This weeks resource list is a large listing of Hacking, Information Security/Cyber Security, Open Source Intelligence (OSINT) & some Cyberpunk (for instance, 15 Deepfakes resources, some with multiple links) related resources.
For this week’s list, some of these resources have been posted through this project’s/my Twitter account throughout 2019 (https://twitter.com/hackermaderas).
#CyberpunkisNow is a project that produces Hacking, Technology, Information Security/Cyber Security, Science & Open Source Intelligence content meant to educate, maintain a public dialogue & create awareness regarding the ways technology continues to permeate civilization.
You may want to bookmark this page as this list may be added to daily or weekly at anytime up until the next resource list is published.
In general, these resource lists will not contain resources I provide via Twitter, or may contain resources I have provided via Twitter, but only quite awhile beforehand/afterwards.
What it comes down to is this: I find quite a bit online that I think would interest people/be of value to them & now this project has a place to share it.
This content will generally fall into the Hacking, Technology, Information Security/Cyber Security, Science & OSINT space.
Content in the “News Articles” section will be no older then one month old; resources outside the “News Articles” section are not date restricted.
Order of any resource/article is inconsequential; symbols do not necessarily have any meaning & usually only serve to denote/separate articles/resources.
Please consider donating $1 to allow this project to persist, grow & its creator to make ends meet.
Hacking, InfoSec/CyberSec, OSINT Resources:
☰ The top most section of “Basic knowledge requirements for Information Security/ Cyber Security & hacking” is taken from a syllabus used by one of the largest Information Security/Cyber Security employers in the world; the topics on this resource list are randomly tested for/questioned about during their technical interview.
Regardless, it is a solid list of topics/resources that can serve as a study guide/learning plan; it is 1341 lines long & includes tool listings/descriptions, a site list, links to various Github “Awesome” lists, etc.
▨ An even longer 5775 line version of the study guide/learning plan/resource list above can be found at the Hastebin link below.
This version includes many more resources then the version above, though this list is not actively curated & likely includes some dead/moved links/resources:
✪ “Pepenote”, a huge 10047 line InfoSec, Pentest, RedTeam, BlueTeam, Hacking, Linux/Windows Administration, Forensics, Docker, Exploits, Code Review, RFID (etc.) cheatsheet/resource list.
It looks as though this resource list/cheat sheet is a work in progress & is added to continually by Pepe/Octopus Security (it was 9044 lines long last month):
Octopus Security Site: https://www.octority.com/
☱ The Mind Maps listed below (some of which are also shown in the image above) were made by Aman Hardikar.
They are gigantic, well designed, extremely detailed/thorough graphics breaking down subjects/knowledge pertinent to Hacking, Offensive Security, Information Security/Cyber Security & many specific/general facets of Computer Science (which makes them pertinent to Information Security, Cyber Security, Offensive Security & Hacking in general ).
For instance, “PENETRATION TESTING PRACTICE LAB - VULNERABLE APPS / SYSTEMS” (last updated 1/2019) charts a path for a person to work through multiple CTFs/hacking challenges depending on their skills/interest/progress & links to/lists a large number of related resources.
https://www.amanhardikar.com/mindmaps/Practice.html
Aman Hardikar's site lists directions/resources they used to create these graphics; the entire site is awash in available knowledge, including papers Aman has published under organizations such as Sans.
https://www.amanhardikar.com
All Mind Maps listed below can be found at https://www.amanhardikar.com/mindmaps.html
Most of the Mind Maps below are listed/available in multiple formats (HTML /Full Size, PNG , etc.).
