Penetrating Testing/Assessment Workflow & other fun infosec stuff
https://github.com/jivoi/pentest
My feeble attempt to organize (in a somewhat logical fashion) the vast amount of information, tools, resources, tip and tricks surrounding penetration testing, vulnerability assessment, and information security as a whole*
| MongoDB University notes. | |
| Mongo Db is a document. | |
| Mongo Db uses JSON object/data. | |
| Mongo Db supports scaling out using sharing technique. | |
| Mongo Db supports scaling out vs scaling up. | |
| BSON: | |
| Mongo Db stores the data in the format of BSON. On the application side manogdb drivers map the BSON data into the native data types. |
| # Top ten (or whatever) memory utilizing processes (with children aggregate) - Can be done without the multi-dimensional array | |
| ps axo rss,comm,pid | awk '{ proc_list[$2] += $1; } END { for (proc in proc_list) { printf("%d\t%s\n", proc_list[proc],proc); }}' | sort -n | tail -n 10 | |
| # Download last file from index of | |
| NAME=`wget --quiet URL -O - | grep util-vserver | tail -n 1 | sed 's|</a>.*||;s/.*>//'`; wget URL$UTILVSERVER; | |
| # Delete newline | |
| tr -d "\n" < file1 > file2 | |
| # which procs have $PATH_REGEX open? | |
| find /proc -regex '/proc/[0-9]+/smaps' -exec grep -l "$PATH_REGEX" {} \; | cut -d'/' -f2 | |
| # Adding formatting to an xml document for easier reading | |
| xmllint --format <filename> > <output file> |
| # Top ten (or whatever) memory utilizing processes (with children aggregate) - Can be done without the multi-dimensional array | |
| ps axo rss,comm,pid | awk '{ proc_list[$2] += $1; } END { for (proc in proc_list) { printf("%d\t%s\n", proc_list[proc],proc); }}' | sort -n | tail -n 10 | |
| # Download last file from index of | |
| NAME=`wget --quiet URL -O - | grep util-vserver | tail -n 1 | sed 's|</a>.*||;s/.*>//'`; wget URL$UTILVSERVER; | |
| # Delete newline | |
| tr -d "\n" < file1 > file2 | |
| # which procs have $PATH_REGEX open? | |
| find /proc -regex '/proc/[0-9]+/smaps' -exec grep -l "$PATH_REGEX" {} \; | cut -d'/' -f2 | |
| # Adding formatting to an xml document for easier reading | |
| xmllint --format <filename> > <output file> |
| 0trace 1.5 A hop enumeration tool http://jon.oberheide.org/0trace/ | |
| 3proxy 0.7.1.1 Tiny free proxy server. http://3proxy.ru/ | |
| 3proxy-win32 0.7.1.1 Tiny free proxy server. http://3proxy.ru/ | |
| 42zip 42 Recursive Zip archive bomb. http://blog.fefe.de/?ts=b6cea88d | |
| acccheck 0.2.1 A password dictionary attack tool that targets windows authentication via the SMB protocol. http://labs.portcullis.co.uk/tools/acccheck/ | |
| ace 1.10 Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface http://ucsniff.sourceforge.net/ace.html | |
| admid-pack 0.1 ADM DNS spoofing tools - Uses a variety of active and passive methods to spoof DNS packets. Very powerful. http://packetstormsecurity.com/files/10080/ADMid-pkg.tgz.html | |
| adminpagefinder 0.1 This python script looks for a large amount of possible administrative interfaces on a given site. http://packetstormse |
| Android Emulator (ARM64) on EC2 - 2022 | |
| --------------------------------------- | |
| 1. Launch EC2 ARM based Instance (a1.metal / a1.2xlarge): (16 Gb RAM, 32Gb Disk), Ubuntu Server 22.04 LTS (HVM) ARM x64 | |
| 2. sudo apt update && sudo apt upgrade | |
| 3. sudo apt install default-jdk python3-pip repo python-is-python3 unzip libpcre2-dev adb | |
| 4. wget https://dl.google.com/android/repository/commandlinetools-linux-8512546_latest.zip | |
| 5. unzip commandlinetools-linux-8512546_latest.zip -d android-sdk | |
| 6. sudo mv android-sdk /opt/ | |
| 7. mkdir /opt/android-sdk/cmdline-tools/latest | |
| 8. mv /opt/android-sdk/cmdline-tools/* /opt/android-sdk/cmdline-tools/latest (ignore the error) |
| #!/bin/bash | |
| # | |
| # IMPORTANT! | |
| # At the moment this script is forged only for Debian ( tested on 8.x release ). | |
| # Although my efforts were put on building this also on Arch Linux or Alpine, at the moment only Debian seems to be able to build it. | |
| # Also, not sure why these instructions where nowhere on the internet, therefore I leave them here for whoever need them. | |
| # | |
| ########### | |
| # Add Backports repo support |