OffSec Blog: Learning Resources

Showing posts with label Learning Resources. Show all posts

Sunday, February 6, 2022

AzureHunter - A Cloud Forensics Powershell Module To Run Threat Hunting Playbooks On Data From Azure And O365

3:10:00 PM Cloud Forensics, Cloud Pentest, Cloud Security, Cyber Forensics, DFIR & Forensics, Hackers Tools, Learning Resources, Security Tools No comments

A Powershell module to run threat hunting playbooks on data from Azure and O365 for Cloud Forensics purposes.

Getting Started

1. Check that you have the right O365 Permissions

The following roles are required in Exchange Online, in order to be able to have read only access to the UnifiedAuditLog: View-Only Audit Logs or Audit Logs.

These roles are assigned by default to the Compliance Management role group in Exchange Admin Center.

NOTE: if you are a security analyst, incident responder or threat hunter and your organization is NOT giving you read-only access to these audit logs, you need to seriously question what their detection and response strategy is!

More information:

NOTE: your admin can verify these requirements by running Get-ManagementRoleEntry "*\Search-UnifiedAuditLog" in your Azure tenancy cloud shell or local powershell instance connected to Azure.

2. Ensure ExchangeOnlineManagement v2 PowerShell Module is installed

Please make sure you have ExchangeOnlineManagement (EXOv2) installed. You can find instructions on the web or go directly to my little KB on how to do it at the soc analyst scrolls

3. Either Clone the Repo or Install AzureHunter from the PSGallery

3.1 Cloning the Repo

Clone this repository
Import the module Import-Module .\source\AzureHunter.psd1

3.2 Install AzureHunter from the PSGallery

All you need to do is:

Install-Module AzureHunter -Scope CurrentUser
Import-Module AzureHunter

What is the UnifiedAuditLog?

The unified audit log contains user, group, application, domain, and directory activities performed in the Microsoft 365 admin center or in the Azure management portal. For a complete list of Azure AD events, see the list of RecordTypes.

The UnifiedAuditLog is a great source of cloud forensic information since it contains a wealth of data on multiple types of cloud operations like ExchangeItems, SharePoint, Azure AD, OneDrive, Data Governance, Data Loss Prevention, Windows Defender Alerts and Quarantine events, Threat intelligence events in Microsoft Defender for Office 365 and the list goes on and on!

AzureHunter Data Consistency Checks

AzureHunter implements some useful logic to ensure that the highest log density is mined and exported from Azure & O365 Audit Logs. In order to do this, we run two different operations for each cycle (batch):

Automatic Window Time Reduction: this check ensures that the time interval is reduced to the optimal interval based on the ResultSizeUpperThreshold parameter which by default is 20k. This means, if the amounts of logs returned within your designated TimeInterval is higher than ResultSizeUpperThreshold, then an automatic adjustment will take place.
Sequential Data Check: are returned Record Indexes sequentially valid?

Usage

Ensure you connect to ExchangeOnline

It's recommended that you run Connect-ExchangeOnline before running any AzureHunter commands. The program checks for an active remote session and attempts to connect but some versions of Powershell don't allow this and you need to do it yourself regardless.

Run AzureHunter

AzureHunter has two main commands: Search-AzureCloudUnifiedLog and Invoke-HuntAzureAuditLogs.

The purpose of Search-AzureCloudUnifiedLog is to implement a complex logic to ensure that the highest percentage of UnifiedAuditLog records are mined from Azure. By default, it will export extracted and deduplicated records to a CSV file.

The purpose of Invoke-HuntAzureAuditLogs is to provide a flexible interface into hunting playbooks stored in the playbooks folder. These playbooks are designed so that anyone can contribute with their own analytics and ideas. So far, only two very simple playbooks have been developed: AzHunter.Playbook.Exporter and AzHunter.Playbook.LogonAnalyser. The Exporter takes care of exporting records after applying de-duplication and sorting operations to the data. The LogonAnalyser is in beta mode and extracts events where the Operations property is UserLoggedIn. It is an example of what can be done with the playbooks and how easy it is to construct one.

When running Search-AzureCloudUnifiedLog, you can pass in a list of playbooks to run per log batch. Search-AzureCloudUnifiedLog will pass on the batch to the playbooks via Invoke-HuntAzureAuditLogs.

Finally Invoke-HuntAzureAuditLogs can, be used standalone. If you have an export of UnifiedAuditLog records, you can load them into a Powershell Array and pass them on to this command and specify the relevant playbooks.

Example 1 | Run search on Azure UnifiedAuditLog and extract records to CSV file (default behaviour)

Search-AzureCloudUnifiedLog -StartDate "2020-03-06T10:00:00" -EndDate "2020-06-09T12:40:00" -TimeInterval 12 -AggregatedResultsFlushSize 5000 -Verbose

This command will:

Search data between the dates in StartDate and EndDate
Implement a window of 12 hours between these dates, which will be used to sweep the entire length of the time interval (StartDate --> EndDate). This window will be automatically reduced and adjusted to provide the maximum amount of records within the window, thus ensuring higher quality of output. The time window slides sequentially until reaching the EndDate.
The AggregatedResultsFlushSize parameter speficies the batches of records that will be processed by downstream playbooks. We are telling AzureHunter here to process the batch of records once the total amount reaches 5000. This way, you can get results on the fly, without having to wait for hours until a huge span of records is exported to CSV files.

Example 2 | Run Hunting Playbooks on CSV File

We assume that you have exported UnifiedAuditLog records to a CSV file, if so you can then do:

$RecordArray = Import-Csv .\my-exported-records.csv
Invoke-HuntAzureAuditLogs -Records $RecordArray -Playbooks 'AzHunter.Playbook.LogonAnalyser'

You can run more than one playbook by separating them via commas, they will run sequentially:

$RecordArray = Import-Csv .\my-exported-records.csv
Invoke-HuntAzureAuditLogs -Records $RecordArray -Playbooks 'AzHunter.Playbook.Exporter', 'AzHunter.Playbook.LogonAnalyser'

Why?

Since the aftermath of the SolarWinds Supply Chain Compromise many tools have emerged out of deep forges of cyberforensicators, carefully developed by cyber blacksmith ninjas. These tools usually help you perform cloud forensics in Azure. My intention with AzureHunter is not to bring more noise to this crowded space, however, I found myself in the need to address some gaps that I have observed in some of the tools in the space (I might be wrong though, since there is a proliferation of tools out there and I don't know them all...):

Azure cloud forensic tools don't usually address the complications of the Powershell API for the UnifiedAuditLog. This API is very unstable and inconsistent when exporting large quantities of data. I wanted to develop an interface that is fault tolerant (enough) to address some of these issues focusing solely on the UnifiedAuditLog since this is the Azure artefact that contains the most relevant and detailed activity logs for users, applications and services.
Azure cloud forensic tools don't usually put focus on developing extensible Playbooks. I wanted to come up with a simple framework that would help the community create and share new playbooks to extract different types of meaning off the same data.

If, however, you are looking for a more feature rich and mature application for Azure Cloud Forensics I would suggest you check out the excellent work performed by the cyber security experts that created the following applications:

CISA's Sparrow
HAWK
CrowdStrike Reporting Tool for Azure CRT

I'm sure there is a more extensive list of tools, but these are the ones I could come up with. Feel free to suggest some more.

Why Powershell?

I didn't want to re-invent the wheel
Yes the Powershell interface to Azure's UnifiedAuditLog is unstable, but in terms of time-to-production it would have taken me an insane amount of hours to achieve the same thing writing a whole new interface in languages such as .NET, Golang or Python to achieve the same objectives. In the meanwhile, the world of Cyber Defense and Response does not wait!

TODO

Specify standard playbook metadata attributes that need to be present so that AzureHunter can leverage them.
Allow for playbooks to specify dependencies on other playbooks so that one needs to be run before the other. Playbook chaining could produce interesting results and avoid code duplication.
Develop Pester tests and Coveralls results.
Develop documentation in ReadTheDocs.
Allow for the specification of playbooks in SIGMA rule standard (this might require some PR to the SIGMA repo)

More Information

For more information

Credits

Icon made by itim2101 from www.flaticon.com

Download AzureHunter

Wireshark Crash Course - Tutorial

4:45:00 PM Courses, Downloads, Learning Resources, Pr1v8 No comments

Description

Wireshark is the most widely used network capture and protocol analyzer on the market. It is used by IT and Network administrators to troubleshoot network connectivity issues and by Network Security analysts to dissect network attacks. This free and open source application is so widely used in the industry because it works. It is cross platform, meaning that it runs on Windows, Mac, Linux and FreeBSD.
This course is an introduction to the application and goes over the basics to get you started capturing and analyzing network traffic. It will build your base by explaining the theory behind how networks work and then get you in to real world applications of the software.
In this course you will learn:

The basics of how networks operate
How to capture traffic on wireshark
How to use display and capture filters
How to use command line wireshark to work with large packet captures

Who is the target audience?

Network Administrators
System Administrators
IT Security Analysts

Type: Course
Language: English
Number of videos: 24
Year: 2015
Format: MP4
Size: 675 MB
Password: offsec

Download Wireshark Crash Course

Wireshark Certified Network Analyst – WCNA

4:24:00 PM Courses, Learning Resources No comments

Description

In your day-to-day role as a network engineer you will spend much of your time resolving network issues from DNS, DHCP and TCP to slow performance issues and possible hacking attempts.
An essential part of your role will be the ability to capture and analyze packets travelling across the network, interpret the results and make suggestions based upon what you find.
Most engineers avoid packet sniffers because they feel they are complicated but once you do understand how to do it your confidence and ability will massively improve.
This course covers all you need to know about using Wireshark packet capture tool and equips you take take the highly prized exam, the Wireshark Certified Network Analyst or WCNA.
Included are in-depth lectures with real world traffic examples. You also get access to sample traffic patterns from Wireshark so you can do your own labs at home.

Who is the target audience?

IT students who want to understand TCP in great detail
Network engineers looking to learn essential troubleshooting skills
Computer novices and advanced users who want to gain confidence
IT engineers who want to really understand TCP/IP
Anybody working or looking to work as a network engineer

Type: Course
Language: English
Number of videos: 36
Year: 2017
Format: MP4
Size: 1.17GB
Password: offsec

Download WCNA

Ultimate Wi Fi Hacking & Security Series

3:46:00 PM Courses, Learning Resources No comments

Wireless networks are popping up everywhere.. It will be the most commonly used technology among computer networks in the near future. They provide a lot of freedom but not without cost: All too many home and corporate wireless networks are left wide open for attack.

This course takes an in-depth look at the security challenges of many different wireless technologies, exposing you to wireless security threats through the eyes of an attacker. Using readily available and custom-developed tools, you will navigate your way through the techniques attackers use to exploit Wi-Fi networks, including attacks againstWEP, WPA/WPA2, WPSand other systems.

Using assessment and analysis techniques, this course will show you how to identify the threats that expose wireless technology and build on this knowledge to implement defensive techniques that can be used to protect wireless systems.

In this course we teach everything fromscratchandno pre-existing knowledgeis needed. So as long as you have a working internet connection, a wireless router and a computer/laptop you are good to go.

With 25 modules for this course and Challenge Assignments for topics, we make sure you understand the topic from the ground up to the deep packet level.

This Hacking & Security course is meant for anyone who would like to learn how to SECURE their Wi-Fi network. Further, we also cover the essential HACKING aspects of it, as it is needed to properly understand the security part.

This is a beginner level course, and more advanced concepts like Firewalls, IDS and WLAN Man- in-the-Middle Attacks are NOT covered.

Type: Course
Language: English
Number of videos: 25
Year: 2017
Format: MP4
Size: 610 MB
Password: offsec

Download Ultimate Wi Fi Hacking & Security Series

Learn Hacking Using Android From Scratch

6:42:00 PM Courses, Learning Resources, Mobile Security, Pr1v8 No comments

The course will start with you from scratch, from preparing your Android device and computer, installing the needed apps and will finish up with examples of real life scenarios that will give you full control over various computer systems.

This course focuses on the practical side penetration testing without neglecting the theory behind each attack, for each attack you will learn how that attack works and then you will learn how to practically launch that attack, this will give you full understanding of the conditions which allow this attack to be successfully executed, this knowledge will help you to detect and sometimes prevent this attack from happening. The the attacks explained in this course are launched against real devices in my lab.

Type: Course
Language: English
Number of videos: 25
Year: 2017
Format: MP4
Size: 1.14 GB
Password: offsec

Download Course

The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data - The Art of Invisibility

3:26:00 PM Hacking Ebook's, Learning Resources, PDF, Security Ebook's No comments

Overview

The Art of Invisibility: The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data by Kevin Mitnick

Be online without leaving a trace.

Your every step online is being tracked and stored, and your identity literally stolen. Big companies and big governments want to know and exploit what you do, and privacy is a luxury few can afford or understand.

In this explosive yet practical book, Kevin Mitnick uses true-life stories to show exactly what is happening without your knowledge, teaching you "the art of invisibility"—online and real-world tactics to protect you and your family, using easy step-by-step instructions. Reading this book, you will learn everything from password protection and smart Wi-Fi usage to advanced techniques designed to maximize your anonymity.

Kevin Mitnick knows exactly how vulnerabilities can be exploited and just what to do to prevent that from happening. The world's most famous—and formerly the US government's most wanted—computer hacker, he has hacked into some of the country's most powerful and seemingly impenetrable agencies and companies, and at one point was on a three-year run from the FBI. Now Mitnick is reformed and widely regarded as the expert on the subject of computer security.

Invisibility isn't just for superheroes—privacy is a power you deserve and need in the age of Big Brother and Big Data.

Product Details

ISBN-13:     9780316380508
Publisher:     Little, Brown and Company
Publication date:     02/14/2017
Pages:     320

Download The Art of Invisibility

Mr. Robot Season 3ª - 1080p Full Download

6:39:00 PM Documentary, Filmes e Documentários, Hacktivism, Learning Resources, Movies, Seriados, Series No comments

Mr. Robot is an American drama–thriller television series created by Sam Esmail. It stars Rami Malek as Elliot Alderson, a cybersecurity engineer and hacker who suffers from social anxiety disorder and clinical depression. Alderson is recruited by an insurrectionary anarchist known as "Mr. Robot", played by Christian Slater, to join a group of hacktivists called "fsociety". The group aims to destroy all debt records by encrypting the financial data of the largest conglomerate in the world, E Corp.

The pilot premiered on multiple online and video on demand services on May 27, 2015. The first season premiered on USA Network on June 24, 2015, and the second on July 13, 2016. The 10-episode third season premiered on October 11, 2017. In December 2017, Mr. Robot was renewed for a fourth season.

Mr. Robot has received critical acclaim and has been nominated for and won multiple awards, including the Golden Globe for Best Television Drama Series and was recognized with a Peabody Award. In 2016, the series received six Emmy nominations, including Outstanding Drama Series with Malek winning for Outstanding Lead Actor in a Drama Series.

Download Mr.Robot 1080p

Mr. Robot Season 2ª - 1080p Full Download

6:34:00 PM Filmes e Documentários, Hacktivism, Learning Resources, Movies, Seriados, Series No comments

Download Mr. Robot 1080p

Mr. Robot Season 1ª - 720p Full Download

6:47:00 PM Filmes e Documentários, Hacktivism, Learning Resources, Movies, Seriados, Series No comments

Download Mr. Robot 720p

Epix Original Documentary - Deep Web

6:54:00 PM Documentary, Learning Resources, Movies, Web Security No comments

Deep Web investigates the events surrounding Silk Road, the online marketplace for selling illegal drugs on the dark web that was eventually shutdown by the FBI. At its peak it had over 900,000 registered users and generated over $1.2bn in sales. This documentary covers the trial of Silk Road owner Ross Ulbricht, who operated the site under the pseudonym ‘Dread Pirate Roberts’, and explores the issues of digital and constitutional rights, cryptography, the untraceable Bitcoin currency, and the War on Drugs.

Documentary Download

This script will make your life easier, and of course faster - lscript

7:52:00 PM Frameworks, Hacking, Hidden, Learning Resources, Security Tools No comments

This is a script that automates many procedures about wifi penetration and hacking.

Features

Enabling-Disabling interfaces faster Changing Mac faster Anonymizing yourself faster View your public IP faster View your MAC faster

TOOLS

You can install whichever tool(s) you want from within lscript! 
Fluxion    by Deltaxflux
WifiTe    by derv82
Wifiphisher   by Dan McInerney
Zatacker   by LawrenceThePentester
Morpheus   by Pedro ubuntu  [ r00t-3xp10it ]
Osrframework   by i3visio
Hakku    by 4shadoww
Trity    by Toxic-ig
Cupp    by Muris Kurgas
Dracnmap   by Edo -maland-
Fern Wifi Cracker  by Savio-code
Kichthemout   by Nikolaos Kamarinakis & David SchĂźtz
BeeLogger   by Alisson Moretto - 4w4k3
Ghost-Phisher   by Savio-code
Mdk3-master                     by Musket Developer
Anonsurf                        by Und3rf10w
The Eye                         by EgeBalci
Airgeddon                       by v1s1t0r1sh3r3
Xerxes                          by zanyarjamal
Ezsploit                        by rand0m1ze
Katana framework                by PowerScript
4nonimizer                      by Hackplayers
Sslstrip2                       by LeonardoNve
Dns2proxy                       by LeonardoNve
Pupy                            by n1nj4sec
Zirikatu                        by pasahitz
TheFatRat                       by Sceetsec
Angry IP Scanner                by Anton Keks
Sniper                          by 1N3
ReconDog                        by UltimateHackers
RED HAWK                        by Tuhinshubhra
Routersploit                    by Reverse shell
CHAOS                           by Tiagorlampert
Winpayloads                     by Ncc group

Wifi password scripts

Handshake       (WPA-WPA2)
Find WPS pin    (WPA-WPA2)
WEP hacking     (WEP)

Others

Email spoofing
Metasploit automation (create payloads,listeners,save listeners for later etc...)
Auto eternalblue exploiting (check on ks) -> hidden shortcuts

How to install
(make sure you are a root user)
Be carefull.If you download it as a .zip file, it will not run.Make sure to follow these simple instructions.

cd
git clone https://github.com/arismelachroinos/lscript.git
cd lscript
chmod +x install.sh
./install.sh

How to run it
(make sure you are a root user)

open terminal
type  "l"
press enter

(Not even "lazy"!! Just "l"! The less you type , the better!)

How to uninstall

cd /root/lscript
./uninstall.sh
rmdir -r /root/lscript

How to update

Run the script
Type "update"

Things to keep in mind
1)you should be a root user to run the script
2)you should contact me if something doesnt work (Write it on the "issues" tab at the top)
3)you should contact me if you want a feature to be added (Write it on the "issues" tab at the top)

Video

Screenshots

Download lscript

Server-side Brute-force Module (ssh, ftp, smtp, facebook, and more) - brut3k1t

7:23:00 AM Brute Force, Hackers Tools, Learning Resources, Password Cracking, Pentest Tools, Security Tools No comments

Server-side brute-force module. Brute-force (dictionary attack, jk) attack that supports multiple protocols and services.

1. Introduction
brut3k1t is a server-side bruteforce module that supports dictionary attacks for several protocols. The current protocols that are complete and in support are:

ssh
ftp
smtp
XMPP
instagram
facebook

There will be future implementations of different protocols and services (including Twitter, Facebook, Instagram).

2. Installation
Installation is simple. brut3k1t requires several dependencies, although they will be installed by the program if you do not have it.

argparse - utilized for parsing command line arguments
paramiko - utilized for working with SSH connections and authentication
ftplib - utilized for working with FTP connections and authentication
smtplib - utilized for working with SMTP (email) connections and authentication
fbchat - utilized for connecting with Facebook
selenium - utilized for web scraping, which is used with Instagram (and later Twitter)
xmppy - utiized for XMPP connections ...and more within the future!

Downloading is simple. Simply git clone .

git clone https://github.com/ex0dus-0x/brut3k1t

Change to directory:

cd /path/to/brut3k1t

3. Usage
Utilizing brut3k1t is a little more complicated than just running a Python file.
Typing python brut3k1t -h shows the help menu:

usage: brut3k1t.py [-h] [-s SERVICE] [-u USERNAME] [-w PASSWORD] [-a ADDRESS]
               [-p PORT] [-d DELAY]

Server-side bruteforce module written in Python

optional arguments:
-h, --help            show this help message and exit
-a ADDRESS, --address ADDRESS
                    Provide host address for specified service. Required
                    for certain protocols
-p PORT, --port PORT  Provide port for host address for specified service.
                    If not specified, will be automatically set
-d DELAY, --delay DELAY
                    Provide the number of seconds the program delays as
                    each password is tried

required arguments:
-s SERVICE, --service SERVICE
                    Provide a service being attacked. Several protocols
                    and services are supported
-u USERNAME, --username USERNAME
                    Provide a valid username for service/protocol being
                    executed
-w PASSWORD, --wordlist PASSWORD
                    Provide a wordlist or directory to a wordlist

Examples of usage:
Cracking SSH server running on 192.168.1.3 using root and wordlist.txt as a wordlist.

python brut3k1t.py -s ssh -a 192.168.1.3 -u root -w wordlist.txt

The program will automatically set the port to 22, but if it is different, specify with -p flag.
Cracking email test@gmail.com with wordlist.txt on port 25 with a 3 second delay. For email it is necessary to use the SMTP server's address. For e.g Gmail = smtp.gmail.com . You can research this using Google.

python brut3k1t.py -s smtp -a smtp.gmail.com -u test@gmail.com -w wordlist.txt -p 25 -d 3

Cracking XMPP test@creep.im with wordlist.txt on default port 5222 . XMPP also is similar to SMTP, whereas you will need to provide the address of the XMPP server, in this case creep.im .

python brut3k1t.py -s xmpp -a creep.im -u test -w wordlist.txt

Cracking Facebook is quite a challenge, since you will require the target user ID, not the username.

python brut3k1t.py -s facebook -u 1234567890 -w wordlist.txt

Cracking Instagram with username test with wordlist wordlist.txt and a 5 second delay

 python brut3k1t.py -s instagram -u test -w wordlist.txt -d 5

## KEY NOTES TO REMEMBER

If you do not supply the port -p flag, the default port for that service will be used. You do not need to provide it for Facebook and Instagram, since they are um... web-based. :)
If you do not supply the delay -d flag, the default delay in seconds will be 1.
Remember, use the SMTP server address and XMPP server address for the address -a flag, when cracking SMTP and XMPP, respectively.
Facebook requires the username ID. This is a little bit of a setback since some people do not display their ID publicly on their profile.
Make sure the wordlist and its directory is specified. If it is in /usr/local/wordlists/wordlist.txt specify that for the wordlist -w flag.
Remember that some protocols are not based on their default port. A FTP server will not necessarily always be on port 21 . Please keep that in mind.
Use this for educational and ethical hacking purposes, as well as the sake of learning code and security-oriented practices. No script kiddies!

Download brut3k1t

The Complete Cyber Security Course - Hacking Exposed!

12:52:00 PM Courses, Learning Resources, Threat Intelligence No comments

The Complete Cyber Security Course Hacking Exposed!

Course Description

Learn a practical skill-set in defeating all online threats, including - advanced hackers, trackers, malware, zero days, exploit kits, cyber criminals and more.

Go from a beginner to advanced in this easy to follow expert course.

Covering all major platforms - Windows 7, Windows 8, Windows 10, MacOS and Linux.

This course covers the fundamental building blocks of your required skillset - You will understand the threat and vulnerability landscape through threat modelling and the risk assessment.

We explore the Darknet and mind-set of the cyber criminal. Covering malware, exploit kits, phishing, zero day vulnerabilities and much more.

You will learn about the global tracking and hacking infrastructures that nation states run. Covering the NSA, FBI, CIA, GCHQ, China’s MSS and other intelligence agencies capabilities.

You will understand the foundations of operating system security and privacy functionality. A close look at the new Windows 10 privacy issues and how to best mitigate them.

There is a complete easy to follow crash course on encryption, how encryption can be bypassed and what you can do to mitigate the risks.

Master defences against phishing, SMShing, vishing, identity theft, scam, cons an other social engineering threats.

Finally we cover the extremely important, but underused security control of isolation and compartmentalization. Covering sandboxes, application isolation, virtual machines, Whonix and Qubes OS.

Download Torrent File

Android Hacking And Penetration Testing - Course

11:59:00 AM Courses, Learning Resources, Mobile Security No comments

Android Hacking And Penetration Testing

Learn Android Hacking and Penetration Testing from the absolute basics

Android Hacking and Penetration Testing course is a highly practical and hands on video course. The course will focus on the tools and techniques for testing the Security of Android Mobile applications. During the course, You will learn various topics such as Android architecture, Android security model, Android Application Pentesting and Exploitation, Reversing Android applications, static and dynamic analysis of android malware etc. After finishing this course you will be able to perform a Penetration test on a given Android device and its applications

What are the requirements?

º PC
º Android Device (Optional)
º Wireless Router (optional )

What will I be able to do after this course?

º By the end of the course , You will learn How to Fuzz applications
º By the end of the course, students will be able to understand the internals of android and it's security
º They will be able to pentest android apps in an efficient way
º By the end of the course, you will learn how to carryout man in the middle attacks in real world
º They will be in a position to perform real world attacks on Android Devices and Apps
º By the end of the course , You will undertsand the internals of Android App Reversing and º Malware Analysis

Who is the target audience?

º Students
º Pen testers
º Developers
º Security enthusiasts

Download Torrent File

Essential Books for PenTest - Post Exploitation

9:24:00 PM Exploitation, Exploitation Tools, Hacking Ebook's, Learning Resources, Post-Exploitation, Post-Exploitation Tool, Security Ebook's, Security Tools No comments

Post-Exploitation

Hi soldier of offensive security

The purpose of the Post-Exploitation phase is to determine the value of the machine compromised and to maintain control of the machine for later use. The value of the machine is determined by the sensitivity of the data stored on it and the machines usefulness in further compromising the network.

The methods described in this phase are meant to help the tester identify and document sensitive data, identify configuration settings, communication channels, and relationships with other network devices that can be used to gain further access to the network, and setup one or more methods of accessing the machine at a later time.

In cases where these methods differ from the agreed upon Rules of Engagement, the Rules of Engagement must be followed.

Book 1: Windows Post-Exploitation Command List



Book 2: Linux/Unix/BSD Post-Exploitation Command List



Book 3: OSX Post-Exploitation Command List

Broken links report for me

By OffensiveSec

Best PDF eBooks For Learning - Hacking

10:02:00 AM Hacking Ebook's, Learning Resources, Security Ebook's No comments

Cyber security takes big part in Technology. There’s a lot of script kiddie hackers who might get lucky and do maythem without understanding what they did. Hopefully, there’s hackers with better skills called White Hat hackers. They are truly professionals in cyber security. They do almost the same thing as black hat hackers do, but once they find vulnerability, they report it instead of exploiting it. I made this list of hacking eBooks and you can check it out.

If you are cyber security enthusiast, you might wanna take a look at following PDF hacking eBooks. They contain a lot of useful information. So feel free to download and share this article with your friends.

By OffSec

SECURITY EDUCATION, PRIVACY GUIDANCE, THREAT AWARENESS, OPEN SOURCE TOOLS, RESEARCH NOTES, AND RESPONSIBLE TECHNOLOGY CONTENT

Sunday, February 6, 2022

Monday, January 29, 2018

Friday, January 19, 2018

Thursday, January 18, 2018

Wednesday, January 17, 2018

Sunday, January 14, 2018

Thursday, January 11, 2018

Tuesday, January 9, 2018

Monday, January 8, 2018

Sunday, January 7, 2018

Saturday, September 9, 2017

Sunday, January 8, 2017

Monday, December 5, 2016

Thursday, September 29, 2016

Friday, September 23, 2016

Search

Top 75 Hacker Blogs

Categories

Popular Posts

Blog Archive

Virtual Machine Applications