Scanning Options

Output Options

Why Run AI Locally?

1. Privacy: Your data stays on your machine.
2. Cost: No API fees or subscriptions.
3. Customization: Tweak models to solve your unique problems.
4. Offline Access: Use AI even without an internet connection.

Step 1: Installing Ollama

Ollama works on Windows, macOS, and Linux. Here’s how to set it up:

For Windows (Preview):

1. Download the Ollama Windows installer.
2. Run the .exe file and follow the prompts.
3. Open PowerShell or Command Prompt and test with ollama --version.

For macOS/Linux:

1. Open Terminal and run this command:

   curl -fsSL https://ollama.ai/install.sh | sh  
   

2. Verify the install: ollama --version.

Step 2: Running Your First AI Model

Ollama has a library of pre-trained models. Let’s start with Llama 2 (a popular open-source model by Meta):

Developing a Vulnerability Scanner [prerequisite]

Creating a vulnerability scanner is an intricate but rewarding process. It demands programming expertise, an understanding of security vulnerabilities, and insights into target systems. Below is a structured guide to help you build your scanner.

Key Steps in Developing a Vulnerability Scanner

1. Define Scope and Objectives

• Target Systems: Identify whether you’re scanning web applications, networks, or both.
• Vulnerabilities: Specify what you’ll detect, e.g., OWASP Top Ten or CVEs.

2. Research Vulnerabilities

• Stay updated with databases like:
  • National Vulnerability Database (NVD)
  • CVE Details

3. Choose a Programming Language

• Opt for languages suited for security tasks and network programming:
  • Python: Easy to use with vast libraries for security tools.
  • Go: Excellent for performance-critical tasks.
  • Java: Great for cross-platform compatibility.

4. Architecture Design

• Modularity: Make your scanner extensible for adding new vulnerabilities or scan techniques.
• Concurrency: Use multi-threading or asynchronous programming to scan multiple hosts efficiently.

5. Scanning Techniques

• Active Scanning: Directly interact with services and analyze responses.
• Passive Scanning: Monitor network traffic for vulnerabilities without interaction.

6. Implement Protocols

• Support diverse protocols like HTTP, FTP, SSH, SNMP, etc.
• Leverage libraries, e.g., requests for Python.

7. Vulnerability Detection

• Maintain a database of known vulnerabilities and detection methods.
• Core techniques include:
  • Port Scanning: Identify open ports and running services.
  • Service Fingerprinting: Determine service versions to identify vulnerabilities.

8. Reporting Mechanism

• Provide clear and actionable reports containing:
  • Vulnerability description.
  • Severity levels (e.g., CVSS scores).
  • Remediation suggestions.

9. User Interface

• Develop a user-friendly interface (CLI or GUI).
• Allow users to:
  • Configure scan parameters.
  • View results interactively.

10. Testing and Validation

• Test on intentionally vulnerable systems like the OWASP Broken Web Applications Project.
• Ensure accurate detection with minimal false positives or negatives.

11. Compliance and Ethics

• Comply with local laws and regulations.
• Obtain proper authorization before scanning any system.

12. Continuous Improvement

• Regularly update vulnerability databases and scanning methods.
• Gather user feedback to enhance functionality.

Points to Keep in Mind

Performance

• Optimize for large networks and complex web applications.

Accuracy

• Minimize false positives and negatives to build trust.

Security

• Secure your scanner to prevent it from being exploited.

Documentation

• Provide comprehensive user documentation with installation steps and usage guidelines.

Conclusion

Building a vulnerability scanner is a challenging yet fulfilling project. Start with a robust foundation and iterate based on user feedback and the evolving security landscape. Engage with the security community for insights and support.

Building CRUSVAULT: A Secure Password Vault

Welcome to this blog post about creating CRUSVAULT, a secure and interactive password vault application using Python. This project leverages encryption, password management techniques, and a user-friendly interface. Let’s dive into the details of its features, code explanation, and how to build it.

password manager git link

Features of CRUSVAULT

• Secure password encryption using the cryptography library.
• Interactive command-line interface (CLI) with rich for a visually appealing experience.
• Manage multiple vaults with the ability to add, edit, delete, or retrieve passwords.
• Password strength checker and generator.
• Easy vault creation, renaming, and deletion options.
• ASCII art header for a personalized touch.

Prerequisites

Before you begin, ensure you have the following installed:

Bash Cheat Sheet

A cheat sheet for bash commands.

