jueves, 13 de marzo de 2014

Tools to Combat Malware


Junkware Removal Tool

http://thisisudax.org/

Junkware Removal Tool is a security utility that searches for and removes common adware, toolbars, and potentially unwanted programs (PUPs) from your computer. A common tactics among freeware publishers is to offer their products for free, but bundle them with PUPs in order to earn revenue. This tool will help you remove these types of programs.


AdwCleaner

http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner

AdwCleaner is a free removal tool for :
  • Adware (ads softwares)
  • PUP/LPI (Potentially Undesirable Program)
  • Toolbars
  • Hijacker (Hijack of the browser's homepage)
It works with a Search and Delete mode. It can be easily uninstalled using the mode "Uninstall".

It's compatible with Windows XP, Vista, 7, 8, 8.1 in 32 & 64 bits.

domingo, 24 de noviembre de 2013

Security, Pentest and Programming Trainings

Open Security Training

http://opensecuritytraining.info/Training.html

You can find:
  • Current stats:
  • 53 days of open source class materials
  • 22 classes (12 with videos)
  • 18 instructors


Beginner Classes:


  • Android Forensics & Security Testing
  • Certified Information Systems Security Professional (CISSP)® Common Body of Knowledge (CBK)® Review
  • Flow Analysis & Network Hunting
  • Hacking Techniques and Intrusion Detection 
  • Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration 
  • Introduction to ARM 
  • Introduction to Network Forensics
  • Introduction to Vulnerability Assessment
  • Introduction to Trusted Computing
  • Offensive, Defensive, and Forensic Techniques for Determining Web User Identity
  • Malware Dynamic Analysis
  • The Life of Binaries 
  • Understanding Cryptology: Core Concepts
  • Understanding Cryptology: Cryptanalysis



Intermediate Classes:


  • Introduction to Software Exploits (Exploits 1) 
  • Exploits 2: Exploitation in the Windows Environment 
  • Intermediate Intel x86: Architecture, Assembly, Applications, & Alliteration 



Advanced Classes: 


  • Advanced x86: Virtualization with Intel VT-x 
  • Introduction to Reverse Engineering Software 
  • Reverse Engineering Malware 
  • Rootkits: What they are, and how to find them 
  • The Adventures of a Keystroke: An in-depth look into keylogging on Windows




SecurityXploded Security Training

http://securityxploded.com/security-training.php

You can find:


  • Reverse Engineering & Malware Analysis Training: This is our first free Training session focused on teaching basics of Reverse engineering and Malware analysis. It starts with guide on lab setup, learning Windows internals/PE formats/assembly and then moves on to practical malware analysis sessions. 

  • Advanced Malware Analysis Training: This is our second and latest free training series focusing on advanced aspects of malware analysis including Rootkits, Botnets, Sandbox Analysis, Mobile Malwares etc.


PentesterLab


The Exercises

Our exercises are based on common vulnerabilities found in different systems. The issues are not emulated. We provide you real systems with real vulnerabilities.

Download the ISO and the PDF. Boot the ISO using any virtualisation software and start learning!


European Union Agency for Network and Information Security



ENISA CERT Exercises and training material was introduced in 2008, in 2012 it was complemented with new exercise scenarios containing essential material for success in the CERT community and in the field of information security. In this page you will find the ENISA CERT Exercise material,containing Handbook for teachers, Toolset for students and Virtual Image to support hands on training sessions.

Coursera


About Coursera


We believe in connecting people to a great education so that anyone around the world can learn without limits.

Coursera is an education company that partners with the top universities and organizations in the world to offer courses online for anyone to take, for free. Our technology enables our partners to teach millions of students rather than hundreds.

We envision a future where everyone has access to a world-class education that has so far been available to a select few. We aim to empower people with education that will improve their lives, the lives of their families, and the communities they live in.

Our Courses

Classes offered on Coursera are designed to help you master the material. When you take one of our classes, you will watch lectures taught by world-class professors, learn at your own pace, test your knowledge, and reinforce concepts through interactive exercises. When you join one of our classes, you'll also join a global community of thousands of students learning alongside you. We know that your life is busy, and that you have many commitments on your time. Thus, our courses are designed based on sound pedagogical foundations, to help you master new concepts quickly and effectively. Key ideas include mastery learning, to make sure that you have multiple attempts to demonstrate your new knowledge; using interactivity, to ensure student engagement and to assist long-term retention; and providing frequent feedback, so that you can monitor your own progress, and know when you've really mastered the material.

