https://securityonline.info/linux-malware-detect/ Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. In addition, th..
https://danielmiessler.com/study/tcpdump/ A tcpdump Tutorial and Primer with ExamplesCREATED: JANUARY 4, 2004 | UPDATED: JULY 15, 2018Basic Examplesbasic communicationfind traffic by ipfilter by source and/or destinationshow traffic by networkshow traffic by portshow traffic by protocolshow ipv6 trafficfind traffic using port rangesfind traffic based on packet sizewriting to a fileAdvanced Examp..
http://what-when-how.com/windows-forensic-analysis/live-response-collecting-volatile-data-windows-forensic-analysis-part-1/
https://blogs.msdn.microsoft.com/canberrapfe/2012/03/30/capture-a-network-trace-without-installing-anything-capture-a-network-trace-of-a-reboot/ If you need to capture a network trace of a client or server without installing Wireshark or Netmon this might be helpful for you. (This feature works on Windows 7/2008 R2 and above).The short version:1. Open an elevated command prompt and run: "netsh t..
https://hackertarget.com/tcpdump-examples/ Tcpdump ExamplesPractical tcpdump examples to lift your network troubleshootingand security testing game. Commands and tips to not only use tcpdump but master ways to know your network.Knowing tcpdump is an essential skill that will come in handy for any system adminstrator, network engineer or security professional.
30 Linux System Monitoring Tools Every SysAdmin Should Knowin CategoriesCentOS, Debian Linux, Howto, Linux, Monitoring, Networking, RedHat/Fedora Linux, Security, Sys admin last updated January 8, 2018Need to monitor Linux server performance? Try these built-in commands and a few add-on tools. Most distributions come with tons of Linux monitoring tools. These tools provide metrics which can be u..
Information Gathering1. DNS Brute ForceFind sub-domains with this script. Detecting sub-domains associated with an organizations domain can reveal new targets when performing a security assessment. The discovered hosts may be virtual web hosts on a single web server or may be distinct hosts on IP addresses spread across the world in different data centres.The dns-brute.nse script will find valid..
https://www.dfir.training/resources/test-images-and-challenges/test-images-and-challenges/all
출처 : https://medium.com/@petergombos/lm-ntlm-net-ntlmv2-oh-my-a9b235c58ed4When attacking AD, passwords are stored and sent in different ways, depending on both where you find it and the age of the domain. Most of these hashes are confusingly named, and both the hash name and the authentication protocol is named almost the same thing. It doesn’t help that every tool, post and guide that mentions ..
https://mobile-security.zeef.com/oguzhan.topgul#block_49249_android-evasion-anti-analysis-app-protection-obfuscation
