Debian, Linux, SmokingLinuxEveryDay

p7zip – file archiver

p7zip is the Unix command-line port of 7-Zip, a file archiver that handles the 7z format which features very high compression ratios. p7zip provides: – /usr/bin/7zr – a standalone minimal version of the 7-zip tool that only handles 7z, LZMA and XZ archives. 7z compression is 30-50% better than ZIP compression. – /usr/bin/p7zip – a …

Hardening, Microsoft Windows server 2016

Windows Server Hardening – Account Policies

The following were tested on Windows Server 2016 (Screenshots included). Account Policies Password Policy 1. Ensure ‘Enforce password history’ is set to ’24 or more password(s) Description: This policy setting determines the number of renewed, unique passwords that have to be associated with a user account before you can reuse an old password. The value …

Linux, Security

Change admin passwords

System sudo passwd rootsudo passwd root MySQL mysqladmin -u root -p passwordmysqladmin -u root -p password PostgreSQL sudo -u postgres psql -U postgres -h 127.0.0.1 -d postgres -c "ALTER USER postgres WITH PASSWORD ‘newpassword’;"sudo -u postgres psql -U postgres -h 127.0.0.1 -d postgres -c "ALTER USER postgres WITH PASSWORD ‘newpassword’;" Gitlab GLPI Project mysql -u …

Gitlab

Setup HTTPS for Gitlab

Generate a new private key and a Certificate Signing Request openssl req -new -newkey rsa:2048 -nodes -keyout example.com.key -out example.com.reqopenssl req -new -newkey rsa:2048 -nodes -keyout example.com.key -out example.com.req Generate a certificate signing request (CSR) for an existing private key openssl req -new -key example.com.key -out example.com.reqopenssl req -new -key example.com.key -out example.com.req Edit Gitlab …

WEB Servers

Configuring HTTPS server – Nginx

Generate a new private key and a Certificate Signing Request openssl req -new -newkey rsa:2048 -nodes -keyout example.com.key -out example.com.reqopenssl req -new -newkey rsa:2048 -nodes -keyout example.com.key -out example.com.req Generate a certificate signing request (CSR) for an existing private key openssl req -new -key example.com.key -out example.com.reqopenssl req -new -key example.com.key -out example.com.req Edit nginx …

Malware

VirusTotal Uploader for Debian

VirusTotal API Dependencies sudo apt-get install automake autoconf libtool libjansson-dev libcurl4-openssl-devsudo apt-get install automake autoconf libtool libjansson-dev libcurl4-openssl-dev Download git clone https://github.com/VirusTotal/c-vtapi.gitgit clone https://github.com/VirusTotal/c-vtapi.git cd c-vtapicd c-vtapi Compile autoreconf -fiautoreconf -fi ./configure./configure makemake sudo make installsudo make install Configure sudo sh -c ‘echo "/usr/local/lib" > /etc/ld.so.conf.d/usr-local-lib.conf’sudo sh -c ‘echo "/usr/local/lib" > /etc/ld.so.conf.d/usr-local-lib.conf’ sudo ldconfigsudo ldconfig …

Rootkits

Windows Drivers

WDK- Windows Driver Kit Windows Driver Kit gives you the tools you need to develop, build, package, deploy, test, and debug drivers. You can run many basic certification tests in the integrated environment. The Windows Driver Kit (WDK) includes templates for several technologies and driver models, including Windows Driver Frameworks (WDF), Universal Serial Bus (USB), …

OWASP, Penetration Testing

OWASP Secure Headers

OWASP Secure Headers Project involves setting headers from the server is easy and often doesn’t require any code changes. Once set, they can restrict modern browsers from running into easily preventable vulnerabilities. OWASP Secure Headers Project intends to raise awareness and use of these headers. – https://www.owasp.org/index.php/OWASP_Secure_Headers_Project Response Headers * HTTP Strict Transport Security (HSTS) …