Notes

Here you’ll find some things I think are interesting but that don’t require the writing of a full article.

Links

A list of links with a brief description:

• What is the Creative Commons licences? - official website.
• A list of tools and resources for security incident response - github repository.
• IRR (Internet Infrastructure Review) reports - IRR.
• SWGDE (Scientific Working Group on Digital Evidence) documents - SWDGE.
• Mozilla SSL Configurator Generator - offical website.
• Cipher suites list - official website.
• Open hardware Random Number Generator (OneRNG) - OneRNG.
• Serverless functions, made simple - OpenFaaS.
• How rooting works: a technical explanation of the Android rooting process - how rooting works.
• ECDSA: handle with care - ecdsa: handle with care.
• POC for CVE-2020-0601 (Windows CryptoAPI - Crypt32.dll) - CurveBall.
• Unauthorized disclosures of official secrets are essential for democracy - Cryptome.
• Performing a side channel TEMPEST attack on a PC - TEMPEST attack on a PC.
• Extract a ECDSA private key from two messages signed with the same K value nonce reuse exploit.
• Choosing safe curves for elliptic-curve cryptography - SafeCurves.
• A cheat-sheet for password crackers - cheat-sheet for password crackers.
• Informative site with EOL dates of everything - endoflife.date.
• The leading data provider for staking and crypto-growth tools - stacking rewards.
• Live income estimation of all known ASIC miners, updated every minute - miners profitability.

Quick command lines

A list of quick command lines with a brief description:

• List the 10 largest files in the user folder: find $HOME -type f -printf '%s %p\n' | sort -nr | head -10.
• List Ruby’s gems and delete them: gem list --no-version | xargs gem uninstall -aIx.
• Display the server certificate list: openssl s_client -showcerts -connect google.fr:443.
• Launch openvpn as daemon: sudo openvpn --config config.ovpn --daemon.
• Display TLS certificate grade: curl -sSf "https://api.ssllabs.com/api/v3/analyze?host=google.fr&publish=off" | jq '.endpoints[0].grade'.
• Display frames of a destination IP address from a network capture (here 192.168.0.50): tshark -Y "ip.dst == 192.168.0.50" -r dump.pcap -x.
• Export a X.509 certificate from a security token: pkcs11-tool --module <shared-library> -r -a <label> -y cert -o cert.der.
• Create RSA key pair and a self signed certificate in one command: openssl req -x509 -sha512 -days 365 -newkey rsa:4096 -nodes -keyout privkey.pem -out localhost.crt.
• Send ARP requests to discover IP address via MAC address: sudo arping -A -c 3 -I <interface-name> <interface-ip-address> && ip neigh | grep -i <mac-address>.

Open source projects

A list of open sources projetcs with a brief description:

• The hunting ELK - HELK.
• A browser extension for OSINT search - mitaka.
• The LAZY script will make your life easier, and of course faster - lscript.
• MobSF is an automated, all-in-one mobile application pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis - MobSF.
• Library and command line tool to detect SHA-1 collision in a file - sha1collisiondetection.
• Terminal Telegram client that really works - tg.
• RSA attack tool to retrieve private key from weak public key and/or uncipher data - RsaCtfTool.
• Golang implementation of the elliptical curve diffie-hellman - go-ecdh.
• The Python-based interactive packet manipulation program & library - scapy.
• Powerful framework for rogue access point attack - wifipumpkin3.
• Program to decode radio transmissions from devices on the ISM bands (and other frequencies) - rtl_433.
• NRSC-5 receiver for RTL-SDR - nrsc5.
• NOAA APT weather satellite image decoder, for Linux, Windows, RPi 2+ and OS X - NOAA APT.
• A sniffer for Bluetooth 5 and 4.x LE - Sniffle.
• Use Facebook to track your friends’ sleeping habits - fb-sleep-stats.
• E-mails, subdomains and names harvester - theHarvester.
• Spy & control OS SSH connected client’s TTY - SSHPry2.0.
• USB key cleaner - Circlean.
• Fancy reverse and bind shell handler - pwncat.
• Zigbee to MQTT bridge - zigbee2mqtt.
• A personal local DNS Server for privacy & security - DnsServer.
• sslscan tests SSL/TLS enabled services to discover supported cipher suites - sslscan.
• Dump Azure AD Connect credentials for Azure AD and Active Directory - adconnectdump.
• A simple daemon to allow session software to update firmware - fwupd.
• An open source software that can be used to process and analyze digital evidence - IPED.
• A repository of live malwares for your own joy and pleasure - theZoo.
• An e-mail header analyzer - email-header-analyzer.
• SSH tarpit that slowly sends an endless banner - endlessh.
• Hunt down social media accounts by username across social networks - sherlock.
• Pretty awesome command-line client for public Qualys SSL Labs API - sslcli.
• Weather in terminal, with ANSI colors and unicode symbols - ansiweather.
• Privately hosted app for browsing, organizing, and sharing your photo collection - photoprism.
• An open source blockchain project, designed for business from the start - corda.
• A secure digital identity to protect the digital activity of users - xsl-labs.
• A fully deGoogled mobile operating system for mobile phones - /e/.
• Libraries and tools to perform fully homomorphic encryption operations on an encrypted data set - fully-homomorphic-encryption.