Skip to content

Instantly share code, notes, and snippets.

Avatar

Jefferson Kirkland numberwhun

View GitHub Profile
View PenTesting_Links
@numberwhun
numberwhun / Malware Analysis Tips and other Pentesting Links
Last active Apr 3, 2021
Malware Analysis Tips and other Pentesting Links
View Malware Analysis Tips and other Pentesting Links
@numberwhun
numberwhun / Top 10 vulnerability scanners for hackers to find flaws, holes and bugs
Created Jul 18, 2016
Top 10 vulnerability scanners for hackers to find flaws, holes and bugs
View Top 10 vulnerability scanners for hackers to find flaws, holes and bugs
Top 10 vulnerability scanners for hackers to find flaws, holes and bugs
Hacking is an art of finding bugs and flaws in a perfect software which will allow cyber criminals to exploit it for their own malicious gains. Hackers are mostly able to spot the flaws and bugs on their own but sometimes it is worthwhile to use a automated software to find these bugs and holes. A vulnerability scanner is such a automated software which has specifically been written to find such flaw.
Vulnerability Scanner is a specialised software build with a sole purpose of helping security researchers, hackers, system admins and developers to find faults in a particular software, computer system, network and servers. A hacker or security researcher is complemented in his manual testing of software or computer by using such vulnerability scanner making the hackers assessment efficient.
This article brings out such top 10 vulnerability scanner tools available to help hackers and security researchers in their security testing mission.
@numberwhun
numberwhun / Penetration tests: 10 tips for a successful program
Created Jul 2, 2016
Penetration tests: 10 tips for a successful program
View Penetration tests: 10 tips for a successful program
Penetration tests need to accomplish business goals, not just check for random holes. Here's how to get the most value for your efforts.
Why are you performing penetration tests? Whether you're using an internal team, outside experts or a combination of the two, are you simply satisfying regulatory or audit requirements, or do you actually expect to improve enterprise security?
We asked penetration testing experts for guidance on how to improve your program to get the most benefit for your time, money and effort. If you turn to outside expertise, their advice will show you what to expect and demand from consultants. The following 10 tips will show you understand the goal and focus of your testing; develop effective testing strategies; make effective use of your personnel; and make the most effective use of pen test results to remediate issues, improve processes and continuously improve enterprise security posture.
Penetration Test Tip 1: Define Your Goals
Penetration testing—really, all information securi
@numberwhun
numberwhun / OpenSSH Config File Examples
Created Oct 17, 2016
OpenSSH Config File Examples
View OpenSSH Config File Examples
Taken from: http://www.cyberciti.biz/faq/create-ssh-config-file-on-linux-unix/
System-wide SSH client configuration files
/etc/ssh/ssh_config : This files set the default configuration for all users of OpenSSH clients on that desktop/laptop and it must be readable by all users on the system.
User-specific SSH client configuration files
~/.ssh/config or $HOME/.ssh/config : This is user’s own configuration file which, overrides the settings in the global client configuration file, /etc/ssh/ssh_config.
~/.ssh/config file rules
View osi_model
What is OSI model?
The OSI model (Open System Interconnection) model defines a computer networking framework to implement protocols in seven layers. A protocol in the networking terms is a kind of negotiation and rule in between two networking entities.
Layers of OSI model:
Physical layer
The Physical layer is also called as the Layer 1. Here are the basic functionalities of the Physical layer:
Responsible for electrical signals, light signal, radio signals etc.
Hardware layer of the OSI layer
@numberwhun
numberwhun / .gitattributes
Created Oct 20, 2020 — forked from tekin/.gitattributes
An example .gitattributes file that will configure custom hunk header patterns for some common languages and file formats. Raw
View .gitattributes
*.c diff=cpp
*.h diff=cpp
*.c++ diff=cpp
*.h++ diff=cpp
*.cpp diff=cpp
*.hpp diff=cpp
*.cc diff=cpp
*.hh diff=cpp
*.cs diff=csharp
*.css diff=css
View PenTesting Bookmarks
I found this list by chance. It is located at: https://code.google.com/p/pentest-bookmarks/wiki/BookmarksList
Its a bit old (compiled in 2012), but links may still be valid.
------------------
Hacker Media
Blogs Worth It:
What the title says. There are a LOT of pentesting blogs, these are the ones i monitor constantly and value in the actual day to day testing work.
@numberwhun
numberwhun / RSS Hacking and Exploitation Links
Last active Jun 4, 2020
RSS Hacking and Exploitation Links
View RSS Hacking and Exploitation Links
@numberwhun
numberwhun / Step by Step Guide to Application Security Penetration Testing
Created Jul 2, 2016
Step by Step Guide to Application Security Penetration Testing
View Step by Step Guide to Application Security Penetration Testing
From: http://www.dynamicciso.com/blog-details/aab3238922bcc25a6f606eb525ffdc56.html
Step by Step Guide to Application Security Penetration Testing
Posted By - DynamicCISO, Posted on - Friday, May 2nd, 2014 12:44:00 PM
This Article is reposted with prior permission from the Infosec Institute. To read more, you can visit the site HERE.
Introduction
This document will guide you to penetrate web applications step by step. We have followed OWASP (Open Web Application Security Project) and OSSTM (Open Source Security Testing Methodologies) to construct this article.