Month: January 2024

Basic Penetration Testing Tips

Posted on by Brody Rethy

Disclaimer

As is with any Cybersecurity related information, it can be used to strengthen your systems, or potentially to harm them. Do not use this information to break any laws applicable in your country. If you misuse this information, I will not be held responsible.

Notes

Note: When I refer to Tor, I am referring to the command-line version/service. When I refer to Tor Browser, I am referring to the actual browser package by The Tor Project. These are two separate entities, but both use the Tor network. I recommend reading up on the specifics yourself.

  • Do not use the default password.
    • Some pen testing VMs have a non-random default password. This should always be changed. If you’re using Kali Linux, simply run passwd as your kali user, then change the password.
  • Disable the root account, opting for a standard user with sudoers/wheel access instead.
  • Encrypt your Virtual Machines.
  • Force commands/programs to run over tor.
    • Research torsocks, and check to see if your commands already support running over tor by default. Some do already, like sqlmap.
    • Note: torsocks doesn’t work on programs that use UDP. Only TCP.
  • Use a VPN.
    • Self explanatory. Use a VPN in conjunction with Tor to induce extra obfuscation hops. In addition, don’t use just any VPN. Use a good one like Mullvad. There are clear reasons for this.
  • Use a residential VPN.
    • Useful if you’re looking to subvert IP bans on things like Protonmail, or others. Most mainstream VPNs are blocked on Protonmail (and other popular websites), but by being in a residential IP range you’re able to get around that. Frankly, these are hard to come by, and I won’t be talking in depth how to get them. One tip would be to look into Virtual Private Servers that have residential IPs…
  • Use the Tor Browser.
    • Besides its uses for accessing secured .onion websites, the Tor Browser is useful for simply obfuscating your traffic to a website. Learn when and when not to incorporate it into your life.
  • Understand your target.
    • Understand your target beyond just a reconnaissance perspective. Think about it like this: Would you expect a target to find high traffic at 2:00 AM, or at 3:00 PM in an afternoon?
    • Think about peak network times, as well as timezones of people potentially accessing a system.
  • Learn to script your VPN.
    • This is used for the purpose of automatically switching every few hours or minutes. You can do this with Mullvad because it has a command line front end.

Activating Windows 10 LTSC

Posted on by Brody Rethy

Disclaimer

This article is for research purposes. If you do this, I will not be held responsible for any license violations that may occur.

Activating

Simply run the following command in a PowerShell window running as Administrator:

irm https://massgrave.dev/get | iex

After an activation Windows appears with options, choose the first option by hitting the 1 key on your keyboard.

Once the activation finishes, you can hit any key to quit, then the 0 key on your keyboard to quit fully.

On The Importance Of Encrypting VMware Workstation VMs

Posted on by Brody Rethy

Encrypting VMs is a best practice.

If you have any sensitive data, or something that needs to be hidden, encrypting your VMs is a necessity! Think about how vulnerable VMware files are to attackers. Instead of having to take your hard drive, they simply have to pull a file, then boot it up themselves, duplicate it, or who knows what.

In a day in age where VMs are so ubiquitous (especially VMware Workstation ones), this is extremely important.

Consider this: there are risks to not encrypting your VMs, but no risk to encrypting them. Why take the risk?

Basic Windows Security Tips

Posted on by Brody Rethy
  • Ensure your Windows device is on a supported version, and is always up-to-date.
  • Enable BitLocker Encryption on your boot drive.
    • You can enable BitLocker by pressing the Windows key, typing Manage BitLocker, and finally hitting Enter on your keyboard.
    • Using a computer without BitLocker (especially on a laptop) is a bad idea. If I was to take someone’s Windows laptop right now, I bet that 99% of those people would not be using BitLocker or any other form of encryption. This means I could simply remove the hard drive, put it in my computer, and copy everything stored on it, no passwords required. Use BitLocker.
  • Enable BitLocker on your secondary hard drive(s).
    • Same reason as the first, but a bit less necessary. That being said, it’s always good to encrypt your stuff. You never know what you might have on it that a nefarious person could find useful.
  • Use a password instead of a PIN.
    • Never use a Windows PIN. It’s much less secure than a password (assuming what you’re using isn’t completely moronic), and is easier to “guess”, assuming you’re doing what most people do, which is using a notable year or basic patterns/combos.
    • Note: Alternatively, you can use Windows Hello, or another form of biometric.
  • Use a local account rather than an online account.
    • Surprisingly, most do not know that you do not need to be logged in with a Windows account to use OneDrive, or other Microsoft native services. You can simply make an offline account, then login to OneDrive after, making sure to select “allow only Microsoft apps to sign in” upon doing so.
    • In addition, this is somewhat of a controversial step, as it also depends on your use case. Assuming you are using a strong password on your local account, you could be more secure than using a Microsoft Account, especially if you are using a PIN to login, or don’t use an authenticator of some sort. Secondly, using a Microsoft Account puts you at risk of a possible Microsoft data breach, though this is unlikely.
  • Use a password manager.
    • Don’t just depend on browser synching. Use a password manager and make sure you use secure passwords. I would recommend KeePassXC.
  • Lock your computer when away using Windows + L.