BriskSec Security Cheatsheets
Analysis of following malware:
- Badrabbit
- NotPetya
- Lazarus
Exploit:
- EternalRomance (MS17-010)
VPN Services:
- NordVPN
- MonoVM
- Hacking Methodology: https://www.greycampus.com/opencampus/ethical-hacking/hacking-methodology
- Red Team Tips: https://vincentyiu.co.uk/red-team-tips/
- Red Teaming/Adversary Simulation Toolkit: https://github.com/infosecn1nja/Red-Teaming-Toolkit/blob/master/README.md
- Red Team Techniques: Gaining access on an external engagement through spear-phishing: https://blog.sublimesecurity.com/red-team-techniques-gaining-access-on-an-external-engagement-through-spear-phishing/
- Red Team Tips: https://vincentyiu.co.uk/red-team-tips/
- http://ired.team/
- Pasties: https://github.com/threatexpress/pasties/blob/master/pasties.md
- Red Team Scripts: https://github.com/threatexpress/red-team-scripts
- 101 Bash Commands and Tips for Beginners to Experts: https://dev.to/awwsmm/101-bash-commands-and-tips-for-beginners-to-experts-30je
- The Book of Secret Knowledge: https://github.com/trimstray/the-book-of-secret-knowledge
- Offensive Security Bookmarks: https://jivoi.github.io/2015/07/03/offensive-security-bookmarks/
- List of Awesome Red Teaming Resources: https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
- http://ired.team/offensive-security-experiments/offensive-security-cheetsheets
- Playbook for system hardening maintained by the #! security research team.: https://github.com/hashbang/hardening
- A binary that is a valid JAR, PE, ZIP, HTML: https://github.com/indrora/corkami/blob/master/src/mix/corkamix.asm / https://github.com/indrora/corkami/tree/master/src/mix
- Zip and Hach Collisions: https://github.com/corkami/collisions
- Crfting files in pure ASM: https://twitter.com/angealbertini/status/1088866350095835136
- Cisco
- CVE-2019-1653 - Allows a remote attacker to get sensitive device configuration details without a password.
- CVE-2019-1652 - Allows a remote attacker to inject and run admin commands on the device without a password.
- A Testing Environment for Manual Security Testers: https://github.com/pavanw3b/sh00t
- Damn Vulnerable Serverless Application: https://www.owasp.org/index.php/OWASP_DVSA
- https://discordapp.com/invite/VPFWfdt
- https://discordapp.com/invite/2AG6TCm
- https://discordapp.com/invite/4gHhxS8
- https://discordapp.com/invite/7Z2PmWP
- Malware Analysis (windows): https://github.com/GoSecure/malboxes
- Giant Board: https://groboards.com/
- ATT&CKing the Singapore Health Data Breach: https://bitofhex.com/2019/01/13/attack-and-singapore-breach/
- HELK Dashboard: https://github.com/Cyb3rWard0g/ATTACK-Python-Client/tree/master/integrations/helk_cti
- NFC Payments: Relay Attacks with LoRa: https://salmg.net/2019/01/12/nfc-payment-relay-attacks-with-lora/
- https://www.aliexpress.com/item/SX1278-ESP32-LoRa-0-96-Inch-Blue-OLED-Display-Bluetooth-WIFI-Lora-Kit-32-Module-IOT/32825749403.html
