fidn

{
  "syncToken": "1615344252",
  "createDate": "2021-03-10-02-44-12",
  "prefixes": [
    {
      "ip_prefix": "3.5.140.0/22",
      "region": "ap-northeast-2",
      "service": "AMAZON",
      "network_border_group": "ap-northeast-2"
    },

mackwage

:: Windows 10 Hardening Script
:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering. 
:: Obligatory 'views are my own'. :) 
:: Thank you @jaredhaight for the Win Firewall config recommendations!
:: Thank you @ricardojba for the DLL Safe Order Search reg key! 
:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
:

roycewilliams

Rough summary of developing BadRabbit info
------------------------------------------

BadRabbit is locally-self-propagating ransomware (ransom: 0.05 BTC), spreading via SMB once inside. 
Requires user interaction.
Mostly targeting Russia and Ukraine so far, with a few others (Germany, Turkey, Bulgaria, Montenegro ...) 
Not globally self-propagating, but could be inflicted on selected targets on purpose.
May be part of same group targeting Ukraine generally (BACKSWING) (per FireEye)
Confirmed to use ETERNALROMANCE exploit, and same source code and build chain as NotPetya (per Talos)
Mitigations are similar to Petya/NotPetya resistance. An inoculation is also available (see below).

neuthral

# ALWAYS make sure "127.0.0.1 localhost" is the first line in your /hosts file
# or your system or browser may malfunction!

# See https://en.wikipedia.org/wiki/Hosts_file to find the standard locations
# of the HOSTS file for your particular OS. In Linux (and probably BSD), it's
# usually under /etc/hosts

# Yes, I know there are some redundant entries in this block--you can grep it
# and remove them yourself if it really matters. I'm too lazy to do it myself.

llelf

################################################################################
#                                 PRIVACY RULES                                #
#               * OSX EL CAPITAN - NO CONNECTIONS TO CUPPERTINO *              #
#  MIX OF DIFFERENT /etc/hosts FILES I'VE FOUND. 80% OF THE ENTRIES CAME FROM  #
#     MY OWN. OSX SENDS HUGE AMMOUNT OF REQUESTS TO CUPPERTINO EVENT WHEN      #
#       SPOTLIGHT SUGGESTIONS, ICLOUD, AND OTHER SERVICES ARE DISABLED         #
#  USE IT IF YOU DON'T LIKE OSX CALLING HOME WHEN YOU DON'T WANT IT TO HAPPEN  #
#     NO CONNECTIONS TO APPLE SERVERS REPORTED BY MY FIREWALL FOR 2 MONTHS     #
################################################################################
# SAVED FROM: http://pastebin.com/GfaXGL4r

crittermike

# One liner
wget --recursive --page-requisites --adjust-extension --span-hosts --convert-links --restrict-file-names=windows --domains yoursite.com --no-parent yoursite.com

# Explained
wget \
     --recursive \ # Download the whole site.
     --page-requisites \ # Get all assets/elements (CSS/JS/images).
     --adjust-extension \ # Save files with .html on the end.
     --span-hosts \ # Include necessary assets from offsite as well.
     --convert-links \ # Update links to still work in the static version.

bontchev

Links describing the leaked EQ Group tools for Windows

Repositories and ports

• Lost in Translation - A repository of the leaked tools

• MS17-010 - Port of some of the exploits to Windows 10

Installation and usage guides

praveenpuglia

I am moving this gist to a github repo so more people can contribute to it. Also, it makes it easier for me to version control.

Please go to - https://github.com/praveenpuglia/shadow-dom-in-depth for latest version of this document. Also, if you find the document useful, please shower your love, go ⭐️ it. :)

Shadow DOM

Heads Up! It's all about the V1 Spec.

In a nutshell, Shadow DOM enables local scoping for HTML & CSS.

HardenedArray

# OBJECTIVES:  Install Arch Linux as a VirtualBox Guest with a complete Plasma5/KDE environment.  
# Provide encrypted root and swap filesystems and UEFI boot our Arch Guest from within VirtualBox.

# Note:  This install method is specific to VirtualBox (VBox) to allow non-Arch users and Arch testers to evaluate a properly 
# configured and secure Arch OS while running a fully enabled Plasma/KDE system, and also by concurrently taking advantage 
# of the multiple isolation safeguards inherently provided by the VBox environment.  

# For those who want to install Arch on bare metal in a way that supports both dedicated Arch installations and Arch 
# installation on a SSD/HDD multi-OS-UEFI-booting system, please refer to my Arch System Installation Guide, here:

briansmith

How to Generate & Use Private Keys using OpenSSL's Command Line Tool

These commands generate and use private keys in unencrypted binary (not Base64 “PEM”) PKCS#8 format. The PKCS#8 format is used here because it is the most interoperable format when dealing with software that isn't based on OpenSSL.

OpenSSL has a variety of commands that can be used to operate on private key files, some of which are specific to RSA (e.g. openssl rsa and openssl genrsa) or which have other limitations. Here we always use