swarupsro

## Sublime Text 3 Serial key build is 3176

> * Added these lines into  /etc/hosts 

127.0.0.1       www.sublimetext.com
127.0.0.1       license.sublimehq.com

> * Used the license key

----- BEGIN LICENSE -----

swarupsro

Bug Bounty FAQ

A list of questions that bounty hunters frequently DM me about. 😄

How do I get started with bug bounty hunting? How do I improve my skills?

I have a simple philosophy that I share with everyone:

• Learn to make it. Then break it!
• Read books. Lots of books.

swarupsro

Bug Bounty FAQ

A list of questions that bounty hunters frequently DM me about. 😄

How do I get started with bug bounty hunting? How do I improve my skills?

I have a simple philosophy that I share with everyone:

• Learn to make it. Then break it!
• Read books. Lots of books.

swarupsro

#!/usr/bin/python

# Author: Adam Jordan
# Date: 2019-02-15
# Repository: https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc
# PoC for: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)


import argparse
import jenkins

swarupsro

// Determine linux distribution and version
cat /etc/issue
cat /etc/*-release
cat /etc/lsb-release
cat /etc/redhat-release

// Determine kernel version - 32 or 64-bit?
cat /proc/version
uname -a
uname -mrs

swarupsro

#!/bin/bash
# Stop all containers
containers=`docker ps -a -q`
if [ -n "$containers" ] ; then
        docker stop $containers
fi
# Delete all containers
containers=`docker ps -a -q`
if [ -n "$containers" ]; then
        docker rm -f -v $containers

swarupsro

Howto be a Hacker/Pentester/Security person - List of resources

I've just stolen HypnZA list of suggested links and added a few others by various people. (Please feel free to send me other links/info you think might be useful to add.)

HypnZA's commonly shared list (in the correct order):

1. https://www.hacksplaining.com
2. https://pentesterlab.com/exercises/web_for_pentester and https://pentesterlab.com/exercises/web_for_pentester_II
3. Watch Ippsec's HackTheBox videos from oldest to newest, but attempt the box in the video before watching the video (requires a paid hackthebox account to access the machines in the videos)

swarupsro

inurl /bug bounty
inurl : / security
inurl:security.txt
inurl:security "reward"
inurl : /responsible disclosure
inurl : /responsible-disclosure/ reward
inurl : / responsible-disclosure/ swag
inurl : / responsible-disclosure/ bounty
inurl:'/responsible disclosure' hoodie
responsible disclosure swag r=h:com

swarupsro

#!/usr/bin/env python
import argparse
import string
import sys

from impacket import nmb
from impacket.smb3 import SMB2_COMPRESSION_TRANSFORM_HEADER, SMB3, SMB2_DIALECT_311, SMB2_NEGOTIATE_SIGNING_REQUIRED, \
    SMB2_NEGOTIATE_SIGNING_ENABLED, STATUS_SUCCESS, SMB2_DIALECT_30, \
    SMB2_GLOBAL_CAP_ENCRYPTION, SMB2_DIALECT_WILDCARD, SMB2Negotiate_Response, SMB2_NEGOTIATE, \
    SMB2Negotiate, SMB311ContextData, SMB2NegotiateContext, SMB2_PREAUTH_INTEGRITY_CAPABILITIES, \

swarupsro

This python script is intended to automate the extraction of embedded certificates and keys from OpenVPN config files.

Unfortunately the GNOME Network-Manager is not able to automatically import OpenVPN config files with embedded certificates and keys. A workaround is to manually extract these and store them in separate files (e.g. see https://naveensnayak.wordpress.com/2013/03/04/ubuntu-openvpn-with-ovpn-file/).

Instructions:

• Make shure all the required packages are installed. For example on Ubuntu and Debian run:

  $ sudo apt-get install python3 network-manager-openvpn-gnome