
'';!--"<XSS>=&{()} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Enumeration is the key. | |
(Linux) privilege escalation is all about: | |
Collect - Enumeration, more enumeration and some more enumeration. | |
Process - Sort through data, analyse and prioritisation. | |
Search - Know what to search for and where to find the exploit code. | |
Adapt - Customize the exploit, so it fits. Not every exploit work for every system "out of the box". | |
Try - Get ready for (lots of) trial and error. | |
Operating System | |
What's the distribution type? What version? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
~~~~~Port Scanning~~~~~ | |
| Discovery scans | | |
-sP - Ping | -sW - Window Scan | | |
-sL - List/DNS Scan | -sA - ACK Scan | | |
-sO - Protocol Scan | -sR - RPC Scan | | |
-sV - Verify*** | -sI - Idle Scan | | |
-sU - UDP Scan*** | -sV - Version Scan | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CAM table Poisoning | |
Content Addressable Memory table poisoning attack on network switches. | |
This attack intends to corrupt the entries in the switch's CAM table so that the network traffic will be directed, causing a DoS attack attack situation | |
ARP Cache Poisoning-Based MiM | |
Introducing a spurious IP address to MAC address mapping in another host's ARP cache. | |
Abnormal ARP Traffic Detection | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
------------------------------------- | |
INITIAL ACCESS | |
------------------------------------- | |
$ Drive-by Compromise | |
A drive-by compromise is when an adversary gains access to a system through a user visiting a website over the normal course of browsing. | |
Multiple ways of delivering exploit code to a browser exist, including: | |
> A legitimate website injected with JavaScript, iFrames, XSS. | |
> Malicious ads | |
> Built-in web application interfaces (e.g. forum posts, comments, and other user controllable web content) |
NewerOlder