Bookmarks for 22 Apr 2016 through 23 Apr 2016

These are my links for 22 Apr 2016 through 23 Apr 2016:

  • How to use Powershell in an exploit · rapid7/metasploit-framework Wiki
    PowerShell is a scripting language developed by Microsoft. It provides API access to almost everything in a Windows platform, less detectable by countermeasures, easy to learn, therefore it is incredibly powerful for penetration testing during post exploitation, or exploit development for payload execution. Take Metasploit’s windows/smb/psexec_psh.rb module for example: it mimics the psexec utility from SysInternals, the payload is compressed and executed from the command line, which allows it to be somewhat stealthy against antivirus. There’s only less than 30 lines of code in psexec_psh.rb (excluding the metadata that describes what the module is about), because most of the work is done by the Powershell mixin, nothing is easier than that. The command line will automatically attempt to detect the architecture (x86 or x86_64) that it is being run in, as well as the payload architecture that it contains. If there is a mismatch it will spawn the correct PowerShell architecture to inject the payload into, so there is no need to worry about the architecture of the target system.
  • HOWTO use geoiplookup – Fail2ban
    You may be interested in a quick summary of the countries where the attacks come from. This document explains how to find these information.
  • IP Address Details – ipinfo.io – Simple, reliable, and affordable IP geolocation data.
  • Cryptocat – Chat with your friends, privately.Cryptocat is free software with a simple mission: everyone should be able to chat with their friends in privacy.Open source. All Cryptocat software is published transparently.
    Encrypted by default. Every message is encrypted, always.
    Forward secure. Chats can’t be decrypted even if your keys are stolen.
    Multiple devices. All devices linked to your account will receive forward secure messages, even when offline.
    File sharing. Securely share files with friends.
    Group chat. Chat with multiple buddies at once (coming soon).

Bookmarks for 25 nov 2015 through 2 dic 2015

These are my links for 25 nov 2015 through 2 dic 2015:

  • ipfs/ipfs · GitHub – IPFS (the InterPlanetary File System) is a new hypermedia distribution protocol, addressed by content and identities. IPFS enables the creation of completely distributed applications. It aims to make the web faster, safer, and more open. IPFS is a distributed file system that seeks to connect all computing devices with the same system of files. In some ways, this is similar to the original aims of the Web, but IPFS is actually more similar to a single bittorrent swarm exchanging git objects. You can read more about its origins in the paper IPFS – Content Addressed, Versioned, P2P File System. IPFS is becoming a new major subsystem of the internet. If built right, it could complement or replace HTTP. It could complement or replace even more. It sounds crazy. It is crazy. [ via http://blog.quintarelli.it/2015/12/ipfs-davvero-figo.html ]
  • SSL Library mbed TLS / PolarSSL: Download for free or buy a commercial license – mbed TLS (formerly known as PolarSSL) makes it trivially easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) products, facilitating this functionality with a minimal coding footprint.
  • Wox – An effective launcher for windows A full-featured launcher, access programs and web contents as you type. Be more productive ever since. Wox is free for use and open-sourced at Github, Try it now!

Bookmarks for 6 ago 2015 through 21 set 2015

These are my links for 6 ago 2015 through 21 set 2015:

