Msfvenom Cheatsheet: Windows Exploitation by HackingArticles, 2023
MsfVenom is a Metasploit standalone payload generator that is also a replacement for msfpayload and msfencode. Payloads are malicious noscripts that an attacker uses to interact with a target machine in order to compromise it. Msfvenom supports the following platforms and formats to generate the payload: The output format could be in the form of executable files such as exe, php, dll, or as a one-liner.
#pentest #metasploit
MsfVenom is a Metasploit standalone payload generator that is also a replacement for msfpayload and msfencode. Payloads are malicious noscripts that an attacker uses to interact with a target machine in order to compromise it. Msfvenom supports the following platforms and formats to generate the payload: The output format could be in the form of executable files such as exe, php, dll, or as a one-liner.
#pentest #metasploit
👍7
Msfvenom Cheatsheet_Windows Exploitation_Gnite_2024.pdf
2.6 MB
Msfvenom Cheatsheet: Windows Exploitation by HackingArticles, 2023
👍2🔥2
SiCat - The useful exploit finder
SiCat is an advanced exploit search tool designed to identify and gather information about exploits from both open sources and local repositories effectively. With a focus on cybersecurity, SiCat allows users to quickly search online, finding potential vulnerabilities and relevant exploits for ongoing projects or systems.
This tool aids cybersecurity professionals and researchers in understanding potential security risks, providing valuable insights to enhance system security.
GitHub
#pentest
SiCat is an advanced exploit search tool designed to identify and gather information about exploits from both open sources and local repositories effectively. With a focus on cybersecurity, SiCat allows users to quickly search online, finding potential vulnerabilities and relevant exploits for ongoing projects or systems.
This tool aids cybersecurity professionals and researchers in understanding potential security risks, providing valuable insights to enhance system security.
GitHub
#pentest
🔥4👍2
Pwning the Domain- Credentialess & Username, Hadess, 2024
The article explores a range of sophisticated attack techniques targeting Active Directory environments, focusing on methods that require little to no credentials for initial access. Beginning with reconnaissance, adversaries leverage DHCP, DNS, NBT-NS, LDAP, RPC, and SMB null sessions to gather crucial intelligence about network topology and potential vulnerabilities.
Furthermore, the article explores techniques such as NetNTLM relay, ASREPRoasting, and brute-force attacks, providing insights into how adversaries exploit authentication mechanisms and weak passwords to compromise domain security. Lastly, the article addresses critical vulnerabilities like Proxyshell, Proxylogon, Eternalblue, SMBGhost, Zerologon (unauthenticated version), and Petitpotam (unauthenticated version), emphasizing the importance of timely patching and mitigation efforts to defend against potential exploits and safeguard Active Directory environments.
#winodws #pentest
The article explores a range of sophisticated attack techniques targeting Active Directory environments, focusing on methods that require little to no credentials for initial access. Beginning with reconnaissance, adversaries leverage DHCP, DNS, NBT-NS, LDAP, RPC, and SMB null sessions to gather crucial intelligence about network topology and potential vulnerabilities.
Furthermore, the article explores techniques such as NetNTLM relay, ASREPRoasting, and brute-force attacks, providing insights into how adversaries exploit authentication mechanisms and weak passwords to compromise domain security. Lastly, the article addresses critical vulnerabilities like Proxyshell, Proxylogon, Eternalblue, SMBGhost, Zerologon (unauthenticated version), and Petitpotam (unauthenticated version), emphasizing the importance of timely patching and mitigation efforts to defend against potential exploits and safeguard Active Directory environments.
#winodws #pentest
🔥3
Pwning the Domain- Credentialess & Username.pdf
4.5 MB
Pwning the Domain- Credentialess & Username, Hadess, 2024
👍4🔥2
Mac OS X Security by Bruce Potter, Preston Norvell, Brian Wotring, 2024
Part I introduces readers to the basics of OS X security. Part II addresses system security beginning at the client workstation level. This section addresses UNIX-specific information such as permissions, executables, and network protocols and the related security concerns.
Part III covers network security. The chapters in this section will cover security for internet services, file sharing, and network protection systems. Part IV addresses enterprise security using a variety of tools (Kerberos, NetInfo, and Rendezvous) as well as workstation configurations to illustrate how OS X Server and OS X inter-operate.
