Autres
AideEnLigne
CahierDeBrouillon
Présentation
Administration

MesLectures
[Articles publiés]
[Blog Affordance]
[LibreOffice en ligne]
[Journal d'Ophelia]
[Kim Khal]

Informations
[Rue 89]

DNS etc
[Robtex]
Logins
Votre ID: 111
Nom:
Login utilisateur
Mot de passe éditeur

ComputingSecurity

Afficher la révision 127

Concernant la sécurité. Aspects blacks, white, Forensics, etc...

+Advisories, news and articles
Example of fishing w/ sources https://net-security.fr/securite/rex-phishing/
Techrights.org on Microsoft and NSA http:/BT/techrights.org/wiki/index.php/Microsoft_and_the_NSA
Articles & analysis [security, privacy, https, etc] https://robertheaton.com/about/
What Google knows about you and what to deactivate https://myaccount.google.com/privacy#activity
XMCO Acus security PDF magazines issues https://www.xmco.fr/actusecu/ 2017-10-15 10:48:56
What is IME (Intel Management Engine) and how to disable it https://wiki.gentoo.org/wiki/Sakaki's_EFI_Install_Guide/Disabling_the_Intel_Management_Engine#cite_note-2
Security news, analysis, malware, activism, hacking, etc. http://securityaffairs.co/wordpress/
Rakos underwLinux vulnerability analysed http://www.welivesecurity.com/2016/12/20/new-linuxrakos-threat-devices-servers-ssh-scan/
Fast-flux article in https://www.xmco.fr/actu-secu/XMCO-ActuSecu-Janvier2008.pdf
rgod advisories and exploits http://retrogod.altervista.org/
OpenBSD? & FreeBSD? vulnerabilities http://www.vuxml.org/
Net-security advisories & vulnerabilies http://www.net-security.org/
Security/Linux?/Network? Forums [login/passwd] http://www.governmentsecurity.org.
Security Focus http://www.securityfocus.com/
Advisories & tools (Retina, Iris, ...) http://www.eeye.com/html/
Microsoft security site http://www.microsoft.com/technet/security/default.mspx
CVE at MITRE http://www.cve.mitre.org/cve/
news, tools, exploits http://www.securiteam.com/
ISS site http://www.iss.net/
+Black

Backdoors !