- https://www.aliexpress.com/item/13-56mHz-PN532-compatible-raspberry-pie-NFC-card-reader-module/2055119495.html?spm=2114.search0104.3.29.166f4b4fElzuKj&ws_ab_test=searchweb0_0,searchweb201602_5_10065_10068_10130_10890_10547_319_10546_317_10548_10545_10696_453_10084_454_10083_10618_431_10307_537_536_10059_10884_10887_100031_321_322_10103-10890,searchweb201603_53,ppcSwitch_0&algo_expid=8b42d885-fff2-4797-a3ea-3cfd99a32ed3-4&algo_pvid=8b42d885-fff2-4797-a3ea-3cfd99a32ed3&transAbTest=ae803_5
- Bundle Raspberry Pi 7" Touchscreen Display & Case : https://www.amazon.it/gp/product/B01M0AT5O5
- RPi Handheld: https://twitter.com/CrankyLinuxUser/status/1095111251510915075
- Privacy: https://www.privacynow.net/privacy-devices
- Network Gears: https://twitter.com/fouroctets/status/1092121490579906560
- Tools for capturing and analysing keyboard input paired with microphone capture: https://github.com/ggerganov/kbd-audio
- NES-style CSS Framework: https://nostalgic-css.github.io/NES.css/
- Invisible Watermarks with Space Characters in ASCII Files: https://github.com/Neo23x0/space-id
- universal command-line interface for SQL databases: https://github.com/xo/usql
- Video editing: https://twitter.com/digininja/status/1007936435129847808
- itty.bitty.site: https://itty.bitty.site/#How_it_Works/XQAAAAK4CgAAAAAAAAAeHMqHyTY4PyKmqfkwr6ooCXSIMxPQ7ojYR153HqZD3W+keVdvwyoyd+luwncAksxo8PWJs+831jtAVty8rDpGXmyebtxMTP3PSa4g8/593sWue8MDcpOgi1bQyEtfa0JNQZ6T1I/xyNULg1rpwWgE2Y9BnqDq8fDN1N+nd58bizHxZrkeBhdg8inSQ/xKDX7JxpEnuwOAh4FOfn3+EHSxzhJsdQjZfh3lk4tTCDexgFND30Ea3NmmJGK84pdMtEVlcmKC5lrnUNmgoJa3QFsHJkr5595tk03idElTDVhmcQI3jSvPrkTVFTnSLeARVZXV/EUiF0y7+cR3bVkLoTkamZWDMiCTY2Xhv0LdNqWlb/xxyk6takRLrNnS8DkifXEbevTbJOUamuK7uy55kL61btF+/lYNHLWGbh1ckCYglReWWMlM0k4uuqM24okcS74tHtOW3Y5HZYBmPvRR+ItSrZPvbj3kbztOrWapUp7nAzgfIjYoBV/4xOXpFbbaHRft5GICE5Mr1PQhmW/nB63nTpnR+7UdHag8WIMa7nf+NvTPKC5MmQnKzhaMuqEnwGgcM5vkWbekimBclkGJwTGeyhxL7N6hivY+KS3H7vcOSFHXGr7K3PBIQZbywqQiimQ6B6zu4RvH7ZZ3ZN++ii00HKM0FPMcNHuOnL99vAxEl6TEFnx4J4+fwzJwNbuut30TFMBgcrE4iKAGncFIHmvOstFWxE+VlvTLC+uy6XArTO8BdfmbByGiyFv8Al7HqLAzGShdGWNzJ6cPpRwMAmWl5GNRA4qwjQAlfF1dtTwfIXSWOL7AyRwxPs27uY2cvVHCdmVVTNDYiTzHeKX6D9e2ApDRFD6pgcA9VMVP6UeOdVdmwRJ+iLTwQuCdLbVWzQ5T2i/chlihD+RawylXJQ8bKvxW9egXGcrgR5dyKaZCr8nBrArAgtRLR7PdqBQQbr5VodBvPc2FP3fZ6UuQVI1Kg4KcY44GIU5vnlM029TU+ibO2iSX3FhusTFhyOxl4TjjkuXBqA1V7Ha/Op2m8QZaP68p7AAZPOcTHAwP5PxENqIf8qS2aaG2Fiwp5rNED3LhPMjtN54klBYylr5hSAr0TD8J+XwFds8Gq9LToLE8Cq7XNJnE9RqNudIozaMWkfc6PRFjp/aH87x97nPDelKKHGyUEnGJyobw45BOhJMKzZST0VA5v+uQQo0djDXc0UXwzNRIWeBLuUJQpaXZY2gZMuLiSERgyDHg2MBI6trWsyb3ZWbFS4rm8Gq2dxfih3Kj6MdNapUo/jltQ31nx2LepJCQe9DNNF6JEMecls6dHTAM2RfHxEODSSKkF17FfjRLRAfxCK927UvizAxxggP5S/HrX6mGc5xonBy3StLd16thiAG860IdvFyBKfE6+CIhe2jzIwIofNiBILYlKA61vKkjlfZjqsUGDLi426U/Y8bdpxfg7FX1gqNEHeVM17dlBTO7pNOnKyeM2xmLoE7lr92/VIrxJ2OqNfcHu9XjrD6l71vU083VwwAq8Vencm9xLAlDyy3/6BB0kRBiJbjayYrLUbQyMGTFfEvOPmc/zJjfdnqHmg5O/0kuzf2+w5CHD426iPngjmiTo5Snlf+qW8emK/ltnQQIv2ufykH+Px3XZM+zsOclAyHI5MbCKBKeT6j5geCiz3uqci1w5ZlpRjtJWUT6zCj8Fx1eg4F4ov51gaODKV+QQWeFJSyuVTm3Nu2i7AbhKikNzb3RBeQinEh9KrhHc+o4JGezOU55h1UZtonB0+J5dfBRqHnc+6HaXfTmcLrMZjWErq15cBmC0Kx6BNyqP3uGhMUSF+OuIzffEX9fGUNDpUtCjKdbml8uF43e4fN8o10TxYkbggTcyYKI+xWHMyKM2tjOideyDwt33minfEy/JgSLsihBnBua9sfXCg32/+i2okk=
- Multitail - Look at multiple log files in the same time