Skip to content

Instantly share code, notes, and snippets.

View habib26-14's full-sized avatar

habib26-14

19 followers · 172 following
  • moroccan school of engineering sciences
View GitHub Profile
@bgoonz
bgoonz / Ultimate-Cheatsheet.md
Last active April 23, 2025 18:01
Ultimate-Cheatsheet
@OTaKuHP
OTaKuHP / Mobile Pentesting Resources.md
Last active October 10, 2024 17:50
@thevillagehacker
thevillagehacker / Android_pen-testing.md
Created March 23, 2021 06:00
@sswares
sswares / blue_team_notes.md
Created May 24, 2020 19:50 — forked from alexiasa/blue_team_notes.md
Blue Team Notes
@cihanmehmet
cihanmehmet / subdomain_wordlist.md
Last active March 21, 2025 18:36
Subdomain Wordlist
@MrMugiwara
MrMugiwara / NetSecCheck.md
Created June 22, 2017 23:08
Network Security VAPT Checklist

Hi dear reader, there are very few technical network security assessment checklist. So I thought to share my own on this. Have a look and enjoy. Lets talk about the scope first. If you are given a 1000 machines to perform VAPT, then here is your scope. Single machine can have 65535 ports open. Any single port can deploy any service software from the world. For example FTP can be run on smartftp, pureftpd etc.. Any single FTP software version (for example pureftpd 1.0.22) can have number of vulnerabilities available. So if you multiply all of these, then it is impossible for any auditor to go ahead and probe all ports manually and find services manually. Even if he/she is able to do it, it is impossible to check all vulnerabilities that are pertaining to a single port of a single machine. Hence we have to rely on scanners such as nexpose, nessus, openvas, coreimpact etc. Here are some quick tools and test cases that one can perform on commonly found ports in the network pentest.

Identify live host

@vlucas
vlucas / encryption.ts
Last active April 24, 2025 04:34
Stronger Encryption and Decryption in Node.js
import { createCipheriv, createDecipheriv, randomBytes } from "crypto";
const ENCRYPTION_KEY: string = process.env.ENCRYPTION_KEY || ""; // Must be 256 bits (32 characters)
const IV_LENGTH: number = 16; // For AES, this is always 16
/**
* Will generate valid encryption keys for use
* Not used in the code below, but generate one and store it in ENV for your own purposes
*/
export function keyGen() {