  http://x.x.x.x/anony/mjpg.cgi

others

Poison Tap to access network of a locked PC https://samy.pl/poisontap/
Trap to track users on Internet (lure them) https://github.com/boxug/trape ;
..puis utilisation de ngrok https://ngrok.com/ pour partager le lien généré par trape sur Internet. Ngrok utile pour partager sur internet unre url en cours de developement. voir aussi un article https://homputersecurity.com/2018/06/29/le-tracage-sur-internet-avec-trape-et-ngrok/
Google dorking and hacking tools http://www.google-dorking.com/
getting login password under windows shares w/ mimikatz http://blog.gentilkiwi.com/mimikatz
Bettercap modular, portable, extensible MITM https://bettercap.org/
Morpheus to test MITM (Man In The Middle) attacks https://github.com/r00t-3xp10it/morpheus
Exploits database w source, shellcode, papers, etc. https://www.exploit-db.com/
Venom shell code generator for metasploit https://github.com/r00t-3xp10it/venom
WannaCry? and metasploit https://reload.eez.fr/blog:2017:05:22:wannacry_mise_en_pratique_d_un_exploit_a_partir_de_debian
Smashing the stack with Metasploit tutorial https://woumn.wordpress.com/2016/09/24/smashing-the-stack-into-a-reverse-shell/
maj 2016-08-09 18:42:25
Syscall Hijacking: Kernel Linux 2.6.* systems http://memset.wordpress.com/2010/12/03/syscall-hijacking-kernel-2-6-systems/
Exploit database [remote & local, papers, google hacking db, ..] http://www.exploit-db.com/
Samy Kamar hacks, hijacks etc. http://samy.pl/
Creating A Truley Invisible PHP Shell http://thehackerblog.com/a-look-into-creating-a-truley-invisible-php-shell/
Shellcode to reverse binding using netcat http://morgawr.github.io/hacking/2014/03/29/shellcode-to-reverse-bind-with-netcat/
mempodipper exploit thru SUID bit http://blog.zx2c4.com/
Phrack magazine http://www.phrack.org
Censys.io complete view of internet https://censys.io/
Shodan scans the Web for connected devices [wecam, routers, switches, ..] http://www.shodanhq.com/ (or www.shodan.io)
To search for C&C sites with Shodan: type category:malware in the search bar.
To install shodan client (command line tool), install shodan client, a module for Python
Google hacking database to find names, passwords secret files http://www.exploit-db.com/google-dorks/
Hash length extension attack http://www.skullsecurity.org/blog/2012/everything-you-need-to-know-about-hash-length-extension-attacks
Windows debugging a trojan, see here http://www.skullsecurity.org
MySQL? injection, pillager, video cam access http://console-cowboys.blogspot.com/
Bypassing techniques http://gray-world.net
LSD PlaNet? http://www.lsd-pl.net/
Malware [malicious software] http://www.malware.com/
SQL Injection http://www.digitaloffense.net/
Astalavista http://astalavista.box.sk/
Cult of The Dead Cow http://www.cultdeadcow.com/tools/bo.html
Attrition [lots of DOS] http://attrition.org/security/
Linux Grill [kernels, IPRoute] http://www.linuxgrill.com/
NMRC http://www.nmrc.org/
TeamKh? http://membres.lycos.fr/teamhkh/log/
Index of Trojans http://www.megasecurity.org/Main.html
Runme.org Software art & funny tricks http://www.runme.org/
13 chars forkbomb http://www.runme.org/project/+forkbombsh/
w00w00Trojans and DOS [oldies] http://www.w00w00.org/
Current and archived exploits http://www.securiteam.com/exploits/
Cipher site, hacking, articles http://www.cipher.org.uk/
+Firewall
Ban IP by country https://www.ip2location.com/free/visitor-blocker
Crowdsec (fail2ban like, for Linux, FreeBSD?) https://crowdsec.net/
NFTables commented examples https://stosb.com/blog/explaining-my-configs-nftables/
Free firewalls [software] for WIndows http://www.techsupportalert.com/best-free-firewall.htm#Basic-Firewalls
Another iproute and iptables tutorial http://ornellas.apanela.com/dokuwiki/pub:firewall_and_adv_routing#firewall_and_advanced_routing_under_linux
Advanced features of IpTables? http://linuxgazette.net/108/odonovan.html
Firewalling with OpenBSD? and PF http://home.nuug.no/~peter/pf/en/index.html
Voir aussi dans Misc Network concernant PF et CARP et pfsync²
Iptables Didacticiel http://www.inetdoc.net/guides/iptables-tutorial/abouttheauthor.html
Contournement de firewall [wsh, Active Port Forwarder] http://www.gray-world.net/
Iptables Tutorial [NAT] http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html
Config de IPtables avec Webmin http://www.adella.org/spip/spip.php?article23
FreeSCO? firewall http://www.freesco.org/
Astaro AG linux based http://www.astaro.com/
Netfilter/Iptables? docs http://www.netfilter.org/documentation/index.html#HOWTO
IpFilter? FreeBSD? firewall http://coombs.anu.edu.au/~avalon/ip-filter.html
IPFWADM page http://garbo.uwasa.fi/ldp/HOWTO/Firewall-HOWTO-7.html
Lighting firewall http://lighting.tenet.pl/
What is the difference between reject and deny ? http://www.ouah.org/reject_or_deny.html
SmoothWall? http://www.smoothwall.org/
Clavister firewall & VPN Gateway http://www.clavister.com/
CERIA security archive at purdue univ. ftp://coast.cs.purdue.edu/pub/tools/unix
+Forensics tools and IDS
Nouveau blog d'un expert judiciaire http://zythom.fr/
Ancien blog d'un expert judiciaire http://zythom.blogspot.fr/
Verification d'e l'origine d'images [sur Internet par ex.] https://www.invid-project.eu/
Reverse Image Search w/ Tineye https://tineye.com/
Use of Russian browser Yandex to search iamges
MediCAT? boot dvd/USB (replaces Hiren) tools to repair windows https://gbatemp.net/threads/medicat-dvd-a-multiboot-linux-dvd.361577/
XSS beginner's guide http://www.xssed.com/article/31/The_Beginners_Guide_to_XSS/
2016-03-20 22:19:31
opengates to reuse a windows harddisk on another computer https://www.pinguin.lu/opengates
blockdev to unlock read-only discs by adressing the device ioctls
xmount command to mount an image on virtual machine
forensics linux tools (with Sleuth & Dart) http://www.deftlinux.net/
Kali penetration testing forensics and security auditing https://www.kali.org/
setoolkit to clone a website in kali
Hiren boot cdrom for windows (obsolete): tools to repair windows http://www.hiren.info/pages/bootcd
Zenk files: tutorials and docs about hacking & security & forensics https://repo.zenk-security.com
Zenk Wiki: forensics and other hacks https://wiki.zenk-security.com/doku.php
Autopsy forensics tool: an Interface for Sleuth kit http://www.sleuthkit.org/autopsy/
Maltego forensics tools [DNS, social networks, whois, ..] https://www.paterva.com/web6/products/maltego.php
Tools & tutorials XSS http://www.securitydistro.com/security-tutorials/
Attack, forensics, scan, etc. http://avondale.good.net/dl/bd/www.indianz.ch/tools/
A real forensics example http://blog.nibbles.fr/1660
Linux Forensics tools on a cdrom http://www.deftlinux.net/
Intrusion detection 101 http://www.monkey.org/~dugsong/talks/ids/
Common intrusion detection framework http://www.isi.edu/gost/cidf/
The Coroner Toolkit and other tools http://www.porcupine.org/forensics
ACID PHP engine http://acidlab.sourceforge.net/
[lame] Lance Spitzner page http://www.spitzner.net/
FIRE [forensics tools on a CD] http://fire.dmzs.com/?section=tools&subsection=B
Nikto Web scanner, default password list http://www.cirt.net/code/nikto.shtml
The snort page http://www.snort.org
+ShellShock? etc.
Quelques infos pertinentes (ou pas)

