white2hack 📚

SANS Linux Incident Response, 2025 SANS Linux Incident Response refers to the specialized training and resources offered by the SANS Institute focused on detecting, analyzing, and responding to cyber security incidents specifically on Linux systems. #forensic #linux

𝗦𝗲𝗰𝘂𝗿𝗲 𝗯𝘆 𝗗𝗲𝘀𝗶𝗴𝗻 - 𝗪𝗲𝗯 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 & 𝗔𝗣𝗜 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗧𝗮𝗯𝗹𝗲 𝗼𝗳 𝗰𝗼𝗻𝘁𝗲𝗻𝘁: 🔴 𝗘𝗻𝗱-𝘁𝗼-𝗘𝗻𝗱 𝗘𝗻𝗰𝗿𝘆𝗽𝘁𝗶𝗼𝗻 HTTP exposure → SSL stripping → HSTS with preload → unbreakable TLS tunnels. 🔴 𝗢𝗔𝘂𝘁𝗵 𝟮.𝟬 & 𝗣𝗞𝗖𝗘 Auth code interception → malicious app replay → PKCE enforcement → no token without proof key. 🔴 𝗝𝗪𝗧 𝗟𝗶𝗳𝗲𝗰𝘆𝗰𝗹𝗲 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 HS256 secret theft → forged admin tokens → RS256 + short-lived tokens → revoked refresh tokens. 🔴 𝗠𝘂𝘁𝘂𝗮𝗹 𝗧𝗟𝗦 (𝗺𝗧𝗟𝗦) Stolen static API key → partner impersonation → client certificate auth → cryptographic identity. 🔴 𝗗𝗗𝗼𝗦 & 𝗥𝗮𝘁𝗲 𝗟𝗶𝗺𝗶𝘁𝗶𝗻𝗴 Naive IP limits → low-and-slow scraping → dynamic, user-aware throttling → edge WAF protection. 🔴 𝗜𝗻𝗽𝘂𝘁 𝗩𝗮𝗹𝗶𝗱𝗮𝘁𝗶𝗼𝗻 & 𝗢𝘂𝘁𝗽𝘂𝘁 𝗘𝗻𝗰𝗼𝗱𝗶𝗻𝗴 SQLi & XSS payloads → data exfiltration & session hijacking → parameterized queries & contextual encoding → neutralized threats. 🔴 𝗔𝗣𝗜 𝗚𝗮𝘁𝗲𝘄𝗮𝘆 & 𝗪𝗔𝗙 Inconsistent microservice security → finding the weakest link → centralized WAF at the gateway → uniform defense. 🔴 𝗦𝗲𝗰𝘂𝗿𝗲 𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 Cookie theft via XSS → session hijacking → HttpOnly, Secure, SameSite=Strict cookies → locked-down sessions. 🔴 𝗔𝗣𝗜 𝗩𝗲𝗿𝘀𝗶𝗼𝗻𝗶𝗻𝗴 & 𝗗𝗲𝗽𝗿𝗲𝗰𝗮𝘁𝗶𝗼𝗻 Zombie v1 API → exploiting old bugs → forced deprecation & brownouts → controlled demolition. 🔴 𝗕𝘂𝘀𝗶𝗻𝗲𝘀𝘀 𝗟𝗼𝗴𝗶𝗰 𝗙𝗹𝗮𝘄𝘀 Price tampering → checkout abuse → server-side re-validation → trust nothing from the client. 🔴 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗠𝗲𝘀𝗵 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 Lateral movement in-cluster → compromised pod escalates → zero-trust mTLS → granular authorization policies. Web page #AppSec

The Threat Hunter Playbook by OTRF, Roberto Rodriguez (Cyb3rWard0g), 2022 A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient, ll the detection documents in this project follow the structure of MITRE ATT&CK categorizing post-compromise adversary behavior in tactical groups and are available in the form of interactive notebooks. GitHub The Book See also: Awesome Threat Detection and Hunting by 0x4D31 The Threat Hunting Project + GitHub #defensive

Threat Hunting and Detection by Mehmet E. (Cyb3r-Monk), 2025 Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language). GitHub See also: ATT&CK + D3FEND = D.E.A.T.H D3FEND Matrix #defensive

🚨 Flipper Zero ‘DarkWeb’ Firmware Bypasses Rolling Code Security on Major Vehicles A new and custom firmware for the popular Flipper Zero multi-tool device is reportedly capable of bypassing the rolling code security systems used in most modern vehicles, potentially putting millions of cars at risk of theft. Demonstrations reveal that the firmware, said to be circulating on the dark web, can clone a vehicle’s keyfob with just a single, brief signal capture. Sources: ❗️Article (Eng) + Seclab (Rus) #hardware

💻 Flipper Zero — портативное многофункциональное устройство, разработанное для взаимодействия с системами контроля доступа и другими системами, использующими для связи радиоканал. Впервые об устройстве было объявлено в августе 2020 года в рамках краудфандинговой кампании Kickstarter. Функции: ✅Работа с RFID и NFC: устройство способно считывать, копировать и эмулировать метки, радиопульты, iButton и цифровые ключи доступа. ✅ Работа с инфракрасными сигналами: Flipper Zero оснащён инфракрасным передатчиком и приёмником, что позволяет управлять телевизорами, кондиционерами и другой техникой, захватывать и воспроизводить сигналы ИК-пультов. ✅ Работа с Sub-GHz-частотами (433 МГц, 868 МГц и другие): устройство умеет передавать и принимать сигналы на низких радиочастотах, что позволяет анализировать радиоуправляемые устройства (например, беспроводные звонки, розетки, умные датчики). ✅ Bluetooth-аналитика и взаимодействие с устройствами: Flipper Zero поддерживает Bluetooth, что позволяет подключаться к мобильному приложению Flipper, анализировать активные Bluetooth-устройства вокруг. #hardware #fun

Arm Assembly Internals & Reverse Engineering by Maria Markstedter Welcome to this tutorial series on ARM assembly basics. This is the preparation for the followup tutorial series on ARM exploit development. Before we can dive into creating ARM shellcode and build ROP chains, we need to cover some ARM Assembly basics first. Official page About author #hardware #reverse

HackTricks Cloud GitHub GitBook #AWS #Azure #GCP

Kubernetes Goat is an interactive Kubernetes security learning playground. It has intentionally vulnerable by design scenarios to showcase the common misconfigurations, real-world vulnerabilities, and security issues in Kubernetes clusters, containers, and cloud native environments. Main page MITRE ATT&CK Scenarios See also: Attacking Kubernetes by Reza, 2025 Red Team Tactics, Techniques, and Procedures for Kubernetes by sneakerhax, 2025 #SecDevOps #pentest

Tactics, Techniques, and Procedures by FreeZeroDays, 2021/2025 My big mess of offensive security notes and miscellaneous resources. In similar fashion to other resources of this nature, all commands documented have been manually verified as working and l33t at the time of documentation. This was inspired by both snovvcrash and sneakerhax's offensive note collections. I highly recommend checking them out if you're looking for additional resources! GitHub #pentest

Custom script (python) for easy, basic pattern, low difficult automated penetration test, w2hack, 2020/2025 This project is a Python-based automated penetration testing tool designed to streamline the process of assessing the security of a target system. The script performs various tasks, including (1) information gathering, (2) reconnaissance, (3) discovery and scanning, (4) vulnerability assessment, (5) exploitation if possible, and final (6) analysis (reporting). It integrates multiple tools to automate the scanning and testing process, making it easier for security professionals to identify and exploit vulnerabilities. Features ✅ Update CVE Database: Fetches the latest Common Vulnerabilities and Exposures (CVE) from an API for use in vulnerability assessment. ✅ Information Gathering: Collects basic information about the target using tools like whois, nslookup, dig, etc. ✅ Reconnaissance: Uses nmap and nikto (optional) to discover services and potential vulnerabilities. ✅ Discovery and Scanning: Performs a full port scan using nmap and a directory brute-force attack using dirb. ✅ Vulnerability Assessment: Evaluates the target against known CVEs using nmap scripts and performs an OWASP ZAP scan (web app only). ✅ Exploitation: Attempts to exploit discovered vulnerabilities using msfconsole and brute-force attacks with hydra. ✅ Final Analysis and Review: Reviews the collected data, analyzes open ports and services, and summarizes the findings. ✅ Report: Compiles the results into a comprehensive report for further analysis (auto coloring, etc). Requirements

