CHW

@CHW

Github: https://github.com/Chw41

Joined on Jul 13, 2023

  • [OSCP, PEN-200] Cheat Sheet Table of Contents Recon IP Nmap nmap -sC -sV -T4 {IP}\ sudo nmap -sS {IP}\ All ports: nmap -p- {IP}
     Like 1 Bookmark
  • [OSCP, PEN-200] Proving Grounds Practice - Windows Table of Contents Algernon image Solution 1. Recon 1.1 Nmap ┌──(chw㉿CHW)-[~]
     Like  Bookmark
  • [OSCP, PEN-200] Proving Grounds Practice - Active Directory Table of Contents Resourced image Solution 1. Recon 1.1 Nmap ┌──(chw㉿CHW)-[~/Resourced]
     Like  Bookmark
  • [OSCP, PEN-200] Proving Grounds Play - Linux Table of Contents Blogger image Solution 1. Recon 1.1 Nmap ┌──(chw㉿CHW)-[~]
     Like  Bookmark
  • § Work Experioence Company Title Date Description Cymetrics Security Research Engineer Intern 2024/09 - 2025/01/22 Pentesting & Vulnerability assessment
     Like  Bookmark
  • [OSCP, PEN-200] Instructional notes - Part 6 Table of Contents Link back to: "[OSCP, PEN-200] Instructional notes - Part 1" Link back to: "[OSCP, PEN-200] Instructional notes - Part 2" Link back to: "[OSCP, PEN-200] Instructional notes - Part 3" Link back to: "[OSCP, PEN-200] Instructional notes - Part 4" Link back to: "[OSCP, PEN-200] Instructional notes - Part 5" [!Caution] 接續 [OSCP, PEN-200] Instructional notes - Part 5 內容
     Like  Bookmark
  • [OSCP, PEN-200] Instructional notes - Part 2 Table of Contents Link back to: "[OSCP, PEN-200] Instructional notes - Part 1" [!Caution] 接續 [OSCP, PEN-200] Instructional notes - Part 1 內容 Exploits Locating Public Exploits - A Word of Caution
     Like  Bookmark
  • [OSCP, PEN-200] Instructional notes - Part 8 Table of Contents Link back to: "[OSCP, PEN-200] Instructional notes - Part 1" Link back to: "[OSCP, PEN-200] Instructional notes - Part 2" Link back to: "[OSCP, PEN-200] Instructional notes - Part 3" Link back to: "[OSCP, PEN-200] Instructional notes - Part 4" Link back to: "[OSCP, PEN-200] Instructional notes - Part 5" Link back to: "[OSCP, PEN-200] Instructional notes - Part 6" Link back to: "[OSCP, PEN-200] Instructional notes - Part 7"
     Like 1 Bookmark
  • [OSCP, PEN-200] Instructional notes - Part 7 Table of Contents Link back to: "[OSCP, PEN-200] Instructional notes - Part 1" Link back to: "[OSCP, PEN-200] Instructional notes - Part 2" Link back to: "[OSCP, PEN-200] Instructional notes - Part 3" Link back to: "[OSCP, PEN-200] Instructional notes - Part 4" Link back to: "[OSCP, PEN-200] Instructional notes - Part 5" Link back to: "[OSCP, PEN-200] Instructional notes - Part 6" [!Caution]
     Like 1 Bookmark
  • [OSCP, PEN-200] Instructional notes - Part 1 Table of Contents Recon Whois whois {Target domain/ip} -h {指定WHOIS 伺服器} Google Hacking 👉🏻 site: 👉🏻 ext: {filetype} 👉🏻 filetype:
     Like 1 Bookmark
  • [OSCP, PEN-200] Instructional notes - Part 3 Table of Contents Link back to: "[OSCP, PEN-200] Instructional notes - Part 1" Link back to: "[OSCP, PEN-200] Instructional notes - Part 2" [!Caution] 接續 [OSCP, PEN-200] Instructional notes - Part 2 內容 Password Attacks Working with Password Hashes