https://www.amanhardikar.com/mindmaps.html#
https://www.amanhardikar.com/mindmaps/AWSCompute.html
https://www.amanhardikar.com/mindmaps/AWSCompute.png
https://www.amanhardikar.com/mindmaps/AWSDatabase.html
https://www.amanhardikar.com/mindmaps/AWSDatabase.png
https://www.amanhardikar.com/mindmaps/AWSNetworking.html
https://www.amanhardikar.com/mindmaps/AWSNetworking.png
https://www.amanhardikar.com/mindmaps/AWSStorage.html
https://www.amanhardikar.com/mindmaps/AWSStorage.png
https://www.amanhardikar.com/mindmaps/BPMN2.0.html
https://www.amanhardikar.com/mindmaps/BPMN2.0.png
https://www.amanhardikar.com/mindmaps/BigDataSecurity.html
https://www.amanhardikar.com/mindmaps/BigDataSecurity.png
https://www.amanhardikar.com/mindmaps/BrowserPlugins.html
https://www.amanhardikar.com/mindmaps/BrowserPlugins.png
https://www.amanhardikar.com/mindmaps/CodeReview.html
https://www.amanhardikar.com/mindmaps/CodeReview.png
https://www.amanhardikar.com/mindmaps/Cryptography.html
https://www.amanhardikar.com/mindmaps/Cryptography.png
https://www.amanhardikar.com/mindmaps/ForensicChallenges.html
https://www.amanhardikar.com/mindmaps/ForensicChallenges.png
https://www.amanhardikar.com/mindmaps/Forensics.html
https://www.amanhardikar.com/mindmaps/ISO27001.html
https://www.amanhardikar.com/mindmaps/ISO27001.png
https://www.amanhardikar.com/mindmaps/Infrastructure.html
https://www.amanhardikar.com/mindmaps/Infrastructure.png
https://www.amanhardikar.com/mindmaps/PCIDSS.html
https://www.amanhardikar.com/mindmaps/PCIDSS.png
https://www.amanhardikar.com/mindmaps/PKI.html
https://www.amanhardikar.com/mindmaps/PKI.png
https://www.amanhardikar.com/mindmaps/Practice.html
https://www.amanhardikar.com/mindmaps/Practice.png
https://www.amanhardikar.com/mindmaps/PracticeUrls.html
https://www.amanhardikar.com/mindmaps/SABSAConcepts.html
https://www.amanhardikar.com/mindmaps/SABSAConcepts.png
https://www.amanhardikar.com/mindmaps/SABSADesign.html
https://www.amanhardikar.com/mindmaps/SABSADesign.png
https://www.amanhardikar.com/mindmaps/SABSAOperations.html
https://www.amanhardikar.com/mindmaps/SABSAOperations.png
https://www.amanhardikar.com/mindmaps/SHC.html
https://www.amanhardikar.com/mindmaps/SHC.png
https://www.amanhardikar.com/mindmaps/SecurityTests.html
https://www.amanhardikar.com/mindmaps/SecurityTests.png
https://www.amanhardikar.com/mindmaps/VMsandLiveCDs.html
https://www.amanhardikar.com/mindmaps/VMsandLiveCDs.png
https://www.amanhardikar.com/mindmaps/VPN.html
https://www.amanhardikar.com/mindmaps/VPN.png
https://www.amanhardikar.com/mindmaps/VoIP.html
https://www.amanhardikar.com/mindmaps/VoIP.png
https://www.amanhardikar.com/mindmaps/Wireless.html
https://www.amanhardikar.com/mindmaps/Wireless.png
https://www.amanhardikar.com/mindmaps/virus-classification.html
https://www.amanhardikar.com/mindmaps/webapptest.html
https://www.amanhardikar.com/mindmaps/webapptest.png
https://www.amanhardikar.com/mindmaps/worm-classification.html
https://www.amanhardikar.com/mindmaps/AWSCompute.html
https://www.amanhardikar.com/mindmaps/AWSCompute.png
https://www.amanhardikar.com/mindmaps/AWSDatabase.html
https://www.amanhardikar.com/mindmaps/AWSDatabase.png
https://www.amanhardikar.com/mindmaps/AWSNetworking.html
https://www.amanhardikar.com/mindmaps/AWSNetworking.png
https://www.amanhardikar.com/mindmaps/AWSStorage.html
https://www.amanhardikar.com/mindmaps/AWSStorage.png
https://www.amanhardikar.com/mindmaps/BPMN2.0.html
https://www.amanhardikar.com/mindmaps/BPMN2.0.png
https://www.amanhardikar.com/mindmaps/BigDataSecurity.html
https://www.amanhardikar.com/mindmaps/BigDataSecurity.png
https://www.amanhardikar.com/mindmaps/BrowserPlugins.html
