Why Run AI Locally?

1. Privacy: Your data stays on your machine.
2. Cost: No API fees or subscriptions.
3. Customization: Tweak models to solve your unique problems.
4. Offline Access: Use AI even without an internet connection.

Step 1: Installing Ollama

Ollama works on Windows, macOS, and Linux. Here’s how to set it up:

For Windows (Preview):

1. Download the Ollama Windows installer.
2. Run the .exe file and follow the prompts.
3. Open PowerShell or Command Prompt and test with ollama --version.

For macOS/Linux:

1. Open Terminal and run this command:

   curl -fsSL https://ollama.ai/install.sh | sh  
   

   Copy
2. Verify the install: ollama --version.

Step 2: Running Your First AI Model

Ollama has a library of pre-trained models. Let’s start with Llama 2 (a popular open-source model by Meta):

Developing a Vulnerability Scanner [prerequisite]

Creating a vulnerability scanner is an intricate but rewarding process. It demands programming expertise, an understanding of security vulnerabilities, and insights into target systems. Below is a structured guide to help you build your scanner.

Key Steps in Developing a Vulnerability Scanner

1. Define Scope and Objectives

• Target Systems: Identify whether you’re scanning web applications, networks, or both.
• Vulnerabilities: Specify what you’ll detect, e.g., OWASP Top Ten or CVEs.

2. Research Vulnerabilities

• Stay updated with databases like:
  • National Vulnerability Database (NVD)
  • CVE Details

3. Choose a Programming Language

• Opt for languages suited for security tasks and network programming:
  • Python: Easy to use with vast libraries for security tools.
  • Go: Excellent for performance-critical tasks.
  • Java: Great for cross-platform compatibility.

4. Architecture Design

• Modularity: Make your scanner extensible for adding new vulnerabilities or scan techniques.
• Concurrency: Use multi-threading or asynchronous programming to scan multiple hosts efficiently.

5. Scanning Techniques

• Active Scanning: Directly interact with services and analyze responses.
• Passive Scanning: Monitor network traffic for vulnerabilities without interaction.

6. Implement Protocols

• Support diverse protocols like HTTP, FTP, SSH, SNMP, etc.
• Leverage libraries, e.g., requests for Python.

7. Vulnerability Detection

• Maintain a database of known vulnerabilities and detection methods.
• Core techniques include:
  • Port Scanning: Identify open ports and running services.
  • Service Fingerprinting: Determine service versions to identify vulnerabilities.

8. Reporting Mechanism

• Provide clear and actionable reports containing:
  • Vulnerability description.
  • Severity levels (e.g., CVSS scores).
  • Remediation suggestions.

9. User Interface

• Develop a user-friendly interface (CLI or GUI).
• Allow users to:
  • Configure scan parameters.
  • View results interactively.

10. Testing and Validation

• Test on intentionally vulnerable systems like the OWASP Broken Web Applications Project.
• Ensure accurate detection with minimal false positives or negatives.

11. Compliance and Ethics

• Comply with local laws and regulations.
• Obtain proper authorization before scanning any system.

12. Continuous Improvement

• Regularly update vulnerability databases and scanning methods.
• Gather user feedback to enhance functionality.

Points to Keep in Mind

Performance

• Optimize for large networks and complex web applications.

Accuracy

• Minimize false positives and negatives to build trust.

Security

• Secure your scanner to prevent it from being exploited.

Documentation

• Provide comprehensive user documentation with installation steps and usage guidelines.

Conclusion

Building a vulnerability scanner is a challenging yet fulfilling project. Start with a robust foundation and iterate based on user feedback and the evolving security landscape. Engage with the security community for insights and support.

Building CRUSVAULT: A Secure Password Vault

Welcome to this blog post about creating CRUSVAULT, a secure and interactive password vault application using Python. This project leverages encryption, password management techniques, and a user-friendly interface. Let’s dive into the details of its features, code explanation, and how to build it.

password manager git link

Features of CRUSVAULT

• Secure password encryption using the cryptography library.
• Interactive command-line interface (CLI) with rich for a visually appealing experience.
• Manage multiple vaults with the ability to add, edit, delete, or retrieve passwords.
• Password strength checker and generator.
• Easy vault creation, renaming, and deletion options.
• ASCII art header for a personalized touch.

