Alexander Knorr opexxx
opexxx
/ vhd2raw.cmd
Created
April 30, 2015 12:45
— forked from mwchambers/gist:1319382
convert VHD file to RAW Image
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| qemu-img convert -O raw source.vhd output.raw |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| git clone --recursive https://github.com/screetsec/Sudomy.git | |
| git clone https://bitbucket.org/LaNMaSteR53/recon-ng.git | |
| git clone https://github.com/0ang3el/aem-hacker.git | |
| git clone https://github.com/0xinfection/tidos-framework.git | |
| git clone https://github.com/1N3/BlackWidow.git | |
| git clone https://github.com/1N3/Goohak.git | |
| git clone https://github.com/1N3/IntruderPayloads | |
| git clone https://github.com/1N3/Sn1per.git | |
| git clone https://github.com/Alfresco/prowler.git | |
| git clone https://github.com/Arr0way/linux-local-enumeration-script.git |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1 Has the board and executive expressed their support for a risk management programme? | |
| 2 Has the risk committee (or equivalent) and the board reviewed and approved the risk policy/ strategy? | |
| 3 Have you identified a person who will be responsible for implementing risk management? | |
| 4 Does the risk manager, or equivalent, have reasonable access to staff and management across the organisation? | |
| 5 Have you defined categories of risk relevant to your organisation and industry? | |
| 6 Do your risk categories reflect all operational risk areas of the business as well as more strategic risk categories? | |
| 7 Is there a clear organisational strategy (or objectives) articulated for the organisation? | |
| 8 Have you defined and agreed a likelihood scale to assess the potential for the risk to occur throughout the organisation? | |
| 9 Have you defined and agreed a consequence scale to help assess risk impacts across the organisation? | |
| 10 Does the organisation's consequence scale describe both financial and non-financial impacts? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Access Control | |
| Is Collection of mechanism that permits managers of system to exercise a directing or restraining influence over the behavior ,use and content of a system. | |
| Access Control Concepts | |
| Access Control Principles | |
| Information Classifi cation | |
| Access Control Requirements | |
| Access Control Categories | |
| Access Control Types | |
| Access Control Strategies | |
| Identity Management |
opexxx
/ WMIPersistence.vbs
Created
September 22, 2020 11:17
— forked from mgeeky/WMIPersistence.vbs
Visual Basic Script implementing WMI Persistence method (as implemented in SEADADDY malware and further documented by Matt Graeber) to make the Macro code schedule malware startup after roughly 3 minutes since system gets up.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ' | |
| ' SYNOPSIS: | |
| ' WMI Persistence method as originally presented by SEADADDY malware | |
| ' (https://github.com/pan-unit42/iocs/blob/master/seaduke/decompiled.py#L887) | |
| ' and further documented by Matt Graeber. | |
| ' | |
| ' The scheduled command will be launched after roughly 3 minutes since system | |
| ' gets up. Also, even if the command shall spawn a window - it will not be visible, | |
| ' since the command will get invoked by WmiPrvSE.exe that's running in Session 0. | |
| ' |
opexxx
/ LinkedIn Learning InfoSec_DPO.txt
Created
February 21, 2023 13:37
LinkedIn Learning InfoSec / DPO
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| LinkedIn Learning Courses for CISOs and DPOs | |
| I like LinkedIn Learning and have collected the most valuable of them! | |
| For CISOs: | |
| Become a Cybersecurity Professional (6h 28m) - https://www.linkedin.com/learning/paths/become-a-cybersecurity-professional | |
| Cybersecurity Careers: Getting Started as a CISO (46m) - https://www.linkedin.com/learning/cybersecurity-careers-getting-started-as-a-ciso | |
| Building an ISO 27001-Compliant Cybersecurity Program: Getting Started (1h 29m) - https://www.linkedin.com/learning/building-an-iso-27001-compliant-cybersecurity-program-getting-started | |
| Building an ISO 27001-Compliant Cybersecurity Program: The Annex A Controls (2h 15m) - https://www.linkedin.com/learning/building-an-iso-27001-compliant-cybersecurity-program-the-annex-a-controls | |
| Implementing an Information Security Program (2h 33m) - https://www.linkedin.com/learning/implementing-an-information-security-program |
opexxx
/ gist:929b22ad3104b414abef4892a78f7899
Created
December 25, 2022 20:00
ISMS_implementationplan
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1 S 1. Management Support | |
| 2 T Outline business case | |
| 3 T Present business case | |
| 4 M Management support is obtained | |
| 5 T Initiate project | |
| 6 T Plan project | |
| 7 S 2. Determine Scope | |
| 8 T Determine external issues | |
| 9 T Determine internal issues | |
| 10 T Identify external interested parties |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Auf dem Weg zur Arbeit | |
| Am Arbeitsplatz | |
| Incident Reporting | |
| Auf dem Weg nach Hause | |
| Geschäftsreise / Bahn / ÖVM | |
| Klassifizierung von Daten | |
| Verschlüsselung (SMIME/PGP/SecureFileShare) bzw. sicherer Datentransfer | |
| Sichere Passwörter | |
| Clear Desk Policy | |
| AUP /Compliance (copyright, software beschaffung und lizenzen) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The Guide describes 22 best practices for mitigating insider threat based on the CERT Division's continued research and analysis of more than 3,000 insider threat cases. | |
| Best Practices | |
| 1. Know and Protect Your Critical Assets | |
| 2. Develop a Formalized Insider Risk Management Program (IRMP) | |
| 3. Clearly Document and Consistently Enforce Administrative Controls | |
| 4. Beginning With the Hiring Process, Monitor and Respond to Suspicious or Disruptive Behavior | |
| 5. Anticipate and Manage Negative Issues in the Work Environment | |
| 6. Consider Threats From Insiders and Trusted External Entities in Enterprise-Wide Risk Assessments | |
| 7. Be Especially Vigilant Regarding Social Media |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Eigentum des Unternehmens: | |
| Ich bestätige, dass ich am oder vor meinem letzten Arbeitstag alle in meinem Besitz befindlichen Gegenstände und Geräte an das Unternehmen zurückgeben werde. | |
| zurückgeben werde, unabhängig davon, wo sie sich befinden, einschließlich, aber nicht beschränkt auf alle Akten, Dokumente und alle Kopien | |
| in jeglicher Form (auch elektronisch), Handbücher und Bedienungsanleitungen, Kunden- und Mitarbeiterlisten usw, | |
| usw., Computerausrüstung einschließlich Laptops, Flash-Laufwerke, Drucker usw., Software, Faxgeräte, | |
| Kreditkarten, Telefonkarten, Mobiltelefone, Blackberrys oder andere PDAs, Tür- und/oder Schreibtischschlüssel, | |
| Sicherheitsausweise, Passwörter, Token, Kraftfahrzeuge und sonstiges Eigentum des Unternehmens in meinem Besitz an einen | |
| Vertreter des Unternehmens. Mir ist bekannt, dass es mir nicht gestattet ist, Firmeneigentum, einschließlich | |
| Kopien von Dokumenten, in irgendeiner Form aufzubewahren oder vervielfältigen. |
NewerOlder