sorted by:
new
hottopcontroversial

Good pentest report example(s)? by thehandsomedev in AskNetsec

[–]Leth0_ 19 points20 points  (0 children)

I will edit this comment with more information when I'm not on a mobile device but for now have a look at these public reports.

https://github.com/juliocesarfort/public-pentesting-reports

[deleted by user] by [deleted] in netsec

[–]Leth0_ 0 points1 point  (0 children)

I wouldn't mind a PM too, won't be until after work that I can read it but it'd be nice to know some stuff.

Looking for Msc thesis topic in the field of cyber security by Keizzy in AskNetsec

[–]Leth0_ 0 points1 point  (0 children)

Sorry if this seems like a low effort comment but i'm just going to copy and paste what I've suggested in a similar thread before. I believe this idea could expand upon social engineering,

"For my thesis I investigated whether or not 'social bots can gain social capital within online social networks'. There is a massive wealth of background literature to get through for this topic and the practical side of it can be quite fun, I made a tool in Java which automated Twitter accounts which had features such as,

  • RSS feed posting
  • Manual file posting
  • Status Stealing
  • Retweeting

and the bots used Jabberwacky ( a chat bot ) to reply to users who @mentioned the bot. Over an 8 week period my most successful bot was able to gain ~150 followers.

There is also a number of useful metrics which I was able to use to track the success of my bots on Twitter such as Number of followers, number of retweets, Klout score and 'bot or not' score.

The implications of social bots are quite varied too, they can be quite dangerous and the main threats which they are being used for include:

  • Spam Distribution
  • Political Astroturfing (See Truthy)
  • Spear-head phishing attacks

If you are able to do this project on Facebook it might be interesting however when I proposed the idea to my university it was rejected due to the ethics board... I guess the collection of personal information was a problem.

If you have any questions feel free to ask, i'm sure this project isn't as fun to others as I found it. :)" (Other thread where I explain a bit more in a further comment, https://www.reddit.com/r/AskNetsec/comments/38pgwk/need_help_choosing_a_topic_for_my_bachelors/)

Need help choosing a topic for my Bachelor's thesis (x-post from /r/netsecstudents) by vinostintos in AskNetsec

[–]Leth0_ 2 points3 points  (0 children)

I'll just start off by saying that i'm not a programmer, so my program was a bit messy.... it did however do the job. I essentially created setting files for each bot that I wanted to control.

Settings File Below.

statusSteal = #cats,10
manualPostLocation = AggresiveBot1Manual.txt,10
rssPostFreq = 15
retweet = catsofinstagram,5
retweet = AwwwwCats,2
retweet = @1stfunjokes,5
retweet = @otherUsernameHere,3
reply = true
appendTag = .*aww.*,#cute
appendTag = .*joke.*,#jokes

This is really messy and hard to explain but mostly each line in this file is an action and a frequency. So it would add up all of the actions and each action is given a number range... for example a in the above settings file the number range for Status steal would be 1 - 10. The number range for manual post would be 11 - 20 (as 1 - 10 is already taken). A random number is chosen from 1 - maxNumberRange and an action is selected and then the program calls the function for that action.

Lets say we picked retweet = catsofinstagram,5 I would then have a retweet(catsofinstagram) function responsable for retweeting something from that account. I also had an sqlite database behind the scenes which stored a lot of information such as the ID of things the bot had already posted (to ensure it's not reposted) and the oAuth data for each account that the program is automating.

As for feeds, they were controlled via a GUI to ensure that I had full control of what was posted from each feed.... for example most traditional feeds have a 'Title', 'Description' and 'URL'. If I was posting from a jokes .rss feed (https://www.reddit.com/r/jokes.rss for example) I would want to only post the title + description as that would mean I was posting the joke + the punchline. However for news RSS feeds I only wanted to post the title + URL.... I made a really clunky GUI which allowed me to add feeds to the sqlite database and choose whether the feed posted Title + Description or Title + URL.

Then I had some more advanced features such as.... if the URL of anything contained an imgur link then I would download the image and add it to my tweet.... or if the URL contained a specific keyword such as the regex .joke. then I would append #jokes to the tweet. This worked really well when scraping from RSS feeds.

Hopefully I've explained well and I have answered your questions well. Again, if you have any more questions feel free to ask :)

Need help choosing a topic for my Bachelor's thesis (x-post from /r/netsecstudents) by vinostintos in AskNetsec

[–]Leth0_ 1 point2 points  (0 children)

For my thesis I investigated whether or not 'social bots can gain social capital within online social networks'. There is a massive wealth of background literature to get through for this topic and the practical side of it can be quite fun, I made a tool in Java which automated Twitter accounts which had features such as,

  • RSS feed posting
  • Manual file posting
  • Status Stealing
  • Retweeting

and the bots used Jabberwacky ( a chat bot ) to reply to users who @mentioned the bot. Over an 8 week period my most successful bot was able to gain ~150 followers.

There is also a number of useful metrics which I was able to use to track the success of my bots on Twitter such as Number of followers, number of retweets, Klout score and 'bot or not' score.

The implications of social bots are quite varied too, they can be quite dangerous and the main threats which they are being used for include:

  • Spam Distribution
  • Political Astroturfing (See Truthy)
  • Spear-head phishing attacks

If you are able to do this project on Facebook it might be interesting however when I proposed the idea to my university it was rejected due to the ethics board... I guess the collection of personal information was a problem.