Python 3.x + requests library
BeautifulSoup4 library
subprocess library

❗️Various external tools like whois, nslookup, dig, fierce, nmap, nikto, dirb, msfconsole, hydra, and zap-cli (w3af) should be installed before run the script ❗️

# Installation
Clone this repository \ unpack the tar

git clone https://github.com/D3One/Automated-Penetration-Testing-Script_v1.git
cd automated-penetration-testing_v1

# Install the required Python libraries:

sudo pip install -r requirements.txt

# Ensure that all the external tools (whois, nmap, etc.) are installed and accessible in your system's PATH.

sudo apt-get install whois dnsutils fierce nmap nikto dirb hydra zaproxy

# Usage
Run the script:

python scanner.py

Enter the target IP address or domain when prompted.

enjoy it! :)

⬇️GitHub #tools #pentest

Парни, вы заметили, что известные персоны в кибербезе, те кто в конце 2000-х и на протяжение 2010-х топили вверх по карьерной лестнице, бились в CTF, выступали на эвентах, работали в компаниях с узноваемым брендом, пушили свои тулзы на GitHub, грабили проф сертификаты, мутили свое комьюнити, райтили блоги, двигали собственные проекты, те кто стал rock star, unicorn кибербеза сейчас либо (1) открыли свой бизнес РФ/Мир либо (2) заняли топ менеджерские кресла в РФ компаниях либо (3) иммигрировали в UK/UAE/USA, где спецы в БигТехе либо (4) сменили роли на ИТ либо другие направления. В паблике очень много новичков, джунов, тех кто только в начале или где-то ближе к середине своего карьерного пути. Учат, админят, пушат, кодят, лабы гоняют, нагибают hr на работу получше. А кто-нибудь думал какой финал? К чему идем? Есть ли видение своего трибьюта? Что будем делать через 5, 7 или 10 лет? А может знаете кто так сейчас и топит как 10 лет назад бнз изменений? #talk

Upd. tags and links Add: (+) links to w2hack official GitHub repo (+) tagged some unmarked materials Change: (/) update pinned second post #info

Mastering Windows Group Policy. Control and secure your Active Directory environment with Group Policy by Jordan Krause, 2018 Improve and reimagine your organization's security stance, desktop standards, and server administration with centralized management via Group Policy This book begins with a discussion of the core material any administrator needs to know in order to start working with Group Policy. Moving on, we will also walk through the process of building a lab environment to start testing Group Policy today. Next we will explore the Group Policy Management Console (GPMC) and start using the powerful features available for us within that interface. Once you are well versed with using GPMC, you will learn to perform and manage the traditional core tasks inside Group Policy. Included in the book are many examples and walk-throughs of the different filtering options available for the application of Group Policy settings, as this is the real power that Group Policy holds within your network. You will also learn how you can use Group Policy to secure your Active Directory environment, and also understand how Group Policy preferences are different than policies, with the help of real-world examples. Finally we will spend some time on maintenance and troubleshooting common Group Policy-related issues so that you, as a directory administrator, will understand the diagnosing process for policy settings. #book #windows

Automate Your Job Application Process (outside Russia and CIS) These tools scan job boards, personalize your resume and cover letters, and then fill out online application forms, freeing up your time and helping you apply to more jobs faster. Benefits: ✅ Job Search Automation ✅ Autofill Applications ✅ Application Tracker 🔖 LazzyApply 🔖 JobCopilot 🔖 Huntr 🔖 BulkApply #job