Red Team Links
Doomsday Vault Index: https://x-c3ll.github.io/
Adepts of 0xCC Archive: https://adepts.of0x.cc/archive/
Raptor https://0xdeadbeef.info/
stuff about cryptography rotate 13:
https://everything2.com/title/If+cryptography+is+outlawed%252C+bayl+bhgynjf+jvyy+unir+cevinpl
Ka0labs -- Telegram
Useful Books for Penetration Testing
Independently published / Author: Daniel Dieterle
This book covers the more intermediate and advanced uses of the Kali Linux pentesting distribution. You will learn topics like:
Wiley / Author: Gus Khawaja
This book is the hands-on and methodology guide for pentesting with Kali Linux. You’ll discover everything you need to know about the tools and techniques hackers use to gain access to systems like yours so you can erect reliable defenses for your virtual assets. Whether you’re new to the field or an established pentester, you’ll find what you need in this comprehensive guide.
No Starch Press / Author: OccupyTheWeb
If you’re getting started along the exciting path of hacking, cybersecurity, and pentesting, Linux Basics for Hackers is an excellent first step. Using Kali Linux, an advanced penetration testing distribution of Linux, you’ll learn the basics of using the Linux operating system and acquire the tools and techniques you’ll need to take control of a Linux environment.
First, you’ll learn how to install Kali on a virtual machine and get an introduction to basic Linux concepts. Next, you’ll tackle broader Linux topics like manipulating text, controlling file and directory permissions, and managing user environment variables. You’ll then focus in on foundational hacking concepts like security and anonymity and learn scripting skills with bash and Python. Practical tutorials and exercises throughout will reinforce and test your skills as you learn how to:
Packt Publishing / Author: Vijay Kumar Velu
In this book you’ll learn an offensive approach to enhance your penetration testing skills by testing the sophisticated tactics employed by real hackers. You’ll go through laboratory integration to cloud services so that you learn another dimension of exploitation that is typically forgotten during a penetration test. You’ll explore different ways of installing and running Kali Linux in a VM and containerized environment and deploying vulnerable cloud services on AWS using containers, exploiting misconfigured S3 buckets to gain access to EC2 instances.
This book delves into passive and active reconnaissance, from obtaining user information to large-scale port scanning. Building on this, different vulnerability assessments are explored, including threat modeling. See how hackers use lateral movement, privilege escalation, and command and control (C2) on compromised systems. By the end of this book, you’ll have explored many advanced pentesting approaches and hacking techniques employed on networks, IoT, embedded peripheral devices, and radio frequencies.
For more information about this book, we have a video with the author you can watch here.
Packt Publishing / Author: Glen D. Singh
This is a comprehensive guide for those who are new to Kali Linux and penetration testing that will have you up to speed in no time. Using real-world scenarios, you’ll understand how to set up a lab and explore core penetration testing concepts.
Throughout this book, you’ll focus on information gathering and even discover different vulnerability assessment tools bundled in Kali Linux. You’ll learn to discover target systems on a network, identify security flaws on devices, exploit security weaknesses and gain access to networks, set up Command and Control (C2) operations, and perform web application penetration testing. In this updated second edition, you’ll be able to compromise Active Directory and exploit enterprise networks.
Finally, this book covers best practices for performing complex web penetration testing techniques in a highly secured environment.
Top 10 Best OS for Hacking & Penetration Testing
Kali Linux is a #1 Best OS for Hacking and Penetration Testing Distribution based on Debian. Developed by Offensive Security.
The first release was on February 5, 2006, it’s a completion of the BackTrack Linux Project.
There are 100’s of hacking tools are pre-intstalled with Kali Linux for various operation such as pen testing, malware analysis, forensic analysis, information gathering, networking scanning, exploitation, etc.
It used to use GNOME as a Desktop Environment. Nowadays Kali Linux became a Rolling release Distro.
It has a lot of tools in the Kali Repositories. Download. Kali Linux Ranked number one in Top 10 Penetration Testing & Ethical Hacking Linux 2020.
You can find the complete kali Linux Tools & Tutorials here.
Parrot Security is #2 and another Best OS for Hacking and Penetration Testing, Forensics Distro dedicated to Ethical Hackers & Cyber Security Professionals.
Parrot OS equally contributing to the security community the same as Kali Linux with a verity of hacking tools and excellent GUI interface.
It has a big repository that collects a lot of amazing hacking tools for newbies and experts. Developed by FrozenBox.
The first release was in June 2013. It used to use MATE as a Desktop Environment it’s based on Debian like Kali Linux. Download.
Backbox Linux is a #3 best OS for Hacking for ethical hacking and penetration testing distro based on Ubuntu Linux.
Developed by BackBox Team. The first release was on September 9, 2010.
