Skip to content

Instantly share code, notes, and snippets.

View reveng007's full-sized avatar
💩
Trying to code!

Soumyani1 reveng007

💩
Trying to code!
338 followers · 444 following
View GitHub Profile
@reveng007
reveng007 / cheat_sheet.txt
Created March 17, 2021 17:45
GDB cheat sheet
GDB commands by function - simple guide
---------------------------------------
More important commands have a (*) by them.
Startup
% gdb -help print startup help, show switches
*% gdb object normal debug
*% gdb object core core debug (must specify core file)
%% gdb object pid attach to running process
% gdb use file command to load object
@reveng007
reveng007 / get_wifi_passwords.py
Last active October 11, 2023 09:06
Will find each network profile on a windows machine and print the profile and creds
#!/usr/bin/python3
import subprocess
from termcolor import colored
def setting_up():
global data
# list of commands to list down available SSID names
l1 = ['netsh', 'wlan', 'show', 'profiles']
@reveng007
reveng007 / BufferOverflow.md
Last active May 19, 2021 06:58
Steps for doing BufferOverflow with Simple C code

Buffer Overflow:

Also Read: "Linux Exploit Development for Beginners book"
//CODE:

#include<stdio.h>
#include<string.h>

int main (int argc, char** argv)
@reveng007
reveng007 / linux_server_commands_difference.md
Last active May 26, 2021 15:41

1. sudo /etc/init.d/apache2 status

2. sudo service apache2 status

3. sudo systemctl status apache2.service

All this 3 commands apparently produced same output, but there is a difference among them...

ANS:

@reveng007
reveng007 / All_about_static_and_dynamic_in_linux.md
Last active April 17, 2024 12:26
`Static` vs `Dynamic` library in `Linux`, `PIC`,`PIE`, `plt`, `got`, `Virtual vs Physical Addresses`:

Static vs Dynamic library in Linux, PIC, PIE, plt, got, Virtual vs Physical Addresses:

plt ---> procedure linkage table
got ---> global offset table
logical addresses ---> virtual addresses
virtual address space (VAS) or address space ---> is the set of ranges of virtual addresses that an operating system makes available to a process.
memory management unit (MMU) or paged memory management unit (PMMU) ---> is a computer hardware unit having all memory references passed through itself, primarily performing the translation of virtual memory addresses to physical addresses.
Virtual address space randomization ----> Address space layout randomization ----> (ASLR)

NOTE:

@reveng007
reveng007 / tracing.md
Last active November 23, 2022 15:07
strace vs. ltrace. vs. ptrace. ftrace

TL'DR:

  1. strace : sytemcall tracer : Traces system call summoned by a process from syscall table

System calls, Eg:

open syscall (__NR_open),
kill syscall (__NR_kill), 
getdents64 syscall (__NR_getdents64),
@reveng007
reveng007 / READEME.md
Created August 1, 2023 21:00
BlueTeam/PurpleTeam Side of Me. All of these was done while my Internship tenure/while completing Intro To SOC Course by John Strand fromBHIS!

I am mostly into the offensive side of security but also have done Threat Hunting and the Blue Team side of security while working as Security Research Intern in my current Company. By configuring sysmon and attaching it with Windows Event Logger and looking for suspicious logs or running open source tools like DeepBlueCLI (UEBA style Detection techniques), to perform Threat Hunting via Windows Event Logs.

Analysing Memory images with volatility or for small-scale analysing (a particular process) used Moneta/PeSieve.
Also used RITA for analyzing PCAP files (in the form of Zeek logs). Also used, Velociraptor for collecting Host-based state information via Velociraptor Query Language (VQL) queries, which performs PowerShell queries to get juicy artefacts out of the system.

Similar to this Velociraptor, I have also used another tool named, Osqueryi, targeting the Linux environment.
I used this mainly while hunting any artefacts ***my rootkit