Jaacostan

While compiling programs, you may encounter this particular error. E: Unable to locate package linux-headers-5.10.0-kali5-amd64 I encountered this while compiling a C code. To fix this, i first updated my Kali machine (v2020.2a).  sudo apt update -y && apt upgrade -y && apt dist-upgrade   Rebooted. Then installed the headers.   sudo apt install linux-headers-$(uname -r)  

Room link : https://tryhackme.com/room/adana Excellent room. Spend much time on Recon and Enum. The room developer has also put a sweet spot rabbit hole. The WordPress. I am not making this write-up in detail. You perform the initial nmap scan, get couple of open ports and services. Then perform a dirbuster or gobuster scan. You get the secret directory. Announcement. In the Announcement directory, you can see an image and a word-list. As common with THM, we can easily assume that there might be some kind of stenography involved. And yes, but with a point. I used steghide and exif tools at first but you need to use brute-force method to crack the hidden data. Also the hint is given on the room poster. Anyway. Use Stegbrute to crack the image. Stegbrute gives an output file and its encrypted. Do a Base64 conversion to decode and here it is, the FTP credentials. Decode using icyberchef.  Now we have the FTP creds and let's try it. Well, the directory structe looks like the web folde

JSON Web Token (JWT) is a standard for securely transmitting information between parties as a JSON object. This information can be verified and trusted because as it is digitally signed using the public/private keys. In this post, i will be explaining about the JWT and how it can be manipulated to perform certain functions, especially during penetration testing. Access the website that uses JWT token and open the developer tools in the web-browser to see the  JWT token. To decode the token, we can use a handy website https://jwt.io .Copy the token and paste it on the website to decode.You can see the key pair values. And if you want to generate your own customized JWT token, you can do it in the same way. Create the header and the payload data based on your desired fields. The jwt.io site generates and sign the key using the key-pairs. Then copy the encoded token and re-transmit to the target website to do manipulation.

Recently i came across this awesome Windows Exploit Suggester - Next Generation (WES-NG) tool and it comes handy for performing the privilege escalation. Once you have the initial access to the machine, simply grab the system information and run with WES-NG to view all the vulnerabilities in the target machine. WES-NG link : https://github.com/bitsadmin/wesng 1) Get the package form the above link and clone it to your machine. #git clone  https://github.com/bitsadmin/wesng 2) After cloning, update the vulnerability database. syntax : wes.py --update 3) Now, from the target machine, run systeminfo command. Copy the output on a text file, name it as systeminfo.txt and paste it in the same WES-NG folder. 4) Run WES-NG with the systeminfo.txt file as parameter. syntax : python wes.py systeminfo.txt   The tool will list down all the vulnerabilities in the target machine. Now it is up to you to find and select an applicable potential vulnerability and exploit to perform the privilege es

The Security Content Automation protocol (SCAP) Compliance Checker tools from DISA are now available free to the public . Security Content Automation Protocol (SCAP) is a method to enable automated vulnerability management, measurement, and policy compliance evaluation of systems deployed in an organization based on Security Technical Implementation Guidelines (STIG). The two most common and widely accepted system configuration baselines are the Center for Internet Security’s CIS Benchmarks, and the US Department of Defense Systems Agency (DISA) Security Technical Implementation Guides (STIG). However, DISA STIGs are more stringent than CIS Benchmarks and they are slant towards the US Government sectors. Now, since the tools are made public, you may try to use these tools to determine the security posture of your machines or to validate your security compliance. Link : https://public.cyber.mil/stigs/scap/

  Preparation : Use Palo Alto networks beacon portal to learn the basics of Cortex XSOAR. Download and install the community edition of Cortex XSOAR. If you need a step by step practical guide to learn the Cortex XSOAR and to prepare for PCSAE exam, check my book. And if you need to validate your knowledge on PCSAE exam topics, check the practice tests in Udemy . Dont just rely on the exam guide. Do hands on extensively. Practical knowledge is what validates in the PCSAE exam. The PCSAE certification validates the knowledge and skills required to develop, analyze and administer the Cortex XSOAR security orchestration, automation and response platform with native threat intelligence management. Kindly note that, this is a practice test and not an exam dump and for passing the PCSAE exam, one should have hands-on experience and in depth knowledge on the exam topics.

 Palo Alto Cortex XSOAR: A Practical Guide, First Edition 2021 I am glad to announce my new book on Palo Alto Cortex XSOAR. This is a step by step, beginner friendly 100% practical guide to learn SOAR platform with Cortex XSOAR.  Paperback : https://www.amazon.com/dp/B08Z4CTCJS/  E-book : https://www.amazon.com/dp/B08Z78WBQV Cortex XSOAR is the Security Orchestration, Automation and Response (SOAR) solution from Palo Alto Networks. Cortex XSOAR provides a centralized security orchestration and Automation solution to accelerate incident response and increase analyst productivity. A SOAR platform integrates your organization's security and monitoring tools, helping you centralize, standardize your incident handing processes.This book is a beginner friendly, step by step, practical guide that helps you to understand and learn Palo Alto Cortex XSOAR from scratch. No previous knowledge about the product is required and have explained all the important topics step by step, with

Adobe stopped supporting Flash Player beginning December 31, 2020. After this data, Adobe will not release new Flash Player updates or security patches and strongly recommends the users to uninstall Flash Player immediately from their machines. To help secure your system, major browser vendors have already disabled Flash Player from running. As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586 . This update only removes Adobe Flash Player that was installed by your version of Windows. If you installed Adobe Flash Player manually from another source, it will not be removed.  Ref : https://support.microsoft.com/en-us/topic/kb4577586-update-for-the-removal-of-adobe-flash-player-october-27-2020-931521b9-075a-ce54-b9af-ff3d5da047d5

Palo Alto Networks Certified Security Automation Engineer Exam Review Exam Length : 130 minutes (sufficient) Number of questions : 85 The exam is not an easy one. Compared to other networking and security exams from Palo Alto, this is a difficult one. The PCSAE candidates are supposed to have a decent operational experience with Cortex XSOAR. Those who don't, might struggle to answer the exam questions correctly.  Though the exam guide from Palo Alto helps, it is not enough to pass the PCSAE exam. I recommend you to go through the additional guides such as Admin guide, TIM, MSSP guides etc. Do install the community edition and explore everything. Without any hands-on knowledge, you are not going to pass the exam. You can find supplementary exam materials here. Takeaways: Make sure you can differentiate automation commands, scripts, system commands, search queries. Make sure you know the syntax and format of the commands. Have an idea on basic troubleshooting. Practice creating das