Alexia Saloné alexiasa

Familiarize yourself with common languages:
- MITRE ATT&CK tactics (common language for attacker behaviors)
- CWE (common language for vulnerabilities)
- STRIDE (threat modeling)
- NIST CSF functions (Identify, Protect, Detect, Respond, Recover)
Check out cloud certs and free training
- AWS - https://explore.skillbuilder.aws/learn
- Azure - https://azure.microsoft.com/en-us/resources/training-and-certifications/#learning-paths
Some of my resource guides

notes about hacking electron applications

infamous shell.openExternal: opens an application based on URI and filetype association.

commonly-abused APIs

remote.app

when exposed to the renderer, remote.app allows the renderer processs to access APIs normally only available in the main process (this module will be deprecated in E 12 and removed in E 14)

Many of the functions exposed by this object can be easily abused, including but not limited to:

app.relaunch([options]) Relaunches the app when current instance exits.

Resources!

Here are some resources across a few areas (I'll update as I find more)

Random

The Book of Secret Knowledge - https://github.com/trimstray/the-book-of-secret-knowledge

My CCDC cheatsheet has some blue team goodness I've compiled over two competitions - https://gist.github.com/alexiasa/fba4466849fde5b9ec3dd3cd7d1b3e9f

SIEM

This is broader than SIEM (more about detections in general) but I found it helpful. - https://dragos.com/media/The_Four_Types%20of_Threat_Detection.pdf

Search options:

&strip=1 - cached text only: use Google's version of site and avoid connecting directly

Using Burp Suite to Enumerate Database Columns

I exploited a SQLi vulnerability to enumerate the columns in a database by doing something like this:

/comment.php?id=738 order by 1;#

Automating With Burp Suite

Column enumeration can be achieved in a manner indistinguishable from magic by using sqlmap.

It can also be achieved with Burp Suite's Intruder function.

CCDC Notes

Log Review Cheatsheet Critical Log Review Checklist for Security Incidents

Hardening GPO Reference UT Windows Hardening Checklist

CLI Windows Command Line Cheat Sheet PowerShell Cheat Sheet

Keybase proof

I hereby claim:

I am alexiasa on github.
I am alexiasa (https://keybase.io/alexiasa) on keybase.
I have a public key ASBWhX3Il0fFEElmZ24PeTtI0zTYmcmM5uCkMiouNaBx7wo

To claim this, I am signing this object:

	Notes about Smalltalk. Smalltalk influenced essentially all of the subsequent object-oriented languages. A few of the modern Smalltalk frameworks include Amber and Seaside which are geared toward web development.

	"this is a comment in Smalltalk. we are going to declare and assign variables."

	\| x y \| "declare the variable x and y"
	x := 1 "assign x a value of 1"
	y:= $q "assign y the character 'q'"

	# this is a comment in Python. we are going to declare and assign variables.

	~/hashcat-4.0.1$ ./hashcat64.bin -a 1 -m 900 --opencl-platforms=1 c600a9a5e9314a06662676dae2cc6ee4 all.dict rockyou.dict -o dw_solved --outfile-format=2 -O
	hashcat (v4.0.1) starting...

	nvmlDeviceGetFanSpeed(): Not Supported

	nvmlDeviceGetFanSpeed(): Not Supported

	OpenCL Platform #1: NVIDIA Corporation
	======================================
	* Device #1: Tesla M60, 1903/7613 MB allocatable, 16MCU

	Hashcat Benchmarks with AWS EC2 g3.8xlarge Instance
	Optimized Per These Instructions: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/optimize_gpu.html

	hashcat (v4.0.1) starting in benchmark mode...

	Benchmarking uses hand-optimized kernel code by default.
	You can use it in your cracking session by setting the -O option.
	Note: Using optimized kernel code limits the maximum supported password length.
	To disable the optimized kernel code in benchmark mode, use the -w option.