  • /bin/bash based SSL/TLS tester: testssl.sh – testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more. [ via quasi.dot: https://delicious.com/farmando ]
  • Policy NAT for L2L VPN • LearnIOS.com – I kind of missed the wood for the trees here. The static policy NAT is failing because you are trying to map a network 192.168.0.0 to a single IP address 172.20.n.1. However it's just occured, why are you doing policy NAT for the Internet. I tested in lab and if you do this
  • Encrypted Data Bags on Cloud on AWS – Many customers have asked us how they should handle shared secrets, passwords and other sensitive data in Chef and now we have a good solution. With the release of our stable-v4 stack, we introduced Chef 10 to the platform, and with it came data bags. Now with the 3.0 release of the engineyard gem, we can officially support data bags and encrypted data bags. You may be wondering what data bags are, how data bags work or how to implement data bags. This blog post will walk you through the entire process.
  • How to set disk alignment in Linux | Dirty Cache – As you might know, if disk partitions containing Oracle datafiles are not aligned with the underlying storage system, then some I/O’s can suffer from some overhead as they are effectively translated in two I/O’s. If you want more info, google for “EMC disk alignment” and you’ll find plenty of information, explaining the issue.
  • Add Private Route 53 DNS to your AWS VPC | CloudTrek – A really cool feature of Amazon’s Route 53 DNS Management Service is the private hosted DNS zone.  Basically, you get the ability to manage the DNS in your private VPC without setting up your own DNS infrastructure (yuck!) [ Just a friendly reminder Note 1: the resolution is working only inside the VPC. Note 2: if you don't have the AmazonProvidedDNS in your DHCP-OPTION you won't resolve the zone. Note 3: if you are using linux, you can use as DNS 169.254.169.253 it won't work on windows 2008 Ref: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/hosted-zones-private.html http://aws.amazon.com/route53/faqs/ ]

Bookmarks for 3 dic 2014 from 13:03 to 13:41

These are my links for 3 dic 2014 from 13:03 to 13:41:

  • git-flow cheatsheet – git-flow are a set of git extensions to provide high-level repository operations for Vincent Driessen's branching model. more This cheatsheet shows the basic usage and effect of git-flow operations
  • Voluntary – […] Our goal is to create open source software that promotes freedom of expression, privacy and the decentralization of power with an eye towards usability […] (Just for OSX at the moment)
  • A Visual Git Reference – This page gives brief, visual reference for the most common commands in git. Once you know a bit about how git works, this site may solidify your understanding.
  • SSH_VPN – Community Help Wiki – This page discusses using SSH to set up SSH-based point to point connections, which can then be used to create routes that create virtual private networks. Note that using SSH in this fashion is not the "best" way to create a permanent, stable VPN. Notably, SSH uses TCP, and TCP over TCP can provide abysmal performance under pathological conditions.
  • VPN over SSH – This how-to is intended to cover the details of how to establish a VPN (Virtual Private Network) over a SSH connection. Starting with open-ssh 4.3, you can now use a ssh connection to set up a VPN. This is technically termed "layer-3 IP-in-SSH tunnelling" and is not using ssh to port forward (ssh -L ) or create a dynamic "application level" forwarding (SOCKS) (ssh -D ). Rather a VPN is established using a SSH connection to create a virtual interface, tun0. Advantages : IMO, this technique is easier to set up then openvpn, especially if you are using a single client. Works with most Linux distributions without the need to install any additional software on the clients. The server only needs openssh-server. This protocol uses udp to transmit tunneled tcp connections resulting in a more stable connection compared with port forwarding (using ssh with the -L or -D options). Disadvantages : As of yet I do not know of a windows client which will use this protocol. If you are needing to set up a VPN with numerous clients I would use openvpn. Although there are several "how-to's" on the web, most of them assume you know something about networking and routing. This page attempts to explain some of the "missing details".

Bookmarks for 28 ott 2014 from 01:01 to 01:04

These are my links for 28 ott 2014 from 01:01 to 01:04:

  • VeraCrypt – Home – VeraCrypt adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. It also solves many vulnerabilities and security issues found in TrueCrypt.
  • Mac Linux USB Loader by SevenBits – Mac Linux USB Loader is an application that allows you to create bootable USB drives containing a Linux distribution that can boot natively on Apple's Macintosh computers using their EFI system, regardless of whether or not the selected distribution has UEFI support. It is available in English, Spanish and Traditional Chinese.
  • Building a (Cheap) 2×10 Gbit (Continuous) Packet Recorder using n2disk and PF_RING – Continuous packet recorders are devices that capture network traffic and save it to disk. The term continuous means that this activity is performed “continuously” until the device is active and not just for a few minutes.