     Like  Bookmark
  • [OSCP, PEN-200] Instructional notes - Part 4 Table of Contents Link back to: "[OSCP, PEN-200] Instructional notes - Part 1" Link back to: "[OSCP, PEN-200] Instructional notes - Part 2" Link back to: "[OSCP, PEN-200] Instructional notes - Part 3" [!Caution] 接續 [OSCP, PEN-200] Instructional notes - Part 3 內容 Linux Privilege Escalation
     Like  Bookmark
  • [OSCP, PEN-200] Instructional notes - Part 5 Table of Contents Link back to: "[OSCP, PEN-200] Instructional notes - Part 1" Link back to: "[OSCP, PEN-200] Instructional notes - Part 2" Link back to: "[OSCP, PEN-200] Instructional notes - Part 3" Link back to: "[OSCP, PEN-200] Instructional notes - Part 4" [!Caution] 接續 [OSCP, PEN-200] Instructional notes - Part 4 內容
     Like  Bookmark
  • Apache SSL 憑證更換 Table of Contents [!Note] SSL憑證具時效性,本篇只介紹如何更換 若是新服務申請憑證,可以參考 Apache SSL 憑證申請安裝 Apache SSL 憑證申請安裝 向憑證頒發機構 (CA) 購買新的SSL憑證 原本的私鑰 (server.key) 產生新的 CSR
     Like  Bookmark
  • Apache SSL 憑證申請安裝 Table of Contents :::info :bulb: 建立私鑰 RSA 2048 、 產生憑證請求檔(CSR)、完成申請安裝 ::: 建立私鑰 Server.key OpenSSL 工具 Download
     Like  Bookmark
  • CYBERSEC 2024 臺灣資安大會 「AD 已經防不完了,怎麼還有個 Azure AD?」(Steven Meow) Table of Contents Conference Info Conference Title: CYBERSEC 2024 臺灣資安大會Date: 2024.05.16Location: 臺北南港展覽二館 7F 701G Presentation Title: AD 已經防不完了,怎麼還有個 Azure AD?Speaker: 游照臨 (Steven Meow) | 趨勢科技 Threat Researcher, CoreTech Red TeamDescription:\ 在這場議程中,我們將深入探討 Active Directory 和 Azure Active Directory (Entra ID) 的核心差異,揭示 Azure, Entra ID 內所含的資安威脅。我們將以從紅隊角度出發,分析 Entra ID 的潛在風險,並以實例方式展現如何使用特定工具來執行 Enumerate 及 Exploitation, Exfiltration 手法,甚至是 Bypass 2FA 的攻擊方式。此外,我們也會詳述橫向移動的 Hybrid Identity 攻擊手法,包括從本地到雲端,甚至從雲端反打回本地 Active Directory 的技術,例如 Password Hash Sync, Pass-Through Authentication, AD Federation Golden SAML 等。
     Like  Bookmark
  • Elastic stack(ELK) 安裝 on docker [一鍵安裝] Table of Contents :::info :bulb: ELK = Elasticsearch + Logstash + Kibana ::: ELK 介紹 [!Important] 資料來源 → Logstash → Elasticsearch → KibanaLogstash 收集並處理資料。將處理好的資料送入 Elasticsearch 進行儲存和索引。Kibana 從 Elasticsearch 獲取資料,進行可視化和分析。
     Like 3 Bookmark
  • DEVCORE CONFERENCE 2024 「牆の調查:致 WAF 前的你」 (Mico) Table of Contents Conference Info Conference Title: DEVCORE CONFERENCE 2024Date: 2024.03.16Location: TICC 台北國際會議中心 201 會議室(台北市信義區信義路五段 1 號) Presentation Title: 牆の調查:致 WAF 前的你Speaker: 高敏睿 (Mico) | DEVCORE 資深紅隊演練專家Description:\ "WAF" 作為一種已臻於成熟的技術產品,不僅是抵禦網路威脅的高壘深塹,其發展速度也猶如是向紅隊發出了挑戰。本議程將回顧早期的繞過技巧,以及介紹至今紅隊專家如何鑿壁偷光?議程中將簡單解析 WAF 的基本原理,探討紅隊如何在實際情況中,成功讓關鍵請求繞過這些安全措施。亦會分享一些從實戰中提煉出的經驗,包括那些起初看似不可能繞過,卻屢屢成功實現的真實案例。最後將從戴夫寇爾視角總結 WAF 在當今網路安全生態中的地位和效力。
     Like  Bookmark
  • Elastic stack(ELK) 安裝與教學 Table of Contents :::info :bulb: ELK = Elasticsearch + Logstash + Kibana ::: ELK 介紹 [!Important] 資料來源 → Logstash → Elasticsearch → KibanaLogstash 收集並處理資料。
     Like  Bookmark
  • PortSwigger Web Security LAB (持續更新中..) Table of Contents SQL injection Lab: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data image https://0a1e003a0438320b808a627a00be00fb.web-security-academy.net/ image
     Like  Bookmark