There are many free sites and utilities you can use to learn more about attack vectors. DO NOT RUN THESE IN PRODUCTION. https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project OWASP top 10 scenarios. https://www.hackthissite.org/ Lots of web hacking scenarios. http://www.dvwa.co.uk/ Vulnerable web app. https://github.com/Subterfuge-Framework/Subterfuge/blob/master/README.md easy MITM. Read more…
I needed to be able to extract attachments from SMTP in order to do a poor mans Fireeye type solution. I can then hash the files and submit to virustotal and/or cuckoobox. Create the file “extract-smtp.bro” in your bro $PREFIX/policy/misc/ Read more…
Timemachine is a great solution for a full pcap system. Nothing fancy, but extremely good at it’s job. https://www.bro.org/community/time-machine.html #Install EPEL.http://mirror.umd.edu/fedora/epel/6/i386/repoview/epel-release.html sudo yum install cmake swig python-devel byacc kernel-devel libtool subversion automake make autoconf pcre-devel libpcap-devel libpcap flex bison byacc Read more…
Timemachine is just raw pacp and while it does integrate with Bro, Moloch’s gui is way waaaaayyy better. Command line is king. 1. Install prereqs yum install cmake make gcc gcc-c++ flex bison l openssl-devel python-devel swig zlib-devel git numactl Read more…
Got a huge JBOD and you would like to RAID them? It’s easy. ####First, figure out what Linux picked up the drives as. fdisk -l > disks.txt cat disks.txt | grep /dev | grep -v Disk ####Then i just copied Read more…
This is a work in progress. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!There are only 3 default privilege levels on a cisco device. 0 – no access1 – user15 – enable There are a few differences between Radius and Tacacs. One is command authorization. With Radius, Read more…
Trunk two VLANs to the sensing interface of the IPS. Hosts in vlan 10 and 20 are in the same subnet, and the IPS bridges. SW1:interface FastEthernet0/1 description R1 switchport access vlan 20 switchport mode access!interface FastEthernet0/10 description PC1 switchport access vlan 10 switchport mode access!interface Read more…
Configuration. !HUB:!!!ISAKMP Phase 1crypto isakmp policy 10 authentication pre-share hash md5 encr 3des group 5!!!Wildcard keycrypto isakmp key Password123 address 0.0.0.0!crypto ipsec transform-set DMVPN_TRANSFORM_SET esp-des esp-md5-hmacmode transport!!!IPSec phase 2 crypto ipsec profile DMVPN_PROFILE set transform-set DMVPN_TRANSFORM_SET!interface Tunnel0 ip address 10.255.255.5 255.255.255.0 no ip redirects ip mtu 1400 ip nhrp Read more…
SOCKS proxy over SSH for browsing HTTP/SSL. In Putty, create a connection to your favorite SSH server that has unfettered access, or at least the access you need. Setup a tunnel on some port as Dynamic. Set your browser up Read more…
EZVPN is a client/server VPN solution where dynamic tunnels are created.http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnips/configuration/12-4t/sec-sec-for-vpns-w-ipsec-12-4t-book/sec-ipsec-virt-tunnl.html In IPSec, you need to remember 3 things.WhoWhatHow Who: Who’s the endpointWhat: Proxy ACLHow: Transform set !!!!SERVER! !!Configure authentication. Local for testing! aaa new-modelaaa authentication login local_list localaaa authorization Read more…