techvomit.net

My name is Jayson, and I work in the offensive security space. I have worked as a Purple Team Lead, Red Team Lead, Penetration Tester, Tool Developer, Cloud Engineer, and System Administrator. I successfully completed my BS-CS at UNM in the Summer of 2016, and am very happy to be done with school. I am passionate about automating offensive security work through tool development and employing devops concepts. I am also interested in APTs (Advanced Persistent Threats) and understanding the motivations behind the creation of nation-state-funded Malware....

Keeper Install CLI client Get the latest version and install the appropriate package: AUTHOR='Keeper-Security' REPO_NAME='Commander' curl -s "https://api.github.com/repos/${AUTHOR}/${REPO_NAME}/releases/latest" \ | jq -r '.assets[].browser_download_url' Login to Keeper Run this command: keeper login When prompted, enter your email, then your TOTP, and finally your master password. Resource: https://docs.keeper.io/secrets-manager/commander-cli/using-commander/logging-in Get a password from the commander shell This particular example will return the password for the entry called gmail.com in the vault: My Vault> find-password gmail....

Table of Contents You can use this site to generate the code for you. For example: ## Table of Contents - [Prerequisites](#prerequisites) - [Create](#create) --- ## Prerequisites - Stuff - Things --- ## Create - More stuff - More things Resource: https://stackoverflow.com/questions/11948245/markdown-to-create-pages-and-table-of-contents Add line break Simply add two spaces after the line that you want to break on. Resource: https://stackoverflow.com/questions/26626256/how-to-insert-a-line-break-br-in-markdown Markdown Lint rules in VSCode Rules can be defined in the settings....

Getting Started Install latest version of Azure CLI on Mac brew update && brew install azure-cli Resource: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-macos Install latest version of Azure CLI on Linux # YOLO curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash Resources: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-linux?pivots=apt https://docs.microsoft.com/en-us/powershell/azure/install-az-ps?view=azps-5.5.0 Install PowerShell brew install --cask powershell-preview Run a powershell terminal with: pwsh-preview Update Powershell brew update brew upgrade powershell-preview --cask Uninstall Powershell brew uninstall --cask powershell sudo rm -rf /usr/local/bin/pwsh-preview /usr/local/microsoft/powershell Resource: https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-core-on-macos?view=powershell-7.1...

Wireshark Filter where the source ip is not 192.168.1.1 ip.src != 192.168.1.1 Filter where the destination ip is not 192.168.1.1 ip.dst != 192.168.1.1 Find packets with a string in them frame contains <thing to search> For example: frame contains google Resource: https://www.cellstream.com/reference-reading/tipsandtricks/431-finding-text-strings-in-wireshark-captures Show hostnames Go to View -> Name Resolution -> Check the box next to Resolve Network Addresses Resource: https://unix.stackexchange.com/questions/390852/how-to-filter-by-host-name-in-wireshark Filter TLS traffic ssl.record.version If you want to only show TLS v1....

Log Responses Install the dump_io mod by running this as root: a2enmod dump_io Add these lines to the bottom of the /etc/apache2/apache2.conf file: LogLevel dumpio:trace7 DumpIOInput On DumpIOOutput On Restart the apache service to enact the changes: service apache2 restart View response data with this command: cat error.log | cut -f8- -d':' \ | egrep -v ' [0-9]+ bytes$' \ | grep -v '^$' | cut -c2- | sed 's/\\r\\n//' Run as an infinite loop:...

Jailbreaking At the time of this writing, only up to version 12.1.2 of iOS can be jailbroken. While it is theoretically possible to downgrade the version, it is a giant hassle and I was not able to find a fully working solution over the span of several hours of research. Save yourself some time and just get a phone with an older version of iOS. Jailbreak using Chimera Following the instructions on here: https://cydia-app....

Modules Install module on Puppet master /opt/puppetlabs/bin/puppet module install <name of module> Uninstall module on Puppet master /opt/puppetlabs/bin/puppet module uninstall <name of module> Resource: https://www.puppetcookbook.com/posts/installing-modules-from-the-puppet-forge.html List installed Modules puppet module list Resource: https://puppet.com/docs/puppet/5.3/modules_installing.html Show module path Run this on the puppet master: puppet config print modulepath Resource: https://puppet.com/docs/puppet/5.5/dirs_modulepath.html Change module install path By default, puppet module install installs modules into the first directory in the Puppet modulepath, which defaults to $codedir/environments/production/modules....

Proxy Configuration Configure proxy (if applicable) by inputting the required values into /etc/environment. It will probably look something like this: http_proxy=www.proxy.com:80 https_proxy=www.proxy.com:80 no_proxy=.proxy.com,localhost,127.0.0.1 Resource: https://askubuntu.com/questions/175172/how-do-i-configure-proxies-without-gui Config apt with proxy (if applicable): touch /etc/apt/apt.conf.d/95proxies Input the required values into this file. It will probably look something like this: Acquire::http::proxy "http://www.proxy.com:80"; Acquire::https::proxy "http://www.proxy.com:80"; Acquire::ftp::proxy "http://www.proxy.com:80"; Restart the server : reboot Welcome back, your proxy should be working now. Celebrate by taking a snapshot....

Automatically change value of request parameter Go to Proxy -> Options Click Add under Match and Replace Specify the value to match and the value to replace, such as: Match: uid=bob and Replace with: uid=evilbob This can be done with regex if you’d like, for example: Match: ^Host: foo.example.org$ and Replace with: bar.example.org to rewrite the host header. Feel free to add a Comment: to lend it some context. Intruder Extracting useful info from responses Run your attack Find stuff you want to grep out Click Options Go to Grep - Extract Click Add Search for the item you want to grep out, click the > to highlight it Make sure the Start after expression and End at delimiter match a pattern that will consistently get you the data you want Click OK Clear out the other columns you’ll see by clicking the Clear button under Grep - Match Click the Results tab, observe the item you wanted to grep as a column Export output to excel Click Save -> Results table Specify the columns that you want in the document, and click Save Resource: https://security....