Kali linux - protonvpn setup

Kali linux - protonvpn setup 

to configure protonvpn in kali linux download protonvpn from protonvpn official site

https://protonvpn.com/support/official-linux-vpn-kali/

https://repo.protonvpn.com/debian/dists/stable/main/binary-all/protonvpn-stable-release_1.0.3_all.deb

once protonvpn deb file downloaded into local maching issue below command from directory where downloaded file is available

$ sudo dpkg -i *.deb

$ sudo apt-get update

$ sudo apt-get install protonvpn

once installation completed; verify app installation status by using below command

dpkg-query -l protonvpn

execute protonvpn from command prompt or from gui-menu

$ protonvpn

once UI loaded select available freelocation and connect

now connection is established;

use disconnect buttong to close the vpn connection.

use ip command to verify vpn connection status

before connection

$ ip a

after connection

$ ip a

Kali linux terminal commands - file, folder access management

Kali Linux - file, folder access management

permission          on a file                                                 on a folder/directory
r (read)                 read file content (cat)                             read directory content (ls)
w (write)               change file content (vi/touch)                 create file in directory (vi/touch)
x (execute)           execute the file (script/program)            enter the directory (cd)

binary     octal     permissions
000          0            ---
001          1            --x
010          2            -w-
011          3            -wx
100         4            r--
101         5            r-x
110         6            rw-
111         7            rwx


    777 = rwxrwxrwx  
    666 = rw-rw-rw-  
    555 = r-xr-xr-x  
    444 = r--r--r--    
    333 = -wx-wx-wx
    222 = -w--w--w-
    111 = --x--x--x
    000 = ---------


chmod [permission] [filename]

chmod 777 tor-browser-linux64-12.0.4_ALL.tar.xz     

chmod u+x 001.sh        permission granted to execute added to user
chmod a+x 001.sh        permission granted to execute added to All (user, group, others)    

chmod g-x 001.sh        permission to execute is revoked from the group
chmod u-w 001.sh       permission to write os revoked from the user

chmod a+x 001.sh
or
chmod +x 001.sh         execute permission given for all the groups


u - user    g - group    o - other    a = all

chmod u=wx file                      permission granted for user with write and execute
chmod g=rw file                       permission granted for group with read and write
chmod u=rwx.g=rw,o=r file      permission granted for user, group and other with different access

chmod 777 *.sh                       permission granted group of files
chmod u=rwx.g=rw,o=r *.txt    permission granted group of files

cp -p file1 file2                        copy file permision and apply to other files
mkdir -m 777 dirname            assign file access permission while creating directory/folder

Kali linux terminal commands - app install & uninstall

Kali Linux -  app install & uninstall

sudo apt-get upgrade               linux pakage info upgrade
sudo apt-get dist-upgrade        linux pakage info upgrade

suod apt-get update                       linux pakage info update
sudo apt-get install libreoffice         install libreoffice   
sudo apt-get install gimp                install gimp    

sudo apt --purge remove gimp        command is used to uninstall gimp and deletes all the        

                                                        configuaration files

sudo apt remove gimp            onlye install gimp will retain all the config files

suod apt -autoremove            when you uninstall a program, there may be packages that the    

                                               uninstalled program depended upon that no longer used
                                               to remove any unused packages, use the autoremove command
                    
suod apt purge --autoremove gimp    this command removing a program and removing 

                                                           dependencies that are no longer being used into one

sudo apt clear                 to remove downloaded archive files

dpkg --list                used to see a list of all installed packages on your computer


dpkg-query -l gimp            installed application status with version details for gimp application
dpkg-query -l libreoffice        installed application status with version details for libreoffice application

Kali Linux - Change SSH keys

Kali Linux - SSH Key generation and setup

All ssh keys are located in  /etc/ssh folder 

Replace new ssh key(file) for all existing key/file as ssh_host

create new folder

• $mkdir old_keys

move existing key/files to old_keys folder

• $mv ssh_host* /etc/ssh/old_keys

generate new keys

• $sudo dpkg-reconfigure openssh-server

to check/compact old and new values

• $md5sum ssh_host*
• $md5sum oldkeys/ssh_host*

 

