Cyber Security

Useful Resources:

  1. AES Crypt is a file encryption software available on several operating systems that uses the industry standard Advanced Encryption Standard (AES) to easily and securely encrypt files. https://www.aescrypt.com/
  2. Most useful Caesar Cipher Decoder. http://www.dcode.fr/caesar-cipher
  3. A1Z26 Cipher coder/decoder: A1Z26 is very simple direct substitution cypher, where each alphabet letter is replaced by its number in the alphabet. https://planetcalc.com/4884/
  4. Best ASCII Converter: https://www.branah.com/ascii-converter
  5. Best Hash and Password Cracking online: https://crackstation.net/
  6. Always remember to check AtBash and Base32 deciphers. Base32 is not available at Rumkin. Use this url for additional deciphers that are not available on Rumkin. http://emn178.github.io/online-tools/
  7. Best Decipher library online: http://rumkin.com/tools/cipher/
  8. Check File Type Online: http://checkfiletype.com/
  9. URL Param Encoder/Decoder: https://www.urlencoder.org/
  10. Magic Bytes: https://blog.netspi.com/magic-bytes-identifying-common-file-formats-at-a-glance/
  11. Recon tool based on URL: http://toolbar.netcraft.com/ and https://www.shodan.io/ – useful to find out OS of a server.
  12. Online Recon IP Scan: http://www.serversniff.net/tools/httpscipher.php

Recon command: host www.sitename.com (linux)

Number Converters – Cryptography:

  • Hex to ASCII. Do not convert 0x!!  http://www.rapidtables.com/convert/number/hex-to-ascii.htm
  • Base64Decode – common crypto problem: https://www.base64decode.org/
  • Binary 2 ASCII converter http://www.binaryhexconverter.com/binary-to-ascii-text-converter
  • tips: Some crypto problem involves multiple encoding. A very common method is to encode with base64 then encode with binary. For example, the word “supersecret” becomes “c3N1cGVyc2VjcmV0” after applying base64 encoding. We can then encode it to binary using the wensite “https://codebeautify.org/string-binary-converter. So, the final encoded value becomes 01100011 00110011 01001110 00110001 01100011 01000111 01010110 01111001 01100011 00110010 01010110 01101010 01100011 01101101 01010110 00110000. To solve such problems, we must run decoder twice to get to the original value.
  • Atbash Decoder: When nothing works, try using this decoder.  As a matter of fact, we should always try this one.
  • Vigenere Decoder: If you have a secret code (key) and an encrypted message, try http://rumkin.com/tools/cipher/vigenere.php

Steganography:

Digital Invisible Toolkit: http://diit.sourceforge.net/examples.html

Foot-printing – Routing path analysis –

DNS Information:

  • dig ANY ankanbasu.com
  • nslookup
  • whois www.sitename.com -> provides a lot of information.

Discover Open ports

  • nmap
  • hping

Ping and Ping Sweep

  • Ping tool for one host
  • Ping sweep for many hosts: nmap -sP 10.5.5.1/28

IP Scanners

Network Emulators:

Many excellent free Security tools:

750 CISSP Questions for Review on Youtube:

Check you password Strength:

Ethical Hacking Tools

  • Recon tool: people search pipl
  • Domain info research – nslookup. There are many options that can be passed to this command line tool that is available in windows, linux and mac. 
  • Path Analyzer pro – traceroute finally makes sense: https://www.pathanalyzer.com/download.opp