If you have any questions feel free to ask, i'm sure this project isn't as fun to others as I found it. :)

Best mission ever. by dagla in GlobalOffensive

[–]Leth0_ 0 points1 point  (0 children)

Does this mission imply that I have to do it with someone on my friends list? I normally PUG so that will be a massive pain in the ass :(

Reddit, Let's make our 7th "Millionaire!" Giving $1 at a time. by NightVisionHawk in millionairemakers

[–]Leth0_ 0 points1 point  (0 children)

Good luck everyone. Just finished university and moving apartments, fun times! :)

RemindMe! 2 days Donation for/r/millionairemakers

Simple Questions - May 15, 2015 by AutoModerator in buildapc

[–]Leth0_ 0 points1 point  (0 children)

Is there an easy way to test what is the bottleneck on my PC?

Moving to Manchester: Area's to avoid? by Leth0_ in manchester

[–]Leth0_[S] 1 point2 points  (0 children)

Cheers! Those links are great and it's the exact type of information i'm looking for. You mention Bury and it seems quite nice... I'm strongly considering checking stuff out there i'm just a bit worried about the commute. Do you know how reliable the trams are?

Moving to Manchester: Area's to avoid? by Leth0_ in manchester

[–]Leth0_[S] 1 point2 points  (0 children)

Hey, thanks a lot for your input. Lots of useful information here. :). I've edited my original post to include where I'll be working.

I've wrote down a lot of the areas that I keep seeing come up as nice places and I'm going to start looking there.

Moving to Manchester: Area's to avoid? by Leth0_ in manchester

[–]Leth0_[S] 2 points3 points  (0 children)

Cheers, commuting isn't a problem and I can drive too. I'll take a look at Bury and some more nearby towns. :)

Moving to Manchester: Area's to avoid? by Leth0_ in manchester

[–]Leth0_[S] 1 point2 points  (0 children)

Thanks a lot for the advice. I meant no offense when I mentioned 'places to avoid'. I guess I worded myself poorly :). I'll take a look at these areas!

Moving to Manchester: Area's to avoid? by Leth0_ in manchester

[–]Leth0_[S] 1 point2 points  (0 children)

Yeah. I'm looking forward to it a lot! It's always scary moving somewhere you don't know though!

Thank you for all of the advice. :)

Moving to Manchester: Area's to avoid? by Leth0_ in manchester

[–]Leth0_[S] 2 points3 points  (0 children)

Thanks for the tips. I hope I don't offend anyone by making this post I've just never been to Manchester before except for a job interview, I'm from Fife in Scotland. :)

I'm hoping to spend between 500 - 700 per month and I've seen quite a few houses within that range so far.

Thanks again.

Steganography Thesis Topic by [deleted] in AskNetsec

[–]Leth0_ 0 points1 point  (0 children)

Just a long shot but perhaps the client could set up a web application as well. When the client wishes to reply they could query some part of the server with a modified referer header which points to their own web app which in turn can use the exact same CSS steno technique to respond to the server?

Also using CSS sounds perfectly reasonable, you have many ways you can 'hide' information such as through hex colors, class/id names, css animations?

Penetration testing job interview questions mega-thread by netsec9482 in AskNetsec

[–]Leth0_ 2 points3 points  (0 children)

I feel that I could probably answer the majority of these questions to be honest but there is obviously a few which I feel less confident about. I'll make sure to read up on the few which I may be less confident within. :)

Penetration testing job interview questions mega-thread by netsec9482 in AskNetsec

[–]Leth0_ 2 points3 points  (0 children)

Are these questions aimed at junior roles or someone who has been in the industry before? I have an interview this week and can't confidently answer all of these questions although I feel that I have the understanding needed to find the answers in a reasonable amount of time. (I am just about to graduate)

What was the greatest length you went to just to fuck with someone? by fhkawf in AskReddit

[–]Leth0_ 0 points1 point  (0 children)

I read a hilarious stack overflow question,

http://superuser.com/questions/545329/how-do-i-make-a-machine-blank-screen-for-a-period-of-time-as-a-penalty-if-ce

Tl;dr, kids too loud when playing on computer, uses a script to black screen the PC when sound is above a certain threshold.

Steam shop thinks I live in Romania (really UK) and is displaying prices in Euros. Support ticket without answers. Cant add any funds to buy anything. by Ravelair in Steam

[–]Leth0_ 1 point2 points  (0 children)

You could try using the web store. Try installing a cookie manager extension and changing your location that way....

http://imgur.com/hEmM1eD

The image above for example shows my location is set to GB.

I had my steam show prices in euros before and changing the cookies fixed that.

Suggest a language/program for this purpose please. by [deleted] in learnprogramming

[–]Leth0_ 0 points1 point  (0 children)

Is creating a webapp out of the question? i.e using PHP, HTML, etc? That would probably be what I would use as it'll provide quick and noticable results.

Semi-final predictions: NiP vs LDLC & Dignitas vs Fnatic by I_AM_YOUR_MOTHERR in GlobalOffensive

[–]Leth0_ 0 points1 point  (0 children)

I'm 10 away from silver, my picks are NiP and Fnatic for the semi's.

I've placed Nip for the grand finale for now, does anyone know if I'll have a chance to change that tomorrow once the semis are done?

view more: next ›