I hereby claim:
- I am tankmek on github.
- I am tankmek (https://keybase.io/tankmek) on keybase.
- I have a public key whose fingerprint is 3AD0 A606 4ED4 33B9 5AF3 EF35 B94F EF97 E49C 9A75
To claim this, I am signing this object:
# Retrieve the current ACL | |
$acl = Get-Acl -Path .\private_file.txt | |
# Define the audit rule for Everyone with Success and Failure auditing for Read | |
$auditRule = New-Object System.Security.AccessControl.FileSystemAuditRule("Everyone", "Read", "Success,Failure") | |
# Add the audit rule to the ACL | |
$acl.AddAuditRule($auditRule) |
# Reference: https://blog.edie.io/2020/04/30/diy-ip-threat-feed/ | |
# Reference: https://github.com/tankmek/threatfeed/raw/master/ip_threat_feed.csv | |
index=honeypot eventtype="login_success" | |
| stats earliest(_time) AS first_seen, dc(host) AS sensor, latest(_time) AS last_seen by src_ip | |
| fieldformat first_seen=strftime(first_seen, "%Y%m%d %X") | |
| fieldformat last_seen=strftime(last_seen, "%Y%m%d %X") | |
| iplocation src_ip | |
| eval Country = if(isnull(Country), "Unknown", Country) | |
| lookup tor_exit_nodes exit_node_ip AS src_ip OUTPUTNEW exists AS tor_exit_node |
I hereby claim:
To claim this, I am signing this object:
sudo modprobe nbd max_part=8 | |
sudo qemu-nbd --connect=/dev/nbd0 image.qcow2 | |
# identify each partition | |
sudo fdisk /dev/nbd0 -l | |
# create mount location and then mount | |
sudo mkdir /mnt/disk1 | |
sudo mount /dev/nbd0p1 /mnt/disk1 |
download OVA | |
apt update && apt -y full-upgrade | |
reboot | |
apt -y --reinstall install open-vm-tools-desktop fuse (If new kernel version) | |
reboot | |
# When key expires | |
wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add |
# Create 100MB boot partition (Linux) | |
# Make the rest of the space one unit not bootable | |
## Make cryptanalysis harder | |
dd if=/dev/urandom of=/dev/sda2 | |
# Setup luks container | |
#cryptsetup --verbose --cipher aes-xts-plain64:sha512 --key-size 512 --hash sha512 --iter-time 5000 luksFormat | |
cryptsetup -s 256 -y luksFormat /dev/sdx2 | |
cryptsetup luksOpen /dev/sdx2 slackcrypt | |
# create physical volume | |
pvcreate /dev/mapper/slackcrypt |
# Manpage excerpt: | |
# Since the first obtained value for each parameter is used, more host-specific | |
# declarations should be given near the beginning of the file, and general defaults at the end. | |
Host * | |
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr | |
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com | |
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 |
## Better SSH Security | |
# @c0demech // Michael Edie | |
# If using the following key exchange protocol: | |
# diffie-hellman-group-exchange-sha256: Custom DH with SHA2 | |
# run the following: | |
# ssh-keygen -G /tmp/moduli -b 4096 | |
# ssh-keygen -T /etc/ssh/moduli -f /tmp/moduli | |
# Generate rsa key with: | |
# ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key < /dev/null |
# Settings up external NTP on DC | |
w32tm /query /source # If you get CMOS continue | |
net stop w32time | |
w32tm /config /syncfromflags:manual /manualpeerlist:”pool.ntp.org,0x1” | |
# Make your PDC a reliable time source for the clients. | |
w32tm /config /reliable:yes | |
net start w32time | |
# Wait a few minutes and it should update | |
w32tm /query /source # Validate |