Brain 0verride
-
Posts
6 -
Joined
-
Last visited
Posts posted by Brain 0verride
-
-
So, if you don't need to use password crackers like JTR with opencl, etc. and use a server for example for that, you can use a small laptop with a 13' screen. Personally i prefer a 15' screen but 13.3 will work fine. You don't need a lot of ram for pentesting, 4GB can be ok. Both important things are your network adapters (wifi & lan) : be sure to verify Linux compatibility : but you can also use others things like usb adapter or Pineapple of course for wifi. Chose a solid laptop you can take with one hand without breaking it in two part... (yes that can exist...). You don't need a lot of disk space : chose a laptop with a SSD, not need to be a big ssd : you can add a usb disk if you need to store files, documents, etc.
--
Christophe Casalegno
https://twitter.com/Brain0verride -
On 04/12/2016 at 0:32 AM, zkylet said:
I want get a small laptop to instal Linux Mint 18 with the Cinnamon Desktop Environment. I plan to use it specifically for penetration testing and will install the tools I use the most from Kali Linux. What do you recommend? What do you think of the Acer R3-131T-C1YF?
Hi, it will be only for pentesting or you want to use-it as a normal laptop for other things like produce documents, etc. ?
--
Christophe Casalegno
https://twitter.com/Brain0verride -
My wife works with me in cybersecurity in our company from more than 17 years. But when i put job offers on Internet, not only in cybersecurity but also in sysadmin, network admin etc. : it is *very very rare* to have a girl that answer a job offer. I create a new team for managing linux infrastructures (admin, ha, security...) in France, and don't have any girl to postulate. I've make a post about this to tell it is not only for men, but no answers :(.
--
Christophe Casalegno
http://twitter.com/Brain0verride -
Sometimes you discovering a vulnerability when you don’t search for and sometimes finally like this, it’s simply a false alert. More than 70 percents of vulnerabilities I’ve found in my life have no rapport with a security research, but simply due to chance, when doing administrator tasks for example.
This day, I decide for a customer that have millions of hit on this website because of a holiday game, to put the content of his website directly in memory for not having iops problems anymore. For doing this i simply use a ramdisk and i make a synchronization from disk (where is stored the code) to ramdisk each minute via rsync.
This customers is on a lxc container with 8 GB RAM connected to a separate MySQL server by a private network. The webserver only use less than 1 GB of RAM and the applications less than 500 MB of disk space.
So I just create a ramdisk like this :mkdir /home/ramdisk
echo "shm /home/ramdisk tmpfs nodev,nosuid,noexec 0 0" >> /etc/fstab
mount /home/ramdisk
rsync -avz --stats --delete /home/xxxx /home/ramdisk/
After this, i am verifying with a simple df -h and i can see a big suprise :~# df -h
Filesystem Size Used Avail Use% Mounted on
zfstore/zfs-containers/subvol-9202234-disk-1 32G 1.4G 31G 5% /
none 492K 0 492K 0% /dev
tmpfs 26G 68K 26G 1% /run
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 1.7G 0 1.7G 0% /run/shm
shm 126G 410M 126G 1% /home/ramdisk
My /home/ramdisk have a size of 126 G. Just after i verify with and without it, if ram seems used by this but the ram is exactly at the same state. Very excited to probably have found a new vulnerability, i am verifying on a new container on an other cluster and i can reproduce the problem with success. In the same time I am sending an email to a person i know that work on an implementation of this product and it is finally just a display problem : Privileged containers only fail to *show* the used memory (it’s an accounting issue), but after hitting the specified limits you’ll be writing to swap space instead, and ultimately the kernel’s OOM killer will kill the container before it starts using more RAM than assigned (note that both RAM and swap limits have to be hit). End of the story :)
--
Christophe Casalegno
https://twitter.com/Brain0verride -
Sometime when you need to map networks, for example when you gain access to a LAN server without security tools on it, it can be useful to retrieve reverses dns for a specified internal PI. You can do it directly in bash with this short command line (example for 192.168.1.0/24) : seq 1 254 |xargs -I{} -n 1 host 192.168.1.{}
It also works fine on a public PI of course. Don't hesitate to share your tips too :)--
Christophe Casalegno
https://twitter.com/Brain0verride
Penetration Testing Laptop
in Questions
Posted
But i am thinking, for pure pentesting why don't you use directly Kali Linux (or other pentesting specialized distribution) ? I' am using Linux mint on my stations and laptops but not for just pentesting : i am doing all my work with them, but i use Virtualbox with kali linux for pentesting.
--
Christophe Casalegno
https://twitter.com/Brain0verride