HOME | ITSEC | AI | CLI | CHEATSHEETS | HOWTO | TOOLS | LANGS | BULLETIN | LINKS | GITHUB | RSS ||

#_JOHLEM.net_

"scientia potentia est" - Sir Francis Bacon

( today: 2024-03-29 / last update: 2023-09-30 21:30:00 CET UTC+1 hour )
updated: created AI page and added AI on menu

"`Share johlem.net or your next code will have an off-by-one error! 🤓 #SecureYourKarma`"


[ ITSEC ]

IN PROGRESS

REDTEAM

Most used tool by Redteam:

knowledge base for redteam:

Most usefull linux command to know for it security:

Most usefull powershell command to know as redteam:

As a red teamer, some useful PowerShell commands to know include:

It's important to keep in mind that using these commands or related tools may be detected and can also lead to legal issues depending on the context of usage.



BLUETEAM

Most used siem used by BLUETEAM:

Chinese search engine:

Russian search engine:

Best DNS Lookup cli command:

Note: These tools are typically used for command-line DNS lookups, and are not necessarily the only way to perform a DNS lookup.

List of most secure crypto qlgorythm

Note: The security of a cryptographic algorithm depends on the key size and the number of rounds used. Larger key sizes and more rounds generally result in more secure encryption. Also, security of a cryptographic algorithm is not only depend on the algorithm itself but also on the implementation and how it is used.

DNS alternative to Google:

Note: These are alternative DNS providers that can be used instead of Google's DNS service. They may offer different features such as additional security or privacy protections. It's recommended to test different providers and compare the results to find the one that works best for you.

ITSEC Skills:

Note: These are some of the common skills needed for an IT security professional. It's important to note that the field of IT security is constantly evolving, and new skills and technologies are emerging all the time, so it is important to stay up-to-date.

How to pivot for pentest:

Pivoting is a technique used in penetration testing to move from an initial point of access to other systems on the same network. Once an attacker has access to a system, they may use that system to launch further attacks against other systems on the network that are not directly accessible from the Internet. Pivoting allows an attacker to use the compromised system as a "bridge" to access and exploit other systems on the same network. There are several ways to pivot for pentest, some of the most common methods include: Using a proxy: By configuring a proxy on the compromised system, an attacker can use that system as a gateway to access other systems on the same network. Port forwarding: By using tools such as SSH or Metasploit, an attacker can forward ports from the compromised system to other systems on the same network, allowing them to access those systems as if they were directly connected. Routing: By configuring routing tables on the compromised system, an attacker can redirect network traffic to other systems on the same network. VNC: By installing a VNC server on the compromised system, an attacker can remotely control the system and use its GUI to access other systems on the same network. Using tools like Metasploit, an attacker can leverage the compromised system to perform attacks such as network scanning, password cracking, and exploit execution. It's important to note that pivoting should be done carefully and by following the proper procedures to maintain the integrity of the evidence.

Information Gathering

Sniffing & Spoofing

Password Attacks

Maintaining Access

Reverse Engineering

Vulnerability Analysis

Exploitation Tools

Wireless Attacks

Forensics Tools

Web Applications

Stress Testing

Hardware Hacking

Reporting Tools

Newsgroups