https://www.amanhardikar.com/mindmaps/BrowserPlugins.png
https://www.amanhardikar.com/mindmaps/CodeReview.html
https://www.amanhardikar.com/mindmaps/CodeReview.png
https://www.amanhardikar.com/mindmaps/Cryptography.html
https://www.amanhardikar.com/mindmaps/Cryptography.png
https://www.amanhardikar.com/mindmaps/ForensicChallenges.html
https://www.amanhardikar.com/mindmaps/ForensicChallenges.png
https://www.amanhardikar.com/mindmaps/Forensics.html
https://www.amanhardikar.com/mindmaps/ISO27001.html
https://www.amanhardikar.com/mindmaps/ISO27001.png
https://www.amanhardikar.com/mindmaps/Infrastructure.html
https://www.amanhardikar.com/mindmaps/Infrastructure.png
https://www.amanhardikar.com/mindmaps/PCIDSS.html
https://www.amanhardikar.com/mindmaps/PCIDSS.png
https://www.amanhardikar.com/mindmaps/PKI.html
https://www.amanhardikar.com/mindmaps/PKI.png
https://www.amanhardikar.com/mindmaps/Practice.html
https://www.amanhardikar.com/mindmaps/Practice.png
https://www.amanhardikar.com/mindmaps/PracticeUrls.html
https://www.amanhardikar.com/mindmaps/SABSAConcepts.html
https://www.amanhardikar.com/mindmaps/SABSAConcepts.png
https://www.amanhardikar.com/mindmaps/SABSADesign.html
https://www.amanhardikar.com/mindmaps/SABSADesign.png
https://www.amanhardikar.com/mindmaps/SABSAOperations.html
https://www.amanhardikar.com/mindmaps/SABSAOperations.png
https://www.amanhardikar.com/mindmaps/SHC.html
https://www.amanhardikar.com/mindmaps/SHC.png
https://www.amanhardikar.com/mindmaps/SecurityTests.html
https://www.amanhardikar.com/mindmaps/SecurityTests.png
https://www.amanhardikar.com/mindmaps/VMsandLiveCDs.html
https://www.amanhardikar.com/mindmaps/VMsandLiveCDs.png
https://www.amanhardikar.com/mindmaps/VPN.html
https://www.amanhardikar.com/mindmaps/VPN.png
https://www.amanhardikar.com/mindmaps/VoIP.html
https://www.amanhardikar.com/mindmaps/VoIP.png
https://www.amanhardikar.com/mindmaps/Wireless.html
https://www.amanhardikar.com/mindmaps/Wireless.png
https://www.amanhardikar.com/mindmaps/virus-classification.html
https://www.amanhardikar.com/mindmaps/webapptest.html
https://www.amanhardikar.com/mindmaps/webapptest.png
https://www.amanhardikar.com/mindmaps/worm-classification.html
■ OSINT Resources
Often, the OSINT material you want or find is going to be sitting on the Internet as some form/type of media or file that is not text on a web page.
Creative usage of the resources listed in this section can yield way greater rewards then many may think at first thought.
For instance, instead of thinking about using these resources to find one type of media, think about using them to search for OSINT by file extension instead (PDFs & CSVs are often fruitful when trying to gather OSINT vs. a corporate target for instance).
Mamont’s Open FTP Index at http://www.mmnt.net//
You can gain a ton of OSINT from open, publicly accessible FTP sites; if a target has an open FTP site with accessible content, it will be listed here (among the many other tens or hundreds of thousands listed).
Mamont’s can be searched multiple ways: file names, domain names, etc…
r/Opendirectories is a small Sub-Reddit where the absolute kings of finding anything in a publicly accessible directory/web site hang out (whether that directory was intentionally meant to be open to the public or not is a different story).
https://www.reddit.com/r/opendirectories/
The members of r/Opendirectories often find things using the resources/tools that are so sensitive that they joke about ensuring it never leaves the Sub-Reddit (though multiple members almost always verify what was found first).
The following are all resources/techniques I have learned/taken from r/Opendirectories.
