| <# | |
| .SYNOPSIS | |
| Script to install and configure a standalone RootCA for Lab-Environments | |
| .DESCRIPTION | |
| This Script sets up a standalone RootCA. It's main purpose is to save time when building Labs in the classes I teach. | |
| ###It's not meant for production!### | |
| First, it creates a CAPolicy.inf file. Then it deletes all default CDP and AIA and configures new ones. | |
| It turns on auditing and copys (It's a Lab!!!, so obviously no real offline RootCA...) the crt and crl to an edge webserver. | |
| .NOTES | |
| Author: Oliver Jäkel | [email protected] | @JaekelEDV |
mklink /h C:\Windows\System32\Tasks\tasks.dll C:\Tools\Tasks.dll
Hardlink created for C:\Windows\System32\Tasks\tasks.dll <<===>> C:\Tools\Tasks.dll
This can redirect the search to an arbitrary location and evade tools that are looking for filemods in a particular location.
xref: https://googleprojectzero.blogspot.com/2015/12/between-rock-and-hard-link.html
| # The mystery around secpxxxk1 generation points :) | |
| # ------------------------------------------------- | |
| # | |
| # The SEC 2 familiy of elliptic curves are defined in https://www.secg.org/sec2-v2.pdf | |
| # and widely used in cryptography. | |
| # | |
| # The generation points G of these curves are defined in the standard paper without any nearer | |
| # explanation how they were chosen. Interestingly the generation points (G) of all prime order | |
| # koblitz curves of the SEC 2 family (secp160k1, secp192k1, secp224k1, secp256k1) share some | |
| # unusual mysterious property. |
| <?xml version='1.0'?> | |
| <data> | |
| <circle> | |
| <radius>12</radius> | |
| </circle> | |
| <circle> | |
| <radius>37.5</radius> | |
| </circle> | |
| </data> |
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| using System.Text; | |
| public class TestClass | |
| { | |
| public TestClass() | |
| {} |
mklink /h C:\Windows\System32\Tasks\tasks.dll C:\Tools\Tasks.dll
Hardlink created for C:\Windows\System32\Tasks\tasks.dll <<===>> C:\Tools\Tasks.dll
This can redirect the search to an arbitrary location and evade tools that are looking for filemods in a particular location.
xref: https://googleprojectzero.blogspot.com/2015/12/between-rock-and-hard-link.html
| <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
| <!-- This inline task executes c# code. --> | |
| <!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe pshell.xml --> | |
| <!-- Author: Casey Smith, Twitter: @subTee --> | |
| <!-- License: BSD 3-Clause --> | |
| <Target Name="Hello"> | |
| <FragmentExample /> | |
| <ClassExample /> | |
| </Target> | |
| <UsingTask |
| #!/usr/bin/env python3 | |
| # Copyright 2024 Neil Madden. | |
| # License: https://creativecommons.org/licenses/by-sa/4.0/deed.en. | |
| # Like this? I do training courses & consultancy: | |
| # https://illuminated-security.com/ | |
| import hashlib | |
| import math | |
| import os |
| """ | |
| Bitcoin elliptic curve pub-key from priv-key in raw python, as dicusssed in the video | |
| https://youtu.be/RZzB-vPFYmo | |
| This is a follow-up to the previous video | |
| https://youtu.be/LYN3h5DjeXw | |
| This script is directly based off | |
| https://github.com/peterscott78/offline_signer/blob/master/ecdsa_keys.py |
If you're reading this, chances are you have some idea of eBPF and XDP. In this article, we'll write an eBPF program that will count and categorize packets based on the destination port.
Writing low-level tracing, monitoring, or network programs in Linux is not easy. Through all the layers of the kernel, people have been squeezing every bit of performance they could get.
And that's where eBPF comes in. eBPF is basically an extended and modern variation of BPF which is like a virtual machine inside the Linux kernel. It can execute user-defined programs inside a sandbox in the kernel.
These programs can be executed in various hook points but we will focus on XDP for now.