Misc to be sorted
https://laptophackingcoffee.org/doku.php?id=wiki:resources https://laptophackingcoffee.org/doku.php?id=wiki:starthacking https://ctf.laptophackingcoffee.org/challenges
https://stackoverflow.com/questions/14204230/how-to-list-the-files-in-a-zip-in-powershell
Enumeration: http://virgil-cj.blogspot.com/2018/02/enumeration-is-key_6.html
https://github.com/Alamot/code-snippets
https://github.com/ben0/Offsec-stuff https://ired.team/
https://xapax.gitbooks.io/security/content/find_subdomains.html
How to Create a List of Your Installed Programs on Windows
Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table –AutoSize
Find files containing a string:
Select-String -Path "*.backup" -Pattern 'Administrator'
Kill Process
Stop-Process -Name "notepad" -Force
pip3 install pydes
Links:¶
https://sushant747.gitbooks.io/total-oscp-guide/reverse-shell.html https://xapax.gitbooks.io/security/content/bash-scripting.html * https://github.com/xapax/security * https://github.com/xapax https://log.cyconet.org/2004/10/19/reread-the-mysql-privileges/ https://github.com/adam-p/markdown-here/wiki/Markdown-Cheatsheet
NETSEC - Ramblings of a NetSec addict¶
Fully interactive shells¶
https://forum.hackthebox.eu/discussion/142/obtaining-a-fully-interactive-shell https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/ https://netsec.ws/?p=337 https://www.reddit.com/r/netsec/comments/6mcbp7/upgrading_shells_to_fully_interactive_ttys/
Firewalls¶
https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/ https://www.thegeekstuff.com/2011/06/iptables-rules-examples/?utm_source=feedburner https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands
socat¶
https://www.cyberciti.biz/faq/linux-unix-tcp-port-forwarding/ http://technostuff.blogspot.com/2008/10/some-useful-socat-commands.html
grep¶
https://stackoverflow.com/questions/10346816/using-grep-to-search-for-a-string-that-has-a-dot-in-it
Linux directory size (du)¶
https://www.tecmint.com/check-linux-disk-usage-of-files-and-directories/
Linux groups (also in README)¶
https://wiki.debian.org/SystemGroups
Atom¶
https://github.com/nwinkler/atom-keyboard-shortcuts
customizing bash prompt¶
https://help.ubuntu.com/community/CustomizingBashPrompt
Enumeration scripts / tools¶
https://github.com/diego-treitos/linux-smart-enumeration https://raw.githubusercontent.com/diego-treitos/linux-smart-enumeration/master/lse.sh
sqlite sqli:¶
https://wfuzz.readthedocs.io/en/latest/user/advanced.html
wfuzz -z range,1-10 -u "https://www.nestedflanders.htb/index.php?id=FUZZ"
wfuzz -e payloads
sqlmap -u "https://www.nestedflanders.htb/index.php?id=1" --method=GET -p id --technique=BEUSQ --level=5 --risk=3
sqlmap --list tamper
https://gist.github.com/subfuzion/08c5d85437d5d4f00e58
curl -H 'Host: yada.com' http://127.0.0.1/something
curl --resolve 'yada.com:80:127.0.0.1' http://yada.com/something
ip neigh
ip tcp_metrics
arp history
route -n
cat /etc/resolv.conf
wget -r http://10.10.10.XX/directory/with/content/
find /home/ -printf "%f\t%p\t%u\t%g\t%m\n" 2>/dev/null|column -t
https://forum.ivorde.com/tcpdump-how-to-to-capture-only-icmp-ping-echo-requests-t15191.html
tcpdump -i any -s 0 -l -w - dst port 3306 | strings
# only pings
tcpdump -nni eth0 icmp
# IPv6
tcpdump -i tun0 -vv ip6
## based on https://superuser.com/questions/39751/add-directory-to-path-if-its-not-already-there
pathadd() {
if [ -d "$1" ] && [[ ":$PATH:" != *":$1:"* ]]; then
PATH="${PATH:+"$PATH:"}$1"
fi
}
path_add_beginning() {
if [ -d "$1" ] && [[ ":$PATH:" != *":$1:"* ]]; then
PATH="$1${PATH:+":$PATH"}"
fi
}
HTML table renders within markdown¶
| Layer 1 | Layer 2 | Layer 3 |
|---|---|---|
| L1 Name | L2 Name A | L3 Name A |
| L3 Name B | ||
| L2 Name B | L3 Name C | |
| L3 Name D |