From d73be78382269406e4d94ed39135cea759bb49af Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 22 Mar 2018 09:34:48 -0400 Subject: [PATCH 01/18] Update README.md --- pen_testing_reports/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/pen_testing_reports/README.md b/pen_testing_reports/README.md index b5f7fb8..fd5ca91 100644 --- a/pen_testing_reports/README.md +++ b/pen_testing_reports/README.md @@ -8,3 +8,4 @@ The following are several resources that are useful when writing penetration tes | Offensive Security example |https://www.offensive-security.com/reports/sample-penetration-testing-report.pdf | | NII Consulting sample report | http://www.niiconsulting.com/services/security-assessment/NII_Sample_PT_Report.pdf | | PCI Security report guidance | https://www.pcisecuritystandards.org/documents/Penetration_Testing_Guidance_March_2015.pdf | +| Dradis Framework | https://dradisframework.com/ce/ | From 835c2203cc3a5c588c40bc062111b81ebb6c396b Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Mon, 26 Mar 2018 19:42:40 -0400 Subject: [PATCH 02/18] adding web application testing references Adding how to integrate ZAP with Jenkins and automate web application testing assessments --- web_application_testing/README.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 web_application_testing/README.md diff --git a/web_application_testing/README.md b/web_application_testing/README.md new file mode 100644 index 0000000..5e51ac6 --- /dev/null +++ b/web_application_testing/README.md @@ -0,0 +1,19 @@ +# Web Application Testing References + + +## Vulnerable Servers +There are a series of vulnerable web applications that you can use to practice your skills in a safe environment. You can get more information about them in the [vulnerable_servers directory in this repository](https://github.com/The-Art-of-Hacking/art-of-hacking/tree/master/vulnerable_servers). + +## A Few Popular Tools +The following are a few popular tools that you learned in the video courses part of these series: +* [Burp Suite](https://portswigger.net/burp) +* [OWASP Zed Attack Proxy (ZAP)](https://github.com/zaproxy/zaproxy) +* [sqlmap](http://sqlmap.org/) +* [Paros Proxy](http://sectools.org/tool/paros/) +* [httrack](https://www.httrack.com/) +* [skipfish](https://code.google.com/archive/p/skipfish/) + +## How to Integrate OWASP ZAP with Jenkins +You can integrate ZAP with Jenkins and even automatically create Jira issues based on your findings. You can download the [ZAP plug in here](https://wiki.jenkins.io/display/JENKINS/zap+plugin). + +[This video](https://www.youtube.com/watch?v=mmHZLSffCUg) provides an overview of how to integrate From 5b1af5cdff8bf76a9d3cbdeedb020b0843c37958 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Mon, 26 Mar 2018 20:03:34 -0400 Subject: [PATCH 03/18] adding references to additional tools --- web_application_testing/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/web_application_testing/README.md b/web_application_testing/README.md index 5e51ac6..3d3e834 100644 --- a/web_application_testing/README.md +++ b/web_application_testing/README.md @@ -17,3 +17,7 @@ The following are a few popular tools that you learned in the video courses part You can integrate ZAP with Jenkins and even automatically create Jira issues based on your findings. You can download the [ZAP plug in here](https://wiki.jenkins.io/display/JENKINS/zap+plugin). [This video](https://www.youtube.com/watch?v=mmHZLSffCUg) provides an overview of how to integrate + +## Popular Commercial Tools +* [Qualys Web Scanning](https://www.qualys.com/apps/web-app-scanning/) +* [IBM Security AppScan](https://www.ibm.com/security/application-security/appscan) From 358366b0da938c989250e662b4c8da30d7db533c Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 29 Mar 2018 22:05:04 -0400 Subject: [PATCH 04/18] adding Dynamic Analysis tools --- reverse_engineering/README.