Linux tips

Linux TIPS WORLD

Sgx-Step – A Practical Attack Framework For Precise Enclave Execution Control

SGX-Step is an open-source framework to facilitate side-channel attack research on Intel SGX platforms. SGX-Step consists of an adversarial Linux kernel driver and user space library that allow to configure untrusted page table entries and/or x86 APIC timer interrupts completely from user space. Our research results have demonstrated several new and improved enclaved execution attacks […]

Linux TIPS WORLD

Donut – Generates X86, X64, Or AMD64+x86 Position-Independent Shellcode That Loads .NET Assemblies, PE Files, And Other Windows Payloads From Memory

Donut generates x86 or x64 shellcode from VBScript, JScript, EXE, DLL (including .NET Assemblies) files. This shellcode can be injected into an arbitrary Windows processes for in-memory execution. Given a supported file type, parameters and an entry point where applicable (such as Program.Main), it produces position-independent shellcode that loads and runs entirely from memory. A […]

Linux TIPS WORLD

Github-Dorks – Collection Of Github Dorks And Helper Tool To Automate The Process Of Checking Dorks

Github search is quite powerful and useful feature and can be used to search sensitive data on the repositories. Collection of github dorks that can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc. This list is supposed to be useful for assessing security and performing pen-testing of systems. GitHub […]

Linux TIPS WORLD

EyeWitness – Tool To Take Screenshots Of Websites, Provide Some Server Header Info, And Identify Default Credentials If Possible

EyeWitness is designed to take screenshots of websites provide some server header info, and identify default credentials if known.EyeWitness is designed to run on Kali Linux. It will auto detect the file you give it with the -f flag as either being a text file with URLs on each new line, nmap xml output, or […]

Linux TIPS WORLD

Sparrow-Wifi – Next-Gen GUI-based WiFi And Bluetooth Analyzer For Linux

Sparrow-wifi has been built from the ground up to be the next generation 2.4 GHz and 5 GHz Wifi spectral awareness tool. At its most basic it provides a more comprehensive GUI-based replacement for tools like inSSIDer and linssid that runs specifically on linux. In its most comprehensive use cases, sparrow-wifi integrates wifi, software-defined radio […]

Linux TIPS WORLD

Uptux – Linux Privilege Escalation Checks (Systemd, Dbus, Socket Fun, Etc)

Specialized privilege escalation checks for Linux systems.Implemented so far: Writable systemd paths, services, timers, and socket units Disassembles systemd unit files looking for: References to executables that are writable References to broken symlinks pointing to writeable directories Relative path statements Unix socket files that are writeable (sneaky APIs) Writable D-Bus paths Overly permissive D-Bus service […]

Linux TIPS WORLD

Fail2Ban – Daemon To Ban Hosts That Cause Multiple Authentication Errors

Fail2Ban scans log files like /var/log/auth.log and bans IP addresses conducting too many failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses, for a configurable amount of time. Fail2Ban comes out-of-the-box ready to read many standard log files, such as those for sshd and Apache, […]

Linux TIPS WORLD

Dr. Memory – Memory Debugger For Windows, Linux, Mac, And Android

Dr. Memory is a memory monitoring tool capable of identifying memory-related programming errors such as accesses of uninitialized memory, accesses to unaddressable memory (including outside of allocated heap units and heap underflow and overflow), accesses to freed memory, double frees, memory leaks, and (on Windows) handle leaks, GDI API usage errors, and accesses to un-reserved […]

Linux TIPS WORLD

Gosec – Golang Security Checker

Inspects source code for security problems by scanning the Go AST. Install CI Installation # binary will be $GOPATH/bin/goseccurl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s — -b $GOPATH/bin vX.Y.Z# or install it into ./bin/curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s vX.Y.Z# In alpine linux (as it does not come with curl by default)wget -O – -q https://raw.githubusercontent.com/securego/gosec/master/install.sh […]

Linux TIPS WORLD

Pockint – A Portable OSINT Swiss Army Knife For DFIR/OSINT Professionals

POCKINT (a.k.a. Pocket Intelligence) is the OSINT swiss army knife for DFIR/OSINT professionals. Designed to be a lightweight and portable GUI program (to be carried within USBs or investigation VMs), it provides users with essential OSINT capabilities in a compact form factor: POCKINT’s input box accepts typical indicators (URL, IP, MD5) and gives users the […]