pastebin - collaborative debugging tool
secsav.kpaste.net RSS

Difference between
modified post a20f9f94c by Anonymous on Thu 5th Mar 2015 11:30
original post 7854a7d by Anonymous on Thu 5th Feb 2015 13:38
Download diff
Show old version | new version | both versions

    
11
[[[ WiFi YT vids ]]]
33
https://www.youtube.com/user/NeedSec
44
https://www.youtube.com/user/Raventattoo/videos
55
https://www.youtube.com/user/Cyb3rw0rM1/videos
77
# GUI frontend to reaver
88
http://sourceforge.net/projects/wpscrackgui/
1111
---
1212
# HSM from a Raspberry Pi
1313
http://cryptosense.com/building-a-raspberry-pi-hsm-for-rsa-2014/
1515
# Shredding files recursively into directories
1616
http://www.linuxforums.org/forum/miscellaneous/46693-how-shred-entire-directory-tree.html#post257616
1818
# Backdoor anything
1919
http://www.reddit.com/r/netsec/comments/2az8z2/the_backdoor_factory_backdoor_just_about_any/
2121
# OpenBSD lol
2222
http://bbs.progrider.org/prog/read/1383465168
2424
# /g/ has root to NSA
2525
http://archive.rebeccablacktech.com/g/thread/S39950951#p39950951
2727
# Scan the whole Internet in under 45 minutes!
2828
https://zmap.io/
3030
# Subterfuge - Automated MITM Framework
3131
https://code.google.com/p/subterfuge/
3333
# Telegram
3434
http://www.thoughtcrime.org/blog/telegram-crypto-challenge/
3636
# Entropy as fuck
3737
http://gamesbyemail.com/news/diceomatic
3838
http://www.random.org/
4040
# List of resources
4141
https://github.com/enaqx/awesome-pentest
4545
[[[ (Anti) Forensics ]]]
4646
# The truth about – How to securely erase a Solid State Drive (SSD) (skrilnetz.net)
4747
http://www.reddit.com/r/linux/comments/2etx24/the_truth_about_how_to_securely_erase_a_solid/
4949
# Inception - search RAM contents for interesting stuff
5050
http://www.breaknenter.org/projects/inception/
5454
[[[ Basic Linux sec ]]]
5555
# Linux 2FA
5656
http://www.reddit.com/r/linux/comments/2b4u4n/2_factor_authentication_backup_2fa_software_for/
5757
# OTP (GAuth) @ CLI
5858
http://otp.readthedocs.org/en/latest/
6060
# LUKS data encryption
6161
http://www.reddit.com/r/linux/comments/2bgnwp/encrypt_your_data_using_luks/
6363
# iptables
6464
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-IPTables.html
6565
http://www.linuxtopia.org/online_books/centos_linux_guides/centos_linux_security_guide/s1-fireall-ipt-act.html
6666
http://www.cyberciti.biz/faq/rhel-fedorta-linux-iptables-firewall-configuration-tutorial/
6767
http://diaryproducts.net/about/operating_systems/unix/nmap_port_scanner_iptables_firewall
6868
http://blog.commandlinekungfu.com/2014/01/episode-174-lightning-lockdown.html
7070
https://wiki.ubuntu.com/BasicSecurity
7171
https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Securing_the_unencrypted_boot_partition
7373
# Hardened Gentoo
7474
http://www.proteansec.com/forensics/gentoo-hardening-part-1-introduction-hardened-profile-2/
7777
[ SELinux ]
7878
# From #centos
7979
Useful resources for SELinux: http://wiki.centos.org/HowTos/SELinux
8080
http://wiki.centos.org/TipsAndTricks/SelinuxBooleans
8181
http://docs.fedoraproject.org/en-US/Fedora/13/html/Security-Enhanced_Linux/
8282
http://fedorasolved.org/security-solutions/selinux-module-building
8383
http://www.youtube.com/watch?v=bQqX3RWn0Yw
8484
http://opensource.com/business/13/11/selinux-policy-guide
8686
http://wiki.centos.org/HowTos/SELinux
8787
http://beginlinux.com/server_training/web-server/976-apache-and-selinux
8888
http://docs.fedoraproject.org/en-US/Fedora/13/html/Managing_Confined_Services/
9090
http://www.reddit.com/r/linux/comments/23a2tg/the_selinux_coloring_book/
9292