Prerequisites

Before you begin, ensure you have the following installed:

Bash Cheat Sheet

A cheat sheet for bash commands.

Command History

!!            # Run the last command

touch foo.sh
chmod +x !$   # !$ is the last argument of the last command i.e. foo.sh

Navigating Directories

pwd                       # Print current directory path
ls                        # List directories
ls -a|--all               # List directories including hidden
ls -l                     # List directories in long form
ls -l -h|--human-readable # List directories in long form with human readable sizes
ls -t                     # List directories by modification time, newest first
stat foo.txt              # List size, created and modified timestamps for a file
stat foo                  # List size, created and modified timestamps for a directory
tree                      # List directory and file tree
tree -a                   # List directory and file tree including hidden
tree -d                   # List directory tree
cd foo                    # Go to foo sub-directory
cd                        # Go to home directory
cd ~                      # Go to home directory
cd -                      # Go to last directory
pushd foo                 # Go to foo sub-directory and add previous directory to stack
popd                      # Go back to directory in stack saved by `pushd`

Creating Directories

mkdir foo                        # Create a directory
mkdir foo bar                    # Create multiple directories
mkdir -p|--parents foo/bar       # Create nested directory
mkdir -p|--parents {foo,bar}/baz # Create multiple nested directories

mktemp -d|--directory            # Create a temporary directory

Moving Directories

cp -R|--recursive foo bar                               # Copy directory
mv foo bar                                              # Move directory

rsync -z|--compress -v|--verbose /foo /bar              # Copy directory, overwrites destination
rsync -a|--archive -z|--compress -v|--verbose /foo /bar # Copy directory, without overwriting destination
rsync -avz /foo username@hostname:/bar                  # Copy local directory to remote directory
rsync -avz username@hostname:/foo /bar                  # Copy remote directory to local directory

Deleting Directories

rmdir foo                        # Delete empty directory
rm -r|--recursive foo            # Delete directory including contents
rm -r|--recursive -f|--force foo # Delete directory including contents, ignore nonexistent files and never prompt

Creating Files

touch foo.txt          # Create file or update existing files modified timestamp
touch foo.txt bar.txt  # Create multiple files
touch {foo,bar}.txt    # Create multiple files
touch test{1..3}       # Create test1, test2 and test3 files
touch test{a..c}       # Create testa, testb and testc files

mktemp                 # Create a temporary file

Standard Output, Standard Error and Standard Input

echo "foo" > bar.txt       # Overwrite file with content
echo "foo" >> bar.txt      # Append to file with content

ls exists 1> stdout.txt    # Redirect the standard output to a file
ls noexist 2> stderror.txt # Redirect the standard error output to a file
ls 2>&1 > out.txt          # Redirect standard output and error to a file
ls > /dev/null             # Discard standard output and error

read foo                   # Read from standard input and write to the variable foo

Moving Files

cp foo.txt bar.txt                                # Copy file
mv foo.txt bar.txt                                # Move file

rsync -z|--compress -v|--verbose /foo.txt /bar    # Copy file quickly if not changed
rsync z|--compress -v|--verbose /foo.txt /bar.txt # Copy and rename file quickly if not changed

Deleting Files

rm foo.txt            # Delete file
rm -f|--force foo.txt # Delete file, ignore nonexistent files and never prompt

Reading Files

cat foo.txt            # Print all contents
less foo.txt           # Print some contents at a time (g - go to top of file, SHIFT+g, go to bottom of file, /foo to search for 'foo')
head foo.txt           # Print top 10 lines of file
tail foo.txt           # Print bottom 10 lines of file
open foo.txt           # Open file in the default editor
wc foo.txt             # List number of lines words and characters in the file

File Permissions

For a directory, execute means you can enter a directory.

