numberwhun

def extract_values(obj, key):
    """Recursively pull values of specified key from nested JSON."""
    arr = []

    def extract(obj, arr, key):
        """Return all matching values in an object."""
        if isinstance(obj, dict):
            for k, v in obj.items():
                if isinstance(v, (dict, list)):
                    extract(v, arr, key)

numberwhun

From:  http://www.labnol.org/software/wget-command-examples/28750/

How do I download an entire website for offline viewing? How do I save all the MP3s from a website to a folder on my computer? How do I download files that are behind a login page? How do I build a mini-version of Google?

Wget is a free utility – available for Mac, Windows and Linux (included) – that can help you accomplish all this and more. What makes it different from most download managers is that wget can follow the HTML links on a web page and recursively download the files. It is the same tool that a soldier had used to download thousands of secret documents from the US army’s Intranet that were later published on the Wikileaks website.

You mirror an entire website with wget
Mirror an entire website with wget
Spider Websites with Wget – 20 Practical Examples

numberwhun

http://www.cyberdegrees.org/jobs/penetration-tester/
https://danielmiessler.com/study/vulnerability-assessment-penetration-test/  (good article)
http://security.stackexchange.com/questions/33064/how-would-one-go-about-becoming-a-security-researcher
http://security.stackexchange.com/questions/48139/what-are-good-resources-to-do-hands-on-practice-on-network-penetration-testing?rq=1  (good info and links)
https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project
https://www.owasp.org/index.php/Threat_Risk_Modeling
https://danielmiessler.com/podcast/
https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project
http://www.pentesticles.com/2014/05/what-you-need-to-know-to-become.html
http://www.hackarmoury.com/

numberwhun

http://ggc.sourceforge.net/
http://electronics.stackexchange.com/questions/4335/reading-data-from-a-glucose-meter
http://www.diabetesnet.com/diabetes-technology/diabetes-software
https://itunes.apple.com/us/app/sugar-sense-diabetes-app-blood/id880725347?mt=8
http://www.medpagetoday.com/Endocrinology/Diabetes/50158
http://www.ncbi.nlm.nih.gov/pmc/articles/PMC2769885/ (Data Mining Techniques for BG and Diabetes Management)
https://twitter.com/sixuntilme
http://www.wsj.com/articles/tech-savvy-families-use-home-built-diabetes-device-1462728637
https://www.diabeteseducator.org/docs/default-source/practice/practice-resources/white-papers_test/aade-health-information-technologies--final.pdf?sfvrsn=2
http://www.axonlab.com/CH_eng/ch/Private-customers/Blood-glucose-meters/Data-analysis/SiDiary-Diabetes-Management-Software

numberwhun

Passive WiFi Tracking
Posted February 26, 2014 by Edward
Borrowed from:  http://edwardkeeble.com/2014/02/passive-wifi-tracking/


In the last year or so, there have been quite a few stories on the use of passive WiFi tracking by advertisers, retailers, and analytics startups. Most of these articles focus on the significant privacy and security concerns associated with this practice, but few of them get into the details of how the technology works. Having built a similar system for my project, Casual Encounters, I think I can explain some of the inner workings of these systems, how to avoid being tracked, and how, for research purposes or to determine their own level of exposure, someone could build such a system. I will state that I am by no means an expert on wireless networks, signal analysis, or anything of the sort, but I have conducted a fair bit of research and trial and error, and it works for me. Your mileage may vary; don’t try this at home; etc, etc.

Probe Requests
When a WiFi client (phone, laptop

numberwhun

Top 10 vulnerability scanners for hackers to find flaws, holes and bugs

Hacking is an art of finding bugs and flaws in a perfect software which will allow cyber criminals to exploit it for their own malicious gains. Hackers are mostly able to spot the flaws and bugs on their own but sometimes it is worthwhile to use a automated software to find these bugs and holes. A vulnerability scanner is such a automated software which has specifically been written to find such flaw.

Vulnerability Scanner is a specialised software build with a sole purpose of helping security researchers, hackers, system admins and developers to find faults in a particular software, computer system, network and servers. A hacker or security researcher is complemented in his manual testing of software or computer by using such vulnerability scanner making the hackers assessment efficient.

This article brings out such top 10 vulnerability scanner tools available to help hackers and security researchers in their security testing mission.

numberwhun

“Ten Immutable Laws Of Security”:

Law #1: If a bad guy can persuade you to run his program on your computer, it’s not solely your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it’s not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore.
Law #4: If you allow a bad guy to run active content in your website, it’s not your website any more.
Law #5: Weak passwords trump strong security.
Law #6: A computer is only as secure as the administrator is trustworthy.
Law #7: Encrypted data is only as secure as its decryption key.
Law #8: An out-of-date antimalware scanner is only marginally better than no scanner at all.

numberwhun

https://www.proxicity.io/  (Rotating proxy api)
https://blindspotsecurity.com/
https://www.hackread.com/10-famous-bug-bounty-hunters-of-all-time/
https://bitquark.co.uk/
https://whitton.io/articles/bug-bounties-101-getting-started/
http://www.newsweek.com/2016/02/12/white-hat-hackers-keep-bug-bounty-421357.html
https://pentestlab.wordpress.com/
https://exploit-exercises.com/protostar/
https://pentesterlab.com/  (Free and Pay versions)
http://www.p0wnlabs.com/free/vms

numberwhun

Penetration tests need to accomplish business goals, not just check for random holes. Here's how to get the most value for your efforts.

Why are you performing penetration tests? Whether you're using an internal team, outside experts or a combination of the two, are you simply satisfying regulatory or audit requirements, or do you actually expect to improve enterprise security?

We asked penetration testing experts for guidance on how to improve your program to get the most benefit for your time, money and effort. If you turn to outside expertise, their advice will show you what to expect and demand from consultants. The following 10 tips will show you understand the goal and focus of your testing; develop effective testing strategies; make effective use of your personnel; and make the most effective use of pen test results to remediate issues, improve processes and continuously improve enterprise security posture.

Penetration Test Tip 1: Define Your Goals

Penetration testing—really, all information securi

numberwhun

What is OSI model?
The OSI model (Open System Interconnection) model defines a computer networking framework to implement protocols in seven layers. A protocol in the networking terms is a kind of negotiation and rule in between two networking entities.

Layers of OSI model:
Physical layer

The Physical layer is also called as the Layer 1. Here are the basic functionalities of the Physical layer:

Responsible for electrical signals, light signal, radio signals etc.
Hardware layer of the OSI layer