Google Dork for video media (or media/files that can, could or does share/use the same types of file extensions/media types).
intext:"Search Term" intitle:"index.of" +(wmv|mpg|avi|mp4|mkv|mov) -inurl:(jsp|pl|php|html|aspx|htm|cf|shtml)Google Dork for image media (or media/files that can, could or does share/use the same types of file extensions/media types):
intext:"Search Term" intitle:"index.of./" (bmp|gif|jpg|png|psd|tif|tiff) -inurl:(jsp|pl|php|html|aspx|htm|cf|shtml)Google Dork for Music related media (or media/files that can, could or does share/use the same types of file extensions/media ).:
intext:"Search Term" intitle:"index.of./" (ac3|flac|m4a|mp3|ogg|wav|wma) -inurl:(jsp|pl|php|html|aspx|htm|cf|shtml)Google Dork for Books (or media/files that can, could or does share/use the same types of file extensions/media types):
intitle:"Search Term" (pdf|epub|mob) "name or title" -inurl:(jsp|pl|php|html|aspx|htm|cf|shtPalined: Google Search Open Directories
The Eye: CGS Engine
“CSG (Custom Google Search) Engines are used to make complex and specific Google searches with specific keywords.
The-Eye’s CGS engine searches for open directories hosted on the internet, that have been indexed by Google. You may find specific archives or folders with varying content, and the searching process is streamlined to be as smooth as possible.”
LENDX: An Open Directory Search Tool
File Chef: Get direct download links for almost anything.
Ewasion: Another Opendirectory Finder
https://ewasion.github.io/opendirectory-finder/
lumpysoft.com: Google index search
Napalm FTP Indexer
OD-Database: HTTP crawler media/file search.
Filepursuit: File/Media locator; there is an Android app version available.
Jimmyr: Download/Search Mp3 / Files from Google
Mattpalm: NMHDDS Google Open Directory Search Tool | Get direct download links to (almost) everything.
OD Search Tool: Open Directory Search Tool; “Find open directories with this tool. It uses google’s engine for the actual search.”
EoJ OD.getter: Open Directory Search Portal, “Research, Discover & Archive!”
≛ Alternative DNS Server Lists - In the past, some people have stated that Hastebin & other links I have provided did not work for them; this was often due to the DNS servers their host was configured to use.
At the very least, switching away from your ISPs DNS servers are likely to provide you benefits like greater privacy, less adware & improved security.
Wikileaks alternative DNS List: https://wikileaks.org/wiki/Alternative_DNS
Quad9, solid public DNS servers I have used pretty often:
Quad 9 Project page: https://www.quad9.net/
Quad 9 DNS Server IP/FAQ/”DNS need to know info”: https://www.quad9.net/faq/
OpenNIC Public Servers
“We are a non profit organization and do not charge money for access to our DNS services, including the proposal/request of new TLDs. Free to use, and completely operated by volunteers, so there’s no financial pressure to corrupt our organization. New volunteers welcome!” OpenNic Project
OpenNic Project main page: https://www.opennic.org/
Over the years, I’ve often used these two “luggs” OpenNic Projects servers listed below as the main/first two DNS servers listed on my /etc/resolv.conf file.
On OpenNic’s Public Servers list, both of “luggs” servers have the designations “No logs kept”, “DNSCrypt” , “Whitelisting”; they have been in play since 2014 with no downtime that I’ve noticed or seen under the “Status” designation.
Please Note: While I have never detected malicious activity while using the two “luggs” DNS servers, I came upon/started using them after penetrating hosts used by BlackHats.
These were two of the DNS servers used by hosts they were attacking from (not command & control servers), likely for some of the privacy benefits they are stated to provide (please make sure too notice both “luggs” servers are located in the United States).
ns3.ca.dns.opennic.glue 142.4.204.111 2607:5300:120:a8a:142:4:204:111
ns4.ca.dns.opennic.glue 142.4.205.47 2607:5300:120:a8a:142:4:205:47
Listing of other OpenNIC Public Servers (country/other designations can be searched via tabs above list): https://servers.opennicproject.org/
PLEASE NOTE: Using OpenNic DNS servers gives you access to some OpenNic Project domains/subdomains & other alternative DNS roots/namespaces they are peered with; some of these aren’t easily reachable without using OpenNic DNS servers, OpenNic proxies/OpenNic proxies + Grep.geek search engine links (etc.).