Backbox used to use XFCE as a Desktop Environment and Ubuntu LTS versions as a base.
It contains the most professional, famous and used tools in the PenTesting field like MSF, NMAP, BurpSuite, Armitage, SQLMap and so on. Download.
Black arch Linux based Arch Linux #4 Lightweight and best OS for Hacking for ethical hacking and Penetration Testing Distro designed for Professional & Elite Hackers who have the ability to work with Linux like a Pro.
Black Arch contains nearly 2500 hacking tools and almost it covering all the phase in cybersecurity.
Used to use Fluxbox & OpenBox as a Desktop Environment with other DE’s. It has huge tools in the repository more than 1500+ hacking tool included in the Distro & Repo. The first release was in 2013. Download.
Pentoo a #5 best OS for Hacking and PenTesting distro based on Gentoo. Nice collection of hacking tools. The first release was in June 2005. It’s somehow an old distro. We can say it’s outdated. Download.
Samurai WTF is a one of the best OS for Hacking and Professional Web Application Penetration Testing Framework & Distro.
It contains only WebApp Pentest Tools such as Burpsuite, SQLMap… and so on. Based on Ubuntu. The first release was in 2008. Download.
Network Security Toolkit also is known as NST is a Professional best OS for Hacking and penetration testing and also designed for Network Security & Network Penetration Testing Operations. Based on Fedora.
It contains the most professional & used tools in Network PenTest field. The first release was in 2003. Download.
Wifislax amazing & best OS for ethical hacking and Wifi Penetration Testing Distro based on Ubuntu.
It contains a lot of Wifi Cracking/Hacking/PenTesting tools. Developed by an Italian Security Team. Download.
It mainly deployed with corporate network to make sure employee access the protected network.
Bugtraq professional penetration testing distro designed for Penetration Testing Operations and Reverse Engineering and Malware Analysis Missions. Based on Debian, contain a lot of hacking tools.
Developed by Bugtraq-Team, the first release was in 2012. Download.
Cyborg Hawk, Ubuntu-based best OS for ethical hacking and penetration testing. Contain more than 700 hacking tools.
Amazing distro for hacking purposes. Developed by Cyborg Hawk Team from Australia. Download.
Choosing the best OS for Hacking & penetration testing is a good sign to learn ethical hacking and Penetration testing concepts to enhance your skills and protecting the enterprise assets from cybercriminals.
Every security professionals have their own favors of security OS to make use of hacking tools for both learning and commercial purpose.
you can try all the OS at least once to experience the great feature.
A new research undertaken by a group of academics from the University of California San Diego has revealed for the first time that Bluetooth signals can be fingerprinted to track smartphones (and therefore, individuals).
The identification, at its core, hinges on imperfections in the Bluetooth chipset hardware introduced during the manufacturing process, resulting in a "unique physical-layer fingerprint."
"To perform a physical-layer fingerprinting attack, the attacker must be equipped with a Software Defined Radio sniffer: a radio receiver capable of recording raw IQ radio signals," the researchers said in a new paper titled "Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices."
The attack is made possible due to the ubiquitous nature of Bluetooth Low Energy (BLE) beacons that are continuously transmitted by modern devices to enable crucial functions such as contact tracing during public health emergencies.
The hardware defects, on the other hand, stem from the fact that both Wi-Fi and BLE components are often integrated together into a specialized "combo chip," effectively subjecting Bluetooth to the same set of metrics that can be used to uniquely fingerprint Wi-Fi devices: carrier frequency offset and IQ imbalance.
Fingerprinting and tracking a device then entails extracting CFO and I/Q imperfections for each packet by computing the Mahalanobis distance to determine "how close the features of the new packet" are to its previously recorded hardware imperfection fingerprint.
"Also, since BLE devices have temporarily stable identifiers in their packets [i.e., MAC address], we can identify a device based on the average over multiple packets, increasing identification accuracy," the researchers said.
That said, there are several challenges to pulling off such an attack in an adversarial setting, chief among them being that the ability to uniquely identify a device depends on the BLE chipset used as well as the chipsets of other devices that are in close physical proximity to the target.
Other critical factors that could affect the readings include device temperature, differences in BLE transmit power between iPhone and Android devices, and the quality of the sniffer radio used by the malicious actor to execute the fingerprinting attacks.
"By evaluating the practicality of this attack in the field, particularly in busy settings such as coffee shops, we found that certain devices have unique fingerprints, and therefore are particularly vulnerable to tracking attacks, others have common fingerprints, they will often be misidentified," the researchers concluded.
"BLE does present a location tracking threat for mobile devices. However an attacker's ability to track a particular target is essentially a matter of luck."
Red Team Links Doomsday Vault Index: https://x-c3ll.github.io/ Adepts of 0xCC Archive: https://adepts.of0x.cc/archive/ Raptor h...
