Git-Mirrors/sec-pentesting-toolkit
1
0
Fork 0
mirror of https://github.com/autistic-symposium/sec-pentesting-toolkit.git synced 2025-04-25 18:19:07 -04:00
Code Issues Packages Projects Releases Wiki Activity

will finish later

Browse Source
This commit is contained in:
bt3 2015-11-26 20:06:00 -08:00
parent 49f110ff81
commit 58bd787cc3
4 changed files with 64 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
.DS_Store vendored
View File

Binary file not shown.

58
Forensics/README.md
View File

@ -2,6 +2,52 @@
## Disk Forensics
### Basic useful CLI tools:
#### ps
Show the processes for all users (a), displaying the process's user/ownser (u), and the processes that are not attached to a terminal (x):
```shell
$ ps aux
```
Display the full listing of all processes (useful for finding underisable processes):
```shell
$ ps ef
```
#### lsof
Display a specific pricess in more details, by displaying the files and ports associated with that process.
```shell
$ lsof -p
```
Display processes running form or acessing files that have been unlinked:
```shell
$ lsof +L1
```
#### find
```shell
$ find / -uid 0
```
### arp
Display all MAC to IP address mapping of the system (useful for finding addresses of systems that are not part of the network.
```shell
$ arp -a
```
Others: uptime, free, df.
### dd
### strings
@ -11,6 +57,8 @@ $ strings /tmp/mem.dump | grep BOOT_
$ BOOT_IMAGE=/vmlinuz-3.5.0-23-generic
```
### scalpel
### TrID
@ -21,8 +69,6 @@ $ BOOT_IMAGE=/vmlinuz-3.5.0-23-generic
### ExifTool
### Hex editors
### dff
### CAINE
@ -40,11 +86,13 @@ $ BOOT_IMAGE=/vmlinuz-3.5.0-23-generic
### Volatility: Analysing Dumps
* [I have a lot of material on Volatility and Memory Forensics here](volatility.md)
* I highly reccomend their training.
* [Lots of material on Volatility and Memory Forensics here](volatility.md)
* [On OSX Memory Forensics](osx_memory_forensics.md)
* I highly recommend their training.
---------------
### Scripts
## Scripts
#### PDFs
Tools to test a PDF file:

3
Forensics/osx_memory_forensics.md Normal file
View File

@ -0,0 +1,3 @@
# OSX Forensics
(tbw)

9
README.md
View File

@ -1,4 +1,4 @@
# My-Gray-Hacker-Resources
# Gray Hacker Resources
All in one big bag. Educational purposes.
@ -78,6 +78,13 @@ telnet localhost 3000
### Books I Recommend
#### Technical
- [Bulletproof SSL and TLS](http://www.amazon.com/gp/product/1907117040?psc=1&redirect=true&ref_=oh_aui_detailpage_o06_s00)
- [Reversing: Secrets of Reverse Engineering](http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764574817)
- [The Art of Memory Forensics](http://www.amazon.com/gp/product/1118825098?psc=1&redirect=true&ref_=oh_aui_search_detailpage)
- [The C Programming Language](http://www.amazon.com/gp/product/0131103628?psc=1&redirect=true&ref_=oh_aui_search_detailpage)
- [The Unix Programming Environment](http://www.amazon.com/gp/product/013937681X?psc=1&redirect=true&ref_=oh_aui_search_detailpage)
- [UNIX Network Programming](http://www.amazon.com/gp/product/0139498761?psc=1&redirect=true&ref_=oh_aui_search_detailpage)
- [Threat Modeling: Designing for Security](http://www.amazon.com/Threat-Modeling-Designing-Adam-Shostack/dp/1118809998)
- [The Tangled Web](http://www.amazon.com/The-Tangled-Web-Securing-Applications/dp/1593273886)
- [The Art of Exploitation](http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441)
- [The Art of Software Security Assessment](http://www.amazon.com/The-Software-Security-Assessment-Vulnerabilities/dp/0321444426)