OpenNic offers domain creation within this network (which can offer a site added privacy/isolation); also, per their site:
“Anybody with the right experience can apply to run their own TLD on our network!”
More info here: https://wiki.opennic.org/opennic/creating_new_tlds)
OpenNic’s network includes a free blog/website platform (Blog.o).
Sometimes people talk about/are looking for a technical knowledge related barrier for entry when starting a community/site (it’s not my place to debate the positives/negatives of this approach here).
Using an OpenNic Network domain/subdomain for the site could serve this purpose: the site/community would only be reachable in a limited manner unless a user takes steps like changing their host DNS server to use OpenNic DNS server IP or uses OpenNic proxies/or OpenNic proxies + Grep.geek search engine links.
This wiki page is vital to getting the most out of the free services OpenNic Project provides (links to these services & details are here):
OpenNic proxies + Grep.geek search engine links:
OpenNic proxies/or OpenNic proxies + Grep.geek search engine links:
https://proxy.dnslibre.com.mx/ (only TLD inside the OpenNIC network are accesed via this particular link)
Blog.0: “Blog.o is a free service designed to allow new users to easily create their own website on the OpenNIC alternative DNS network.”
⊛ “What VPN to use?” That One Privacy Guy’s regular, detailed comparisons of most VPN providers with spreadsheets at varying levels of abstraction:
https://thatoneprivacysite.net
Link to a page with many other links that form a time capsule of old school hacking history:
Long form Redteam, Pentest, Hacking, OSINT, Information Security/Cyber Security essays/tutorials I’ve written:
https://0x00sec.org/t/random-thoughts-after-nearly-9-years-pentesting-red-teaming-2019/16397
https://0x00sec.org/t/essay-images-video-thoughts-professional-hacker-2011-to-present/8782
https://0x00sec.org/t/real-penetration-tests-equalizers-and-dirty-tricks/5512
https://0x00sec.org/t/shared-thoughts-after-6-years-in-pentesting/2492
https://0x00sec.org/t/my-personal-osint-techniques-part-1-of-2-key-layer-contingency-seeding/13033
https://0x00sec.org/t/my-personal-osint-techniques-volume-2-the-kitchen-sink/13198
Cyberpunk Resources:
♠ Deepfakes resources:
- Faceswap (“Deepfakes software for all”) https://github.com/deepfakes/faceswap
2. Awesome Deepfakes https://github.com/aerophile/awesome-deepfakes
3. Deepfakes China https://www.deepfakescn.com/
4. GifFakes https://www.reddit.com/r/GifFakes/new/
5. Easy_Deepfakes_GUI https://github.com/boehm-e/Easy_Deepfakes_GUI
6. Deepfakes Web (Paid access, tools/tutorials) https://deepfakesweb.com/
7. Mr. Deepfakes Forum https://mrdeepfakes.com/forums/
8. TruePic: Image/video authenticity https://truepic.com/ r/
9. DeepfakesClub (contains Deepfakes software tutorials) https://www.reddit.com/user/deepfakesclub/
10. DeepNude was a Deepfakes app that rendered nude images of clothed women; it’s developer/creator stated they would bury the app due to public outrage, but it very much looks like they sold the software (or were at least excepting offers) after this declaration.
Forked 480+ times, Open-Deepnude is a Github project to recreate DeepNude.
NOTE: This project is listed here only in the hopes that researchers can utilize the software & will/are working to counter this technology.
Interestingly, a huge percentage of accounts forking this project seem to belong to Chinese users.
11. Deep Privacy, a paper concerning Deepfakes tech for anonymization, DeepPrivacy extracts data about a person’s face then uses a database of 1.5 million faces to create an entirely new face with the same expression that blends into the original photo/same background.
https://arxiv.org/abs/1909.04538
12. PaperspaceBlog, a site full of blog posts & tutorials covering Machine Learning , Artificial Intelligence , Cloud GPUs, etc.
Plenty of Deepfakes related material here:
13. Progressive Face Super-Resolution via Attention to Facial Landmark, an AI/algorithm that can accurately reconstructs faces from tiny 16×16 pixel input images.