Command History

!!            # Run the last command

touch foo.sh
chmod +x !$   # !$ is the last argument of the last command i.e. foo.sh

Navigating Directories

pwd                       # Print current directory path
ls                        # List directories
ls -a|--all               # List directories including hidden
ls -l                     # List directories in long form
ls -l -h|--human-readable # List directories in long form with human readable sizes
ls -t                     # List directories by modification time, newest first
stat foo.txt              # List size, created and modified timestamps for a file
stat foo                  # List size, created and modified timestamps for a directory
tree                      # List directory and file tree
tree -a                   # List directory and file tree including hidden
tree -d                   # List directory tree
cd foo                    # Go to foo sub-directory
cd                        # Go to home directory
cd ~                      # Go to home directory
cd -                      # Go to last directory
pushd foo                 # Go to foo sub-directory and add previous directory to stack
popd                      # Go back to directory in stack saved by `pushd`

Creating Directories

mkdir foo                        # Create a directory
mkdir foo bar                    # Create multiple directories
mkdir -p|--parents foo/bar       # Create nested directory
mkdir -p|--parents {foo,bar}/baz # Create multiple nested directories

mktemp -d|--directory            # Create a temporary directory

Moving Directories

cp -R|--recursive foo bar                               # Copy directory
mv foo bar                                              # Move directory

rsync -z|--compress -v|--verbose /foo /bar              # Copy directory, overwrites destination
rsync -a|--archive -z|--compress -v|--verbose /foo /bar # Copy directory, without overwriting destination
rsync -avz /foo username@hostname:/bar                  # Copy local directory to remote directory
rsync -avz username@hostname:/foo /bar                  # Copy remote directory to local directory

Deleting Directories

rmdir foo                        # Delete empty directory
rm -r|--recursive foo            # Delete directory including contents
rm -r|--recursive -f|--force foo # Delete directory including contents, ignore nonexistent files and never prompt

Creating Files

touch foo.txt          # Create file or update existing files modified timestamp
touch foo.txt bar.txt  # Create multiple files
touch {foo,bar}.txt    # Create multiple files
touch test{1..3}       # Create test1, test2 and test3 files
touch test{a..c}       # Create testa, testb and testc files

mktemp                 # Create a temporary file

Standard Output, Standard Error and Standard Input

echo "foo" > bar.txt       # Overwrite file with content
echo "foo" >> bar.txt      # Append to file with content

ls exists 1> stdout.txt    # Redirect the standard output to a file
ls noexist 2> stderror.txt # Redirect the standard error output to a file
ls 2>&1 > out.txt          # Redirect standard output and error to a file
ls > /dev/null             # Discard standard output and error

read foo                   # Read from standard input and write to the variable foo

Moving Files

cp foo.txt bar.txt                                # Copy file
mv foo.txt bar.txt                                # Move file

rsync -z|--compress -v|--verbose /foo.txt /bar    # Copy file quickly if not changed
rsync z|--compress -v|--verbose /foo.txt /bar.txt # Copy and rename file quickly if not changed

Deleting Files

rm foo.txt            # Delete file
rm -f|--force foo.txt # Delete file, ignore nonexistent files and never prompt

Reading Files

cat foo.txt            # Print all contents
less foo.txt           # Print some contents at a time (g - go to top of file, SHIFT+g, go to bottom of file, /foo to search for 'foo')
head foo.txt           # Print top 10 lines of file
tail foo.txt           # Print bottom 10 lines of file
open foo.txt           # Open file in the default editor
wc foo.txt             # List number of lines words and characters in the file

File Permissions

For a directory, execute means you can enter a directory.

Directory Navigation

• c: - Switch to the C:\ drive.
• d: - Switch to the D:\ drive.
• CD c:\path\to\my_folder - Change directory to c:\path\to\my_folder.
• CD .. - Move to the parent directory.
• CD .\new_folder - Move to the folder new_folder in the current directory.
• CD /D d:\videos\ - Switch to D:\ drive and go to videos folder.
• DIR - List files and folders in the current directory.
• DIR /A c:\apps\ - Show files and folders in c:\apps.
• DIR /A:D - Show only folders.
• DIR /A:-D - Show only files.
• DIR /A:H - Show hidden files and folders.
• DIR /O - List files and folders alphabetically.
• DIR /O:S - Sort by file size (smallest to largest).
• DIR /O:-S - Sort by file size (largest to smallest).
• DIR /B - Show only file and folder names.
• SORT - Sort input alphabetically.
• MOVE c:\f1\text.txt c:\f2 - Move text.txt from f1 to f2.
• MD new_folder - Create a folder named new_folder.
• RD new_folder - Remove a folder named new_folder.
• TREE - Show directory structure.
• ATTRIB +H +S +R myItem - Hide myItem.
• ATTRIB -H -S -R myItem - Unhide myItem.

