Metasploit

Setup Metasploit Database

Try reconfigure Metasploit dpkg-reconfigure metasploit-frameworkdpkg-reconfigure metasploit-framework Start postgresql systemctl start postgresql.servicesystemctl start postgresql.service Initialize database msfdb initmsfdb init Run metasploit msfconsolemsfconsole Connect to database db_connect -y /usr/share/metasploit-framework/config/database.ymldb_connect -y /usr/share/metasploit-framework/config/database.yml Rebuild cache db_rebuild_cachedb_rebuild_cache Run postgresql at startup systemctl enable postgresql.servicesystemctl enable postgresql.service

OSINT

OSINT – Part 1

Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term “open” refers to overt, publicly available sources (as opposed to covert or clandestine sources); it is not related to open-source software or public intelligence. OSINT includes all publicly accessible sources of information, such as: – Media – Web-based …

Forensics

Forensics – Collecting Volatile Data

Under the principle of “order of Volatility”, you must first collect information that is classified as Volatile Data (the list of network connections, the list of running processes, log on sessions, and so on), which will be irretrievably lost in case the computer is powered off. This category includes the following data: 1.System uptime and …

Exchange Server 2013

Installing Microsoft Exchange Server 2013 Prerequisites On Windows Server 2012

In this article we will walk through the installation instructions for Exchange Server 2013 prerequisites. The prerequisites that are needed to install Exchange 2013 on a Windows Server 2012 server depends on which Exchange roles you want to install. Exchange Server 2013 has only two roles: Mailbox and Client Access server roles. Exchange Server 2013 …

Malware, Malware Analysis

Extract patterns of interest from suspicious files

Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns. Balbuzard tools balbuzard is a tool to extract patterns …

Microsoft Servers, Microsoft Windows Server 2012, Microsoft Windows server 2016

Migrate active directory FSMO from windows server 2012 R2 to windows server 2016

Windows server 2016 was released for public (GA) on mid oct 2016. Its exciting time as businesses are already working on migrating their services in to new windows server 2016 infrastructures. In this post, I am going to explain how you can migrate from active directory running on windows server 2012 R2 to windows server …

Malware, Reversing

Open source .NET deobfuscator and unpacker

de4dot is an open source (GPLv3) .NET deobfuscator and unpacker written in C#. It will try its best to restore a packed and obfuscated assembly to almost the original assembly. Most of the obfuscation can be completely restored (eg. string encryption), but symbol renaming is impossible to restore since the original names aren’t (usually) part …

Malware, Reversing

Automatically extract obfuscated strings from malware

Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heuristic detections by obfuscating only key portions of an executable. Often, these portions are strings and resources used to configure domains, files, and other artifacts of an infection. These key features will not show up as plaintext in output of the strings.exe utility …

Hacking, Penetration Testing

Install latest Wireshark on Debian

Add backports to your sources.list For jessie add this line: deb http://ftp.debian.org/debian jessie-backports maindeb http://ftp.debian.org/debian jessie-backports main to your sources.list sudo apt-get updatesudo apt-get update ..the public key is not available.. gpg –keyserver pgpkeys.mit.edu –recv-key xxxxxxxxxxxxxxxxxgpg –keyserver pgpkeys.mit.edu –recv-key xxxxxxxxxxxxxxxxx gpg -a –export xxxxxxxxxxxxxxxxx | sudo apt-key add -gpg -a –export xxxxxxxxxxxxxxxxx | sudo apt-key …

Hacking, OSINT, Penetration Testing, Reconnaissance

Passive information gathering

Search Engines Gather information using search engines results Google Bing Reverse IP lookup using Bing: IP:x.y.z.yIP:x.y.z.y Yahoo Social Networking Sites Gather information using social networking websites Google+ LinkedIn Instagram Facebook Twitter Online databases Gather information using online databases whois shodan netcraft robtex dnshistory Online Tools Gather information using online tools mxtoolbox domain tools SSL Server …