Outils pour utilisateurs

Outils du site


pages:norae:si:infosec

Notes de recherche-action en Infosec

Outils de recherche

$ alias grepip='grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?"'
# Creation d'un alias `grepip <file>`

Certif SSL et Nom de Domain

  • SSL
$ echo | openssl s_client -servername monsite.org -connect monsite.org:443 2>/dev/null | openssl x509 -noout -dates
  • Nom de Domaine
$ whois monsite.org | grep 'Expiry'

Cookies

curl -qsIL https://opencommons.simplon.co  | grep -i cookie

-i est utilisé pour satisfaire le recherche Cookie et cookie afin déviter de passer à coté des personnes qui aurait eu l'erreur de mal nommer le cookie dan sle code.

`--> sudo curl --cookie-jar datactivistcookies.txt https://datactivist.coop/index.html -O
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   277    0   277    0     0    274      0 --:--:--  0:00:01 --:--:--   274
.-(~)-----------------------------------------------------------
`--> cat datactivistcookies.txt
# Netscape HTTP Cookie File
# https://curl.haxx.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
 
#HttpOnly_.datactivist.coop	TRUE	/	TRUE	1580572854	__cfduiddd*************************************

Reverse

  • Radare, Reverse Engineering Framework with focus on UNIX philosophy and full API bindings. https://rada.re/r/ also works as well on Anrdoid with Termux

Astuces Rétro Ingénierie avec outils Embarqués

Anonymser des fichiers

MITM

Bluetooth

Formations

Jeu

Pratiques

Bdd de MdP

  • Récupérer la base de mots de passe fuités de Have I been pwned pour vérifier en local que les sésames stockés dans son gestionnaire de mots de passe n’y figurent pas

ref : https://www.ghacks.net/2019/01/18/check-all-keepass-passwords-against-the-have-i-been-pwned-database-locally/

USB, card flash SD

> sudo hdparm -r0 /dev/sdb
[sudo] password x : 

/dev/sdb:
 setting readonly to 0 (off)
 readonly      =  0 (off)

Biblio

sudo strace -p 1205 # See syscalls of PID 1205. Processes don't have to be a black box, you can use strace (on Linux) to view the system calls made by a process, which may give some clue as to why it's misbehaving, where it is saving a file, etc.
pages/norae/si/infosec.txt · Dernière modification: 2021/12/09 15:56 de xavcc