Kali linux - Root Password setup

Kali Linux - Root Password setup

 Step1

• open Terminal window

 Step2

• $ sudo su
• $passwd root

          enter new password

 Step3

to change any user password

• $passwd username

          enter new password

 

Kali linux USB Stick [live]

 Step1

• download kali linux latest iso(image) from https://www.kali.org/
  
  
  
  

 Step2

• use rufus usb tool to create bootable USB drive https://rufus.ie/en/

 Step3

• select appropriate iso 
• setup persistence size 60% if usb capacity >=32GB
• select FAT32, 16kb cluster size
• then run installation

Step4

• once done, shutdown PC restart with USB booting; it will load kali linux live

 

Quick Ref - Python

Python - 

Basic

https://realpython.com/start-here/

https://realpython.com/courses/python-reading-and-writing-files/

https://geeksgod.com/udemy-free-course/150-exercises-data-structures-in-python-hands-on-2023/

https://towardsdatascience.com/lists-tuples-dictionaries-and-data-frames-in-python-the-complete-guide-7ab54d4819ee

https://www.python.org/downloads/release/python-3114/
https://www.analyticsinsight.net/top-10-websites-for-beginners-to-learn-python-for-free/
https://www.geeksforgeeks.org/openai-python-api/

https://www.codelivly.com/python-cheatsheet/

https://realpython.com/solid-principles-python/

https://www.freecodecamp.org/news/python-tenary-operator/
https://www.freecodecamp.org/news/python-regex-tutorial-how-to-use-regex-inside-lambda-expression/
https://www.tecmint.com/pip-command-not-found/

https://realpython.com/creating-modifying-pdf/

https://realpython.com/python-callable-instances/

https://www.grokkingpython.com/p/full-stack-python-web-development
https://www.freecodecamp.org/news/python-delete-file-how-to-remove-files-and-folders/
https://realpython.com/courses/knn-python/

https://levelup.gitconnected.com/the-comprehensive-guide-to-python-project-setup-c1fe776c108f

https://searchengineland.com/python-scripts-automating-seo-tasks-395527  

https://towardsdatascience.com/exception-handling-in-python-from-basic-to-advanced-then-tricks-9b495619730a

https://geekpython.in/context-managers-and-python-with-statement

https://www.freecodecamp.org/news/python-delete-file-how-to-remove-files-and-folders/
https://opensource.com/article/23/4/how-i-teach-python

 

Learn Algorithm

https://itnext.io/cracking-sudoku-how-to-explore-backtracking-algorithms-with-python-63a67067045d

https://pieriantraining.com/understanding-dijkstras-algorithm-in-python/

 

Cyber Security

https://infosecwriteups.com/dos-via-cache-poisoning-38f3a87f997c
https://infosecwriteups.com/firewall-evasion-techniques-for-bug-hunters-d0dd85049ec8
https://www.zdnet.com/article/how-to-add-the-power-of-duckduckgo-to-your-linux-terminal/

https://towardsdatascience.com/finding-temporal-patterns-in-twitter-posts-exploratory-data-analysis-with-python-part-2-8eec19431c23
https://www.youtube.com/watch?v=vuZO4qzjCdQ

https://blog.adafruit.com/2023/05/26/the-magic-of-prime-numbers/

https://thehackernews.com/2023/04/new-python-based-legion-hacking-tool.html
https://thehackernews.com/2023/04/new-python-based-legion-hacking-tool.html

https://www.codelivly.com/python-the-ultimate-weapon-in-the-hand-of-ethical-hackers/
https://analyticsdrift.com/web-stories/top-7-free-resources-to-learn-ethical-hacking-with-python/

https://www.freecodecamp.org/news/socket-programming-in-python/
https://blog.pypi.org/posts/2023-05-23-removing-pgp/
https://towardsdatascience.com/concurrency-in-python-fe8b39edfba5

https://levelup.gitconnected.com/the-power-of-pass-in-python-programming-61e4335d45c2
https://realpython.com/python-http-server/

https://cybersecuritynews.com/apt41s-powershell-backdoor/

https://www.freecodecamp.org/news/use-scrapy-for-web-scraping-in-python/
https://infosecwriteups.com/python-penetration-testing-escaping-the-matrix-4180874da1b5

https://www.javaassignmenthelp.com/blog/web-stories/cybersecurity-projects-for-beginners/

