I’ve created this website to keep track of stuff that I’ve encountered over the years.
Here you’ll find security related articles, tips&tricks, tools useful for reverse engineering, vulnerability/exploit research, malware research, incident response, forensic analysis…
The code that I developed is provided under the MIT license
Contact : malwr (at) malwrforensics . com
Enjoy 🙂
For reference
Web app penentration testing checklist and cheatsheet (with examples)
LINUX COMMANDS
Useful in incident response and forensic analysis| Command | Description |
|---|---|
| ps aux | view running processes |
| # ip link | grep PROMISC | check for promiscuous mode |
| # netstat -anp | check open ports |
| # lsof -i | check processes listening on ports |
| # crontab -u root -l # cat / etc / crontab # ls / etc / cron.* | check cron jobs scheduled by root |
| # sort -nk3 -t: / etc / passwd | less | check for unauthorized accounts |
| # stat < filename > | get inode, file times |
| # getfattr -R * | get extended file attributes |