The final section addresses auditing and forensics and what to do when an OS X network is compromised. This section teaches readers to audit systems painlessly and effectively and how to investigate and handle incidents.
#book #linux #hardening
Part I introduces readers to the basics of OS X security. Part II addresses system security beginning at the client workstation level. This section addresses UNIX-specific information such as permissions, executables, and network protocols and the related security concerns.
Part III covers network security. The chapters in this section will cover security for internet services, file sharing, and network protection systems. Part IV addresses enterprise security using a variety of tools (Kerberos, NetInfo, and Rendezvous) as well as workstation configurations to illustrate how OS X Server and OS X inter-operate.
The final section addresses auditing and forensics and what to do when an OS X network is compromised. This section teaches readers to audit systems painlessly and effectively and how to investigate and handle incidents.
#book #linux #hardening
👍7
Mac_OS_X_Security_by_Wotring_Brian;_Norvell_Preston;_Potter_Bruce.pdf
6.6 MB
Mac OS X Security by Bruce Potter, Preston Norvell, Brian Wotring, 2024
👍6
The Mac Hacker's Handbook by Charlie Miller, 2009
As more and more vulnerabilities are found in the Mac OS X (Leopard) operating system, security researchers are realizing the importance of developing proof-of-concept exploits for those vulnerabilities. This unique tome is the first book to uncover the flaws in the Mac OS X operating system—and how to deal with them.
Written by two white hat hackers, this book is aimed at making vital information known so that you can find ways to secure your Mac OS X systems, and examines the sorts of attacks that are prevented by Leopard’s security defenses, what attacks aren’t, and how to best handle those weaknesses.
#book #linux #hardening
As more and more vulnerabilities are found in the Mac OS X (Leopard) operating system, security researchers are realizing the importance of developing proof-of-concept exploits for those vulnerabilities. This unique tome is the first book to uncover the flaws in the Mac OS X operating system—and how to deal with them.
Written by two white hat hackers, this book is aimed at making vital information known so that you can find ways to secure your Mac OS X systems, and examines the sorts of attacks that are prevented by Leopard’s security defenses, what attacks aren’t, and how to best handle those weaknesses.
#book #linux #hardening
👍5
Some cybersecurity books [9 books] by Qian Han, Nick Aleks,Ben McCarty, Daniel Graham, etc., 2015-2024
Подборка из девяти книг по кибербезопасности издательства "No Starch Press". Самая древняя - 2015 года рождения, самая свежая - 2024. Для всех интересующихся, неравнодушных или имеющих интерес в данной области.
#book
Подборка из девяти книг по кибербезопасности издательства "No Starch Press". Самая древняя - 2015 года рождения, самая свежая - 2024. Для всех интересующихся, неравнодушных или имеющих интерес в данной области.
#book
🔥8
Podborka_Cybersec.torrent
42.1 KB
Some cybersecurity books [9 books] by Qian Han, Nick Aleks,Ben McCarty, Daniel Graham, etc., 2015-2024
🔥5🎉2
UNIX Co-Founder Ken Thompson's BSD Password Has Finally Been Cracked
A 40-year-old password of Ken Thompson, the co-creator of the UNIX operating system among, has finally been cracked that belongs to a BSD-based system, one of the original versions of UNIX, which was back then used by various computer science pioneers.
Thompson's password has been revealed as "p/q2-q4!a" — a notation in chess to describe the move "pawn from Queen's 2 to Queen's 4."
Source: THN + ICD + Reddit + YouTube + LB
Источники: Хабр + AM + Dzen
#fun #linux
A 40-year-old password of Ken Thompson, the co-creator of the UNIX operating system among, has finally been cracked that belongs to a BSD-based system, one of the original versions of UNIX, which was back then used by various computer science pioneers.
Thompson's password has been revealed as "p/q2-q4!a" — a notation in chess to describe the move "pawn from Queen's 2 to Queen's 4."
Source: THN + ICD + Reddit + YouTube + LB
Источники: Хабр + AM + Dzen
#fun #linux
❤8👍1🤔1
Ряд стран Европы в этом году в качестве эксперимента переходит на 4-х дневную рабочую неделю. Есть исследования о повышении эффективност труда и снижения уровня стресса у сотрудников. Каково твое мнение на этот счет?
