Bookmarks for 22 Apr 2016 through 23 Apr 2016

These are my links for 22 Apr 2016 through 23 Apr 2016:

  • How to use Powershell in an exploit · rapid7/metasploit-framework Wiki
    PowerShell is a scripting language developed by Microsoft. It provides API access to almost everything in a Windows platform, less detectable by countermeasures, easy to learn, therefore it is incredibly powerful for penetration testing during post exploitation, or exploit development for payload execution. Take Metasploit’s windows/smb/psexec_psh.rb module for example: it mimics the psexec utility from SysInternals, the payload is compressed and executed from the command line, which allows it to be somewhat stealthy against antivirus. There’s only less than 30 lines of code in psexec_psh.rb (excluding the metadata that describes what the module is about), because most of the work is done by the Powershell mixin, nothing is easier than that. The command line will automatically attempt to detect the architecture (x86 or x86_64) that it is being run in, as well as the payload architecture that it contains. If there is a mismatch it will spawn the correct PowerShell architecture to inject the payload into, so there is no need to worry about the architecture of the target system.
  • HOWTO use geoiplookup – Fail2ban
    You may be interested in a quick summary of the countries where the attacks come from. This document explains how to find these information.
  • IP Address Details – ipinfo.io – Simple, reliable, and affordable IP geolocation data.
  • Cryptocat – Chat with your friends, privately.Cryptocat is free software with a simple mission: everyone should be able to chat with their friends in privacy.Open source. All Cryptocat software is published transparently.
    Encrypted by default. Every message is encrypted, always.
    Forward secure. Chats can’t be decrypted even if your keys are stolen.
    Multiple devices. All devices linked to your account will receive forward secure messages, even when offline.
    File sharing. Securely share files with friends.
    Group chat. Chat with multiple buddies at once (coming soon).

Bookmarks for 25 nov 2015 through 2 dic 2015

These are my links for 25 nov 2015 through 2 dic 2015:

  • ipfs/ipfs · GitHub – IPFS (the InterPlanetary File System) is a new hypermedia distribution protocol, addressed by content and identities. IPFS enables the creation of completely distributed applications. It aims to make the web faster, safer, and more open. IPFS is a distributed file system that seeks to connect all computing devices with the same system of files. In some ways, this is similar to the original aims of the Web, but IPFS is actually more similar to a single bittorrent swarm exchanging git objects. You can read more about its origins in the paper IPFS – Content Addressed, Versioned, P2P File System. IPFS is becoming a new major subsystem of the internet. If built right, it could complement or replace HTTP. It could complement or replace even more. It sounds crazy. It is crazy. [ via http://blog.quintarelli.it/2015/12/ipfs-davvero-figo.html ]
  • SSL Library mbed TLS / PolarSSL: Download for free or buy a commercial license – mbed TLS (formerly known as PolarSSL) makes it trivially easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) products, facilitating this functionality with a minimal coding footprint.
  • Wox – An effective launcher for windows A full-featured launcher, access programs and web contents as you type. Be more productive ever since. Wox is free for use and open-sourced at Github, Try it now!

Bookmarks for 6 ago 2015 through 21 set 2015

These are my links for 6 ago 2015 through 21 set 2015:

  • /bin/bash based SSL/TLS tester: testssl.sh – testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more. [ via quasi.dot: https://delicious.com/farmando ]
  • Policy NAT for L2L VPN • LearnIOS.com – I kind of missed the wood for the trees here. The static policy NAT is failing because you are trying to map a network 192.168.0.0 to a single IP address 172.20.n.1. However it's just occured, why are you doing policy NAT for the Internet. I tested in lab and if you do this
  • Encrypted Data Bags on Cloud on AWS – Many customers have asked us how they should handle shared secrets, passwords and other sensitive data in Chef and now we have a good solution. With the release of our stable-v4 stack, we introduced Chef 10 to the platform, and with it came data bags. Now with the 3.0 release of the engineyard gem, we can officially support data bags and encrypted data bags. You may be wondering what data bags are, how data bags work or how to implement data bags. This blog post will walk you through the entire process.
  • How to set disk alignment in Linux | Dirty Cache – As you might know, if disk partitions containing Oracle datafiles are not aligned with the underlying storage system, then some I/O’s can suffer from some overhead as they are effectively translated in two I/O’s. If you want more info, google for “EMC disk alignment” and you’ll find plenty of information, explaining the issue.
  • Add Private Route 53 DNS to your AWS VPC | CloudTrek – A really cool feature of Amazon’s Route 53 DNS Management Service is the private hosted DNS zone.  Basically, you get the ability to manage the DNS in your private VPC without setting up your own DNS infrastructure (yuck!) [ Just a friendly reminder Note 1: the resolution is working only inside the VPC. Note 2: if you don't have the AmazonProvidedDNS in your DHCP-OPTION you won't resolve the zone. Note 3: if you are using linux, you can use as DNS 169.254.169.253 it won't work on windows 2008 Ref: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/hosted-zones-private.html http://aws.amazon.com/route53/faqs/ ]

Bookmarks for 3 dic 2014 from 13:03 to 13:41

These are my links for 3 dic 2014 from 13:03 to 13:41:

  • git-flow cheatsheet – git-flow are a set of git extensions to provide high-level repository operations for Vincent Driessen's branching model. more This cheatsheet shows the basic usage and effect of git-flow operations
  • Voluntary – […] Our goal is to create open source software that promotes freedom of expression, privacy and the decentralization of power with an eye towards usability […] (Just for OSX at the moment)
  • A Visual Git Reference – This page gives brief, visual reference for the most common commands in git. Once you know a bit about how git works, this site may solidify your understanding.
  • SSH_VPN – Community Help Wiki – This page discusses using SSH to set up SSH-based point to point connections, which can then be used to create routes that create virtual private networks. Note that using SSH in this fashion is not the "best" way to create a permanent, stable VPN. Notably, SSH uses TCP, and TCP over TCP can provide abysmal performance under pathological conditions.
  • VPN over SSH – This how-to is intended to cover the details of how to establish a VPN (Virtual Private Network) over a SSH connection. Starting with open-ssh 4.3, you can now use a ssh connection to set up a VPN. This is technically termed "layer-3 IP-in-SSH tunnelling" and is not using ssh to port forward (ssh -L ) or create a dynamic "application level" forwarding (SOCKS) (ssh -D ). Rather a VPN is established using a SSH connection to create a virtual interface, tun0. Advantages : IMO, this technique is easier to set up then openvpn, especially if you are using a single client. Works with most Linux distributions without the need to install any additional software on the clients. The server only needs openssh-server. This protocol uses udp to transmit tunneled tcp connections resulting in a more stable connection compared with port forwarding (using ssh with the -L or -D options). Disadvantages : As of yet I do not know of a windows client which will use this protocol. If you are needing to set up a VPN with numerous clients I would use openvpn. Although there are several "how-to's" on the web, most of them assume you know something about networking and routing. This page attempts to explain some of the "missing details".