KP's ScratchPad

Yet another #subdomain finder #Recon - just a bit faster

Fast Sub Recon GitHub - bidhata/fast-subrecon: Yet another Fast Subdomain Scanner with optional Shodan apiYet another Fast Subdomain Scanner with optional Shodan api - GitHub - bidhata/fast-subrecon: Yet another Fast Subdomain Scanner with optional Shodan apiGitHubbidhata Enhanced Subdomain Discovery Tool with Shodan Integration Fast, comprehensive, and intelligent subdomain

12 days ago • 4 min read

Disable #password authentication in #Ubuntu 24.04 LTS

Ever tried to disable password based authentication and only allow key based authentication on your Ubuntu servers ? Following is the common instruction. sudo nano /etc/ssh/sshd_config PasswordAuthentication no PubkeyAuthentication yes then restart SSH service But - it will not work !!! You can still authenticate using password. Try that

3 months ago • 1 min read

The #4P1G Rule : 5 pointers Theory of success

Yes, I know this post might seem a bit out of place on this blog, but hey, let's shake things up a bit! Today, I'm sharing my secret sauce for career building, which I call the 4P1G principle. As many of you know, I'm

6 months ago • 1 min read

#TP-Link #ER605 V2 Multi-wan #Upgrade to Latest version ER605(UN)_V2_2.2.6 Build 20240718 or further

So, I recently snagged a TP-Link ER605 V2 because, hey, who doesn’t want a multi-WAN fail-over connection, right? And for just around Rs. 3000/- INR, it’s like finding a unicorn in your backyard. Plus, there’s the tantalizing possibility of flashing OpenWRT on it in the future.

8 months ago • 2 min read

Fixing /etc/resolv.conf on Ubuntu 22.04 from command line

Why does /etc/resolv.conf keep changing after reboot ? Issue is systemd-resolved - on latest Ubuntu system, it is what handling resolv.conf settings. And /etc/resolv.conf actually is a symlink to /run/systemd/resolve/resolv.conf managed by systemd-resolved Yes, I know - it is painful. Once you

2 years ago • 1 min read

#VMWare ESXI 6.0 to 6.5 easy upgrade using #excli on HP Servers

When you are buying a cheap server from DC for your pet projects, those are commonly old HP servers - may have the option to preload with Vmware ESXI 6.0 . Now in present scenrio after so many attacks on vmware hosts it is not really recommended to use Vmware

2 years ago • 1 min read

Lets #Attackers Inject #Malware Into Your Organization using #MSTeams

The IDOR Vulnerability in Microsoft Teams: Lets Attackers Inject Malware Into Your Organization External Tenants in Microsoft Teams refer to organizations that have their own Microsoft tenancy and can send messages to users in other tenancies. While external tenants are generally restricted from sending files to members of other organizations,

2 years ago • 2 min read

MD5 match with #Yara #Malware #Virustotal using HASH or VT

Today faced a different problem when using Yara. Task is to find some file based on different rules and then check if it is matching with few known MD5 IOCs. Looks simple, so define the constant, then create the condition and after finding bit on the internet, found following can

2 years ago • 1 min read

Install #Wazuh 4.x on Ubuntu 22.04 all in one with single command

Surely you heard about Wazuh. Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments.  For details - visit https://wazuh.com/ . Target of this post to to deploy all services of Wazuh in a

2 years ago • 1 min read

Getting proxy from file Error cURL - (5) Unsupported proxy syntax

Today for a project, was trying to hit an endpoint URL with post request via a lit of proxy. 1st was trying with Burp Repeater , but then realise, there is not direct function exists to add 1000s of upstream proxy in a shot. So, thought of settling with good ol&

3 years ago • 1 min read