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/reverse_engineering/README.md b/reverse_engineering/README.md index 6891e15..3a8aaeb 100644 --- a/reverse_engineering/README.md +++ b/reverse_engineering/README.md @@ -19,6 +19,21 @@ * [objdump](http://linux.die.net/man/1/objdump) * [Radare](http://www.radare.org/r/) +## Dynamic Analysis + +* [Autoruns](https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns) +* [Process Monitor](https://docs.microsoft.com/en-us/sysinternals/downloads/procmon) +* [Process Explorer](https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer) +* [Process Hacker](https://processhacker.sourceforge.io/) +* [Noriben - Portable, Simple, Malware Analysis Sandbox](https://github.com/Rurik/Noriben) +* [API Monitor](http://www.rohitab.com/apimonitor) +* [INetSim: Internet Services Simulation Suite](http://www.inetsim.org/) +* [FakeNet](https://practicalmalwareanalysis.com/fakenet/) +* [Volatility Framework](https://github.com/volatilityfoundation/volatility) +* [Stardust](https://my.comae.io/login) +* [LiME: Linux Memory Extractor](https://github.com/504ensicsLabs/LiME) + + ## Awesome Reversing * https://github.com/fdivrp/awesome-reversing - a plethora of references of tools, practice sites, and other reverse engineering information From 2ace7b673b40431849fa438721385d2b7641cf76 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 29 Mar 2018 22:06:24 -0400 Subject: [PATCH 05/18] adding cuckoo sandbox --- reverse_engineering/README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/reverse_engineering/README.md b/reverse_engineering/README.md index 3a8aaeb..98a089e 100644 --- a/reverse_engineering/README.md +++ b/reverse_engineering/README.md @@ -33,6 +33,9 @@ * [Stardust](https://my.comae.io/login) * [LiME: Linux Memory Extractor](https://github.com/504ensicsLabs/LiME) +## Sandbox and Stuff +* [Cuckoo](https://cuckoosandbox.org/) + ## Awesome Reversing * https://github.com/fdivrp/awesome-reversing - a plethora of references of tools, practice sites, and other reverse engineering information From d909b675997ea3301676f314ff9905248115f5d4 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 29 Mar 2018 22:11:34 -0400 Subject: [PATCH 06/18] adding Deobfuscation toolz --- reverse_engineering/README.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/reverse_engineering/README.md b/reverse_engineering/README.md index 98a089e..1383478 100644 --- a/reverse_engineering/README.md +++ b/reverse_engineering/README.md @@ -36,6 +36,22 @@ ## Sandbox and Stuff * [Cuckoo](https://cuckoosandbox.org/) +## Deobfuscation + +* [Balbuzard](https://bitbucket.org/decalage/balbuzard/wiki/Home) +* [de4dot](https://github.com/0xd4d/de4dot) +* [ex_pe_xor](ex_pe_xor) +* [iheartxor](http://hooked-on-mnemonics.blogspot.com/p/iheartxor.html) +* [FLOSS](https://github.com/fireeye/flare-floss) +* [NoMoreXOR](https://github.com/hiddenillusion/NoMoreXOR) +* [PackerAttacker](https://github.com/BromiumLabs/PackerAttacker) +* [unpacker](https://github.com/malwaremusings/unpacker/) +* [unxor](https://github.com/tomchop/unxor/) +* [VirtualDeobfuscator](https://github.com/jnraber/VirtualDeobfuscator) +* [XORBruteForcer](http://eternal-todo.com/var/scripts/xorbruteforcer) +* [XORSearch & XORStrings](https://blog.didierstevens.com/programs/xorsearch/) +* [xortool](https://github.com/hellman/xortool) + ## Awesome Reversing * https://github.com/fdivrp/awesome-reversing - a plethora of references of tools, practice sites, and other reverse engineering information From f945632bba69122e4a4a866f22c478390602433b Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Sat, 31 Mar 2018 17:35:38 -0400 Subject: [PATCH 07/18] updating index --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4dc94f9..37721c4 100644 --- a/README.md +++ b/README.md @@ -11,4 +11,4 @@ The following are the different video courses that will be part of the Art of Ha These courses serve as comprehensive guide for any network and security professional who is starting a career in ethical hacking and penetration testing. It also can help individuals preparing for the Offensive Security Certified Professional (OSCP), the Certified Ethical Hacker (CEH), and any other ethical hacking certification. This course helps any cyber security professional that want to learn the skills required to becoming a professional ethical hacker or that want to learn more about general hacking methodologies and concepts. -These video courses are published by Pearson, but this GitHub repository is maintained and supported by the lead author of the series (Omar Santos). +These video courses are published by Pearson, but this GitHub repository is maintained and supported by the lead author of the series [Omar Santos](https://omarsantos.io/). From bf6869bcaf90ee26b1001a7c0c5a64a40c34cdc4 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Sat, 31 Mar 2018 17:36:02 -0400 