heckerbirb / infosec-manual Goto Github PK
View Code? Open in Web Editor NEWOpen-source methodology on pentesting and risk mitigation
License: MIT License
Open-source methodology on pentesting and risk mitigation
License: MIT License
Following the guidelines, create the base article for the SSH service and populate the article with at least one topic (e.g. vulnerable versions or brute force attacks).
...and populate with at least five quick wins (e.g. plaintext password in sysprep xml configuration).
Should mention which articles to create (as mentioned in the issues) and potentially what to do if something doesn't quite cut it.
E.g. "we want a more elaborate article about some kernel vulnerability like DirtyCOW or similar"
Following the guidelines, create the base article for the samba service (SMB protocol) and populate the article with at least one topic (e.g. EternalBlue or fetching the Samba version with or without a working enum4linux script)
...and populate with at least one reference to and automation script. Remember to include credits if such exist.
References can be to other GitHub repositories or to websites or blogs. Only refer to known and trusted scripts. Any unpopular or untrusted (as in "not yet trusted") scripts will be rejected.
...at populate with at least five common things or concepts to check, e.g. environment variables. Note that environment variables in particular is one "thing or concept" and not one for each user and system.
Following the guidelines, create the base article for the HTTP/HTTPS protocols and populate the article with at least one topic (e.g. WebDAV or Cross-Site Scripting)
Following the guidelines, create the base article for the RPC protocol and populate the article with at least one topic (e.g. how to explore and what to look for with rpcinfo and friends, enum4linux, etc.).
Feel free to change the port range to that of the legal possible ports, if it makes more sense.
Should include:
...and populate with at least five quick wins (e.g. sudo -l
showing some or full permission).
...and populate with at least one reference to and automation script. Remember to include credits if such exist.
References can be to other GitHub repositories or to websites or blogs. Only refer to known and trusted scripts. Any unpopular or untrusted (as in "not yet trusted") scripts will be rejected.
...at populate with at least five common things or concepts to check, e.g. environment variables. Note that environment variables in particular is one "thing or concept" and not one for each file that may contain them.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.