SampleCaptures Sample Captures So you're at home tonight, having just installed Wireshark. You want to take the program for a test drive. But your home LAN doesn't have any interesting or exotic packets on it? If you don't see what you want here, that doesn't mean you're out of luck; look at some of the other sources listed below, such as How to add a new Capture File If you want to include a new example capture file, you should attach it to this page (click 'attachments' in header above). Please don't just attach your capture file to the page without putting an attachment link in the page, in the format attachment:filename.ext; if you don't put an attachment link in the page, it's not obvious that the capture file is available. It's also a very good idea to put links on the related protocol pages pointing to your file. Other Sources of Capture Files If you don't find what you're looking for, you may also try: General / Unsorted SkypeIRC.cap (libpcap) Some Skype, IRC and DNS traffic.
Cheat Sheet : All Cheat Sheets in one page Thanks: Peteris Krumins, David Child, Bob Stein (VisiBone), Lars Pohlmann, Robert Plummer, Nauman Leghari, Atul Vaidya, Jesse Keys, Andréia Bohner, Amit Agrawalla, Forbes, Roman Ožana (Ozzy), Adam Byrtek, Gareth J M Saunders, Eric Schultz, Anton Buckov, Kate Parsons, Julien L. Coder & Designer, Jude, Eva Vesper, UtOpIaH, Zork Zero, Cembo Obmec, Andrea Benazzo, Michael Goerz, Guy K. NetWorkSecurity For help with forensics, Jim points out, “SANS instructor, Rob Lee points us to a couple of new cheat sheets for doing forensics on USB keys under XP orVista/Win7.” There is also the Memory Analysis Cheat Sheet for Microsoft Windows XP SP2 by Pär Österberg and Andreas Schuster. If you have a SANS Portal Account, you can access the SANS Forensic Analysis Cheat Sheet. The below table provides links to other security cheat sheets I have found very beneficial. Since security does not exist in a vacuum, Raj helps us out with his post, “145 Useful cheat sheets for some of the most widely used tools on the web.” Hilde Torbjornsen has also posted “Mega Collection Of Cheatsheets for Designers & Developers” where she list more than one hundred cheat sheets and reference cards for the following topics: To assist on the operating side, Scott Klar posted “Linux-Unix cheat sheets – The ultimate collection.” To download them all paste into your terminal
Metasploit Unleashed arp_sweep When your target systems are located on the same network as your attacking machine, you can enumerate systems by performing an ARP scan. Naturally, Metasploit has a module that can help you out. msf > use auxiliary/scanner/discovery/arp_sweep msf auxiliary(arp_sweep) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- INTERFACE no The name of the interface PCAPFILE no The name of the PCAP capture file to process RHOSTS yes The target address range or CIDR identifier SHOST yes Source IP Address SMAC yes Source MAC Address THREADS 1 yes The number of concurrent threads TIMEOUT 500 yes The number of seconds to wait for new data Due to the manner in which ARP scanning is performed, you need to pass your MAC address and source IP address to the scanner in order for it to function properly. As you will see when running this module, ARP scanning is very fast. ipv6_neighbor udp_probe udp_sweep
Armitage Tutorial - Cyber Attack Management for Metasploit About ArmitageBefore we begin... Getting StartedHow to get any woman to talk to you User Interface TourSo many pretty screenshots Host ManagementYou've got to find them to hack them. ExploitationThis is the fun stuff Post-ExploitationThis is the really fun stuff ManeuverGetting around the network and on to more targets Team MetasploitThis is cyber attack management! Scripting ArmitageThe next step... 1.1 What is Armitage? Armitage is a scriptable red team collaboration tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework. Through one Metasploit instance, your team will: Use the same sessions Share hosts, captured data, and downloaded files Communicate through a shared event log. Armitage is a force multiplier for red team operations. 1.2 Cobalt Strike Armitage is open source software developed by Raphael Mudge's company Strategic Cyber LLC. 1.3 Cyber Attack Management 1.4 Necessary Vocabulary 2.1 Requirements
rsmudge/cortana-scripts Using the power of sound to figure out which Simpsons character is speaking In a previous post, I looked at transcripts of Simpsons episodes and tried to figure out which character was speaking which line. This worked decently, but it wasn’t great. It gave us memorable scenes like this one: Homer : D'oh! And this one: Homer : I don't like this new director's cut. And some not so memorable scenes: Homer : Mmm, engineblock eggs. Trying to identify who is speaking only by looking at the text is a bit like trying to walk in a straight line with your eyes closed. What if I told you that one of your friends asked me hey, how's it going? Enter the amazing sound wave. As we progress, keep in mind that the code for this is available here, but this is the non-technical explanation. Quantifying sound Sound is a tricky thing. Thankfully, we can exploit some properties of sound to ensure that it can be easily processed by computer. What we see below is a plot of the beginning of the simpsons intro music: We can zoom in to actually see the lines: How do we do this? 79 – “Yello.”
Scraping html tables into R data frames using the XML package Kali Linux Unattended PXE Install Our last blog post on the Kali Linux site discussed implementing some cool scenarios with Kali Linux such as remote unattended installations, creating custom Kali Linux ISOs, and getting Kali working on funky ARM hardware. We received several emails from people asking for more information on how to implement these scenarios, so we thought we’d make a few blog posts with more detailed examples. Today, we will look into preforming customized, unattended PXE network installations of Kali Linux and creating remote “Penetration Testing Kali Agents”. One of the little-known features of Kali Linux is that it supports unattended installations over a network. Before dealing with unattended installs, you will first want to follow the instructions for a Kali Linux Network PXE Install to get all of the major components ready. Before you start the installation, place a preseed.cfg file on a web server that will be available to the machine you are trying to install. #! cat << EOF > /etc/rc.local#!