Samy Kamar a security researcher has developed an IoT device that runs a python script called PoisonTap. This is a great article worth reading. It's affordable and can siphon cookies, expose internal routers and install backdoors.
Upgrading Firmware on a Ubiquiti Edgerouter Lite with SSH
The Ubiquiti Edgerouter Lite provides the ability to create a virtual LAN (vLAN) for $129 dollars. This is a quality VPN solution that was highly recommend from someone who owns a data center. Seriously... well worth the money.
Upgrading my router from firmware version 1.2 was difficult because there is a bug...
PowerShell for Hackers
As I'm learning more PowerShell and dabbling into hacking I will be composing a list of techniques and scripts that I find very beneficial for administration and pen-testing.
Basics
ipconfig
Linux Like Watch Command
while (1) { docker ps -a ; sleep 5}
System Running Processes
Get-Process
IP to Hostname
[System.Net.Dns]::GetHostByAddress('192.168.0.10').HostName
Is Server Virtual or Physical?
systeminfo /s %computername% | findstr /c:"Model:" /c:"Host Name" /c:"OS Name"
Lookup User...
Docker for Pentesters
Docker is truly one of the most fascinating changes to come to software development over the last 10 years. While the concept of containerization has been around since 1979; starting with the advent of chroot. Docker has revolutionized how containerization works. Docker made it easy to not only use containers but downloading fully functional environments can be...
Can you trace an IP Address to a hacker?
This is a very open-ended question with a lot of variables that come into play. Depending upon how skilled the hacker is, determines how and if the hacker can mask or hide their true identity. It's also very critical to know exactly when the hacker was using that IP address because...
Must Haves for the IT Professionals
Over the years I've used some really cool devices and services and I find these all to be very useful tools that I personally must own.
DeepCool
So, I was a hacker party once and my friend was like, "You have to try this.". This product sits beneath your laptop while circulating air and improving the...
SSH Tunneling
When you need to access a server/client behind a firewall that doesn't allow port forwarding you can use SSH tunneling to bypass that if an SSH server is running. Pivoting is a sneaky technique that hackers use to access computers, servers, and services behind firewalls. These examples will use OpenSSH. I think most examples don't explain this well...
Hardening ASP.NET Response Headers (Code)
A reliable way to harden your ASP.NET web application is to remove and skew the response headers via code. This will throw off automated scans that are performing banner grabbing in an attempt to identify vulnerabilities. There are ways to do this in IIS, however, performing this in code means it's applied everywhere that the...
CTF: PwnLab Init Walkthrough
https://www.vulnhub.com/entry/pwnlab-init,158/
In this walkthrough, I'll be using Parrot OS. I'll break each vulnerability down and explain it. The video won't demonstrate all of the techniques that could have been applied. I will also list the techniques I've learned from others.
Exploits / Techniques
Local File Inclusions (LFI)Password ReusePrivilege Elevation through compiled code.Remote Code ExecutionReverse ShellSpawning Interactive Shells
Pre-Attack
NetDiscover
First Identify...
Getting Started with Burp Suite
Burp Suite is a very powerful tool for manipulating websites to find vulnerabilities. The community edition will work fine but is much slower than the Professional version. You can use the community edition to learn however if you are serious you should support the product and purchase it ($400/year). Worth mentioning, the Enterprise version has...
