Showing posts with the label Tools

How To Replace CMD With Windows Terminal In The Winkey + X Shortcut Menu

I want to upgrade from CMD to Microsoft's fancy & shiny Windows Terminal. However, the Windows Key+X then C shortcut I use to open a shell (or Windows Key + X then A for Powershell by default) doesn’t support opening Windows Terminal. Here’s how I patched that keyboard shortcut to open Windows Terminal. Disclaimer: This is my own patchy fix found for fun at 4am after a night of hacking. Proceed at your own risk. How To Replace CMD With Windows Terminal In The Winkey + X Menu Shortcut Option 1: Via Powershell Ensure the Winkey+X C shortcut opens cmd (and not powershell) by going to Settings > Personalization > Taskbar. Set “Replace Command Prompt with PowerShell …” to Off Open Powershell. I use Winkey + R, then type “powershell” and enter. Copy and paste the following code snippet into the powershell window # modify Winkey + X, C $shortcut = (New-Object -ComObject 'WScript.Shell').CreateShortCut("C:\Users\$env:UserName\AppData\Local\Microsoft\Windows\WinX\

Python2 to Python3 Hex/Str/Byte Conversion Cheatsheet For Hackers

If you too have been personally victimized by Python3’s 'str' object has no attribute 'decode' exception or other string/bytes-related exceptions, I feel your agony. Trauma from such errors have stopped me from using Python3 for code handling buffers, like POCs for vulnerabilities or CTF exploits. Here’s a reference guide on how to convert between Python3’s hexstr/str/bytes/bytearray. Python3 Buffer Type Review str An immutable unicode string Created statically using quotes.  Example: mystr = “don’t forget your daily calcium” hexstring A str consisting of hexadecimal numbers (0-9, a-f).  Primarily used to convert binary data to a printable format.  Created like str, but contains only hexadecimal numbers Example: “calc” is “63616c63” bytes An immutable array of one-byte elements Created statically by putting the letter “b” before quotes Example: mybytes = b“bring all the boys to the yard” bytearray  A mutable list of one-byte elements Created through the bytearray c

Attacking The Network's Security Core - Hunting For Vulnerabilities In A Network Security Tool

A network can only be as secure as the tools used to secure it Overview This is Part 1 in a 4 part series about my process hunting for vulnerabilities in a network auditing tool (used to protect networks by detecting and fixing security holes) and fully exploiting one of the vulnerabilities I found. I recommend reading the series in ascending numeric order. Links to parts 2, 3, and 4 at the end of this post. Target 🎯 I decided to look for (and successfully found) vulnerabilities in network security tool, as a vulnerability in such a tool could allow attackers to hide themselves in an otherwise secure network, or even be exploited for lateral movement. One such network security tool that came to mind is Nipper-ng , a firewall security auditing tool and firewall configuration parser. In addition to being a security product itself, Nipper-ng is used behind the scenes in other security products such as ManageEngine's OpManager and Firewall Analyzer . The tool is also inclu

Vulnerability Research Tools

In this post I compiled all the popular vulnerability research tools. In each category I first listed the tool(s) I personally use, and then followed with alternatives. I do not encourage pirating but all of the payed programs can be found on pirate websites. Disassemblers and Reverse Engineering Tools Disassemblers decode machine instructions in binary into their readable assembly representation. The following programs have evolved beyond simple disassembly to become full platforms for reverse engineering with features such as custom symbol naming, graphically viewing code flow, and listing references in the assembly to functions and data. The more advanced tools also support decompilation which is the process of converting the assembly into higher level code such as C or C++. IDA Pro Costs around $2000 for a license with multiple decompilers (free trial available)  A limited feature freeware version is available here . Supports decompiling ~170 community sourced plug