Overview https://iforcedabot.com/photo-realistic-emojis-and-emotes-with-progressive-face-super-resolution/
https://arxiv.org/abs/1908.08239
14. Dr. Fakenstein, a Youtube user who utilizes Deepfakes as an online platform/performance medium.
Reviewing uploads by these accounts can help w/ modeling the escalating capabilities of Deepfakes software/users.
Twitter account https://twitter.com/drfakenstein
Insightful Paperspace Blogpost https://blog.paperspace.com/faceswap-face-off-viral-video-creators-dr-fakenstein-ctrl_shift_face/
Youtube Channel https://www.youtube.com/channel/UC9PLdpbloc1pfg3ds3My98w
15. Ctrl Shift Face, another Youtube user utilizing Deepfakes as an online platform/performance medium.
Again, reviewing uploads by these accounts can help w/ modeling the escalating capabilities of Deepfakes software/users.
Youtube Channel https://www.youtube.com/channel/UCKpH0CKltc73e4wh0_pgL3g
Links surrounding current Hong Kong Protests/Activism
LIHKG is the Clearnet site most heavily used by Hong Kong Pro-Democracy activists/protesters; it has been hit with DDOS/DOS Attacks multiple times since the start of this year’s Anti-Extradition/Pro-Democracy protests.
For those who do not speak Chinese (like myself): Getting a web browser extension/add-on or built-in web browser functionality to translate content on LIHKG can be difficult sometimes.
Trying multiple/different translation add-ons/extensions &/or different web browsers will usually work eventually ( jumping right to using a VPN with Hong Kong IP usually works much faster/more smoothly).
I find using translation functionality vs. posts instead of entire pages usually works best (like in the image above, though I often translate multiple posts per translation attempt at once).
r/LIHKG is a LIHKG Sub-Reddit; it has maintained a fairly high degree of consistent activity since I began visiting the Sub-Reddit in May of this year (though it has been in existence since 2016).
https://www.reddit.com/r/LIHKG/
r/LIHKG often seems to have the the top posts from LIHKG listed.
Though I haven’t found it to be a replacement for LIHKG (especially since that site’s posts often lead to smaller enclaves of good information…many of these have been Facebook Groups unfortunately), I feel like the format (especially when being used with some web browsers translation functionality) often helps me process/understand information posted over from LIHKG more easily (though posts in this r/LIHKG often aren’t in english).
r/LIHKG is also a great companion bookmark to have in case LIHKG suffers another lengthy DDOS/DOS Attack &/or to cross reference posts/news against other resources listed here (especially r/Hong Kong).
r/Hong Kong , a Sub-Reddit surrounding the Hong Kong Anti-extradition/Pro-Democracy protests; information rolls into the place pretty fast & there is almost always a high level of activity/engagement.
Even more important, native Hong Kong citizens/protesters/activists/journalist are often the ones participating in/posting threads in r/Hong Kong.
LOOK OUT FOR SUB-REDDITS THAT ARE CREATED WITH NAMING CONVENTIONS LIKE r/Hong Kong. If you visit the r/Hong Kong Sub-Reddit & find it has less then 200K+ members, you will probably notice a preponderance of Pro-China/Anti-Hong Kong protest posts next.
There has been quite a bit of suspicious activity surrounding these sites that looks shady on Reddit’s part, especially given considerable investments in the platform by corporations from China like Tencent the last few years.
https://www.reddit.com/r/HongKong/
r/Hong Kong has been a vital resource in helping me keep up/involve myself with (as much as I can here in the US) the Hong Kong Anti-Extradition/Pro-Democracy protests.
Some Important ongoing threads in r/Hong Kong:
“Megathread: Resources for Anti-extradition” is just what it says: an ongoing thread containing various resources/links to information concerning/surrounding the ongoing protests in Hong Kong.
https://www.reddit.com/r/HongKong/comments/cxsz4i/megathread_resources_for_antiextradition_protest/
Live feed for information regarding the protests that includes/collects various written/video resources concerning the protests (including from social media content) & posts live video/links to live video during larger protests/coordinated protester/activist movements.