Anonymous Poll
42%
Поддерживаю, 4/3 это оптимальный вариант рабочей недели, баланс и комфорт
4%
Станет только хуже, сотрудники будут меньше работать и больше "шланговавать"
11%
Не могу точно сказать, нужны данные эксперимента, исследования и доп аргументы
22%
В зависимости от отрасли и должности, не все могут позволить себе график 4/3
4%
Надо батрачить 7/0, никаких выходных, праздников и day off, больше е##шить - больше результатов
16%
Да в РФ похер на эти эксперименты, РФ не ЕС, как работали так и будут
1%
Свой вариант (пиши в чат)
🔥6🤔2👍1
Mastering Linux Security and Hardening. Secure your Linux server and protect it from intruders, malware attacks, and other external threats, Donald A. Tevault, 2018
This book has extensive coverage of techniques that will help prevent attackers from breaching your system, by building a much more secure Linux environment.
You will learn various security techniques such as SSH hardening, network service detection, setting up firewalls, encrypting file systems, protecting user accounts, authentication processes, and so on. Moving forward, you will also develop hands-on skills with advanced Linux permissions, access control, special modes, and more. Lastly, this book will also cover best practices and troubleshooting techniques to get your work done efficiently.
#book #linux #hardening
This book has extensive coverage of techniques that will help prevent attackers from breaching your system, by building a much more secure Linux environment.
You will learn various security techniques such as SSH hardening, network service detection, setting up firewalls, encrypting file systems, protecting user accounts, authentication processes, and so on. Moving forward, you will also develop hands-on skills with advanced Linux permissions, access control, special modes, and more. Lastly, this book will also cover best practices and troubleshooting techniques to get your work done efficiently.
#book #linux #hardening
👍6❤1
Mastering Linux Security and Hardening_x.pdf
9.4 MB
Mastering Linux Security and Hardening. Secure your Linux server and protect it from intruders, malware attacks, and other external threats, Donald A. Tevault, 2018
👍3❤2🔥2
Убыль населения в Москве открывает новые возможности релокантам из регионов РФ для старта успешной карьеры в ИТ секторе
Некоторые выдержки:
(+) В Москве и области ожидается наибольшая убыль населения среди регионов к 2046 году
(+) Текучесть кадров выросла до 37%. Отношение к построению карьеры у многих поменялось
(+) IT-компании отказываются от релокантов и ищут им замену в российских регионах.
(+) Самый высокий спрос на инженеров DevOps с опытом построения облачных сетей, программистов PHP и data Scientist с опытом машинного обучения, специалистов по информационной безопасности.
(+) Средняя зарплата от московских компаний составляет до 370 тыс. руб. Максимальное предложение 500 тыс. руб. При этом специалист, находящийся в Казани, готов трудиться в среднем за 270 тыс. руб., посчитали в Superjob.
(+) Не хватает мигрантов и миллениалов. Эксперты — о кадровом дефиците в России
(+) Уровень безработицы в РФ весь год сохранится около 3–4%.
Источники: Tass + RBC + VD + RG + Dzen + NGS
#analytics
Некоторые выдержки:
(+) В Москве и области ожидается наибольшая убыль населения среди регионов к 2046 году
(+) Текучесть кадров выросла до 37%. Отношение к построению карьеры у многих поменялось
(+) IT-компании отказываются от релокантов и ищут им замену в российских регионах.
(+) Самый высокий спрос на инженеров DevOps с опытом построения облачных сетей, программистов PHP и data Scientist с опытом машинного обучения, специалистов по информационной безопасности.
(+) Средняя зарплата от московских компаний составляет до 370 тыс. руб. Максимальное предложение 500 тыс. руб. При этом специалист, находящийся в Казани, готов трудиться в среднем за 270 тыс. руб., посчитали в Superjob.
(+) Не хватает мигрантов и миллениалов. Эксперты — о кадровом дефиците в России
(+) Уровень безработицы в РФ весь год сохранится около 3–4%.
Источники: Tass + RBC + VD + RG + Dzen + NGS
#analytics
🤡9👍3❤1