These are my links for 22 Apr 2016 through 23 Apr 2016:
- How to use Powershell in an exploit · rapid7/metasploit-framework Wiki
PowerShell is a scripting language developed by Microsoft. It provides API access to almost everything in a Windows platform, less detectable by countermeasures, easy to learn, therefore it is incredibly powerful for penetration testing during post exploitation, or exploit development for payload execution. Take Metasploit’s windows/smb/psexec_psh.rb module for example: it mimics the psexec utility from SysInternals, the payload is compressed and executed from the command line, which allows it to be somewhat stealthy against antivirus. There’s only less than 30 lines of code in psexec_psh.rb (excluding the metadata that describes what the module is about), because most of the work is done by the Powershell mixin, nothing is easier than that. The command line will automatically attempt to detect the architecture (x86 or x86_64) that it is being run in, as well as the payload architecture that it contains. If there is a mismatch it will spawn the correct PowerShell architecture to inject the payload into, so there is no need to worry about the architecture of the target system.
- HOWTO use geoiplookup – Fail2ban
You may be interested in a quick summary of the countries where the attacks come from. This document explains how to find these information.
- IP Address Details – ipinfo.io – Simple, reliable, and affordable IP geolocation data.
- Cryptocat – Chat with your friends, privately.Cryptocat is free software with a simple mission: everyone should be able to chat with their friends in privacy.Open source. All Cryptocat software is published transparently.
Encrypted by default. Every message is encrypted, always.
Forward secure. Chats can’t be decrypted even if your keys are stolen.
Multiple devices. All devices linked to your account will receive forward secure messages, even when offline.
File sharing. Securely share files with friends.
Group chat. Chat with multiple buddies at once (coming soon).
These are my links for 3 dic 2014 from 13:03 to 13:41:
- git-flow cheatsheet – git-flow are a set of git extensions to provide high-level repository operations for Vincent Driessen's branching model. more This cheatsheet shows the basic usage and effect of git-flow operations
- Voluntary – […] Our goal is to create open source software that promotes freedom of expression, privacy and the decentralization of power with an eye towards usability […] (Just for OSX at the moment)
- A Visual Git Reference – This page gives brief, visual reference for the most common commands in git. Once you know a bit about how git works, this site may solidify your understanding.
- SSH_VPN – Community Help Wiki – This page discusses using SSH to set up SSH-based point to point connections, which can then be used to create routes that create virtual private networks. Note that using SSH in this fashion is not the "best" way to create a permanent, stable VPN. Notably, SSH uses TCP, and TCP over TCP can provide abysmal performance under pathological conditions.
- VPN over SSH – This how-to is intended to cover the details of how to establish a VPN (Virtual Private Network) over a SSH connection. Starting with open-ssh 4.3, you can now use a ssh connection to set up a VPN. This is technically termed "layer-3 IP-in-SSH tunnelling" and is not using ssh to port forward (ssh -L ) or create a dynamic "application level" forwarding (SOCKS) (ssh -D ). Rather a VPN is established using a SSH connection to create a virtual interface, tun0. Advantages : IMO, this technique is easier to set up then openvpn, especially if you are using a single client. Works with most Linux distributions without the need to install any additional software on the clients. The server only needs openssh-server. This protocol uses udp to transmit tunneled tcp connections resulting in a more stable connection compared with port forwarding (using ssh with the -L or -D options). Disadvantages : As of yet I do not know of a windows client which will use this protocol. If you are needing to set up a VPN with numerous clients I would use openvpn. Although there are several "how-to's" on the web, most of them assume you know something about networking and routing. This page attempts to explain some of the "missing details".
These are my links for 26 ago 2014 from 11:20 to 11:53:
- claudioc/jingo – A git based wiki engine written for node.js, with a decent design, a search capability and a good typography.
- fastmonkeys/stellar – Stellar allows you to quickly restore database when you are e.g. writing database migrations, switching branches or messing with SQL. PostgreSQL and MySQL are supported.
- Sandstorm Apps – This page is for people who already have a Sandstorm instance set up. Use the buttons below to install apps.
- Sandstorm – Sandstorm's server-side sandboxing is based on the same underlying Linux kernel features as LXC and Docker. We use the system calls directly for finer-grained control.
- apenwarr/sshuttle – Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
These are my links for 26 feb 2014 through 3 mar 2014:
- Introducing Kite ! – Kite is a gmail clone you can install on a server of your own. It's pretty limited for the moment, but I hope to get something usable in the next few months.
- Mailpile: Let’s take e-mail back! – Mailpile is email software (an app) that runs on your desktop or laptop computer. You interact with the program using your web browser. The goal of Mailpile is to allow people to send e-mail in a more secure and private manner than before.
- xml2csv-conv – Command line XML to CSV converter – Google Project Hosting – xml2csv-conv is command line tool for converting data from XML schema to CSV. The tool has many command line options. The software is platform independent and was written in Java language.
- Authenticating other services against AD – SambaWiki – Maybe you finished setting up your new/migrated samba4 domain and having now the job to hook up several other services to Active Directory or LDAP. Then you will find here a place for configuration examples. Please keep in mind, that some of the examples here may only work on specific plattforms and/or distributions and have to be adapted.
- Eight Ways to Blacklist with Apache\’s mod_rewrite | Perishable Press – With the imminent release of the next series of (4G) blacklist articles here at Perishable Press, now is the perfect time to examine eight of the most commonly employed blacklisting methods achieved with Apache’s incredible rewrite module, mod_rewrite. In addition to facilitating site security, the techniques presented in this article will improve your understanding of the different rewrite methods available with mod_rewrite.