Inside Shellshock: How hackers are using it to exploit systems https://blog.cloudflare.com/inside-shellshock/
+Webcams, VNC and security
Open VNC sites [w/o passwd ?] http://vncroulette.com/
http://www.webcamvue.com/default.asp
public with weak passwd admin:admin or admin:12345 https://www.insecam.org/en/
+White
nmap and privilege escalation https://kaizoku.dev/htb-devoops
Ethical hacking, malware analysis, etc. https://galogetlatorre.blogspot.com/
Infection Monkey: Breach and attack simulation on a LAN https://www.guardicore.com/infectionmonkey/docs/
List of pentesting tools https://prune2000.github.io/tools/pentest/
ssh honeypots [many other articles] https://nullprogram.com/blog/2012/05/19/
ssh tarpit https://nullprogram.com/blog/2019/03/22/
A landscape of ssh Linux backdoors https://www.welivesecurity.com/wp-content/uploads/2018/12/ESET-The_Dark_Side_of_the_ForSSHe.pdf
portspoof to lure pirates on (fake) open ports https://homputersecurity.com/2018/04/19/comment-tromper-les-pirates-avec-portspoof/
C99 webshell in php [WARNING : has a backdoor !!]
List of backdoor free webshells [but with http calls to Internet..] https://webshell.co/
Arachni :Web Application Security scanner/crawler http://www.arachni-scanner.com/
Exposés, forensics, outils d'analyse, de SEO, etc. https://www.hackersrepublic.org/
Creating a zipbomb to defend against black hat hackers https://blog.haschek.at/post/f2fda

+redirecting ssh attacks to the sender

  Si l'attaquant a un serveur ssh :
  socat -d -d TCP-L:22,reuseaddr,fork SYSTEM:"nc \$SOCAT_PEERADDR 22"
  FIXME : insérer dans iptables pour automatiser.