Subject: [PATCH 08/18] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 37721c4..f65269e 100644 --- a/README.md +++ b/README.md @@ -12,3 +12,5 @@ The following are the different video courses that will be part of the Art of Ha These courses serve as comprehensive guide for any network and security professional who is starting a career in ethical hacking and penetration testing. It also can help individuals preparing for the Offensive Security Certified Professional (OSCP), the Certified Ethical Hacker (CEH), and any other ethical hacking certification. This course helps any cyber security professional that want to learn the skills required to becoming a professional ethical hacker or that want to learn more about general hacking methodologies and concepts. These video courses are published by Pearson, but this GitHub repository is maintained and supported by the lead author of the series [Omar Santos](https://omarsantos.io/). + + From d578e1b1682f8b4728529c6f67ed0f395c95d73d Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Sun, 1 Apr 2018 16:46:10 -0400 Subject: [PATCH 09/18] adding windows resources --- windows/README.md | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 windows/README.md diff --git a/windows/README.md b/windows/README.md new file mode 100644 index 0000000..af9c317 --- /dev/null +++ b/windows/README.md @@ -0,0 +1,7 @@ +# Resources for Windows-based Assessments + +* [The Active Directory module for Windows PowerShell is a PowerShell module that consolidates a group of cmdlets.](https://docs.microsoft.com/en-us/powershell/module/addsadministration/?view=win10-ps) +* [PowerSploit](https://github.com/PowerShellMafia/PowerSploit) +* [CimSweep](https://github.com/PowerShellMafia/CimSweep) +* [PowerSCCM](https://github.com/PowerShellMafia/PowerSCCM) +* [SANS PowerShell Cheat Sheet](https://pen-testing.sans.org/blog/2016/05/25/sans-powershell-cheat-sheet/) From e648e1caba5322ada75448895d933c1cb79883e0 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Sun, 1 Apr 2018 17:54:10 -0400 Subject: [PATCH 10/18] adding letmeout script I created a quick bash script to test open ports that are available for exfil using mubix's site. --- useful_commands_and_scripts/letmeout.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 useful_commands_and_scripts/letmeout.sh diff --git a/useful_commands_and_scripts/letmeout.sh b/useful_commands_and_scripts/letmeout.sh new file mode 100644 index 0000000..4eece13 --- /dev/null +++ b/useful_commands_and_scripts/letmeout.sh @@ -0,0 +1,12 @@ +#!/bin/bash +# quick script to test exfil ports +# using mubix letmeoutofyour.net website +# omar santos @santosomar + + +for i in $(eval echo {$1..$2}) +do + echo "Is port $i open for potential exfil?" + curl http://letmeoutofyour.net:$i + +done From f886b1509cf3a2d02c285cd6c6a741bc04d677bd Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 5 Apr 2018 17:40:30 -0400 Subject: [PATCH 11/18] Update README.md --- capture_the_flag/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/capture_the_flag/README.md b/capture_the_flag/README.md index 9c3142e..644aac5 100644 --- a/capture_the_flag/README.md +++ b/capture_the_flag/README.md @@ -5,3 +5,4 @@ Capture the flag (CTF) is a computer security competition that is designed for e * https://ctf365.com * http://captf.com * https://pentesterlab.com/exercises +* http://vulnhub.com From a333d4c1fd3e5f958d9931904f32ad3eb85cf582 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 5 Apr 2018 17:45:57 -0400 Subject: [PATCH 12/18] Update README.md --- capture_the_flag/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/capture_the_flag/README.md b/capture_the_flag/README.md index 644aac5..432708b 100644 --- a/capture_the_flag/README.md +++ b/capture_the_flag/README.md @@ -6,3 +6,5 @@ Capture the flag (CTF) is a computer security competition that is designed for e * http://captf.com * https://pentesterlab.com/exercises * http://vulnhub.com +* https://challenges.re/ +* http://cryptopals.com/ From a68ab4aaa3e298dfa2d4de8f36f0c0f8ba833acd Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 5 Apr 2018 17:47:29 -0400 Subject: [PATCH 13/18] Update README.md --- capture_the_flag/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/capture_the_flag/README.md b/capture_the_flag/README.md index 432708b..bfe98f5 100644 --- a/capture_the_flag/README.md +++ b/capture_the_flag/README.md @@ -8,3 +8,4 @@ Capture the flag (CTF) is a computer security competition that is designed for e * http://vulnhub.com * https://challenges.re/ * http://cryptopals.com/ +* https://github.com/apsdehal/awesome-ctf From 3eeecf818babcbf97b3416d48a43ffc0a7ff9ff5 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 5 Apr 2018 17:52:15 -0400 Subject: [PATCH 14/18] Update README.md --- capture_the_flag/README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/capture_the_flag/README.md b/capture_the_flag/README.md index bfe98f5..4d79739 100644 --- a/capture_the_flag/README.md +++ b/capture_the_flag/README.md @@ -1,6 +1,10 @@ # Capture The Flag (CTF) Information Capture the flag (CTF) is a computer security competition that is designed for educational purposes. In Lesson 6.4, "Learning How to Host Enterprise Capture the Flag Events" of the "Enterprise Penetration Testing and Continuous Monitoring (the Art of Hacking Series) LiveLessons" video course, you learned how these CTF work and how you can potentially create these as a "cyber range" within your enterprise. The following are a few links that provide numerous resources and references to past and current CTF events, as well as online practice sites. +## This is one of the best resources: +* https://github.com/apsdehal/awesome-ctf + +## Some others: * https://ctftime.org * https://ctf365.com * http://captf.com @@ -8,4 +12,3 @@ Capture the flag (CTF) is a computer security competition that is designed for e * http://vulnhub.com * https://challenges.re/ * http://cryptopals.com/ -* https://github.com/apsdehal/awesome-ctf From 589c442908dd1845a2e7ef0781fba1a3486382fa Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Fri, 6 Apr 2018 16:53:37 -0400 Subject: [PATCH 15/18] Update README.md --- web_application_testing/README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/web_application_testing/README.md b/web_application_testing/README.md index 3d3e834..0948477 100644 --- a/web_application_testing/README.md +++ b/web_application_testing/README.md @@ -21,3 +21,6 @@ You can integrate ZAP with Jenkins and even automatically create Jira issues bas ## Popular Commercial Tools * [Qualys Web Scanning](https://www.qualys.com/apps/web-app-scanning/) * [IBM Security AppScan](https://www.ibm.com/security/application-security/appscan) + +## TONS of #AWESOME Web Security Resources +* https://github.com/qazbnm456/awesome-web-security From 1bcbc424284f7924ae46dc8fb79a603207c09b9c Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Fri, 6 Apr 2018 17:30:44 -0400 Subject: [PATCH 16/18] Create CONTRIBUTING.md --- CONTRIBUTING.md | 73 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 CONTRIBUTING.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..45904fe --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,73 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, gender identity and expression, level of experience, +education, socio-economic status, nationality, personal appearance, race, +religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment +include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention or + advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic + address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable +behavior and are expected to take appropriate and fair corrective action in +response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or +reject comments, commits, code, wiki edits, issues, and other contributions +that are not aligned to this Code of Conduct, or to ban temporarily or +permanently any contributor for other behaviors that they deem inappropriate, +threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. Examples of +representing a project or community include using an official project e-mail +address, posting via an official social media account, or acting as an appointed +representative at an online or offline event. Representation of a project may be +further defined and clarified by project maintainers. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by contacting the project team at [INSERT EMAIL ADDRESS]. All +complaints will be reviewed and investigated and will result in a response that +is deemed necessary and appropriate to the circumstances. The project team is +obligated to maintain confidentiality with regard to the reporter of an incident. +Further details of specific enforcement policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good +faith may face temporary or permanent repercussions as determined by other +members of the project's leadership. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, +available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html + +[homepage]: https://www.contributor-covenant.org From 41dd9093920ceb34949a34560755275421ee0e39 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Fri, 6 Apr 2018 17:33:42 -0400 Subject: [PATCH 17/18] Update README.md --- README.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/README.md b/README.md index f65269e..afb848a 100644 --- a/README.md +++ b/README.md @@ -9,8 +9,6 @@ The following are the different video courses that will be part of the Art of Ha * Advanced Web Applications Penetration Testing (The Art of Hacking Series) LiveLessons * Advanced Network Hacking (The Art of Hacking Series) LiveLessons -These courses serve as comprehensive guide for any network and security professional who is starting a career in ethical hacking and penetration testing. It also can help individuals preparing for the Offensive Security Certified Professional (OSCP), the Certified Ethical Hacker (CEH), and any other ethical hacking certification. This course helps any cyber security professional that want to learn the skills required to becoming a professional ethical hacker or that want to learn more about general hacking methodologies and concepts. +These courses serve as comprehensive guide for any network and security professional who is starting a career in ethical hacking and penetration testing. It also can help individuals preparing for the [Offensive Security Certified Professional (OSCP)](https://www.offensive-security.com/information-security-certifications/), the [Certified Ethical Hacker (CEH)](https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/), [CompTIA PenTest+](https://certification.comptia.org/certifications/pentest) and any other ethical hacking certification. This course helps any cyber security professional that want to learn the skills required to becoming a professional ethical hacker or that want to learn more about general hacking methodologies and concepts. These video courses are published by Pearson, but this GitHub repository is maintained and supported by the lead author of the series [Omar Santos](https://omarsantos.io/). - - From ab5a4a55c19b643b7ef424490782b539fdfa10d9 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Fri, 6 Apr 2018 17:58:12 -0400 Subject: [PATCH 18/18] Update README.md --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index afb848a..3c66d30 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,9 @@ The following are the different video courses that will be part of the Art of Ha * [Security Penetration Testing (The Art of Hacking Series) LiveLessons](https://www.safaribooksonline.com/library/view/security-penetration-testing/9780134833989/) * [Wireless Networks, IoT, and Mobile Devices Hacking (The Art of Hacking Series) LiveLessons](https://www.safaribooksonline.com/library/view/wireless-networks-iot/9780134854632/) -* Enterprise Penetration Testing and Continuous Monitoring (the Art of Hacking Series) -* Advanced Web Applications Penetration Testing (The Art of Hacking Series) LiveLessons -* Advanced Network Hacking (The Art of Hacking Series) LiveLessons +* Enterprise Penetration Testing and Continuous Monitoring (the Art of Hacking Series) - Available in May 2018. +* Advanced Web Applications Penetration Testing (The Art of Hacking Series) LiveLessons - Coming Soon! +* Advanced Network Hacking (The Art of Hacking Series) LiveLessons - Coming Soon! These courses serve as comprehensive guide for any network and security professional who is starting a career in ethical hacking and penetration testing. It also can help individuals preparing for the [Offensive Security Certified Professional (OSCP)](https://www.offensive-security.com/information-security-certifications/), the [Certified Ethical Hacker (CEH)](https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/), [CompTIA PenTest+](https://certification.comptia.org/certifications/pentest) and any other ethical hacking certification. This course helps any cyber security professional that want to learn the skills required to becoming a professional ethical hacker or that want to learn more about general hacking methodologies and concepts.