# CentOS
9393
http://wiki.centos.org/HowTos/OS_Protection
97-
[[[ Theory ]]]
97+
[[[ Physical & Vicinity ]]]
98-
# ECC Primer
98+
# Physical
99-
http://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography
99+
http://www.reddit.com/r/linux/comments/1zi10c/laptop_security_best_practices_what_do_you_do/
100-
http://arstechnica.com/security/2013/10/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/2/
100+
http://www.reddit.com/r/netsec/comments/l91d5/physical_laptop_security/
102+
# Radio attack
105-
[ GPG / PGP ]
105+
# BadUSB
106-
http://www.gnupg.org/documentation/index.html
106+
https://www.reddit.com/r/netsec/comments/2c9otm/badusb/
107-
http://www.thedrinkingrecord.com/pgpgpg-guide/
107+
https://www.reddit.com/r/netsec/comments/2i6vvh/badusb_the_unpatchable_malware_that_infects_usbs/
108-
http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto.html
108+
https://www.reddit.com/r/netsec/comments/2s1gb2/opensource_usb_exploitation_library_teensyduino/
118-
# Best practice
112+
[[[ Theory ]]]
119-
https://alexcabal.com/creating-the-perfect-gpg-keypair/
113+
# ECC Primer
114+
http://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography
122-
[[[ Wikipedia ]]]
120+
[ GPG / PGP ]
123-
https://en.wikipedia.org/wiki/Data_remanence
121+
http://www.gnupg.org/documentation/index.html
124-
http://en.wikipedia.org/wiki/PA-DSS
122+
http://www.thedrinkingrecord.com/pgpgpg-guide/
123+
http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto.html
127+
# Intro tutorial blogpost
130+
# Key security
128-
[[[ WebSec ]]]
133+
# Best practice
134+
https://alexcabal.com/creating-the-perfect-gpg-keypair/
133-
# Strong SSL Security on Apache2 (raymii.org)
137+
[[[ Wikipedia ]]]
134-
https://www.reddit.com/r/linux/comments/2urhmt/strong_ssl_security_on_apache2/
138+
https://en.wikipedia.org/wiki/Data_remanence
139+
http://en.wikipedia.org/wiki/PA-DSS
141-
# The Web Application Vulnerability Scanners Benchmark
143+
[[[ WebSec ]]]
144-
# Bypassing WAF's
145+
# SSL easy copy pasta
145-
http://www.reddit.com/r/netsec/comments/20uhgh/bypassing_web_application_firewalls_using_http/
146+
http://www.reddit.com/r/sysadmin/comments/271g4m/cipherlist_strong_copypaste_ssl_configuration_for/
147-
# Hardening WordPress
148+
# Strong SSL Security on Apache2 (raymii.org)
148-
http://codex.wordpress.org/Hardening_WordPress
149+
https://www.reddit.com/r/linux/comments/2urhmt/strong_ssl_security_on_apache2/
155-
# A seemingly innocent PHP vuln
151+
# Want to use my wifi? (cookie spoofing, MITM etc.)
156-
http://danuxx.blogspot.de/2013/03/unauthorized-access-bypassing-php-strcmp.html
152+
http://thejh.net/written-stuff/want-to-use-my-wifi?
158-
# JS crypto / sec
154+
http://www.amanhardikar.com/mindmaps/Practice.html
162-
# Mega.co.nz weakness (MegaPWN)
156+
# The Web Application Vulnerability Scanners Benchmark
163-
https://www.reddit.com/r/netsec/comments/1lo48d/megapwn_bookmarklet_to_recover_your_secret_mega/
157+
http://sectooladdict.blogspot.se/2014/02/wavsep-web-application-scanner.html?m=1
159+
# Bypassing WAF's
166-
---
162+
# Hardening WordPress
163+
http://codex.wordpress.org/Hardening_WordPress
168-
http://www.danielmiessler.com/study/infosec_interview_questions/
170+
# A seemingly innocent PHP vuln
171+
http://danuxx.blogspot.de/2013/03/unauthorized-access-bypassing-php-strcmp.html
173+
# JS crypto / sec
177+
# Mega.co.nz weakness (MegaPWN)
181+
---
183+
http://www.danielmiessler.com/study/infosec_interview_questions/
186+
[[[ CryptoLocker ]]]
184-
[[[ Reddit ]]]
192+
[[[ Talks & Other videos ]]]
193-
[ SSH hardening ]
197+
---
199+
[[[ Reddit ]]]
