Zobber

# Top ten (or whatever) memory utilizing processes (with children aggregate) - Can be done without the multi-dimensional array
ps axo rss,comm,pid | awk '{ proc_list[$2] += $1; } END { for (proc in proc_list) { printf("%d\t%s\n", proc_list[proc],proc); }}' | sort -n | tail -n 10
# Download last file from index of
NAME=`wget --quiet URL -O - | grep util-vserver | tail -n 1 | sed 's|</a>.*||;s/.*>//'`; wget URL$UTILVSERVER;
# Delete newline
tr -d "\n" < file1 > file2
# which procs have $PATH_REGEX open?
find /proc -regex '/proc/[0-9]+/smaps' -exec grep -l "$PATH_REGEX" {} \; | cut -d'/' -f2
# Adding formatting to an xml document for easier reading
xmllint --format <filename> > <output file>

Zobber

# Check if Fail2Ban is Running
FAIL2BAN=`ps ax | grep fail2ban | grep -v grep | awk {'print $1'}` && if [ -n "$FAIL2BAN" ]; then printf "\n[INFO] Fail2Ban is running and the PID is %s\n\n" $FAIL2BAN; else printf "\n [INFO] Fail2Ban is not running\n\n"; fi
# alias to list hidden files of a folder
alias lh='ls -a | egrep "^\."'
# grep: find in files
egrep -in "this|that" *.dat
# Salty detailed directory listing...
ls -saltS [dirname]
# play all songs under current directory smoothly as background job
nice -n0 ls | mpg321 -@- &

Zobber

#### Install JAVA 
JAVA 11
apt-get install default-jre
nano /etc/environment
add -> JAVA_HOME"/usr7lib/jvm/java-11-openjdk-amd64/"
source /etc/environment
echo $JAVA_HOME

#### Install ElasticSearch and Test
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

Zobber

Here's a decent list of me blackbox testing API 
http://site.com/?q=x
*/?q=y <= idor
*/?q=<img> => test xss
*/?q=http://IP:PORT => test ssrf
*/?q=file:///etc/passwd => file include
/?q=/./../index.php => Path traversal
/?q=x' or x=" or x=\  => sqli
/?q[]=x  <= change datatype

Zobber

# Exploit Title: Cisco IP Phone 11.7 - Denial of Service (PoC)
# Date: 2020-04-15
# Exploit Author: Jacob Baines
# Vendor Homepage: https://www.cisco.com
# Software Link: https://www.cisco.com/c/en/us/products/collaboration-endpoints/ip-phones/index.html
# Version: Before 11.7(1)
# Tested on: Cisco Wireless IP Phone 8821
# CVE: CVE-2020-3161
# Cisco Advisory: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phones-rce-dos-rB6EeRXs
# Researcher Advisory: https://www.tenable.com/security/research/tra-2020-24

Zobber

#Suricata_IDS Bloqueo temporal de conexiones.

alert tcp any any -> any any (msg:"Pruebas_Suricata";content:"Enviando segmento TCP";sid:9900001;rev:1;)

threshold.config:
rate_filter gen_id 1, sig_id 9900001, track by_dst, count 200, seconds 60, new_action drop, timeout 250

Zobber

#Suricata_IDS stats

cat eve.json | jq -c 'select(.alert.signature) | [.alert.signature]' |sed 's/"//g;s/\[//;s/\]//' | awk '{a[$0]++;}END{for (i in a)print i, a[i]}' FS=, OFS=, |sort -k2 -nrt, | head -n20 | ag -v package | termgraph --title "Estadística de Alertas" --width 300

Zobber

alert tcp any any -> any any (msg:"NanoCore RAT CnC"; flow:to_server,established; content:"|40 00 00 00 fe 31 80 44 e7 eb 4a 77|"; depth:12; reference:md5,18fe62a701d08affdd58ade2df0d1fb6; classtype:command-and-control; sid:20166322; rev:1; metadata:created_at 2020_4_23;)

Zobber

wget -qO- bench.sh | bash

(curl -s wget.racing/nench.sh | bash; curl -s wget.racing/nench.sh | bash) 2>&1 | tee nench.log

wget http://busylog.net/FILES2DW/busytest.sh -O - -o /dev/null | bash

wget https://raw.githubusercontent.com/hidden-refuge/bench-sh-2/master/bench.sh && chmod +x bench.sh && ./bench.sh

Zobber

cat /etc/apt/sources.list | grep -v "#"
ls -l /etc/apt/sources.list.d/


apt-key list
gpg --keyserver keys.gnupg.net --recv 67ECE5605BCF1346
gpg --export 67ECE5605BCF1346 | apt-key add -

or