Git-Mirrors/sec-pentesting-toolkit
1
0
Fork 0
mirror of https://github.com/autistic-symposium/sec-pentesting-toolkit.git synced 2025-04-28 11:36:08 -04:00
Code Issues Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Mia von Steinkirch 2019-10-27 13:12:01 -07:00 committed by GitHub
parent c5fcac5e21
commit 8903d81877
1 changed files with 8 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
README.md
View File

@ -1,4 +1,4 @@
# Gray Hacker Resources
# Pentesting Resources
All information and software available on this site are for educational purposes only. Use these at your own discretion, the site owners cannot be held responsible for any damages caused. The views expressed on this site are our own and do not necessarily reflect those of our employers.
@ -6,7 +6,7 @@ Usage of all tools on this site for attacking targets without prior mutual conse
This work is licensed under a [Creative Commons Attribution-ShareAlike 4.0 International License](http://creativecommons.org/licenses/by-sa/4.0/).
## Resource in this Repository
## Sessions
* [CTFs and WARGAMES](https://github.com/bt3gl/Gray_Hacking_Toolkit/tree/master/CTFs_and_WarGames)
* [CRYPTOGRAPHY](https://github.com/bt3gl/Gray_Hacking_Toolkit/tree/master/Cryptography)
@ -27,6 +27,8 @@ This work is licensed under a [Creative Commons Attribution-ShareAlike 4.0 Inter
----
## Additional References
### Post-Exploitation
* [Metasploit Post Exploitation Command List](https://docs.google.com/document/d/1ZrDJMQkrp_YbU_9Ni9wMNF2m3nIPEA_kekqqqA2Ywto/edit)
@ -35,63 +37,8 @@ This work is licensed under a [Creative Commons Attribution-ShareAlike 4.0 Inter
* [Windows Post-Exploitation Command List](https://docs.google.com/document/d/1U10isynOpQtrIK6ChuReu-K1WHTJm4fgG3joiuz43rw/edit?hl=en_US).
* [Linux/Unix/BSD Post-Exploitation Command List](https://docs.google.com/document/d/1ObQB6hmVvRPCgPTRZM5NMH034VDM-1N-EWPRz2770K4/edit?hl=en_US).
----
### Useful CLI
#### Searching
```
grep word f1
sort | uniq -c
diff f1 f2
find -size f1
```
#### Compressed Files
```
zcat f1 > f2
gzip -d file
bzip2 -d f1
tar -xvf file
```
#### Connecting to a Server/Port
```
nc localhost 30000
echo 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e | nc localhost 30000
openssl s_client -connect localhost:30001 -quiet
nmap -p 31000-32000 localhost
telnet localhost 3000
```
----
## References:
#### Security analyzers and scanners for CI/CD pipelines
### CI/CD pipelines
* Static code security analyzers: [SonarQube](https://www.sonarqube.org/) (Javascript scanner), [NodeJsScan](https://github.com/ajinabraham/NodeJsScan).
* Package dependency security analyzers: [Snyk](https://snyk.io/)
@ -105,7 +52,6 @@ telnet localhost 3000
### Books
#### Technical
- [Bulletproof SSL and TLS](http://www.amazon.com/gp/product/1907117040?psc=1&redirect=true&ref_=oh_aui_detailpage_o06_s00)
- [Reversing: Secrets of Reverse Engineering](http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764574817)
- [The Art of Memory Forensics](http://www.amazon.com/gp/product/1118825098?psc=1&redirect=true&ref_=oh_aui_search_detailpage)
@ -124,20 +70,13 @@ telnet localhost 3000
- [Practice Malware Analysis](https://www.nostarch.com/malware)
#### Articles:
* [Continuous security](https://www.infoq.com/news/2019/08/continuous-security/).
* [How to not get hacked](https://kubernetes.io/blog/2018/07/18/11-ways-not-to-get-hacked/).
#### Fun
### Entertainment
- [Spam Nation](http://www.amazon.com/Spam-Nation-Organized-Cybercrime-Epidemic/dp/1492603236/ref=tmm_pap_swatch_0?_encoding=UTF8&sr=&qid=)
- [The Art of Intrusion](http://www.amazon.com/The-Art-Intrusion-Intruders-Deceivers/dp/0471782661http://www.amazon.com/The-Art-Intrusion-Intruders-Deceivers/dp/0471782661)
- [This Machine Kills Secrets](http://www.amazon.com/This-Machine-Kills-Secrets-Whistleblowers/dp/0142180491/ref=sr_1_1?s=books&ie=UTF8&qid=1436039456&sr=1-1&keywords=this+Machine+Kills+Secrets)
### Other Resources
- Krebs Series on how to be in InfoSec: [Thomas Ptacek](http://krebsonsecurity.com/2012/06/how-to-break-into-security-ptacek-edition/#more-15594), [Bruce Schneier](http://krebsonsecurity.com/2012/07/how-to-break-into-security-schneier-edition/#more-15592), [Charlie Miller](http://krebsonsecurity.com/category/how-to-break-into-security/)
- [How to be a InfoSec Geek](http://www.primalsecurity.net/how-to-be-an-infosec-geek/)
- [Continuous security](https://www.infoq.com/news/2019/08/continuous-security/).
- [How to not get hacked](https://kubernetes.io/blog/2018/07/18/11-ways-not-to-get-hacked/).