From 5fb3bc7659a0a6953a928137e8bb9cf4688e0e1d Mon Sep 17 00:00:00 2001 From: Swissky <12152583+swisskyrepo@users.noreply.github.com> Date: Sun, 2 Oct 2022 16:27:53 +0200 Subject: [PATCH] Fix multiple broken links --- README.md | 6 ++- docs/README.md | 7 +++- .../{requesting-time-off.md => jtag.md} | 14 ++----- docs/debug-interfaces/swd.md | 5 +++ .../{filing-expenses.md => uart.md} | 23 ++++------- docs/enumeration/fcc-id.md | 8 ++-- docs/firmware/firmware-dumping.md | 8 +--- docs/firmware/firmware-reverse-engineering.md | 20 +++++----- docs/gadgets/bus-pirate.md | 6 +-- docs/gadgets/flipper-zero.md | 40 ++++++------------- docs/gadgets/micro-bit.md | 4 +- docs/other/default-iot-passwords.md | 4 +- docs/other/links-and-hardware-kits.md | 7 ++-- docs/protocols/lora.md | 2 - docs/protocols/mqtt.md | 2 +- docs/protocols/rfid-nfc.md | 2 - docs/protocols/spi.md | 2 - docs/protocols/wifi.md | 8 ++-- 18 files changed, 67 insertions(+), 101 deletions(-) rename docs/debug-interfaces/{requesting-time-off.md => jtag.md} (86%) rename docs/debug-interfaces/{filing-expenses.md => uart.md} (77%) diff --git a/README.md b/README.md index e641863..5e9d357 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,6 @@ # HardwareAllTheThings -Hardware Pentesting Wiki + +A list of useful payloads and bypasses for Hardware and IOT Security. +Feel free to improve with your payloads and techniques ! + +I :heart: pull requests :) \ No newline at end of file diff --git a/docs/README.md b/docs/README.md index 2159469..c5dfddd 100644 --- a/docs/README.md +++ b/docs/README.md @@ -4,6 +4,11 @@ :warning: Informations from this repository is very dense, you may encounter information overflow +A list of useful payloads and bypasses for Hardware and IOT Security. +Feel free to improve with your payloads and techniques ! + +I :heart: pull requests :) +

- +

diff --git a/docs/debug-interfaces/requesting-time-off.md b/docs/debug-interfaces/jtag.md similarity index 86% rename from docs/debug-interfaces/requesting-time-off.md rename to docs/debug-interfaces/jtag.md index 23e7a2f..bfe42a7 100644 --- a/docs/debug-interfaces/requesting-time-off.md +++ b/docs/debug-interfaces/jtag.md @@ -1,13 +1,5 @@ ---- -cover: >- - https://images.unsplash.com/photo-1511497584788-876760111969?ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&ixlib=rb-1.2.1&auto=format&fit=crop&w=3432&q=80 -coverY: 0 ---- - # JTAG -**** - ### Summary * JTAG Pins @@ -70,6 +62,6 @@ Arduino PIN Layout ### References -* JTAGulator vs. JTAGenum, Tools for Identifying JTAG Pins in IoT Devices by Dylan Ayrey - https://www.praetorian.com/blog/jtagulator-vs-jtagenum-tools-for-identifying-jtag-pins-in-iot-devices?edition=2019 -* https://just2secure.blogspot.com/2017/02/jtag-pin-identification.html -* https://wrongbaud.github.io/jtag-hdd/ +* [JTAGulator vs. JTAGenum, Tools for Identifying JTAG Pins in IoT Devices by Dylan Ayrey](https://www.praetorian.com/blog/jtagulator-vs-jtagenum-tools-for-identifying-jtag-pins-in-iot-devices?edition=2019) +* [JTAG PIN Identification - February 21, 2017](https://just2secure.blogspot.com/2017/02/jtag-pin-identification.html) +* [Hardware Debugging for Reverse Engineers Part 2: JTAG, SSDs and Firmware Extraction - Posted Apr 2, 2020 by wrongbaud](https://wrongbaud.github.io/posts/jtag-hdd/) diff --git a/docs/debug-interfaces/swd.md b/docs/debug-interfaces/swd.md index 3c89c70..28779a4 100644 --- a/docs/debug-interfaces/swd.md +++ b/docs/debug-interfaces/swd.md @@ -18,3 +18,8 @@ JTAG and SWD are similar and can be interfaced with each other: | TDO | SWV | JTAG Test data output / SWV trace data output | | TMS | SWDIO | JTAG test mode select / SWD data in and out | | GND | GND | - | + + +## References + +* [Hardware Debugging for Reverse Engineers Part 1: SWD, OpenOCD and Xbox One Controllers - Posted Jan 30, 2020 by wrongbaud](https://wrongbaud.github.io/posts/stm-xbox-jtag/) \ No newline at end of file diff --git a/docs/debug-interfaces/filing-expenses.md b/docs/debug-interfaces/uart.md similarity index 77% rename from docs/debug-interfaces/filing-expenses.md rename to docs/debug-interfaces/uart.md index b114532..1afd0c9 100644 --- a/docs/debug-interfaces/filing-expenses.md +++ b/docs/debug-interfaces/uart.md @@ -1,13 +1,5 @@ ---- -cover: >- - https://images.unsplash.com/photo-1526304640581-d334cdbbf45e?ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&ixlib=rb-1.2.1&auto=format&fit=crop&w=2970&q=80 -coverY: 0 ---- - # UART -**** - ### Summary * UART @@ -43,7 +35,7 @@ Connect to UART using an USB to TTL, then find the `/dev/ttyUSB0` device in the #### Detect baudrate Standard baud rate are `110`, `300`, `600`, `1200`, `2400`, `4800`, `9600`, `14400`, `19200`, `38400`, `57600`, `115200`, `128000` and `256000`.\ -Auto-detect baud rate using the script : https://github.com/devttys0/baudrate/blob/master/baudrate.py +Auto-detect baud rate using the script : [devttys0/baudrate/baudrate.py](https://github.com/devttys0/baudrate/blob/master/baudrate.py) #### Interact with the /dev/ttyUSB0 @@ -79,15 +71,16 @@ It’s an emulation of serial port over BLE. The UUID of the Nordic UART Service * **RX Characteristic** (UUID: 6E400002-B5A3-F393-E0A9-E50E24DCCA9E) : The peer can send data to the device by writing to the RX Characteristic of the service. ATT Write Request or ATT Write Command can be used. The received data is sent on the UART interface. * **TX Characteristic** (UUID: 6E400003-B5A3-F393-E0A9-E50E24DCCA9E) : If the peer has enabled notifications for the TX Characteristic, the application can send data to the peer as notifications. The application will transmit all data received over UART as notifications. -* nRF UART 2.0 - Nordic Semiconductor ASA - https://play.google.com/store/apps/details?id=com.nordicsemi.nrfUARTv2 -* Specifications - https://infocenter.nordicsemi.com/index.jsp?topic=%2Fcom.nordic.infocenter.sdk5.v14.0.0%2Fble\_sdk\_app\_nus\_eval.html -* https://thejeshgn.com/2016/10/01/uart-over-bluetooth-low-energy/ +* [nRF UART 2.0 - Nordic Semiconductor ASA](https://play.google.com/store/apps/details?id=com.nordicsemi.nrfUARTv2) +* [UART/Serial Port Emulation over BLE](https://infocenter.nordicsemi.com/index.jsp?topic=%2Fcom.nordic.infocenter.sdk5.v14.0.0%2Fble_sdk_app_nus_eval.html) +* [UART Over Bluetooth Low Energy](https://thejeshgn.com/2016/10/01/uart-over-bluetooth-low-energy/) Example with Micro::bit : -* https://makecode.microbit.org/v1/98535-28913-33692-07418 -* https://support.microbit.org/support/solutions/articles/19000062330-using-the-micro-bit-bluetooth-low-energy-uart-serial-over-bluetooth- +* [https://makecode.microbit.org/v1/98535-28913-33692-07418](https://makecode.microbit.org/v1/98535-28913-33692-07418) +* [Using the micro:bit Bluetooth Low Energy UART (serial over Bluetooth)](https://support.microbit.org/support/solutions/articles/19000062330-using-the-micro-bit-bluetooth-low-energy-uart-serial-over-bluetooth-) ### Examples -![](https://developer.android.com/things/images/raspberrypi-console.png) ![](http://remotexy.com/img/help/help-esp8266-firmware-update-usbuart.png) +![](https://developer.android.com/things/images/raspberrypi-console.png) +![](http://remotexy.com/img/help/help-esp8266-firmware-update-usbuart.png) diff --git a/docs/enumeration/fcc-id.md b/docs/enumeration/fcc-id.md index 267105e..dccd7dc 100644 --- a/docs/enumeration/fcc-id.md +++ b/docs/enumeration/fcc-id.md @@ -2,15 +2,13 @@ ## Searchable FCC ID Database -An FCC ID is a unique identifier assigned to a device registered with the United States Federal Communications Commission +An FCC ID is a unique identifier assigned to a device registered with the United States Federal Communications Commission. -* [https://fccid.io/](https://fccid.io/) +* [fccid.io](https://fccid.io/) For legal sale of wireless deices in the US, manufacturers must: * Have the device evaluated by an independent lab to ensure it conforms to FCC standards * Provide documentation to the FCC of the lab results * Provide User Manuals, Documentation, and Photos relating to the device -* [Digitally](https://fccid.io/blog/2014/11/e-label-act/) or physically label the device with the unique identifier provided by the FCC (upon approved application) - -\ +* [Digitally](https://fccid.io/blog/2014/11/e-label-act/) or physically label the device with the unique identifier provided by the FCC (upon approved application) \ No newline at end of file diff --git a/docs/firmware/firmware-dumping.md b/docs/firmware/firmware-dumping.md index 0fd26db..63b1b13 100644 --- a/docs/firmware/firmware-dumping.md +++ b/docs/firmware/firmware-dumping.md @@ -1,9 +1,3 @@ ---- -cover: >- - https://images.unsplash.com/photo-1552664730-d307ca884978?ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&ixlib=rb-1.2.1&auto=format&fit=crop&w=2970&q=80 -coverY: 0 ---- - # Firmware Dumping ### Summary @@ -148,4 +142,4 @@ sudo unsquashfs -f -d /media/seagate /tmp/file.squashfs ![](https://images.squarespace-cdn.com/content/v1/5894c269e4fcb5e65a1ed623/1581004558438-UJV08PX8O5NVAQ6Z8HXI/ke17ZwdGBToddI8pDm48kHSRIhhjdVQ3NosuzDMrTulZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3-s\_4yszcp2ryTI0HqTOaaUohrI8PIYASqlw8FVQsXpiBs096GedrrOfpwzeSClfgzB41Jweo/Picture2.png?format=1000w) -* https://www.zerodayinitiative.com/blog/2020/2/6/mindshare-dealing-with-encrypted-router-firmware +* [MINDSHARE: DEALING WITH ENCRYPTED ROUTER FIRMWARE](https://www.zerodayinitiative.com/blog/2020/2/6/mindshare-dealing-with-encrypted-router-firmware) diff --git a/docs/firmware/firmware-reverse-engineering.md b/docs/firmware/firmware-reverse-engineering.md index 3038ff8..375d308 100644 --- a/docs/firmware/firmware-reverse-engineering.md +++ b/docs/firmware/firmware-reverse-engineering.md @@ -21,9 +21,7 @@ Prerequisite: > To load it properly in IDA, open the file, select ATMEL AVR and then select ATmega323\_L. -https://thanat0s.trollprod.org/2014/01/loader-un-binaire-arduino-dans-ida/ - -* ESP8266 : https://github.com/themadinventor/ida-xtensa +* ESP8266 : [https://github.com/themadinventor/ida-xtensa](https://github.com/themadinventor/ida-xtensa) ### Loading bare-metal binaries into Radare2 @@ -70,11 +68,11 @@ jmp 0x59ae ### Loading bare-metal binaries into Ghidra -* SVD-Loader for Ghidra: Simplifying bare-metal ARM reverse engineering - https://leveldown.de/blog/svd-loader/ +* SVD-Loader for Ghidra: Simplifying bare-metal ARM