File Management

• COPY text.txt C:\schoolwork - Copy text.txt to C:\schoolwork.
• DEL text.txt - Delete text.txt.
• REN text.txt script.bat - Rename text.txt to script.bat.
• REPLACE .\src\hey.txt .\dest - Replace hey.txt in dest with the one in src.
• XCOPY /S folder1 folder2 - Copy folder1 and subfolders to folder2.
• ROBOCOPY - Copy files/directories with advanced options.
• EXPAND gameData.cab - Decompress gameData.cab.
• FC file1.ext file2.ext - Compare contents of two files.
• FIND "python" run.bat - Find lines containing python in run.bat.
• PRINT resume.txt - Print resume.txt.
• TYPE test.txt - Display test.txt contents.
• MORE - Display file contents one screen at a time.
• NOTEPAD filename.ext - Open filename.ext in Notepad.

Disk Management

• CHKDSK - Check and repair disk issues.
• CIPHER /E folder - Encrypt folder.
• CIPHER /D file - Decrypt file.
• DEFRAG - Defragment a disk.
• CHKNTFS - Modify disk-checking on startup.
• FORMAT - Format a disk.
• DISKPART - Manage disk partitions.
• LABEL d:x - Rename D:\ drive to X:.
• RECOVER d:\data.dat - Recover data.dat from D:.
• VOL - Show disk volume label and serial number.
• SFC /SCANNOW - Scan and update protected system files.

System Info & Networking

• VER - Show OS version.
• SYSTEMINFO - Show system configuration.
• HOSTNAME - Show computer’s hostname.
• DATE - Display/set system date.
• IPCONFIG - Show IP configuration.
• PING google.com - Check connectivity to google.com.
• PATHPING - Trace route with latency and packet loss.
• TRACERT - Trace route to a host.
• NET - Access network services.
• NETSTAT - Show network connections and stats.
• NSLOOKUP - Look up IP addresses.
• ROUTE - Manage routing tables.
• GETMAC - Show MAC addresses.

Process Management

• SCHTASKS - Create/edit scheduled tasks.
• SET - List environment variables.
• PATH - Display or modify the PATH environment variable.
• SHUTDOWN /R - Restart the computer.
• SHUTDOWN /S /T 60 - Shut down in 60 seconds.
• TASKLIST - List running tasks.
• TASKKILL /IM "process_name" - Terminate tasks by name.
• TASKKILL /PID process_id - Terminate tasks by process ID.
• REGEDIT - Open Registry Editor.
• RUNAS /USER:username program - Run a program as another user.
• POWERSHELL - Open a PowerShell instance.

Batch Scripting

• REM - Add a single-line comment.
• GOTO - Jump to a labeled section.
• SET /A var=expression - Perform arithmetic operations.
• TIMEOUT seconds - Pause for a specified time.
• PAUSE - Wait for user input.
• CHOICE - Prompt for user selection.
• CLS - Clear the screen.
• COLOR - Set console colors.
• ECHO - Display text.
• HELP - Get help for a command.
• PROMPT - Change the command prompt appearance.
• START - Open a file or program in a new window.
• TITLE - Set the console window title.
• EXIT - Close the command prompt.

Flow Control

• IF condition command - Execute a command if the condition is true.
• IF condition (command1) ELSE (command2) - Execute one of two commands based on a condition.
• :label - Define a marker for loops.
• GOTO label - Jump to a marker.

Shortcut Keys

• Tab - Autocomplete commands and paths.
• Ctrl+F - Search within the console.
• F1, F3, F5, F8 - Recall previous commands.
• F7 - Display command history.
• F9 - Execute a specific command from history.

