Josh Brade Technical Blog

Category: PowerShell

  • A Few Cybersecurity Linux Tools to Explore

    A Few Cybersecurity Linux Tools to Explore

    Information Gathering & Reconnaissance

    1. Nmap: A network scanning tool for identifying hosts, open ports, and services. Commonly used for vulnerability assessments.
      Website: nmap.org
    2. Recon-NG: A reconnaissance framework for gathering and processing OSINT data. Modules can automate recon tasks.
      Website: Recon-NG GitHub
    3. theHarvester: Collects emails, subdomains, and hosts using sources like Google, Bing, and Shodan.
      Website: GitHub
    4. DNSRecon: DNS enumeration tool for zone transfers and DNS record collection (MX, SPF, SRV).
      Website: GitHub
    5. Netdiscover: A network scanning tool to identify active IPs in networks, particularly wireless networks.
      Website: Netdiscover SourceForge
    6. Unicornscan: A high-performance asynchronous port scanner capable of scanning large networks.
      Website: Unicornscan GitHub
    7. Masscan: Ultra-fast port scanner that can scan the entire internet within minutes.
      Website: masscan GitHub
    8. P0f: A passive fingerprinting tool to infer OS, uptime, and device information by analyzing traffic.
      Website: P0f GitHub

    Vulnerability Analysis & Exploitation

    1. Nikto: Web server vulnerability scanner that identifies misconfigurations, outdated software, and potential exploits.
      Website: CIRT.net
    2. OpenVAS: Open-source vulnerability scanner for automated network security assessments.
      Website: openvas.org
    3. Metasploit: A penetration testing framework for exploit development and vulnerability validation.
      Website: Rapid7
    4. jSQL Injection: A Java-based SQL injection exploitation tool.
      Website: GitHub
    5. OWASP ZAP: An intercepting proxy for web app security testing and identifying vulnerabilities.
      Website: OWASP ZAP
    6. Burp Suite: A web vulnerability scanner and exploitation platform with intercepting proxy capabilities.
      Website: PortSwigger
    7. SQL Ninja: An SQL injection tool for exploiting database vulnerabilities.
      Website: GitHub
    8. Sqlmap: An open-source tool for automating the detection and exploitation of SQL injection vulnerabilities.
      Website: sqlmap.org

    Wireless & Network Attacks

    1. Aircrack-ng: A suite of tools for Wi-Fi network security assessment, focusing on cracking WEP and WPA-PSK keys.
      Website: aircrack-ng.org
    2. Kismet: Wireless network detector and packet sniffer, useful for Wi-Fi reconnaissance.
      Website: kismetwireless.net
    3. Reaver: Exploits vulnerabilities in WPS to retrieve WPA/WPA2 passwords.
      Website: Reaver GitHub
    4. Wireshark: A powerful packet analyzer for network troubleshooting and analysis.
      Website: wireshark.org
    5. Ettercap: A suite for network sniffing and man-in-the-middle attacks, particularly for ARP poisoning.
      Website: ettercap GitHub
    6. PixieWPS: A tool to exploit WPS vulnerabilities via offline brute-force attacks.
      Website: PixieWPS GitHub
    7. Wifite: Automates attacks on Wi-Fi networks, including cracking WPA/2 and WEP keys.
      Website: GitHub
    8. Netcat: A versatile networking utility for debugging, backdoors, and transferring files.
      Website: Netcat Guide

    Forensics & Post-Exploitation

    1. Autopsy: A digital forensics platform for analyzing and recovering deleted files, email parsing, and more.
      Website: Autopsy.com
    2. Foremost: A file recovery tool for carving out files from disk images and raw data.
      Website: Foremost GitHub
    3. Mimikatz: A tool for credential dumping and Windows security testing.
      Website: GitHub
    4. PowerShell Empire: A post-exploitation framework leveraging PowerShell for remote access and persistence.
      Website: Empire Project
    5. Shellter: A tool for obfuscating and injecting payloads into Windows executables.
      Website: Shellter GitHub
    6. PowerSploit: A post-exploitation toolkit for executing PowerShell scripts on compromised systems.
      Website: PowerSploit GitHub
    7. Memdump: Captures live memory for forensic analysis.
      Website: GitHub

