heckerbirb / infosec-manual Goto Github PK

Following the guidelines, create the base article for the SSH service and populate the article with at least one topic (e.g. vulnerable versions or brute force attacks).

...and populate with at least five quick wins (e.g. plaintext password in sysprep xml configuration).

Should mention which articles to create (as mentioned in the issues) and potentially what to do if something doesn't quite cut it.

E.g. "we want a more elaborate article about some kernel vulnerability like DirtyCOW or similar"

Following the guidelines, create the base article for the samba service (SMB protocol) and populate the article with at least one topic (e.g. EternalBlue or fetching the Samba version with or without a working enum4linux script)

...and populate with at least one reference to and automation script. Remember to include credits if such exist.

References can be to other GitHub repositories or to websites or blogs. Only refer to known and trusted scripts. Any unpopular or untrusted (as in "not yet trusted") scripts will be rejected.

...at populate with at least five common things or concepts to check, e.g. environment variables. Note that environment variables in particular is one "thing or concept" and not one for each user and system.

Following the guidelines, create the base article for the HTTP/HTTPS protocols and populate the article with at least one topic (e.g. WebDAV or Cross-Site Scripting)

Following the guidelines, create the base article for the RPC protocol and populate the article with at least one topic (e.g. how to explore and what to look for with rpcinfo and friends, enum4linux, etc.).

Feel free to change the port range to that of the legal possible ports, if it makes more sense.

Should include:

• High level overview
• What to expect as a business owner / blue-teamer
• What to expect as a pentester / red-teamer

...and populate with at least five quick wins (e.g. sudo -l showing some or full permission).

...and populate with at least one reference to and automation script. Remember to include credits if such exist.

References can be to other GitHub repositories or to websites or blogs. Only refer to known and trusted scripts. Any unpopular or untrusted (as in "not yet trusted") scripts will be rejected.

...at populate with at least five common things or concepts to check, e.g. environment variables. Note that environment variables in particular is one "thing or concept" and not one for each file that may contain them.