Saturday, February 29, 2020

The means to prevent ClickJacking

Reference: https://www.hacksplaining.com/prevention/click-jacking

1) X-Frame-Options (The most traditional means. Recommended is to set it as DENY.)
2) Content Security Policy (HTML5)
3) Frame-Killing
Posted by at No comments:

Wednesday, February 12, 2020

Review user permissions on file systems in an Active Directory environment

https://www.permissionsreporter.com/

A tool generating reports reflecting user permissions on file systems in an Active Directory environment.
Posted by at No comments:

Sunday, February 9, 2020

Social Engineering Test Play Book

Preparation: What information needs to be imported into the whitelists of SPAM firewalls and Web Proxy?

What information needs to be import in Social Engineering Test platform?

How to launch a phishing campaign?

What to do when users report incident to IT department or IS department?

What to do when users are compromised?

How to generate reports in Social Engineering Test platform?
Posted by at No comments:

Thursday, February 6, 2020

[Threat Intelligence] Threat Hunting tools

(On Permise)
SpiderFoot

(GUI)
maltego

(Command)
theharvester

(Cloud)
RiskIQ PassiveTotal
Posted by at No comments:

Tuesday, February 4, 2020

[Threat Intelligence] Install and use SkipTracer

#docker pull xshuden/skiptracer
#docker run -it --name skiptracer xshuden/skiptracer
Posted by at No comments:

Sunday, February 2, 2020

[Threat Intelligence] Install and use Spiderfoot through Docker

#/etc/init.d/docker start
#docker pull ctdc/spiderfoot
#docker run -idt -p 5001:5001 ctdc/spiderfoot

Browse http://127.0.0.1:5001 and enjoy Spiderfoot.
Posted by at No comments:

[Updated] The network hidden script through Tor, Privoxy, and ProxyChains 

#!/usr/bin/perl -w
#A network hidden script through Tor and Privoxy. Written by demonalex.
$|=1;

if( -e '/etc/init.d/tor'){
 print "Tor: Installed!\n";
}else{
 die "Tor: Not installed! Please install Tor through \'apt-get update\; apt-get install tor\'!\n";
}

print "Starting Tor...\n";
system('/etc/init.d/tor start 2>/dev/null');

sleep(2);

print "Check Tor\'s status...";
$output=sprintf(`netstat -anteup|grep tor|grep \'127.0.0.1:9050\'|wc -l`);
chop($output);
if($output==1){
 print "ok!\n";
}else{
 die "failed!\n";
}

if ( -e '/etc/init.d/privoxy'){
 print "Privoxy: Installed!\n";
}else{
 die "Privoxy: Not installed! Please install Privoxy through \'apt-get update\; apt-get install privoxy\'!\n";
}

print "Checking Privoxy\'s configuration...\n";
$output=sprintf(`cat /etc/privoxy/config|grep forward-socks5|grep -v \'#\'|wc -l`);
chop($output);
if($output==0){
 die "forward-socks5 has not been tweaked yet!\n";
}
$output=sprintf(`cat /etc/privoxy/config|grep \'\\[::1\\]:8118\'|grep -v \'#\'|wc -l`);
chop($output);
if($output!=0){
 die "listen-address IPv6 has not been disabled yet!\n";
}
print "Complete!\n";

print "Starting Privoxy...\n";
system('/etc/init.d/privoxy start 2>/dev/null');

sleep(2);

print "Check Privoxy\'s status...";
$output=sprintf(`netstat -anteup|grep \'127.0.0.1:8118\'|wc -l`);
chop($output);
if($output==1){
 print "ok!\n";
}else{
 die "failed!\n";
}

print "Check ProxyChains's status...";
if(!( -e '/etc/proxychains.conf')){
 print "ProxyChains does not exist!\n";
}else{
 $output=`cat /etc/proxychains.conf |grep sock | grep -v \'\#\'|grep \'127.0.0.1\' | grep 9050|wc -l`;
 chop($output);
 if($output>=1){
  print "okay!\n";
  $proxychains=1;
 }else{
  print "Tor proxy has not been added yet!\n";
 }
}

print <<EndOutput;

HTTP/S Proxy: 127.0.0.1:8118
Socks5 Proxy: 127.0.0.1:9050
EndOutput

if($proxychains==1){
 print 'ProxyChains: #proxychains COMMAND'."\n";
 print "Such as: #proxychains curl ipv4.icanhazip.com"."\n\n";
}else{
 print "\n\n";
}

exit(0);
Posted by at No comments:
Subscribe to: Posts (Atom)