BT3 tool defense https://www.bt3.no/
Qubes OS : a relly secure OS based on Xen https://www.qubes-os.org/
Configuring Server Side TLS. Explains what to use, for what service, how it works https://wiki.mozilla.org/Security/Server_Side_TLS#Forward_Secrecy
OpenPGP? best practices. VPN, security https://help.riseup.net/en/security/message-security/openpgp/best-practices
ZMap and ZGrab to scan the entire Internet https://zmap.io/
DNS : not just names [CSS, Pentesting with DNS] https://docs.google.com/presentation/d/1HfXVJyXElzBshZ9SYNjBwJf_4MBaho6UcATTFwApfXw/preview?pli=1&sle=true#slide=id.p
About secured salted password hashing https://crackstation.net/hashing-security.htm
Chaos Computer Club video about X11 security http://media.ccc.de/browse/congress/2013/30C3_-_5499_-_en_-_saal_1_-_201312291830_-_x_security_-_ilja_van_sprundel.html
binary analysis of Windows PE, Android APK http://anubis.iseclab.org/
network tools for Unix windows security [nessus] https://dougvitale.wordpress.com/2012/03/02/tenable-nessus/#more-1430
Tails: a live OS to preserve anonimity [uses tor] https://tails.boum.org/
docs security black & white [hacks, network, tutorials, .. ] http://repo.zenk-security.com/
Lots of security utilities for Windows [anti rootkit, spyware, malware, ..] http://www.bleepingcomputer.com/download/windows/
About disk wiping erasing http://www.anti-forensics.com/disk-wiping-one-pass-is-enough
Linux Apache backdoor linux/Corked? http://www.welivesecurity.com/2013/04/26/linuxcdorked-new-apache-backdoor-in-the-wild-serves-blackhole/
Zalewski site security, tools http://lcamtuf.coredump.cx/
Postcard from XSS world http://lcamtuf.coredump.cx/postxss/
From SQL injection to shell Pentesterlab https://www.pentesterlab.com/from_sqli_to_shell_pg_edition.html
lots of exercises of security http://exploit-exercises.com/
Security, PHP and more http://www.suspekt.org/
Blog de Da Silva [sécurity] http://www.paulds.fr/
Database of loss databases http://datalossdb.org/
PHP local session poisoning http://ha.xxor.se/2011/09/local-session-poisoning-in-php-part-1.html
Samhain site [securing against rootkits] http://www.la-samhna.de/
AbsynteSQL? injection tool [sql injection] http://0x90.org/releases.php
Attack, crack, forensics, scan tools http://avondale.good.net/dl/bd/www.indianz.ch/tools/
HTML Code injection and Cros Side Scripting http://www.technicalinfo.net/papers/CSS.html
Switch sniff [ARP flooding] http://www.linuxjournal.com/article/5869
Gorilla Design Studio [block by localhost] http://accs-net.com/hosts/
Iframe exploit internals http://www.lurhq.com/
[lame] PHoss Protocol sniffer, default passwd DB, http://www.phenoelit.de/
A HUGE security archive Uptodate advisories) http://neworder.box.sk/
security forums http://forums.windowsecurity.com/
Net::Packet::Shell perl module is like Scapy
http://www.linuxsecurity.com/feature_stories/fingerprinting-http.html
Many RPC scan & test tools http://www.securityfriday.com/tools/RpcScan.html
The secure shell FAQ http://www.employees.org/%7Esatch/ssh/faq/
SSH frequently asked questions http://www.snailbook.com/faq/
Open Antivirus project http://www.openantivirus.org/
The Cyphepunks Home page (CSUA Berkeley) http://www.csua.berkeley.edu/cypherpunks/Home.html
The Stanford SRP authentication project http://srp.stanford.edu/
verifié ci-dessous 2018-12-11 12:21:57
Dave Dittrich home page (DDOS) http://staff.washington.edu/dittrich/
NSA SElinux https://www.nsa.gov/what-we-do/research/selinux/
Defacement list, advisories http://www.zone-h.org/
Gibson security page http://www.grc.com/
ATT paper on cryptography http://www.dtc.umn.edu/~odlyzko/
Engage security http://www.engagesecurity.com/
Kerberos papers and documentations http://www.isi.edu/gost/info/kerberos/documentation.html
Ian Jackson usrv : userv client and server http://www.chiark.greenend.org.uk/~ian/userv/
Threats to your security on Internet (how to remove trojans) http://www.commodon.com/threat/
Tempest (1999 legal issues) http://cryptome.org/tempest-law.htm
Av ira Antivirus personal edition http://www.free-av.com/
The metaesploit project http://www.metasploit.org/
Surf attack information http://www.pentics.net/denial-of-service/white-papers/smurf.cgi
NTSecurity nu http://ntsecurity.nu/
Secure IOS template http://www.cymru.com/%7Erobt/Docs/Articles/secure-ios-template.html
/freetools.htm
AVG free antivirus http://free.grisoft.com/freeweb.php/doc/2/