    Password & Hash Attacks

    1. Hydra: A parallelized login cracker supporting numerous protocols.
      Website: Hydra GitHub
    2. Rainbowcrack: Cracks hashes using precomputed rainbow tables.
      Website: Project
    3. John the Ripper: A fast password cracker supporting many hash types.
      Website: John the Ripper
    4. Crunch: A wordlist generator for brute-force attacks.
      Website: Crunch GitHub
    5. Hashcat: A GPU-accelerated password recovery tool.
      Website: hashcat.net
    6. Medusa: A parallelized, modular brute-forcer for password cracking.
      Website: GitHub
    7. Patator: A brute-forcing tool supporting many protocols and methods.
      Website: GitHub
    8. CeWL: Generates custom wordlists for brute-force attacks based on target website content.
      Website: CeWL GitHub

    Malware Analysis, Vulnerability Research, & Incident Response

    1. Ghidra: Reverse engineering tool for analyzing binaries and decompiling code.
      Website: ghidra-sre.org
    2. Radare2: An open-source framework for binary analysis and reverse engineering.
      Website: radare.org
    3. OllyDbg: A debugger for analyzing and manipulating executables.
      Website: OllyDbg
    4. DynamoRIO: A dynamic binary instrumentation framework.
      Website: dynamorio.org
    5. Cuckoo Sandbox: An automated malware analysis platform.
      Website: cuckoosandbox.org
    6. Volatility: A memory forensics tool for analyzing RAM dumps.
      Website: Volatility Foundation
    7. Binwalk: Firmware analysis tool for Website: Binwalk

  • Adobe Acrobat Is Scanning Your Documents

    Adobe Acrobat Is Scanning Your Documents

    The generative AI features in Adobe Acrobat are scanning your documents! This could possible lead to sensitive data leakage.

    You can turn this feature off through the windows registry.

    “Go to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Adobe Acrobat\DC\FeatureLockDown create a new dword key under feature lockdown, bEnableGentech

    1 will enable the feature, 0 will disable the feature and remove all entry points”

    You can also disable the generative AI features in Adobe Acrobat with PowerShell.

    “New-ItemProperty -Path ‘HKLM:\SOFTWARE\Policies\Adobe\Adobe Acrobat\DC\FeatureLockDown’ -Name “bEnableGentech” -PropertyType DWord -Value 0″

    References:

    https://infosec.exchange/@briankrebs/111965550971762920
    Turning off Adobe's ability to scan all of your organization's documents for generative AI
    byu/rb3po insysadmin
  • Streamlining Windows Image Preparation

    Streamlining Windows Image Preparation

    Streamlining Windows Image Preparation with the Power of PowerShell: An In-depth Look at the Remarkable Windows10Debloater Script

    Windows image preparation can be tedious, requiring the removal of unnecessary apps and settings. The Windows10Debloater script by Sycnex simplifies this process, offering automation, precision, and customization. Here’s how this tool makes image preparation more efficient and effective for IT professionals and tech enthusiasts.

    Why Use Windows10Debloater?

    1. Efficient Debloating:
      Removes unnecessary apps and components to optimize system performance, creating leaner and faster Windows images.
    2. Customizable Options:
      Adjust settings to meet specific needs—whether removing specific apps or adjusting privacy settings.
    3. User-Friendly Interface:
      Offers both a PowerShell script for advanced users and an intuitive GUI for beginners.
    4. Safety Measures:
      Creates system backups with a restoration option, ensuring any changes are reversible.
    5. Scalable Efficiency:
      Ideal for managing multiple machines, saving time while ensuring consistency across devices.

    Key Benefits for IT Professionals

    • Time Savings: Streamlines image preparation with minimal manual effort.
    • Consistency: Enables uniform system setups for large-scale deployments.
    • Reliability: Provides clear documentation and failsafe features for peace of mind.

    Getting Started

    Download Windows10Debloater from its GitHub repository, run the script, and choose between default or customized settings. The documentation is straightforward, making it easy to use regardless of experience level.

    Conclusion

    Windows10Debloater redefines Windows image preparation, blending automation and flexibility to improve efficiency. Whether you’re a tech enthusiast or an IT professional, this tool simplifies the process and ensures consistent, optimized results.

    Source:

    https://github.com/Sycnex/Windows10Debloater