
The Cloud Source for Client Engagement Resources
Misc Tactics, Techniques, and Procedures (TTPs)
Extracting OSINT Data from Nested Structures:
​
Use Case:
A web page or plain-text source code that contains IP's, Email Addresses nested within the text, etc... and you do not want to write an awk | grep to extract:
Tool: Cyber Chef https://gchq.github.io/CyberChef/
-
Choose stings
-
Select target data to extract​
-
Paste the raw into the upper right input window
-
Copy Clean extracted output from Lower Right Window
​
Creating a Share for Payload Distribution in Kali:
​
Use Case:
Create an SMB share to distribute payloads attacker Kali box
​
-
mkdir /root/working/{share-name}
-
Move to Impacket Directory
-
smbserver.py -smb2support SMB /root/working/{share-name}
​
​
​
CMS Detection:
​
Use Case:
Need to determine what the underlying CMS technology is and its not obvious in a rapid code review...
​
Tool: WhatCMS https://whatcms.org/​
Placeholder - more to come!:
​
Pentest-Zen (ExitC0de00c.com)
