Monitors CPU usage, RAM usage, SWAP usage, system load, process list, hard drive I/O, Network I/O, sensors (temperature), battery, file system usage, Docker, Monitor, alarm, system information, up time etc.
Install on Debian/Ubuntu/Kali Linux
sudo apt install glances -y
By default, it’s installed on some Linux distros like Ubuntu etc. It can show CPU, HDD, temperature, fan RPM etc.
Install on Debian/Ubuntu/Kali Linux
sudo apt install lm-sensors
# Initialize/Detect sensors
# Show sensors information
Before using the OpenVAS, we need to setup and update it.
1 Launch a terminal, and run setup for OpenVAS
Wait until it finishes downloading and updating, it will take awhile
2 When it’s done, it will show the admin login username and admin login password, note them down, we will need them every time we try to login to OpenVAS
*3 Update feed for OpenVAS (Only required if there is new updates), when initializing, this step was done once already.
If failed (You might encounter this error)
rsync: failed to connect to feed.openvas.org (xx.xx.xx.xx): Connection refused (111) rsync: failed to connect to feed.openvas.org (xx:xx:xx:xx::xx): Connection timed out (110) rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
Just try again with the same command, it should get through.
4 Launch OpenVAS
It will tell us the address for webui, in this case, it is https://127.0.0.1:9392
(We might encounter following error)
It’s OK, just close it, then launch our favourite web browser then enter https://127.0.0.1:9392 as the address
Now we should have the OpenVAS login screen in front of us.
a Mac screensaver based on the new Apple TV screensaver that displays the Aerial movies Apple shot over New York, San Francisco, Hawaii, China, etc. Starting with version 1.6, this also includes the new undersea videos available in tvOS 13!
Amphetamine can keep your Mac, and optionally its display(s), awake through a super simple on/off switch, or automatically through easy-to-configure Triggers. Amphetamine is extremely powerful and includes advanced features for those who need them, yet remains intuitive and easy-to-use for those who don’t need all of the bells and whistles.
(You can also disable sleep function from the systems settings without installing any Apps to achieve the same results)
fish (friendly interactive shell) is a smart and user-friendly command line shell for Linux, macOS, and the rest of the family.
fish suggests commands as you type based on history and completions, just like a web browser. Watch out, Netscape Navigator 4.0!
Glorious VGA Color
fish supports 24 bit true color, the state of the art in terminal technology. Behold the monospaced rainbow.
fish is fully scriptable, and its syntax is simple, clean, and consistent. You’ll never write esac again.
Web Based configuration
For those lucky few with a graphical computer, you can set your colors and view functions, variables, and history all from a web page.
Man Page Completions
Other shells support programmable completions, but only fish generates them automatically by parsing your installed man pages.
Works Out Of The Box
fish will delight you with features like tab completions and syntax highlighting that just work, with nothing new to learn or configure.
fish can be installed easily on most Linux distros with their default package manager.
# Debian/Ubuntu/Kali Linux etc.
sudo apt install fish
sudo dns install fish
or, for older version
sudo yum install fish
pacman -S fish
# gentoo Linux
nix-env -i fish
guix package -i fish
eopkg install fish
brew install fish
pkg install fish
fish is available in setup, in the Shells category.
# Windows Subsystem for Linux
sudo apt install fish
depend on the Linux distro you've chose, refer to the above "Linux" part to find correct command to use
pacman -S fish
brew install fish
sudo port install fish
10.6+: Installs to /usr/local/
To use, type fish in the terminal then hit Enter key
1 The computer must be joined to the domain with GPMC and RSAT installed
2 User must use Get-GPOReport with PowerShell to generate XML report
3 The report is required by Grouper
4 Users must manually filter out useful data
Grouper2 does not rely on Get-GPOReport, it still needs to parse different types of files format.
1 More accurate file permission detection, no read/write of storage required
2 Won’t ignore GPP password
3 Provide HTML format output
4 Multi-thread support
5 Supports offline mode
What is it for?
Grouper2 is a tool for pentesters to help find security-related misconfigurations in Active Directory Group Policy.
It might also be useful for other people doing other stuff, but it is explicitly NOT meant to be an audit tool. If you want to check your policy configs against some particular standard, you probably want Microsoft’s Security and Compliance Toolkit, not Grouper or Grouper2.
What does it do?
It dumps all the most interesting parts of group policy and then roots around in them for exploitable stuff.
How is it different from Grouper?
Where Grouper required you to:
have GPMC/RSAT/whatever installed on a domain-joined computer
generate an xml report with the Get-GPOReport PowerShell cmdlet
feed the report to Grouper
a bunch of gibberish falls out and hopefully there’s some good stuff in there.
Grouper2 does like Mr Ed suggests and goes straight to the source, i.e. SYSVOL.
This means you don’t have the horrible dependency on Get-GPOReport (hooray!) but it also means that it has to do a bunch of parsing of different file formats and so on (booo!).
Other cool new features:
better file permission checks that don’t involve writing to disk.
doesn’t miss those GPP passwords that Grouper 1 did.
HTML output option so you can preserve those sexy console colours and take them with you.
aim Grouper2 at an offline copy of SYSVOL if you want.
a bunch of other great stuff but it’s late and I’m tired.
Also, it’s written in C# instead of PowerShell.
How do I use it?
Literally just run the EXE on a domain joined machine in the context of a domain user, and magic JSON candy will fall out.
If the JSON burns your eyes, add -g to make it real pretty.
If you love the prettiness so much you wanna take it with you, do -f "$FILEPATH.html" to puke the candy into an HTML file.
If there’s too much candy and you want to limit output to only the tastiest morsels, set the ‘interest level’ with -i $INT, the bigger the number the tastier the candy, e.g. -i 10 will only give you stuff that will probably result in creds or shells.
If you don’t want to dig around in old policy and want to limit yourself to only current stuff, do -c.
If you want the candy to fall out faster, you can set the number of threads with -t $INT – the default is 10.
If you want to see the other options, do -h.
I don’t get it.
OK have a look at this:
In the screenshot above we can see an “Assigned Application” policy that is still being pushed to computers, but the MSI file to install is missing, and the directory it’s being installed from is writable by the current user.
If you created a hacked up MSI (e.g. with msfvenom) and then modified it to match the UIDs at the bottom of the picture, it would get executed on machines targeted by the GPO. Sweet!
In this one you can see that someone’s done something absolutely insane to the ACLS on the registry.
tmpwatch/tmpreaper is the tool we can use for this purpose. It can be used to remove files and folders which haven’t being used for a specific time. (find command can be used to achieve the same result as well)
By default, tmpwatch/tmpreaper can use access time, inode change time, modification time to remove files.
Usually, tmpwatch/tmpreaper is used to remove files from “/tmp” folder and other folders like old log files.
Warning: Do not run this command within root folder “/”!
sudo dnf install tmpwatch
# Older version of CentOS
sudo yum install tmpwatch
# Debian/Ubuntu Kali Linux etc.
sudo apt install tmpreaper
sudo zypper install tmpwatch
2 Using tmpwatch/tmpreaper
tmpwatch and tmpreaper have identical commands/switches.
2.1 Remove files which haven’t being accessed over X days
tmpreaper 30d /var/log/
30d = 30 days
By default, without specifying the unit it is considered as hours (In following example, 24 hours)
# Remove files haven't being accessed over 10 hours
tmpreaper 24 /var/log/
2.2 Remove files which haven’t being modified over X days
tmpreaper -m 30d /var/log/
2.3 Remove symbolic links
tmpreaper -s 1d /var/log/
2.4 Remove all files (Include files, folders and symbolic files)
tmpreaper -a 1d /var/log/
2.5 Skip folder/directory when deleting
tmpreaper -am --nodirs /var/log/
2.6 Test deleting
tmpreaper -t 5d /var/log/
2.7 Force deleting
tmpreaper -f 3d /var/log/
2.8 Skip files when deleting
tmpreaper --protect '*.txt' 3d /var/log/
tmpreaper can be used with cron job, e.g. delete tmp or log file from 90 days ago every night at 2:00.