I’ve created this website to keep track of stuff that I’ve encountered over the years.
Here you’ll find security related articles, tips&tricks, tools useful for reverse engineering, vulnerability/exploit research, malware research, incident response, forensic analysis…
The code that I developed is provided under the MIT license
Contact : malwr (at) malwrforensics . com
Enjoy 🙂
For reference
Web app penentration testing checklist and cheatsheet (with examples)
LINUX COMMANDS
Useful in incident response and forensic analysisCommand | Description |
---|---|
ps aux | view running processes |
# ip link | grep PROMISC | check for promiscuous mode |
# netstat -anp | check open ports |
# lsof -i | check processes listening on ports |
# crontab -u root -l # cat / etc / crontab # ls / etc / cron.* | check cron jobs scheduled by root |
# sort -nk3 -t: / etc / passwd | less | check for unauthorized accounts |
# stat < filename > | get inode, file times |
# getfattr -R * | get extended file attributes |