Quick Ref - General

Reference Pages

 

H4CKING 

https://latesthackingnews.com/2023/05/21/ethical-hacking-cheatsheet-a-beginners-guide-to-penetration-testing/
 

https://infosecwriteups.com/beginners-ctf-guide-finding-hidden-data-in-images-e3be9e34ae0d
https://blog.bytebytego.com/p/password-session-cookie-token-jwt-ec1
https://www.codelivly.com/web-application-hacking/
https://infosecwriteups.com/lets-hacking-citizens-bank-9520e9c05cf9

https://cybersecuritynews.com/hackers-use-weaponized-pdf-files-to-attack-organizations/
 

https://infosecwriteups.com/tryhackmes-webosint-simple-writeup-conducting-basic-open-source-intelligence-research-on-a-f1c1da2e8089
 

Networking

https://www.codelivly.com/network-pivoting/

https://www.codelivly.com/how-hackers-remotely-control-any-servers-with-reverse-shell/

 

Linux

https://www.csoonline.com/article/644240/mission-linux-how-the-open-source-software-is-now-a-lucrative-target-for-hackers.html

https://www.phoronix.com/news/Rocky-Linux-RHEL-Source-Access

https://www.debugpoint.com/why-kali-linux/
 

https://hackaday.com/2023/05/22/dear-ubuntu/
https://beebom.com/how-take-screenshot-ubuntu/

Windows

https://mspoweruser.com/how-to-get-admin-rights-on-windows-10-without-password/

https://www.bleepingcomputer.com/news/security/microsoft-windows-kernel-cve-2023-32019-fix-is-disabled-by-default/
 

https://www.pinkvilla.com/tech/how-to/how-to-create-windows-10-bootable-usb-1223213

XSS

https://infosecwriteups.com/interesting-stored-xss-in-sandboxed-environment-to-full-account-takeover-32e541062938

https://infosecwriteups.com/mastering-xss-a-comprehensive-guide-for-bug-bounty-hunters-fc4e2b4ad1f1

ASM

https://www.phoronix.com/news/Linus-Torvalds-Relax-Inline-ASM

Tools

 

Malware

https://infosecwriteups.com/analyzing-malware-using-free-online-tools-e37b56bc3868

https://www.theregister.com/2023/06/23/camaro_dragon_usb_malware_spreads/

https://thehackernews.com/2023/06/new-golang-based-skuld-malware-stealing.html

https://protos.com/mamma-mia-crypto-malware-hidden-in-super-mario-game/
 

Encryption

https://www.freecodecamp.org/news/encryption-explained-in-plain-english/

https://crypto.stackexchange.com/questions/106031/does-any-proof-exist-for-the-optimal-number-of-primes-in-a-rsa-key

https://www.androidpolice.com/end-to-end-encryption-explainer/

https://www.design-reuse.com/news/53919/xiphera-ascon-lightweight-cryptographic-suite.html 

Wfi

https://www.hackers-arise.com/post/wi-fi-hacking-using-wifite-for-multiple-attack-strategies-against-wi-fi-ap-s
 

Lowlevel

https://www.techspot.com/news/98300-microsoft-explains-how-detect-blacklotus-uefi-bootkit-infection.html

https://hackaday.com/2023/04/22/build-your-own-bootable-emacs-environment/

https://beebom.com/how-update-bios-uefi/

https://beebom.com/how-update-bios-uefi/

https://totallygamerjet.hashnode.dev/writing-an-os-in-go-the-bootloader

https://www.freecodecamp.org/news/how-to-access-and-read-ram-contents/

WebSites

 https://nakedsecurity.sophos.com/2023/07/04/ghostscript-bug-could-allow-rogue-documents-to-run-system-commands/

https://www.blackhatethicalhacking.com/articles/post-exploitation-techniques-maintaining-access-escalating-privileges-gathering-credentials-covering-tracks/
 

https://latesthackingnews.com/2023/06/26/serious-idor-vulnerability-found-in-microsoft-teams/
https://office365itpros.com/2023/06/26/teams-external-access-exploit/
https://blog.sucuri.net/2023/06/remote-code-execution-backdoor-uses-unicode-obfuscation-non-standard-file-extensions.html
https://infosecwriteups.com/easy-csrf-bypass-7226b4e3593e

