NetwerkLABS

The log4j JNDI attack and how to prevent it

Source: Zero-Day Exploit Targeting Popular Java Library Log4j (govcert.ch) Recommended Actions Apply the corresponding security patches for internet facing software / devices immediately Apply the corresponding security patches for internal software / devices at the…

Bharath Narayanasamy

VulnLAB

ATTACKING COMMONLY USED SERVICES: PART_01 Useful Commands

ZyberRED Server Message Block (SMB) Windows - CMD line net use Connect to a File share \\192.168.45.29\ITSupport\ The command net use connects a computer to or disconnects a computer from a shared…

Bharath Narayanasamy

Threat Intelligence

Threat Intelligence Tools – Abuse.ch

Abuse.ch Platform Abuse.ch is a research project hosted by the Institue for Cybersecurity and Engineering at the Bern University of Applied Sciences in Switzerland. It was developed to identify and track…

Bharath Narayanasamy

Threat Hunting Threat Intelligence

Threat Intelligence Tools – URLScan.io

Urlscan.io is a free service developed to assist in scanning and analysing websites. It is used to automate the process of browsing and crawling through websites to record activities and interactions.…

Bharath Narayanasamy

Threat Hunting Threat Intelligence

Threat Intelligence

Threat Intelligence Foundation: Threat Intelligence is the analysis of data and information using tools and techniques to generate meaningful patterns on how to mitigate against potential risks associated with existing…

Bharath Narayanasamy

WebPentest

Attacking CMS – WordPress

Bharath Narayanasamy

WebPentest

Attacking CMS – Drupal

Bharath Narayanasamy

WebPentest

Attacking CMS – Joomla

Bharath Narayanasamy

PenTest

PenTest 101 – Cheat Sheet

CommandDescriptionsudo nano /etc/hostsOpens the /etc/hosts with nano to start adding hostnamessudo nmap -p 80,443,8000,8080,8180,8888,10000 --open -oA web_discovery -iL scope_listRuns an nmap scan using common web application ports based on a scope list (scope_list)…

Bharath Narayanasamy

Enumeration WebPentest

Gobuster Cheat Sheet

Common Gobuster Commands dir Mode gobuster dir -u https://nlabs.local -w ~/wordlists/shortlist.txt With content length gobuster dir -u https://nlabs.local -w ~/wordlists/shortlist.txt -l dns Mode gobuster dns -d nlabs.local -t 50 -w…

Bharath Narayanasamy