Bookmarks for 22 giu 2014 through 23 giu 2014

These are my links for 22 giu 2014 through 23 giu 2014:

Bookmarks for 13 mar 2014 through 18 mar 2014

These are my links for 13 mar 2014 through 18 mar 2014:

  • Observium – Observium is an autodiscovering SNMP based network monitoring platform written in PHP which includes support for a wide range of network hardware and operating systems including Cisco, Windows, Linux, HP, Dell, FreeBSD, Juniper, Brocade, Netscaler, NetApp and many more. Observium has grown out of a lack of network monitoring platforms which are both simple to manage and pleasant to use. It is intended to provide a navigable interface to the health and performance of your network. Its design goals include collecting as much historical data about devices as possible, using as much auto-discovery as possible with little or no manual intervention, and having a very intuitive interface. Observium is not intended to replace an up/down alerting system like Icinga or Nagios, but rather to complement it with an easy to manage, intuitive representation of historical and current performance statistics, configuration visualisation and syslog capture.
  • nikratio / S3QL — Bitbucket – S3QL is a file system that stores all its data online using storage services like Google Storage, Amazon S3, or OpenStack. S3QL effectively provides a hard disk of dynamic, infinite capacity that can be accessed from any computer with internet access running Linux, FreeBSD or OS-X. S3QL is a standard conforming, full featured UNIX file system that is conceptually indistinguishable from any local file system. Furthermore, S3QL has additional features like compression, encryption, data de-duplication, immutable trees and snapshotting which make it especially suitable for online backup and archival. S3QL is designed to favor simplicity and elegance over performance and feature-creep. Care has been taken to make the source code as readable and serviceable as possible. Solid error detection and error handling have been included from the very first line, and S3QL comes with extensive automated test cases for all its components.
  • Secure encrypted backup using duplicity for Linux and Mac – I have been looking for a replacement alternative to Dropbox which I use on my Mac mainly for backups (I rarely use the sharing). The requirements were secure encrypted backup (where I control the keys) and “intelligence” so incremental backups could be performed i.e. not copying everything every time[…]
  • Duplicati – Duplicati is a free backup client that securely stores encrypted, incremental, compressed backups on cloud storage services and remote file servers. It works with Amazon S3, Windows Live SkyDrive, Google Drive (Google Docs), Rackspace Cloud Files or WebDAV, SSH, FTP (and many more).   Duplicati has built-in AES-256 encryption and backups can be signed using GNU Privacy Guard. A built-in scheduler makes sure that backups are always up-to-date. Last but not least, Duplicati provides various options and tweaks like filters, deletion rules, transfer and bandwidth options to run backups for specific purposes. Duplicati is licensed under LGPL and available for Windows and Linux (.NET 2.0+ or Mono required). The Duplicati project was inspired by duplicity. Duplicati and duplicity are similar but not compatible. Duplicati is available in English, Spanish, French, German, Danish, Portugese, Italian, and Chinese.
  • MindTerm SSH Client 3.1.2 Signed Java Applet – Java SSH Client MindTerm SSH is a fully functional SSH client written in Java. This page presents Mindterm in the form of an applet. Please wait for the applet to load, it will load automatically once the archive is downloaded, be patient.

Bookmarks for 24 ott 2013 through 13 nov 2013

These are my links for 24 ott 2013 through 13 nov 2013:

Bookmarks for 10 apr 2012 through 13 apr 2012

These are my links for 10 apr 2012 through 13 apr 2012:

  • php:zerobin [sebsauvage] – ZeroBin is a minimalist, opensource online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES. You can test it online.
  • logstash – open source log management – logstash is a tool for managing events and logs. You can use it to collect logs, parse them, and store them for later use (like, for searching). Speaking of searching, logstash comes with a web interface for searching and drilling into all of your logs.

    It is fully free and fully open source. The license is Apache 2.0, meaning you are pretty much free to use it however you want in whatever way.

  • Exploit Exercises – exploit-exercises.com provides a variety of virtual machines, documentation and challenges that can be used to learn about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering.

    [ via http://www.afhome.org ]