参考までに、リンクを挙げておく。えっ、ワシ!? ワシならまだまだじゃよ
・年金12万円の夫婦が「リッチな老人ホーム生活」をできた意外な理由 (07/28)
https://gendai.ismedia.jp/articles/-/66078
・年金暮らしの人が「旅行」「外食」「携帯料金」を格安にする裏ワザ (2018/09/30)
https://gendai.ismedia.jp/articles/-/56571
・年金暮らしの人が「所得税・住民税・相続税」を払わない裏ワザ10 (01/03)
https://gendai.ismedia.jp/articles/-/57405
Jul 28, 2019
Jul 8, 2019
OSINTスクリプト
「discover」の後で、個々に深堀りするためのスクリプト
# ================================================================
# $1 : Target IP
# $2 : Target URL
# $3 : CVE Value e.g. CVE-2018-8011
# ISC Sans proxy不要?
/usr/bin/chromium-browser --headless --disable-gpu --dump-dom https://isc.sans.edu/ipinfo.html?ip=$1 > sans/$1.html
# Talos Intelligence proxy不要?
/usr/bin/chromium-browser --headless --disable-gpu --dump-dom https://www.talosintelligence.com/reputation_center/lookup?search=$1 > talos/$1.html
# Shodan proxy越しじゃない方が無難
# proxychains4 -f ~/proxychains.conf wget https://www.shodan.io/host/$1 --output-file=shodan/$1.htm
# 2020.02.02 # wget https://www.shodan.io/host/$1 --output-file=shodan/$1.htm
# Censys 一度に大量のクエリを投げると受け付けなかったのでsocks proxy越しに。後で要チェック
# wget https://censys.io/ipv4/$1 --output-file=censys/$1.htm
/usr/bin/chromium-browser --headless --disable-gpu --dump-dom --proxy-server="socks5://localhost:9050" --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost" https://censys.io/ipv4/$1 > censys/$1.htm
sudo systemctl restart tor; sleep 2
# ----------------------------------------------------------------
# Transparency Report - Google
/usr/bin/chromium-browser --headless --dump-dom https://transparencyreport.google.com/safe-browsing/search?url=$2 > trep/$2.html
# ----------------------------------------------------------------
# CVE
/usr/bin/chromium-browser --headless --disable-gpu --dump-dom --proxy-server="socks5://localhost:9050" --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost" https://nvd.nist.gov/vuln/detail/$3 > CVE/$3.htm
sudo systemctl restart tor; sleep 2
# ================================================================
# ================================================================
# $1 : Target IP
# $2 : Target URL
# $3 : CVE Value e.g. CVE-2018-8011
# ISC Sans proxy不要?
/usr/bin/chromium-browser --headless --disable-gpu --dump-dom https://isc.sans.edu/ipinfo.html?ip=$1 > sans/$1.html
# Talos Intelligence proxy不要?
/usr/bin/chromium-browser --headless --disable-gpu --dump-dom https://www.talosintelligence.com/reputation_center/lookup?search=$1 > talos/$1.html
# Shodan proxy越しじゃない方が無難
# proxychains4 -f ~/proxychains.conf wget https://www.shodan.io/host/$1 --output-file=shodan/$1.htm
# 2020.02.02 # wget https://www.shodan.io/host/$1
wget https://www.shodan.io/host/$1 --output-document=shodan/$1.htm
# wget https://censys.io/ipv4/$1 --output-file=censys/$1.htm
/usr/bin/chromium-browser --headless --disable-gpu --dump-dom --proxy-server="socks5://localhost:9050" --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost" https://censys.io/ipv4/$1 > censys/$1.htm
sudo systemctl restart tor; sleep 2
# ----------------------------------------------------------------
# Transparency Report - Google
/usr/bin/chromium-browser --headless --dump-dom https://transparencyreport.google.com/safe-browsing/search?url=$2 > trep/$2.html
# ----------------------------------------------------------------
# CVE
/usr/bin/chromium-browser --headless --disable-gpu --dump-dom --proxy-server="socks5://localhost:9050" --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost" https://nvd.nist.gov/vuln/detail/$3 > CVE/$3.htm
sudo systemctl restart tor; sleep 2
# ================================================================
Jul 7, 2019
パスワードマネージャー
まだ読めていないのだが、メモ
・The Best Password Managers for 2019
・The Best Password Managers for 2019
有料パスワードマネージャー
・The Best Free Password Managers for 2019
無料パスワードマネージャー
『LastPass and Myki Password Manager & Authenticator are our Editors' Choice picks for free password management.
LastPass has a feature set that goes way beyond most of its free competitors.
Myki also boasts a wealth of features, and the fact that it stores your passwords locally rather than using the cloud is a huge plus for those worried about password security.
If you're concerned about security, you should also read our best antivirus and best VPN roundups.』
Bad USB とか、いろいろ
・兵器化されたUSBデバイスによる攻撃 (5/1)
『物理的なセキュリティ .. 権限のない人が産業用制御システムにUSBデバイスを無作為に差 し込めないように .. 使用されていないUSBポートを物理的にブロック .. 接続されているHIDは取り外せないように .. 』
・WiFi HID Injector - An USB Rubberducky / BadUSB On Steroids.
・P4wnP1 by MaMe82
※関連
Subscribe to:
Posts (Atom)