202-
# Physical machine security
201+
# How to sign kernel for UEFI Secure Boot.
203-
http://www.reddit.com/r/netsec/comments/l91d5/physical_laptop_security/
202+
http://www.reddit.com/r/linux/comments/1mw1xb/state_of_securely_booting_linux/
205-
# Linux sec
204+
# SSL/TLS Deployment Best Practices
206-
http://www.reddit.com/r/linux/comments/1oobkf/what_kind_of_antimalware_exists_for_linux/
205+
http://www.reddit.com/r/netsec/comments/1mn2nk/ssltls_deployment_best_practices/
211-
# OS under a OS
208+
[ SSH hardening ]
212-
http://www.reddit.com/r/linux/comments/1qib6u/the_second_proprietary_operating_system_hiding_in/
209+
http://www.reddit.com/r/linux/comments/1yfvm9/hardening_ssh_servers/
210+
http://www.reddit.com/r/linux/comments/2cwakx/the_ultimate_guide_to_hardening_ssh_with_ssh/
220-
# Show r/netsec: reveal your true IP address behind proxy/NATs using WebRTC (Firefox/Chrome) (jsfiddle.net)
218+
# Linux sec
221-
http://www.reddit.com/r/netsec/comments/1vzsnn/show_rnetsec_reveal_your_true_ip_address_behind/
219+
http://www.reddit.com/r/linux/comments/1oobkf/what_kind_of_antimalware_exists_for_linux/
225-
# Laptop security best practices. What do you do? (self.linux)
221+
# How does the Shellshock exploit work?
226-
http://www.reddit.com/r/linux/comments/1zi10c/laptop_security_best_practices_what_do_you_do/
222+
http://fedoramagazine.org/shellshock-how-does-it-actually-work/
228-
# How I got root with Sudo (securusglobal.com)
224+
# OS under a OS
229-
http://www.reddit.com/r/netsec/comments/20mftq/how_i_got_root_with_sudo/
225+
http://www.reddit.com/r/linux/comments/1qib6u/the_second_proprietary_operating_system_hiding_in/
231-
# Hardening a Linux server (self.linux)
227+
# grsec patches explained
232-
http://www.reddit.com/r/linux/comments/1xxpap/hardening_a_linux_server/
228+
http://www.reddit.com/r/netsec/comments/renu4/grsecurity_pax_configuration_options_explained/
234-
# Security of Debian?
230+
# 4 HTTP security headers you should always be using (ibuildings.nl)
235-
http://www.reddit.com/r/linux/comments/1xfuqb/debian_74_relased/cfbwunr
231+
http://www.reddit.com/r/netsec/comments/1vztlh/4_http_security_headers_you_should_always_be_using/
237-
# Sidestep Wireless Logins by Routing All Traffic Through Measly Little Ping Packets (getpostdelete.com)
233+
# Show r/netsec: reveal your true IP address behind proxy/NATs using WebRTC (Firefox/Chrome) (jsfiddle.net)
238-
http://www.reddit.com/r/linux/comments/22tsil/sidestep_wireless_logins_by_routing_all_traffic/
234+
http://www.reddit.com/r/netsec/comments/1vzsnn/show_rnetsec_reveal_your_true_ip_address_behind/
235+
https://www.reddit.com/r/netsec/comments/2ts3qm/get_local_and_public_ip_addresses_in_javascript/
243-
# Wayland is NOT immune to keyloggers (self.linux)
239+
# How I got root with Sudo (securusglobal.com)
244-
http://www.reddit.com/r/linux/comments/23mj49/wayland_is_not_immune_to_keyloggers/
240+
http://www.reddit.com/r/netsec/comments/20mftq/how_i_got_root_with_sudo/
246-
# What routines have you in place to keep your linux server secure and up to date? (self.linux)
242+
# Hardening a Linux server (self.linux)
247-
http://www.reddit.com/r/linux/comments/24j290/what_routines_have_you_in_place_to_keep_your/
243+
http://www.reddit.com/r/linux/comments/1xxpap/hardening_a_linux_server/
249-
# The world's first operating-system kernel with an end-to-end proof of implementation correctness and security enforcement is now open source. (sel4.systems)
