Knowledge Base for Penetration Testing
OBJECTIVES COVERED Given a scenario, utilize threat intelligence to support organizational security. Explain the importance of proactive threat hunting. Intelligence-driven defense lends itself to proactive techniques for securing IT systems. Knowledge of adversary TTPs can be used for effective threat modeling, making risk and vulnerability assessment more efficient. You can also use threat intelligence to […]
OBJECTIVES COVERED Explain the importance of threat data and intelligence. Given a scenario, utilize threat intelligence to support organizational security. While classifying threat actor types provides basic insights into adversary motivations and capabilities, the diversity of threat actors in the modern security landscape requires more sophisticated tools to provide actionable threat intelligence. In this topic […]
Lesson Introduction Cybersecurity is a mature discipline with well-established terminology and procedures. Part of this terminology concerns the identification of threats and threat actors, and of attack frameworks and indicators. You must be able to use threat intelligence and attack frameworks to model likely risks to your organization and perform threat hunting to proactively determine […]
Lesson Introduction As a new or recently practicing cybersecurity analyst, you must be able to demonstrate the importance of security intelligence and threat intelligence. As understanding of threat types and actors grows, those threat actors change their tactics and procedures to escape detection. Consequently, identifying and updating robust intelligence sources and setting up effective information […]
This is a great tool that will decompile an apk into source or smali code and scan for vulnerabilities. https://github.com/MobSF/Mobile-Security-Framework-MobSF https://hack.technoherder.com/mobile-application-penetration-testing-cheat-sheet/
Get this awesome resource: We will use jq to filter to only the top ten thousand items that have a package name with grep, strip any extra characters with cut, then redirect the output to npm-10000.txt. Grab all the vendor names from the Target web application. We are searching for packages in the /js/vendor/ directory […]
The docker-compose.yml has ‘command’ property that shows how to start the app ( could be function called in package.json ). The default port for debugging is 9229 and will be in the docker-compose.yml file or append -p 9229:9229 to the docker-run command, example: Docker Commands Shut down the API gateway and all containers Start the […]
Notes https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS Same Origin Policy prevents one origin from accessing resources on a different origin, this includes JavaScript & HTTP Requests. Requests made by http://a.com/latest URL Result Reason https://a.com/myInfo Allowed Same Origin **http:**//a.com/users.json Blocked Different Schema and Port https://**api**.a.com/info Blocked Different Domain https://a.com**:8443**/file Blocked Different port https://**b**.com/analytics Blocked Different Domain Please note images and iframes […]
Common Commands Interesting Files Encoding Create, Read, or Update Files SQL Injection Payloads Basic Version Name from __Auth Collation Name Column Names Name and Reset Token Code Review Searching sucks in JD-GUI, so save the decompiled code for Notepad++. In JD-GUI, File > Save All Sources menu. Then open Notepad++ and use the ‘Find in […]
XFreeRDP Samba Server 1 – Create the folder that will be shared 2 – Use the Impacket tool DONE – from target they can now hit the attacker’s shared directory, for example in Windows Explorer SMTPD Start a SMPTD server to listen for incoming SMTP connections and use the DebuggingServer flag to discard the messages […]
by 
