Cyber security

Creating a Linux password hash Like you find in /etc/shadow. mkpasswd --method=sha-512 --salt=Kf0TqvhN Search tools Use different search engines Banner grab httrack inspy metagoofil intitle:“index of” Infosec websites https://www.webmaster-toolkit.com/ https://hackthissite.org https://www.shodan.io https://searchdns.netcraft.com https://www.exploit-db.com/searchsploit https://pipl.com/ https://haveibeenpwned.com https://wigle.net/ https://www.peekyou.com/ https://www.spokeo.com/ https://radaris.com/ https://piknu.com/ Cracking a KeePass2 master password with John the Ripper john <(keepass2john easy.kdbx) Considerations Language vulnerabilities Common cyber attacks Tor Crypto attacks - frequency analysis Data encryption standard AES advanced encryption standard Substitution permutation network Kali Linux Vulnerability research with reverse engineering, penetration testing and ethical hacking Low level Linux programming and/or comprehensive knowledge in operating system security and associated network/platform design, hardening and deployment. [Read More]

Decrypting TLS traffic

In Firefox

A Docker image that runs Chromium headless with SSLKEYLOGFILE set, opens an HTTPS page and dumps the decrypted TLS traffic to the terminal. Also runs in Play with Docker. Pull and run docker run --net host deanturpin/ssldump Dockerfile FROM kalilinux/kali-linux-docker RUN apt update RUN apt install -y chromium RUN apt install -y ssldump RUN apt install -y psmisc CMD \ # Kill the ssldump in the future or the container won't terminate ((sleep 10s && killall ssldump && cat ~/dump. [Read More]

Security through absurdity

It was recently suggested that I consider using “unusual [TCP] ports” at work as a security measure. After I got my breath back I found these quotes. Security experts have rejected this view as far back as 1851. Rogues are very keen in their profession, and know already much more than we can teach them. System security should not depend on the secrecy of the implementation or its components. [Read More]

Imagine you're a browser...

Technologies and protocols

An example of technologies encountered when a browser requests a page from a server. In this case the browser is running on a laptop connected by Wi-Fi. Forming a request User types a URL into the browser: github.com Host performs DNS resolution to convert the URL into an IP address (the web server) The DNS server (and host IP) could be set manually but it will probably be part of a DHCP offer The application (browser) attempts a TCP connection with the server IP If no protocol is specified (http, https, ftp) the browser will default to 80 The browser must now work out how to reach the server The netmask is ANDed with the host IP address, if they’re on the same network then the request can be emitted immediately Otherwise, the host must send the packet via the default gateway (also configured by DHCP) The information makes its way down the TCP stack Layer two adds the MAC header Frame is transmitted between devices Frame is encrypted as it is transmitted through the air At the gateway the request makes its way back up to the TCP layer where it can be forwarded to the next gateway The browser will probably be running from a private network so the router must translate the local to the WAN network (NAT) Reaching the server Upon reaching the destination the server will probably send a redirect to the HTTPS version of the website (. [Read More]