Andronicus

Security Projects, Research, and Linux

  • Home
  • My Projects
  • Home
  • My Projects

Guide to SSH Lockdown

2020-04-202020-04-20sshNo Comments

The following, originally written 2019-07-24, was updated on 2020-04-20 to reflect more recent security requirements. OpenSSH is one of the host heavily-trafficked tools that there is among Linux systems engineers. It is used to hop around, onto and off of […]

DefCon Resources

2019-06-252019-06-28DefCon, NewsNo Comments

There are some unofficial sources of DefCon information that I have found to be super useful. For details on what is where, this one is great: DEF CON 27 – Mega Thread If you are into the badges, here’s a […]

Automate Patching/Rolling Reboot

2019-06-242019-06-24Bash ScriptNo Comments

For anyone who does patching, you know this can be ultra-tedious, especially if you have large numbers of servers.  However, I have put together a script that will roll through a list of CentOS/RHEL/Fedora servers, patch them, reboot them, and […]

Data Breaches and You

2019-06-182019-06-25Credential Research, SecurityNo Comments

What can be done with data breaches? People can just change their password, and the breach becomes useless, right? Is there really any concern? First off, not every data breach contains credentials. Some, like the Experian hack, contain personally identifiable […]

Defend Against This

2019-06-142019-06-14Bash Script2 Comments

While certainly not a new concept, I was thinking about the “Fork Bomb.”  There are quite a few examples of doing this in different languages.  This one takes all the CPUs to 100% and will essentially run the system out […]

Pre-computed Hash Table, v. 1.0

2019-06-102019-06-25Credential Research, NewsNo Comments

Torrent file => 600 Million Passwords – Pre-computed Hash Table This is a list of 600 Million unique plain-text passwords collected from about 100 of the largest database dumps from about a decade ending in the summer of 2018.  I […]

And more data

2019-06-042019-06-07Credential ResearchNo Comments

As you may know, I’ve been working on collecting the biggest leaked databases that I can find.  Well, I stumbled upon one called “Collection #1 Leaked.”  Finding the torrent, I put it into the client and began downloading it.  When […]

More Passwords

2019-05-312019-05-31Credential ResearchNo Comments

At first, the Exploit.in dump was giving me trouble because I generated all of the SQL with Bash.  Do not do this.  It’s way harder to escape database-unfriendly characters.  So, I just did it with PHP really quick and started […]

Password Database Update

2019-05-292019-05-29Credential ResearchNo Comments

I’ve been doing some other things for the past year or so, but I think I’m ready to pick this back up.  I have downloaded and imported all database dumps of which I am aware that have 1M or more […]

RHEL 6.9 to CentOS 6.9 Script

2018-06-25Bash ScriptNo Comments

Sometimes, it’s a bit of a pain to work with RedHat Enterprise Linux.  I’ve been developing a solution with a co-worker that will allow you to convert a RHEL 6.9 box to a CentOS 6.9 box.  So here you have […]

Posts navigation

1 2 3

Recent Posts

  • Guide to SSH Lockdown
  • DefCon Resources
  • Automate Patching/Rolling Reboot
  • Data Breaches and You
  • Defend Against This

Recent Comments

  • Andronicus on Defend Against This
  • ann_on on Defend Against This
  • Andronicus on The Easiest Metasploit Guide You’ll Ever Read
  • Matt on The Easiest Metasploit Guide You’ll Ever Read

Archives

  • April 2020
  • June 2019
  • May 2019
  • June 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018

Categories

  • Authentication Factors
  • Bash Script
  • Capture the Flag
  • Ciphertext Analysis
  • Credential Research
  • DefCon
  • How-To
  • Metasploit
  • News
  • Pros vs Joes
  • Security
  • ssh

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org
Proudly powered by WordPress | Theme: Doo by ThemeVS.