Author: maldevel

Encryption, LUKS

Create an encrypted file container in Linux

Installations sudo apt-get install cryptsetupsudo apt-get install cryptsetup Create an empty file with the size of your container (e.g. 100MB) fallocate -l 100M mycontainer.imgfallocate -l 100M mycontainer.img or dd if=/dev/urandom of=mycontainer.img bs=1M count=100dd if=/dev/urandom of=mycontainer.img bs=1M count=100 Using a keyfile dd if=/dev/urandom of=mykey.key bs=1024 count=1dd if=/dev/urandom of=mykey.key bs=1024 count=1 Encrypting disk image file sudo cryptsetup …

Backdoors, Git, Github, Python

Github APIv3 python wrapper

pygithub3 is a Github APIv3 python wrapper. Search in commits message from pygithub3 import Github   gh = Github(token=access_token, user=username, repo=myrepo) commits=[] commits = gh.repos.commits.list().all() for c in commits: if ‘blahblah’ == c.commit.message: passfrom pygithub3 import Github gh = Github(token=access_token, user=username, repo=myrepo) commits=[] commits = gh.repos.commits.list().all() for c in commits: if ‘blahblah’ == c.commit.message: pass …

Backdoors

A stealthy Python based Windows backdoor that uses Github as a C&C server

CanisRufus is a stealthy Python based Windows backdoor that uses Github as a command and control server. – https://github.com/maldevel/canisrufus The red wolf (Canis rufus or Canis lupus rufus), also known as the Florida wolf or Mississippi Valley wolf, is a canid of unresolved taxonomic identity native to the eastern United States. It is generally, morphologically, …

Web Penetration Testing

Web Application Information Gathering

Retrieve HTTP response header curl -I -i -X HEAD –insecure example.comcurl -I -i -X HEAD –insecure example.com echo -e ‘HEAD / HTTP/1.0\r\n\r\n’ | nc example.com 80echo -e ‘HEAD / HTTP/1.0\r\n\r\n’ | nc example.com 80 Malformed requests test GET / HTTP/3.1 Host: hostname User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: text/html Accept-Language: en-US,en;q=0.5 Content-Length: …

OSINT

A Swiss Army Knife for OSINT

Belati is tool for Collecting Public Data & Public Document from Website and other service for OSINT purpose. What Belati can do? Whois(Indonesian TLD Support) Banner Grabbing Subdomain Enumeration Service Scanning for all Subdomain Machine Web Appalyzer Support DNS mapping / Zone Scanning Mail Harvester from Website & Search Engine Mail Harvester from MIT PGP …

Debian, Django, Python

Apache2 and Django installation on Debian

Install Apache2 sudo apt-get install apache2 -y sudo rm -f /var/www/html/index.html && sudo touch /var/www/html/index.html sudo a2enmod ssl sudo a2ensite default-ssl sudo service apache2 restartsudo apt-get install apache2 -y sudo rm -f /var/www/html/index.html && sudo touch /var/www/html/index.html sudo a2enmod ssl sudo a2ensite default-ssl sudo service apache2 restart Install Python 3 sudo apt-get install python3 -y …

Debugging

Connect two Windows virtual machines over a virtual serial port on a Linux host

Software Linux Debian 8.x Windows 8 64 bit (Debugger) Windows 10 64 bit (Debuggee) WinDbg (Windows SDK) Setting up the Debugger WinDbg installation https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk Symbols add an environment variable, _NT_SYMBOL_PATH, value, SRVC:\Symbolshttps://msdl.microsoft.com/download/symbols. Shutdown VM Edit virtual machine settings -> Add… -> Serial Port -> -> Use socket (/tmp/com1) -> From: Client -> To: A Virtual …

Debugging, Edb-debugger, Reversing

edb-debugger on Debian

Dependencies sudo apt-get install libqt5svg5-dev libgraphviz-dev pkg-config cmakesudo apt-get install libqt5svg5-dev libgraphviz-dev pkg-config cmake sudo apt-get install \ cmake \ build-essential \ libboost-dev \ libqt5xmlpatterns5-dev \ qtbase5-dev \ qt5-default \ libgraphviz-dev \ libqt5svg5-devsudo apt-get install \ cmake \ build-essential \ libboost-dev \ libqt5xmlpatterns5-dev \ qtbase5-dev \ qt5-default \ libgraphviz-dev \ libqt5svg5-dev Capstone git clone –depth=50 …