reverse engineering - [svd-loader/](https://leveldown.de/blog/svd-loader/) ### ESPTool -ESP8266 and ESP32 serial bootloader utility : github.com/espressif/esptool +ESP8266 and ESP32 serial bootloader utility : [espressif/esptool](https://github.com/espressif/esptool) ```powershell josh@ioteeth:/tmp/reversing$ ~/esptool/esptool.py image_info recovered_file @@ -87,7 +85,7 @@ Segment 1: len 0x00568 load 0x4010f000 file_offs 0x00000008 ### nRF5x Firmware disassembly tools -* https://github.com/DigitalSecurity/nrf5x-tools +* [DigitalSecurity/nrf5x-tools](https://github.com/DigitalSecurity/nrf5x-tools) ```powershell $ python3 nrfident.py bin firmwares/s132.bin @@ -113,8 +111,8 @@ ROM length : 0x5d000 ### Pure disassemblers -* Vavrdisasm -- vAVRdisasm will auto-recognize Atmel Generic, Intel HEX8, and Motorola S-Record files - https://github.com/vsergeev/vavrdisasm -* ODAweb -- https://www.onlinedisassembler.com/odaweb/ +* Vavrdisasm -- vAVRdisasm will auto-recognize Atmel Generic, Intel HEX8, and Motorola S-Record files - [vsergeev/vavrdisasm](https://github.com/vsergeev/vavrdisasm) +* [ODA - The Online Disassembler](https://www.onlinedisassembler.com/odaweb/) * avr-objdump – gcc kit standard tool ```powershell @@ -132,7 +130,7 @@ $ simulavr -P atmega128 -F 16000000 –f build-crumbuino128/ex1.1.elf ### UEFI Firmware -Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc - [https://github.com/theopolis/uefi-firmware-parser](https://github.com/theopolis/uefi-firmware-parser) +Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc - [theopolis/uefi-firmware-parser](https://github.com/theopolis/uefi-firmware-parser) ``` sudo pip install uefi_firmware @@ -143,3 +141,7 @@ $ uefi-firmware-parser --test ~/firmware/* ~/firmware/O990-A03.exe: None ~/firmware/O990-A03.exe.hdr: DellPFS ``` + +## References + +* [Loader un binaire Arduino dans IDA - Posted on January 26, 2014 by thanatos](https://thanat0s.trollprod.org/2014/01/loader-un-binaire-arduino-dans-ida/) \ No newline at end of file diff --git a/docs/gadgets/bus-pirate.md b/docs/gadgets/bus-pirate.md index c29329a..ce8e242 100644 --- a/docs/gadgets/bus-pirate.md +++ b/docs/gadgets/bus-pirate.md @@ -1,8 +1,6 @@ # Bus Pirate - - -![](https://iotmyway.files.wordpress.com/2018/05/mode-guide.png) +![MOSI-MISO](https://iotmyway.files.wordpress.com/2018/05/mode-guide.png) ### Update Bus Pirate @@ -18,4 +16,4 @@ sudo flashrom –p buspirate_spi:dev=/dev/ttyUSB0 # Dump firmware using a bus pirate (SPI) sudo flashrom –p Buspirate_spi:dev=/dev/ttyUSB0,spispeed=1M –c (Chip name) –r (Name.bin) -``` +``` \ No newline at end of file diff --git a/docs/gadgets/flipper-zero.md b/docs/gadgets/flipper-zero.md index 8ace23e..90973ed 100644 --- a/docs/gadgets/flipper-zero.md +++ b/docs/gadgets/flipper-zero.md @@ -1,50 +1,36 @@ ---- -description: https://flipperzero.one/ ---- - # Flipper Zero ![FlipperZero](../assets/image.png) ### **Firmwares** -* Flipper Zero Firmware\ - [https://github.com/flipperdevices/flipperzero-firmware](https://github.com/flipperdevices/flipperzero-firmware) -* Flipper Zero Unleashed Firmware +* [Flipper Zero Firmware](https://github.com/flipperdevices/flipperzero-firmware) +* [Flipper Zero Unleashed Firmware](https://github.com/Eng1n33r/flipperzero-firmware) +* [Flipper Zero FW RogueMaster](https://github.com/RogueMaster/flipperzero-firmware-wPlugins) - [https://github.com/Eng1n33r/flipperzero-firmware](https://github.com/Eng1n33r/flipperzero-firmware) -* Flipper Zero FW \[ROGUEMASTER] - - [https://github.com/RogueMaster/flipperzero-firmware-wPlugins](https://github.com/RogueMaster/flipperzero-firmware-wPlugins) - -Awesome FlipperZero: [https://github.com/djsime1/awesome-flipperzero](https://github.com/djsime1/awesome-flipperzero) +* [Awesome FlipperZero](https://github.com/djsime1/awesome-flipperzero) #### Firmware Update -1. Update to the latest firmware using https://flipperzero.one/update -2. Download and install qFlipper +1. Update to the latest firmware using [https://flipperzero.one/update](https://flipperzero.one/update) +2. Download and install qFlipper 3. Connect your Flipper Zero via USB, update to the official firmware 4. Disconnect from USB, power off the Flipper Zero, and remove the SD to prepare it for flashing. -5. Download the latest RogueMaster firmware from their Github Page. https://github.com/RogueMaster/flipperzero-firmware-wPlugins +5. Download the latest [RogueMaster](https://github.com/RogueMaster/flipperzero-firmware-wPlugins) firmware from their Github Page. 6. Unzip the downloaded .zip and copy the content into /update of the Flipper SD card (including the .dfu) -7. On the Flipper Zero, once booted, press down, and left until you are on the 'Browser' screen. Scroll down until you see the 'update' directory and click on it. +7. On the Flipper Zero, once booted, press down, and left until you are on the 'Browser' screen. Scroll down until you see the 'update' directory and click on it. 8. You should now see the contents you uploaded and an 'update' option. Hover over the 'update' option, click the center button on your Flipper, once again on the 'Run in App' option. ### Videos -* Flipper Zero: Want some good news? - Penthertz - - [https://www.youtube.com/watch?v=tB0eYatvu0k](https://www.youtube.com/watch?v=tB0eYatvu0k) -* Flipper Zero: is this for you? Follow our 1st tests! - Penthertz - - [https://www.youtube.com/watch?v=W5YYObSBUno](https://www.youtube.com/watch?v=W5YYObSBUno) +* [Flipper Zero: Want some good news? - Penthertz](https://www.youtube.com/watch?v=tB0eYatvu0k) +* [Flipper Zero: is this for you? Follow our 1st tests! - Penthertz](https://www.youtube.com/watch?v=W5YYObSBUno) ### Tutorials and Resources -* [https://flipper.pingywon.com/flipper/](https://flipper.pingywon.com/flipper/)\ - [https://flipper.pingywon.com/](https://flipper.pingywon.com/) -* [https://github.com/UberGuidoZ/Flipper](https://github.com/UberGuidoZ/Flipper) -* [https://interestingsoup.com/n00b-guide-flashing-flipper-zero-to-rougemaster/](https://interestingsoup.com/n00b-guide-flashing-flipper-zero-to-rougemaster/) +* [Flipper Zero Hacking 101 - pingywon](https://flipper.pingywon.com/flipper/) +* [Flipper Zero Playground - UberGuidoZ](https://github.com/UberGuidoZ/Flipper) +* [Flashing Flipper Zero with RogueMaster CFW](https://interestingsoup.com/n00b-guide-flashing-flipper-zero-to-rougemaster/) diff --git a/docs/gadgets/micro-bit.md b/docs/gadgets/micro-bit.md index 6dc3d65..2f8f9df 100644 --- a/docs/gadgets/micro-bit.md +++ b/docs/gadgets/micro-bit.md @@ -1,10 +1,8 @@ # Micro::bit - - ### Extract source code from firmware -When the source has been build from https://makecode.microbit.org/#editor, the Javascript code is embedded into the firmware. +When the source has been build from [https://makecode.microbit.org/#editor](https://makecode.microbit.org/#editor), the Javascript code is embedded into the firmware. ```python import bincopy diff --git a/docs/other/default-iot-passwords.md b/docs/other/default-iot-passwords.md index 211f5b4..ad99b41 100644 --- a/docs/other/default-iot-passwords.md +++ b/docs/other/default-iot-passwords.md @@ -1,8 +1,6 @@ # Default IoT Passwords - - -IoT Device Default Password Lookup : https://www.defpass.com +IoT Device Default Password Lookup : [https://www.defpass.com](https://www.defpass.com) ### Mirai Wordlist diff --git a/docs/other/links-and-hardware-kits.md b/docs/other/links-and-hardware-kits.md index bc75d8b..280d05e 100644 --- a/docs/other/links-and-hardware-kits.md +++ b/docs/other/links-and-hardware-kits.md @@ -1,7 +1,5 @@ # Links & Hardware Kits - - ### Hardware Challenges & CTF * [BLE CTF](https://github.com/hackgnar/ble\_ctf) @@ -31,4 +29,7 @@ ### Hardware Kit -![HW1](https://i.ibb.co/WW55LH4/Hardware-Toolkit.jpg) ![HW2](https://i.ibb.co/F3vRmgV/Hardware-Toolkit2.jpg) ![DVID1](https://github.com/Vulcainreo/DVID/raw/master/kit-contents.jpg) ![Ph0wn Basic](https://pbs.twimg.com/media/ELVWNyKWwAAPa0T?format=jpg\&name=900x900) +![HW1](https://i.ibb.co/WW55LH4/Hardware-Toolkit.jpg) +![HW2](https://i.ibb.co/F3vRmgV/Hardware-Toolkit2.jpg) +![DVID1](https://github.com/Vulcainreo/DVID/raw/master/kit-contents.jpg) +![Ph0wn Basic](https://pbs.twimg.com/media/ELVWNyKWwAAPa0T?format=jpg\&name=900x900) diff --git a/docs/protocols/lora.md b/docs/protocols/lora.md index da15b12..4b8841a 100644 --- a/docs/protocols/lora.md +++ b/docs/protocols/lora.md @@ -1,7 +1,5 @@ # LoRa - - ### LoRa with Arduino on 868.1MHZ [arduino-LoRa](https://github.com/sandeepmistry/arduino-LoRa)\ diff --git a/docs/protocols/mqtt.md b/docs/protocols/mqtt.md index 50c6c64..f33ddb2 100644 --- a/docs/protocols/mqtt.md +++ b/docs/protocols/mqtt.md @@ -8,7 +8,7 @@ MQTT client: * [MQTT CLI](https://asciinema.org/a/DlPmJwXbhuAURHseamGdMy4z3/embed?speed=2\&autoplay=true) * [MQTT Lens](https://chrome.google.com/webstore/detail/mqttlens/hemojaaeigabkbcookmlgmdigohjobjm) * MQTT.fx -* mosquitto\_tools +* mosquitto_tools Scan an MQTT with nmap : `nmap -p 1883 -vvv --script=mqtt-subscribe -d sensors.domain.com` diff --git a/docs/protocols/rfid-nfc.md b/docs/protocols/rfid-nfc.md index b80c87a..f4c15c7 100644 --- a/docs/protocols/rfid-nfc.md +++ b/docs/protocols/rfid-nfc.md @@ -1,7 +1,5 @@ # RFID NFC - - ### Install and configuration Dependencies to install first :\ diff --git a/docs/protocols/spi.md b/docs/protocols/spi.md index b3bb7b1..d39307b 100644 --- a/docs/protocols/spi.md +++ b/docs/protocols/spi.md @@ -1,7 +1,5 @@ # SPI - - ### Dump Firmware via SPI ```powershell diff --git a/docs/protocols/wifi.md b/docs/protocols/wifi.md index 0190d95..9f744b3 100644 --- a/docs/protocols/wifi.md +++ b/docs/protocols/wifi.md @@ -1,7 +1,5 @@ # Wifi - - ### Tools * Wifite - https://github.com/derv82/wifite @@ -689,6 +687,6 @@ aircrack-ng -J network network.cap ### References -* https://uceka.com/2014/05/12/wireless-penetration-testing-cheat-sheet/ -* https://www.doyler.net/security-not-included/aireplay-0841-attack -* https://gist.github.com/s4vitar/3b42532d7d78bafc824fb28a95c8a5eb +* [Wireless Penetration Testing Cheat Sheet [UPDATED – 2022]](https://uceka.com/2014/05/12/wireless-penetration-testing-cheat-sheet/) +* [Aireplay 0841 Attack – Introduction](https://www.doyler.net/security-not-included/aireplay-0841-attack) +* [Preparación para el OSWP (by s4vitar)](https://gist.github.com/s4vitar/3b42532d7d78bafc824fb28a95c8a5eb) \ No newline at end of file