-
[From the CISO Trenches - Making Zero Trust Smarter](https://elevatesecurity.com/from-the-ciso-trenches-making-zero-trust-sm
ashbyca
/ security-leadership-training.md
Last active
June 20, 2024 12:46
Chief Information Security Officer - Training and Educational Resources
In no particular order, below are various resources used in studying/reviewing..
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"searchproviders":[["-1","DuckDuck Go","https://duckduckgo.com/?q=TESTSEARCH",true,false,7,false,"",false,""],["-1","Twitter Term","https://twitter.com/search?f=realtime&q=TESTSEARCH&src=typd",true,false,7,false,"",false,""],["-1","Google Safe Browsing","http://www.google.com/safebrowsing/diagnostic?site=TESTSEARCH",true,false,3,false,"",false,""],["-1","RIPE","https://stat.ripe.net/TESTSEARCH#tabId=at-a-glance",true,false,3,false,"",false,""],["-1","ARIN","https://search.arin.net/rdap/?query=TESTSEARCH",true,false,3,false,"",false,""],["-1","Domain Tools","https://whois.domaintools.com/TESTSEARCH",true,false,3,false,"",false,""],["-1","AlienVault OTX Domain","https://otx.alienvault.com/indicator/domain/TESTSEARCH",true,false,2,false,"",false,""],["-1","VirusTotal Domain Info","https://www.virustotal.com/en/domain/%s/information/",true,false,2,false,"",false,""],["-1","WhoIS DNS Info","http://who.is/whois/TESTSEARCH",true,false,2,false,"",false,""],["-1","McAfee TI","http://www.mcafee.com/threat-intelligence |
ashbyca
/ web-cheatsheet.md
Last active
February 22, 2021 16:51
Description A Stored Cross-Site Scripting (XSS) vulnerability occurs when a web application sends stored strings that were provided by an attacker to a victim's browser in such a way that the browser executes part of the string as code. The string contains malicious data and is initially stored server-side, often in the application's database.
Steps To Reproduce:
- Log in to the application.
- Navigate to the necessary URL found from Automated tool
- Navigate to the section identified as vulnerable
- Enter any of the below mentioned payloads in the "various form/other input fields and also fill in any mandatory fields.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Edit this file to introduce tasks to be run by cron. | |
| # | |
| # Each task to run has to be defined through a single line | |
| # indicating with different fields when the task will be run | |
| # and what command to run for the task | |
| # | |
| # To define the time you can provide concrete values for | |
| # minute (m), hour (h), day of month (dom), month (mon), | |
| # and day of week (dow) or use '*' in these fields (for 'any').# | |
| # Notice that tasks will be started based on the cron's system |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| System Setup | |
| # Install Python PIP and Dependencies | |
| sudo apt-get install python3-dev python3-pip python3-setuptools libyaml-dev wget libreadline7 libreadline-dev git python-dnspython python-mechanize python-slowaes python-xlsxwriter python-jsonrpclib python-lxml lsb-release figlet update-motd libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev -y | |
| # Setup and configure Dynamic MOTD | |
| # Remove the current directory | |
| sudo rm -r /etc/update-motd.d/ | |
| # Create new directory |
ashbyca
/ ip-context-menu.xml
Created
December 30, 2019 11:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # 10-sysinfo - generate the system information | |
| # Copyright (c) 2013 Nick Charlton | |
| # | |
| # Authors: Nick Charlton <[email protected]> | |
| # | |
| # This program is free software; you can redistribute it and/or modify | |
| # it under the terms of the GNU General Public License as published by | |
| # the Free Software Foundation; either version 2 of the License, or |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # 00-header - create the header of the MOTD | |
| # Copyright (c) 2013 Nick Charlton | |
| # Copyright (c) 2009-2010 Canonical Ltd. | |
| # | |
| # Authors: Nick Charlton <[email protected]> | |
| # Dustin Kirkland <[email protected]> | |
| # | |
| # This program is free software; you can redistribute it and/or modify |
NewerOlder