Git-Mirrors/sec-pentesting-toolkit
1
0
Fork 0
mirror of https://github.com/autistic-symposium/sec-pentesting-toolkit.git synced 2025-05-17 06:02:17 -04:00
Code Issues Projects Releases Packages Wiki Activity
👾 a decade of resources for security researchers: pentesting, CTF, wargames, cryptography, forensics, reverse engineering, IoCs, botnets, cloud hacking, linux hacking, steganography, vulnerabilities, etc.
31 commits 1 branch 0 tags 258 MiB
Find a file
Mari Wahl bdcecd360b reorganizing
2014-11-03 11:05:34 -05:00
Cryptography reorganizing 2014-11-03 11:05:34 -05:00
CTFs_and_WarGames Reorganized 2014-11-03 10:49:17 -05:00
Forensics Reorganized 2014-11-03 10:49:17 -05:00
Linux_Hacking Reorganized 2014-11-03 10:49:17 -05:00
Memory_Exploits Reorganized 2014-11-03 10:49:17 -05:00
Network_and_802.11 Reorganized 2014-11-03 10:49:17 -05:00
Other_Hackings Reorganized 2014-11-03 10:49:17 -05:00
Reverse_Engineering reorganizing 2014-11-03 11:05:34 -05:00
Rubber_Duck Reorganized 2014-11-03 10:49:17 -05:00
Steganography reorganizing 2014-11-03 11:05:34 -05:00
Web_Exploits reorganizing 2014-11-03 11:05:34 -05:00
.gitignore Initial commit 2014-09-27 11:16:45 -04:00
LICENSE Initial commit 2014-09-27 11:16:45 -04:00
README.md reorganizing 2014-11-03 11:05:34 -05:00

README.md

My-Gray-Hacker-Resources

All in one big bag. For fun, profits, or CTFs.

* CTFs and WARGAMES

* CRYPTOGRAPHY

* FORENSICS

* LINUX HACKING

* MEMORY EXPLOITS

* NETWORK and 802.11

* REVERSE ENGINEERING

* RUBBER DUCK

* STEGANOGRAPHY

* WEB EXPLOITS

* OTHER HACKINGS

Useful

Searching

grep word f1
 
sort | uniq -c
 
diff f1 f2
 
find -size f1

Compressed Files

zcat f1 > f2
 
gzip -d file
 
bzip2 -d f1
 
tar -xvf file

Connecting to a Server/Port

echo 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e | nc localhost 30000
 
openssl s_client -connect localhost:30001 -quiet
 
nmap -p 31000-32000 localhost
 
telnet localhost 3000

Decoders

Base64

ASCII Conversion Table

Convert All

  • In Python:

  • Decimal to binary

>>> bin(124234)
'0b11110010101001010'
  • Decimal to hex:
>>> s =hex(secret)
  • Hexadecimal to binary:
SECRET.decode('hex')
'==QcCtmMml1ViV3b'

$ python -c 'print "2f722f6e6574736563".decode("hex")'
  • Hex to ascii:
$ xxd -r -p <<< 2f722f6e6574736563
  • Base64 decode:
>>> SECRET.decode('base64')
'oubWYf2kBq'

Recon

Searching the Internets

The recon problems usually give you someone/something's name and a task or a hint to find some specific information about it. So the first thing is of course google it.

Google anything using keywords such as filetype:cgi inurl:cgi-bin

In addition we can look at:

  • Facebook, Twitter, Linkedin, Google+, reddit, /r/netsec.
  • IRC: with **/whois **.
  • namechk
  • Github: check in the commit history.

Finding pictures: