bsderek

CIS-BENCHMARK AUDITING SCRIPT

Hi guys, its been a long time since I have posted something on this blog post. I was busy with a project which I would be sharing on this post. I will not be publishing any ctf soon, maybe later in the year or so. So, the reason I have not been publishing any CTFContinue reading “CIS-BENCHMARK AUDITING SCRIPT”

Cybersecurity Ops with Bash: Defensive (Ch.9)

Hi guys, we are back to the series of Cybersecurity Ops with Bash: Defensive workshop solution. Note: This is only workshop solution, NOT A SUMMARY OF DEFENSIVE BASH!!! I do not own the book, I am just reading/learning it and published the solution ONLY. Before you read the workshop solution, it is good if youContinue reading “Cybersecurity Ops with Bash: Defensive (Ch.9)”

Cybersecurity Ops with Bash: Defensive (Ch. 8)

Hackthebox learning note 1

Scanning the target machine using the script [https://github.com/21y4d/nmapAutomator] (recommanded) nmap -sC -sV [target IP address] [more options can be added] -sC: script scanning -sV: scan version -A: Enable OS detection, version detection, script scanning, and traceroute –open: Only show open (or possibly open) ports nmap –script all -p445 [target IP address] SMB enumeration smbclient -LContinue reading “Hackthebox learning note 1”

Cybersecurity Ops with Bash: Defensive (Ch. 7)

Hi guys, we will be continuing the series of Cybersecurity Ops with Bash: Defensive workshop solution. I will be going through Chapter 7: Data Analysis. Note: This is only workshop solution, NOT A SUMMARY OF DEFENSIVE BASH!!!Note: I do not own the book, I am just reading/learning it and published the solution ONLY. Before youContinue reading “Cybersecurity Ops with Bash: Defensive (Ch. 7)”

Cybersecurity Ops with Bash: Defensive (Ch. 6)

Hi guys, we will be continuing the series of Cybersecurity Ops with Bash: Defensive workshop solution. I will be going through Chapter 6: Data Processing. Note: This is only workshop solution, NOT A SUMMARY OF DEFENSIVE BASH!!!Note: I do not own the book, I am just reading/learning it and published the solution ONLY. Before youContinue reading “Cybersecurity Ops with Bash: Defensive (Ch. 6)”

Cybersecurity Ops with Bash: Defensive(Ch. 5)

Hi guys, recently I have reading an ebook on O’reilly, the ebook is called Cybersecurity Ops with Bash. It teached us how to write bash script and show how bash script can be used in both offensive and defensive. I have the link below if you want to get the book from Amazon or O’reilly.Continue reading “Cybersecurity Ops with Bash: Defensive(Ch. 5)”

Exploit Activity Component in InsecureBankv2 Application

Hi guys, today we will be exploiting an <activity> tag that has “android:exported” declared in the tag. What is an <activity> tag? Quote from Google Search, “Use with the <activity> tag to supply a default banner for a specific activity, …“ That specific activity we are exploiting is “android:exported”, why? Because it is an elementContinue reading “Exploit Activity Component in InsecureBankv2 Application”

Tools for Static/Dynamic Analyze in Moblie Hacking

Hi guys, today we will install more tools that are used for testing mobile application. Credit to tsug0d for this lesson on Mobile Application Pentesting, I have learned quite a bit of Mobile hacking from his slides, will link it in the reference below. Installation part: Tools used is mainly for Linux distribution. apktool dex2jarContinue reading “Tools for Static/Dynamic Analyze in Moblie Hacking”

Installation of Essential tools for Mobile Hacking

Hello everybody, this will be continuation of setting up a mobile pentesting lab. The required tools need are: apktools adb shell Drozer We will be using Kali Linux OS. Let’s first start with the installation of apktools, Followed by installing adb (Android Debug Bridge), Lastly, we will install Drozer (current version is drozer-2.4.4 as ofContinue reading “Installation of Essential tools for Mobile Hacking”