245+
# Security of Debian?
250-
http://www.reddit.com/r/netsec/comments/2c0yxh/the_worlds_first_operatingsystem_kernel_with_an/
246+
http://www.reddit.com/r/linux/comments/1xfuqb/debian_74_relased/cfbwunr
252-
# BadUSB
248+
# Sidestep Wireless Logins by Routing All Traffic Through Measly Little Ping Packets (getpostdelete.com)
253-
https://pay.reddit.com/r/netsec/comments/2c9otm/badusb/
249+
http://www.reddit.com/r/linux/comments/22tsil/sidestep_wireless_logins_by_routing_all_traffic/
257-
# Deanonymizing Facebook Users By CSP Bruteforcing (myseosolution.de)
251+
# Why Linux is better for infosec?
258-
http://www.reddit.com/r/netsec/comments/2djtkt/deanonymizing_facebook_users_by_csp_bruteforcing/
252+
http://www.reddit.com/r/linux/comments/22xece/why_is_linux_better_for_infosecsysadmins/
260-
# Monitoring & log overview.
254+
# Wayland is NOT immune to keyloggers (self.linux)
261-
# How To Install OSSEC on Ubuntu 14.04 (linuxlove.eu)
255+
http://www.reddit.com/r/linux/comments/23mj49/wayland_is_not_immune_to_keyloggers/
264-
# Password MGMT
257+
# What routines have you in place to keep your linux server secure and up to date? (self.linux)
265-
http://www.reddit.com/r/linux/comments/2fnget/what_is_your_password_management_strategy/
258+
http://www.reddit.com/r/linux/comments/24j290/what_routines_have_you_in_place_to_keep_your/
267-
# Metasploit Resource Portal Data [collection of the most helpful videos, blog posts, podcasts, and other helpful resources, produced mainly by community contributors] (metasploit.github.io)
260+
# The world's first operating-system kernel with an end-to-end proof of implementation correctness and security enforcement is now open source. (sel4.systems)
268-
https://www.reddit.com/r/netsec/comments/2pstkf/metasploit_resource_portal_data_collection_of_the/
261+
http://www.reddit.com/r/netsec/comments/2c0yxh/the_worlds_first_operatingsystem_kernel_with_an/
270-
# Silently owning modems and routers
263+
# Deanonymizing Facebook Users By CSP Bruteforcing (myseosolution.de)
271-
https://www.reddit.com/r/netsec/comments/2syoge/silently_owning_modems_and_routers/
264+
http://www.reddit.com/r/netsec/comments/2djtkt/deanonymizing_facebook_users_by_csp_bruteforcing/
273-
# Directory of machines
266+
# Monitoring & log overview.
274-
http://www.shodanhq.com/help
267+
# How To Install OSSEC on Ubuntu 14.04 (linuxlove.eu)
268+
http://www.reddit.com/r/linux/comments/2f72j4/how_to_install_ossec_on_ubuntu_1404/
270+
# Password MGMT
271+
http://www.reddit.com/r/linux/comments/2fnget/what_is_your_password_management_strategy/
273+
# Metasploit Resource Portal Data [collection of the most helpful videos, blog posts, podcasts, and other helpful resources, produced mainly by community contributors] (metasploit.github.io)
274+
https://www.reddit.com/r/netsec/comments/2pstkf/metasploit_resource_portal_data_collection_of_the/
276+
# Silently owning modems and routers
277+
https://www.reddit.com/r/netsec/comments/2syoge/silently_owning_modems_and_routers/
279+
# Directory of machines
280+
http://www.shodanhq.com/help

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting:

To highlight particular lines, prefix each line with {%HIGHLIGHT}




All content is user-submitted.
The administrators of this site (kpaste.net) are not responsible for their content.
Abuse reports should be emailed to us at