https://www.youtube.com/watch?v=ULvtr1Os3EE

https://thehackernews.com/2023/06/adversary-in-middle-attack-campaign.html
https://cleancommit.io/blog/spa-vs-mpa-which-is-the-king/
https://blog.redteam-pentesting.de/2023/storing-passwords/

https://www.codelivly.com/mastering-capture-the-flag-challenges/
https://infosecwriteups.com/bug-bounty-hunting-methodology-tools-tips-tricks-blogs-books-6f84cda7ce34

https://infosecwriteups.com/send-email-from-anyone-to-any-user-outlook-microsoft-69fce333066d
https://www.crowdstrike.com/blog/identifying-data-exfiltration-in-moveit-transfer-investigations/
https://gbhackers.com/millions-of-pc-motherboard/
https://www.codelivly.com/exploring-the-world-of-intrusion-detection-and-prevention-systems/
https://www.codelivly.com/how-hackers-remotely-control-any-servers-with-reverse-shell/
https://www.youtube.com/watch?v=rKaCdAxQikY
https://www.securityweek.com/google-temporarily-offering-180000-for-full-chain-chrome-exploit/
https://www.youtube.com/watch?v=_uVVVV_nIhE
https://hackaday.com/2023/06/02/chatting-about-the-state-of-hacker-friendly-ar-gear/
https://infosecwriteups.com/path-traversal-vulnerability-28d6de8fb5d7
https://gbhackers.com/google-ctf-2023/


https://news.itsfoss.com/sniffnet/
https://lifehacker.com/windows-is-finally-getting-support-for-rar-and-7z-archi-1850478854
https://pimylifeup.com/raspberry-pi-unbound/
https://www.securityweek.com/zyxel-firewalls-hacked-by-mirai-botnet-via-recently-patched-vulnerability/
https://www.freecodecamp.org/news/use-apis-to-practice-coding-skills/
https://hackaday.com/2023/05/21/watch-a-web-page-fetch-itself-over-tls-complete-with-commentary/
https://twitter.com/hackinarticles/status/1670359855306088449?t=D5zSgAbgdYF4MK9VoDZgnA&s=08
https://beej.us/guide/bgnet/html/split/
https://latesthackingnews.com/2023/05/22/impacket-cheatsheet-for-penetration-testers/


https://mspoweruser.com/how-to-get-admin-rights-on-windows-10-without-password/
https://www.omglinux.com/raspberry-pi-os-update-may-2023/
https://practical365.com/find-azure-ad-users-powershell/
https://build-your-own.org/blog/20230507_byoc_new/?v=20230507
https://www.csoonline.com/article/3695769/review-your-on-prem-adcs-infrastructure-before-attackers-do-it-for-you.html

https://4pfsec.com/oswe
https://vulncheck.com/blog/papercut-rce

https://4sysops.com/archives/resolve-dnsname-nslookup-for-powershell/


https://totallygamerjet.hashnode.dev/writing-an-os-in-go-the-bootloader
https://latesthackingnews.com/2023/04/30/wifi-penetration-testing-cheatsheet-for-ethical-hackers
https://www.codelivly.com/web-application-hacking/
https://unix.stackexchange.com/questions/744369/why-xargs-does-not-process-the-last-argument


https://www.sentinelone.com/blog/mastering-the-art-of-soc-analysis-part-1-2/
https://www.hackerone.com/hackerone-community-blog/getting-started-high-school-bug-hunter-cubeds-hacker-afk

https://infosecwriteups.com/unveiling-the-secrets-my-journey-of-hacking-googles-oss-cdd9ef3c7aa
https://www.blackhatethicalhacking.com/news/chinese-hacking-group-apt41-caught-using-google-tool-for-data-theft/


https://infosecwriteups.com/how-i-escalated-default-credentials-to-remote-code-execution-1c34504be7a5

 

Kali Linux

Kali Linux setup

Kali Linux live

kali Linux ref

Linux Terminal commands

TOR Browser setup

Network setup

Quick Ref General