Directory Navigation

• c: - Switch to the C:\ drive.
• d: - Switch to the D:\ drive.
• CD c:\path\to\my_folder - Change directory to c:\path\to\my_folder.
• CD .. - Move to the parent directory.
• CD .\new_folder - Move to the folder new_folder in the current directory.
• CD /D d:\videos\ - Switch to D:\ drive and go to videos folder.
• DIR - List files and folders in the current directory.
• DIR /A c:\apps\ - Show files and folders in c:\apps.
• DIR /A:D - Show only folders.
• DIR /A:-D - Show only files.
• DIR /A:H - Show hidden files and folders.
• DIR /O - List files and folders alphabetically.
• DIR /O:S - Sort by file size (smallest to largest).
• DIR /O:-S - Sort by file size (largest to smallest).
• DIR /B - Show only file and folder names.
• SORT - Sort input alphabetically.
• MOVE c:\f1\text.txt c:\f2 - Move text.txt from f1 to f2.
• MD new_folder - Create a folder named new_folder.
• RD new_folder - Remove a folder named new_folder.
• TREE - Show directory structure.
• ATTRIB +H +S +R myItem - Hide myItem.
• ATTRIB -H -S -R myItem - Unhide myItem.

File Management

• COPY text.txt C:\schoolwork - Copy text.txt to C:\schoolwork.
• DEL text.txt - Delete text.txt.
• REN text.txt script.bat - Rename text.txt to script.bat.
• REPLACE .\src\hey.txt .\dest - Replace hey.txt in dest with the one in src.
• XCOPY /S folder1 folder2 - Copy folder1 and subfolders to folder2.
• ROBOCOPY - Copy files/directories with advanced options.
• EXPAND gameData.cab - Decompress gameData.cab.
• FC file1.ext file2.ext - Compare contents of two files.
• FIND "python" run.bat - Find lines containing python in run.bat.
• PRINT resume.txt - Print resume.txt.
• TYPE test.txt - Display test.txt contents.
• MORE - Display file contents one screen at a time.
• NOTEPAD filename.ext - Open filename.ext in Notepad.

Disk Management

• CHKDSK - Check and repair disk issues.
• CIPHER /E folder - Encrypt folder.
• CIPHER /D file - Decrypt file.
• DEFRAG - Defragment a disk.
• CHKNTFS - Modify disk-checking on startup.
• FORMAT - Format a disk.
• DISKPART - Manage disk partitions.
• LABEL d:x - Rename D:\ drive to X:.
• RECOVER d:\data.dat - Recover data.dat from D:.
• VOL - Show disk volume label and serial number.
• SFC /SCANNOW - Scan and update protected system files.

System Info & Networking

• VER - Show OS version.
• SYSTEMINFO - Show system configuration.
• HOSTNAME - Show computer’s hostname.
• DATE - Display/set system date.
• IPCONFIG - Show IP configuration.
• PING google.com - Check connectivity to google.com.
• PATHPING - Trace route with latency and packet loss.
• TRACERT - Trace route to a host.
• NET - Access network services.
• NETSTAT - Show network connections and stats.
• NSLOOKUP - Look up IP addresses.
• ROUTE - Manage routing tables.
• GETMAC - Show MAC addresses.

Process Management

• SCHTASKS - Create/edit scheduled tasks.
• SET - List environment variables.
• PATH - Display or modify the PATH environment variable.
• SHUTDOWN /R - Restart the computer.
• SHUTDOWN /S /T 60 - Shut down in 60 seconds.
• TASKLIST - List running tasks.
• TASKKILL /IM "process_name" - Terminate tasks by name.
• TASKKILL /PID process_id - Terminate tasks by process ID.
• REGEDIT - Open Registry Editor.
• RUNAS /USER:username program - Run a program as another user.
• POWERSHELL - Open a PowerShell instance.