1 Line Common Commands

Files and Folders Management

• COPY - Copies files to another location
• DIR – Displays files and folders in current directory
• DEL or ERASE - Deletes files
• EDIT - Starts file editor
• CD - Changes directory
• EXPAND - Decompresses compressed files
• FC - Compares files and shows the differences between them
• FIND - Finds a text string in the file
• MD or MAKEDIR - Creates a folder
• MOVE - Moves files from one folder to another
• PRINT - Prints out the text file contents
• RD or RMDIR - Deletes a folder
• REN or RENAME - Renames a file or folder
• REPLACE - Replaces files in one directory with files of the same name in another directory (overwrite)
• ROBOCOPY - Uses an advanced tool to copy files and directories
• TREE - Shows directory structure of a disk or folder
• TYPE - Displays the contents of text files
• OPENFILES – Manages opened local or network files
• XCOPY - Copies files and directory trees

Applications and Processes

• SCHTASKS - Executes a command or start a scheduled application (Task Scheduler)
• SHUTDOWN - Shutdowns or reboots your computer
• TASKLIST - Lists the tasks being performed
• TASKKILL - Stops or halts a task (to stop a task you use a PID which you can find out from TASKLIST)
• REG – Starts registry editor
• RUNAS - Launches the task as another user

Disks Management

• CHKDISK - Checks disk and shows statistics
• DEFRAG – Starts disk defragmentation
• CHKNTFS - Displays or changes execution of disk check at boot
• COMPACT - Displays and change the compression of files in NTFS partitions
• CONVERT - Converts FAT disk volume to NTFS
• DISKPART - Displays and adjusts disk partition properties
• FORMAT - Formats the disk
• FSUTIL - Displays and configures file system properties
• LABEL - Creates, changes, or deletes a disk volume label
• RECOVER - Recovers data from a bad or damaged disk
• VOL - Displays volume label and serial number for the disk

System Information

• DATE - Outputs or sets the current date
• TIME - Displays or sets the system time
• DRIVERQUERY - Displays the current state and properties of the device driver
• HOSTNAME - Displays name of the computer
• SYSTEMINFO - Shows configuration information about your computer
• VER - Allows you to view the Windows version
• GPRESULT – Displays current applied group policies (RSoP)
• GPUPDATE – Updates group policies

Network

• IPCONFIG - Shows information about network interfaces
• PING – Sends ICMP requests to the target host, checks host availability
• TRACERT - Finds the path for packets traveling over the network
• NSLOOKUP - Finds IP address by resource name
• ROUTE - Displays network route tables
• ARP- Shows a table with IP addresses converted into physical addresses
• NETSH – Starts is a network settings control program
• GETMAC - Shows the MAC address of the network adapter
• TFTP – Starts TFTP client in console

Command Line Setup

• CLS - Clears screen
• CMD - Displays another command prompt
• COLOR - Sets the text and background color
• PROMPT - Changes the command line prompt
• TITLE - Assigns a title for the current session
• HELP – Launches CMD help
• EXIT - Exits the command line

Git Workflow and Commands Explained

Introduction

Git is a distributed version control system for version tracking and collaboration. This guide covers essential Git commands and workflows, applicable to any project or file.

Interfaces

• Command Line: Fastest and most versatile option.
• GUI Options:
  • GitKraken: Free for open-source projects.
  • Sourcetree: Free for Windows and macOS.

Initial Setup

Check Git Version

Verify the Git installation:

git --version

Git Bash

Emulates a Linux terminal environment for Windows users, making it easier to use Git commands.

What is CTF?

CTF, or Capture The Flag, is a type of cybersecurity competition where participants solve challenges to find “flags” (specific pieces of text) hidden within systems, files, or code. These challenges test skills in areas like cryptography, web security, reverse engineering, forensics, and more. CTFs are popular in the cybersecurity community and are used for learning, practice, and fun.

Types of CTFs

1. Jeopardy-Style

   • Participants solve challenges organized into categories (e.g., cryptography, forensics, etc.).
   • Each solved challenge reveals a flag, earning points.
   • Examples: Decoding encrypted messages, analyzing memory dumps, or identifying vulnerabilities.

2. Attack-Defense

When you first jump into Linux, one of the first things you’ll encounter is its file system. Unlike Windows, which uses drive letters like C:, Linux organizes everything under a single root directory (/). This organization might seem a bit daunting at first, but understanding it is key to navigating your system, troubleshooting problems, and managing files effectively. So, let’s break down the Linux file system hierarchy in a more approachable, human way, so you can start using it like a pro.

Linux Networking Essentials: From IP Addresses to Firewalls (In-Depth Guide)

Networking in Linux is an essential skill for anyone working with the operating system. It forms the backbone of all communication between systems, whether it’s on the internet or within a local network. In this detailed guide, we’ll dive deep into essential networking concepts, from understanding IP addresses and subnetting to configuring IPs and setting up firewalls.

1. What is Networking on Linux?

Networking on Linux refers to the process of connecting your Linux system to other devices and systems via different network interfaces. This could involve connecting to the internet, setting up local networks, managing network configurations, or securing your system with firewalls. Linux provides a flexible and powerful environment for managing these tasks.