We offer courses in a wide range of topics, spanning the Humanities, Medicine, Biology, Social Sciences, Mathematics, Business, Computer Science, and many others. Whether you're looking to improve your resume, advance your career, or just learn more and expand your knowledge, we hope there will be multiple courses that you find interesting.


Metasploit Unleashed




This free information security training is brought to you in a community effort to promote awareness and raise funds for underprivileged children in East Africa. Through a heart-warming effort by several security professionals, we are proud to present the most complete and in-depth open course about the Metasploit Framework. 






This is a free online course and if you enjoy it and find it useful, we ask that you make a donation to the HFC (Hackers For Charity), $9.00 will feed a child for a month, so any contribution is welcome. We hope you enjoy this course as much as we enjoyed making it.



Python Challenge


http://www.pythonchallenge.com/

Python Challenge is a game in which each level can be solved by a bit of (Python) programming.

The Python Challenge was written by Nadav Samet.

All levels can be solved by straightforward and very short1 scripts.

Python Challenge welcomes programmers of all languages. You will be able to solve most riddles in any programming language, but some of them will require Python.

Sometimes you'll need extra modules. All can be downloaded for free from the internet.

It is just for fun - nothing waits for you at the end.

Keep the scripts you write - they might become useful. 



Microsoft Virtual Academy

http://www.microsoftvirtualacademy.com/

What is MVA?

Successful technologists never stop learning and great technology never stops evolving. Microsoft Virtual Academy (MVA) offers online Microsoft training delivered by experts to help technologists continually learn, with hundreds of courses, in 11 different languages. Our mission is to help developers, knowledgeable IT professionals and advanced students learn the latest technology, build their skills, and advance their careers. MVA is free of charge, and the entire service is hosted on Windows Azure.


VulnHUB


Aim/Goal

To provide material(s) allowing anyone to gain practical 'hands-on' experience in digital security, computer application & network administration.


A lot of Pentest ISOs to practice.




martes, 8 de octubre de 2013

free -m, How much memory is actually being used in Linux?

$ free -m; python -c '[ "x" * 1000000000 ]'; free -m
             total       used       free     shared    buffers     cached
Mem:           256        249          6          0          0        235
-/+ buffers/cache:         13        242
Swap:          256         23        232

Killed

             total       used       free     shared    buffers     cached
Mem:           256          9        246          0          0          1
-/+ buffers/cache:          8        247
Swap:          256         28        227



python powered :P

Raspberry and TP-Link TL-WN725N V2 - Personal notes


Getting the driver [1]:


wget https://dl.dropboxusercontent.com/u/80256631/8188eu-20130830.tar.gz

tar -zxvf 8188eu-20130830.tar.gz

sudo install -p -m 644 8188eu.ko /lib/modules/3.6.11+/kernel/drivers/net/wireless

sudo insmod /lib/modules/3.6.11+/kernel/drivers/net/wireless/8188eu.ko

sudo depmod -a


Setting the network [2]:



$ sudo nano /etc/network/interfaces

auto lo

iface lo inet loopback
iface eth0 inet dhcp

auto wlan0
allow-hotplug wlan0
iface wlan0 inet dhcp
wpa-scan-ssid 1
wpa-ap-scan 1
wpa-key-mgmt WPA-PSK
wpa-proto RSN WPA
wpa-pairwise CCMP TKIP
wpa-group CCMP TKIP
wpa-ssid "My Secret SSID"
wpa-psk "My SSID PSK"

iface default inet dhcp



[1] http://www.raspberrypi.org/phpBB3/viewtopic.php?p=419095#p419095


[2] http://learn.adafruit.com/adafruits-raspberry-pi-lesson-3-network-setup/setting-up-wifi-with-occidentalis

jueves, 24 de enero de 2013

How to install nmap latest version

$ svn co https://svn.nmap.org/nmap
$ cd nmap
$ ./configure
$ make

$ ./nmap -V

Nmap version 6.26SVN ( http://nmap.org )
Platform: x86_64-unknown-linux-gnu
Compiled with: nmap-liblua-5.2.1 openssl-1.0.1 libpcre-8.12 libpcap-1.1.1 nmap-libdnet-1.12 ipv6
Compiled without:
Available nsock engines: epoll poll select

$


miércoles, 12 de octubre de 2011

Capture de Flags (CTF)











La verdad que esta imagen simplifica bastante, todo el tiempo invertido y esfuerzo realizado en algunos CTFs y retos por internet.

Source: http://infosuck.org/0x0042.png