Batch Scripting

• REM - Add a single-line comment.
• GOTO - Jump to a labeled section.
• SET /A var=expression - Perform arithmetic operations.
• TIMEOUT seconds - Pause for a specified time.
• PAUSE - Wait for user input.
• CHOICE - Prompt for user selection.
• CLS - Clear the screen.
• COLOR - Set console colors.
• ECHO - Display text.
• HELP - Get help for a command.
• PROMPT - Change the command prompt appearance.
• START - Open a file or program in a new window.
• TITLE - Set the console window title.
• EXIT - Close the command prompt.

Flow Control

• IF condition command - Execute a command if the condition is true.
• IF condition (command1) ELSE (command2) - Execute one of two commands based on a condition.
• :label - Define a marker for loops.
• GOTO label - Jump to a marker.

Shortcut Keys

• Tab - Autocomplete commands and paths.
• Ctrl+F - Search within the console.
• F1, F3, F5, F8 - Recall previous commands.
• F7 - Display command history.
• F9 - Execute a specific command from history.

1 Line Common Commands

Files and Folders Management

• COPY - Copies files to another location
• DIR – Displays files and folders in current directory
• DEL or ERASE - Deletes files
• EDIT - Starts file editor
• CD - Changes directory
• EXPAND - Decompresses compressed files
• FC - Compares files and shows the differences between them
• FIND - Finds a text string in the file
• MD or MAKEDIR - Creates a folder
• MOVE - Moves files from one folder to another
• PRINT - Prints out the text file contents
• RD or RMDIR - Deletes a folder
• REN or RENAME - Renames a file or folder
• REPLACE - Replaces files in one directory with files of the same name in another directory (overwrite)
• ROBOCOPY - Uses an advanced tool to copy files and directories
• TREE - Shows directory structure of a disk or folder
• TYPE - Displays the contents of text files
• OPENFILES – Manages opened local or network files
• XCOPY - Copies files and directory trees

Applications and Processes

• SCHTASKS - Executes a command or start a scheduled application (Task Scheduler)
• SHUTDOWN - Shutdowns or reboots your computer
• TASKLIST - Lists the tasks being performed
• TASKKILL - Stops or halts a task (to stop a task you use a PID which you can find out from TASKLIST)
• REG – Starts registry editor
• RUNAS - Launches the task as another user

Disks Management

• CHKDISK - Checks disk and shows statistics
• DEFRAG – Starts disk defragmentation
• CHKNTFS - Displays or changes execution of disk check at boot
• COMPACT - Displays and change the compression of files in NTFS partitions
• CONVERT - Converts FAT disk volume to NTFS
• DISKPART - Displays and adjusts disk partition properties
• FORMAT - Formats the disk
• FSUTIL - Displays and configures file system properties
• LABEL - Creates, changes, or deletes a disk volume label
• RECOVER - Recovers data from a bad or damaged disk
• VOL - Displays volume label and serial number for the disk

System Information

• DATE - Outputs or sets the current date
• TIME - Displays or sets the system time
• DRIVERQUERY - Displays the current state and properties of the device driver
• HOSTNAME - Displays name of the computer
• SYSTEMINFO - Shows configuration information about your computer
• VER - Allows you to view the Windows version
• GPRESULT – Displays current applied group policies (RSoP)
• GPUPDATE – Updates group policies

Network

• IPCONFIG - Shows information about network interfaces
• PING – Sends ICMP requests to the target host, checks host availability
• TRACERT - Finds the path for packets traveling over the network
• NSLOOKUP - Finds IP address by resource name
• ROUTE - Displays network route tables
• ARP- Shows a table with IP addresses converted into physical addresses
• NETSH – Starts is a network settings control program
• GETMAC - Shows the MAC address of the network adapter
• TFTP – Starts TFTP client in console

Command Line Setup

• CLS - Clears screen
• CMD - Displays another command prompt
• COLOR - Sets the text and background color
• PROMPT - Changes the command line prompt
• TITLE - Assigns a title for the current session
• HELP – Launches CMD help
• EXIT - Exits the command line