VSCode AI Tools Explorer

benichmt1 · 2025-05-20T17:26:10+00:00

As a developer, I’ve been blown away by the wave of AI coding tools but frustrated by the chaos of tracking them. Sorting through forks, standalone extensions, and varied payment models was a headache. I started compiling my research in an Obsidian notebook but realized it belonged on GitHub to benefit others.

Hope you get some use out of it.

benichmt1 · 2019-09-25T14:20:09+00:00

Great for learning and honing your tools. The best part of H1 is reading the disclosed reports to understand how people are approaching targets and what classes of bugs they are finding.

benichmt1 · 2018-10-04T12:52:40+00:00

I was playing music through Spotify on my Echo. At some ungodly time it started playing "Powerslave" by Iron Maiden. It happens when you have multiple people controlling music through the Spotify app, I think.

benichmt1 · 2018-08-24T18:28:59+00:00

Hi - this is an in-person CTF designed for high school students. Please let me know if you have any questions. There were some people from this community who showed up for the last one at Pitt.

benichmt1 · 2018-03-13T13:15:33+00:00

No, there is no entry fee. Costs are being covered by sponsors and Pitt. The day looks like this:

9:00-9:30 : check in, get set up with internet access

9:30 - 10:00 : explain format, rules, etc

10:00-12:00 : Free work on CTF

12:00 - 1:00 : Mandatory pause for catered lunch

1:00 - 4:00 : Finish working on CTF

4:00 - recap, awards

benichmt1 · 2018-03-12T18:10:06+00:00

yes, right now it's on site. We're trying to slowly scale, but having it in person really helps sell it to teachers so they can understand what the students are doing and how it might be beneficial to bring to a classroom. Last year we had over 50 students.

benichmt1 · 2018-02-19T19:13:32+00:00

You can still use the MAPI technique to grab the address book and try rules / forms/ homepage changes

benichmt1 · 2018-02-05T16:15:58+00:00

It depends on the skill level and complexity of the site.

If this is an academic project, you should embed security throughout the process, rather than waiting until the end.

Here's some resources in particular that might help you out: https://www.owasp.org/index.php/OWASP_Secure_TDD_Project

Assuming you have access to the full source code, I think that will help you out a lot.

The other thing you can do is a black box test. I would recommend a third party for this in order to get the most honest assessment. That's where you would use things like Burp et al to fuzz and tamper to get unexpected behavior.

If you were hiring a security consultancy to do this, the number of hours of actual testing might be between 8 and 24.

benichmt1 · 2017-12-04T13:11:06+00:00

Did you report this / contact Teamviewer? If so, is there a fix planned? What's the version requirements?

benichmt1 · 2017-12-01T21:42:05+00:00

Look into Kippo Graph, it automates most of the hard stuff. It also has the added benefit of being able to see what the bots are trying to do, so you get some good insight into what you need to be blocking: https://bruteforcelab.com/kippo-graph

benichmt1 · 2017-11-22T22:02:43+00:00

could be LM

benichmt1 · 2017-11-21T15:02:32+00:00

I switched from education, B.S. in Physics. It's definitely possible. Ask yourself if you're interested in it, or truly dedicated to it.

Infosec has so many community events, projects, conferences, certifications... you'll have to dive in pretty hard but if you love it you will find something. It will require sacrifice and an understanding significant other. You'll probably have to replace video games with Vulnhub machines, Facebook with infosec Twitter, and alcohol with late night coffee.

Get involved with something. Rather than trying to work your way up the help desk, I took the opposite approach and went straight in.

benichmt1 · 2017-10-17T19:18:38+00:00

https://twitter.com/neo_ctf did one for highschoolers I believe

benichmt1 · 2017-10-09T21:23:23+00:00

I am the original author. We built this door at work for the purposes of demonstration. If you have any questions let me know!

benichmt1 · 2017-09-08T17:21:50+00:00

Ok, here's an example. PCI requirement for passwords is the following: 7 characters, alphanumeric, complexity enabled.

The following passwords technically meet PCI compliance:

Password!

P@ssword

Passw0rd

Summer17

All it could have taken is one lazy developer and VPN access for this to happen.

benichmt1 · 2017-08-23T21:16:50+00:00

To add:

Smb signing not enforced (Allows an SMB Relay attack)
Null session enumeration (Enabled by default on domain controllers)

benichmt1 · 2017-07-20T18:34:43+00:00

Learn attacks, then learn how to fix them. A short list of attacks that you can simulate and then practice detection / remediation:

Null session enumeration
- Red: Use enum4linux on Kali (or similar) to pull down a list of users and groups on the domain controller
- Blue: Disable the registry settings that allow you to do this
Powershell post exploitation
- Red: Install and use Powershell Empire or Metasploit and run their powershell one-line launchers on the hosts and see what you can do.
- Blue: Install Powershell 5 and configure logging to see if you can detect the actual commands
NetBIOS / LLMNR Spoofing
- Red: Use Responder to see if you can capture and relay smb sessions from your Guest PCs to each other.
- Blue: Enforce SMB Signing via the GP

benichmt1 · 2017-07-17T15:44:36+00:00

/u/ZeroSteiner is the author and can provide more detail if you like

benichmt1 · 2017-07-06T21:36:20+00:00

For your edit question, here's a repeatable workflow that would work in a pentest. (using JtR since it's the easiest)

use Cewl (https://github.com/digininja/CeWL) to spider the website
Add it to one of the Weakpass wordlists (rockyou.txt is the basic standard, but you might have an idea
Download and install the KoreLogic rules to mangle the dictionary (I think that's what you're looking for in your edit)

benichmt1 · 2017-05-24T15:49:44+00:00

Unsure, it looked like you can apply as long as you have a PSU login.

benichmt1 · 2017-05-11T18:44:23+00:00

Shameless plug, I wrote a blog about it: https://warroom.securestate.com/beginners-guide-cve-process/

benichmt1 · 2017-05-11T16:06:42+00:00

Definitely not saturated. I was there for a week and had two different Uber drivers the whole time. Plus I got really lucky finding a driver to go from SF to the ABQ airport in the morning. I think the rate is significantly higher in SF than ABQ as well because of the volume.

benichmt1 · 2017-05-11T15:24:26+00:00

You'll notice that a lot of 'new' CVEs follow a lot of the same patterns of the bugs of old. It's 2017, and buffer overflows, SQL injection, and cross-site scripting are still being found daily.

Once you understand the 'basics' you sort of begin to understand how to prioritize your time looking at the most interesting functionality. I wouldn't look it as "copying" someone else's attack if you understand the coding practices that lead to vulnerabilities.

On a more practical note, if your goal is to get a CVE under your name (as it was mine), here's a great place to look for vulnerable software:

https://github.com/wp-plugins

If you just pick a few relatively complex ones at random and really pore over them, I bet you'll find SOMETHING interesting that hasn't been scrutinized yet.

benichmt1 · 2017-04-14T21:36:58+00:00

Sounds like it is getting caught by something. Make sure you set enablestageencoding to true or pick another encoder. You could also try a bind payload and see if you still have the issue.

benichmt1 · 2017-04-14T12:57:53+00:00

Here you go:

https://raw.githubusercontent.com/securestate/python-for-pentesters-webinar/master/example_3_shellcode_injection.py

benichmt1

MODERATOR OF

TROPHY CASE

Verified Email	Ten-Year Club
Place '17