Open in app

Sign In

Write

Sign In

HackingSkills
HackingSkills

9 Followers

Home

About

Aug 15

Creating base lines

Base line for newly imaged machine:- Get-Service * | Where {$_.status -eq “Running”} | Export-Clixml fileName.xml Comparing the baseline to the current state:- Compare-Object (Import-Clixml fileName.xml)(Get-Service * | Where {$_.status -eq “Running”}) -Property DisplayName | Where-Object{$_.sideindicator -eq “<=”} Another way to create base line for newly imaged machine:- Get-Process | Export-Clixml fileName.xml

Incident Response

1 min read

Incident Response

1 min read


Aug 12

Core Windows Process

smss.exe (session manager):- Responsible to create sessions. Session 0 creates OS services and starts csrss.exe and wininit.exe. Session 1 creates user session and starts csrss.exe and winlog.exe. Loads (its location is ) in shared memory and Locations. Executable Path: %SystemRoot%\System32\smss.exe Parent Process: System Username: NT AUTHORITY\SYSTEM (S-1–5–18) Base Priority: 11 Time of Execution…

Ecthp

5 min read

Ecthp

5 min read


Jun 4

Wireshark: Traffic Analysis — Quick Summery

Nmap Scans Filters to detect nmap scans:

Tryhackme

2 min read

Wireshark: Traffic Analysis — Quick Summery
Wireshark: Traffic Analysis — Quick Summery
Tryhackme

2 min read


Jun 2

Wireshark: Packet Operations

Continuing with wireshark features:- Statistics: provides multiple statistics options to help users see the big picture in terms of the scope of the traffic, available protocols, endpoints and conversations, and specific protocols. Resolved Addresses:- It helps analysts identify IP addresses and DNS names. Statistics → Resolved Addresses Protocol Hierarchy This option breaks down all available protocols from the…

Tryhackme

3 min read

Wireshark: Packet Operations
Wireshark: Packet Operations
Tryhackme

3 min read


Jun 1

TryHackMe-WireShark: The Basics

wireshark is a traffic analyzer it could be used as:- Detecting and solving network problems 2. Detecting security anomalies 3. Investigating and learning protocols details. NOTE: wireshark is not an IDS, and not modify the packets, it just reads them, and the analysist who will discover the anomalies and this…

Tryhackme

3 min read

TryHackMe-WireShark: The Basics
TryHackMe-WireShark: The Basics
Tryhackme

3 min read


Jun 18, 2022

Creating stable shell

Creating stable shell sudo python3 -c ‘import ptty;pty.spawn(“/bin/bash”)’ export XTERM = term ctrl + z stty raw -echo; fg

Shell

1 min read

Shell

1 min read


May 11, 2022

Buffer overflow using Immunity Debugger

· Right-click the Immunity Debugger icon on the Desktop and choose “Run as administrator”. · Open the executable file in Immunity Debugger and run it. · Run !mona config -set workingfolder c:\mona\%p · Run the fuzzer.py …

Bof

2 min read

Bof

2 min read


May 10, 2022

Pivoting

1- Metasploit: - After exploiting one machine and get the meterpreter for it run the following commands:- 1- Run autoroute -r target_ip_network 2- Run post/windows/arp_scanner target_ip_networkà to see the reachable active hosts. 3- Use /auxiliary/server/socks à to open proxy channel. 4- Then use proxychains in the attacking machine to run…

Pivoting

2 min read

Pivoting

2 min read


Jul 31, 2021

Tools and commands used in PTPs’ Labs.

Tools and commands used in PTPs’ Labs. Process Explorer:- uses to analyze the processes that run on Windows OS and check what techniques are used to mitigate the BOF attack. Lab1 :- 1* python3 -m http.server 8080:- makes the device work as a http server. So, the folders and files will be public and can be accessed by: http://ethernet_ip:8080 of that device. ـــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ

Ptp

1 min read

Ptp

1 min read


May 24, 2021

My PTP Notes from eLearnSecurity PDFs with help by Netriders Academy

1* Architecture Fundamentals:- CPU is used to execute the machine codes of programs. The machine code is in hexadecimal. Then, it is translated to Assembly language or mnemonic. It is a readable language. Netwide is an example of an assembly language. Every CPU has its own ISA Instruction Set Architecture. …

Ptp

12 min read

My PTP Notes from eLearnSecurity PDFs with help by Netriders Academy
My PTP Notes from eLearnSecurity PDFs with help by Netriders Academy
Ptp

12 min read

HackingSkills

HackingSkills

9 Followers

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams