Thursday, September 8, 2016

jq: command-line tool for parsing JSON.

Passing it through jq's parser, with the most basic option, will make it look nicer (with colors):
user@host:~$ curl -s |\
  jq '.'
  "status": "good",
  "last_updated": "2015-01-21T16:59:01Z"
Do some basic selection:
user@host:~$ curl -s |\
  jq '.status'

Tuesday, August 23, 2016

anti adblock killer ile adblock tespit eden siteleri bypass edin

bu script'i kullanabilmeniz için tarayıcınızda tampermonkey kurulu olmalıdır.

2016 Data Storage Innovation Conference sunumları erişilibilir

2016 Data Storage Innovation Conference sunumları erişilibilir

Yeni sürüm BlackArch Linux yayınlandı

The new ISOs include over 1500 tools. For more details see the ChangeLog below.

Here's the ChangeLog :
include linux kernel 4.7.1
updated BlackArch Linux installer
added more than 100 new tools
updated all blackarch tools
updated all system packages
updated menu entries for window managers (awesome, fluxbox, openbox)

Wednesday, August 17, 2016

NSA Private Hacking Tools

NSA's Hacking Group Hacked! Bunch of Private Hacking Tools:

The Equation Group is a highly sophisticated threat actor described by its discoverers at Kaspersky Labs as one of the most sophisticated cyber attack groups in the world and "the most advanced ... we have seen", operating alongside but always from a position of superiority with the creators of Stuxnet and Flame.[1][2]

The name Equation Group was chosen because of the group's predilection for strong encryption methods in their operations. By 2015, Kaspersky documented 500malware infections by the group in at least 42 countries, while acknowledging that the actual number could be in the tens of thousands due to its self-terminating protocol.[2][3]

They are suspected of being tied to the United States National Security Agency (NSA).[4][5] By 2015, most of their targets had been in Iran, Russia, Pakistan,Afghanistan, India, Syria, and Mali.[2]

Hacker Demands $568 Million in Bitcoin to Leak All Tools and Data

Not just this, the hackers, calling themselves "The Shadow Brokers," are also asking for 1 Million Bitcoins (around $568 Million) in an auction to release the 'best' cyber weapons and more files.
İncelemek isterseniz aşağıdaki adreslerden indirebilirsiniz.

File Urls
- ———-


# unzip 
  inflating: eqgrp-auction-file.tar.xz.gpg  
  inflating: eqgrp-auction-file.tar.xz.gpg.sig  
  inflating: eqgrp-free-file.tar.xz.gpg  
  inflating: eqgrp-free-file.tar.xz.gpg.sig  
  inflating: public.key.asc          
  inflating: sha256sum.txt           

  inflating: sha256sum.txt.sig 

# gpg --output eqgrp-free-file.tar.xz --decrypt eqgrp-free-file.tar.xz.gpg

tar -xf eqgrp-free-file.tar.xz

(Password: theequationgroup)

# cd Firewall/
# ls

Friday, August 12, 2016

firefox: An error occurred during a connection to localhost:5634. Issuer certificate is invalid. (Error code: sec_error_ca_cert_invalid)

Platform: Red Hat Enterprise Linux Server release 6.6

Veritas Operations Manager Server 6.1 kurulumu sonrası https://localhost:5634/ arayüzüne firefox ile erişim sağlamaya çalıştığımda aşağıdaki hatayı aldım.

Secure Connection Failed

An error occurred during a connection to localhost:5634. Issuer certificate is invalid. (Error code: sec_error_ca_cert_invalid)

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.


Go to about:config


set it to true (you can double click on it to do so) and restart firefox

Tuesday, July 19, 2016

epel and remi repo installation on centos 6

  • Command to install the EPEL repository configuration package:    yum install
  • Command to install the Remi repository configuration package:    yum install

Wednesday, June 29, 2016

Multilib Protection warning for i686 package installation on Red Hat x86_64

To bypass this warning you need to edit /etc/yum.conf and add protected_multilib=0 line in the [main] section of the config

Wednesday, June 1, 2016

ShmooCon 2016 videos

ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues.


Ebowla: Framework for Making Environmental Keyed Payloads


ansible: IT automation engine

Ansible is a radically simple IT automation engine that automates cloud provisioning,configuration managementapplication deploymentintra-service orchestration, and many other IT needs.

etcd: open-source distributed key value store

etcd is an open-source distributed key value store that provides shared configuration and service discovery for CoreOS clusters. etcd runs on each machine in a cluster and gracefully handles master election during network partitions and the loss of the current master.

Monday, May 30, 2016

iscsiadm ipuçları

iSCSI nedir?

iSCSI, depolama aygıtlarını TCP/IP kullanan bir ağ üzerinden bağlama yöntemidir. Yerel ağ (LAN), geniş alan ağı (WAN) veya Internet üzerinden kullanılabilir. iSCSI aygıtları, ağ üzerinden erişilebilen başka bir bilgisayarda bulunan, bağlanabileceğiniz disk, teyp, CD ve benzeri diğer depolama aygıtlarıdır. ip adresli makinaya openfiler kurdum ve vg ve lun yapılandırması gerçekleştirdim.

node'lara ait ip blokları için initialize yetkisi tanıdım.


Red hat Linux 6.5 x86_64

iscsiadm -m session --rescan

iscsiadm -m discovery -t sendtargets -p

iscsiadm -m node -T -p

iscsiadm -m node -T -p -l

Wednesday, May 18, 2016

virtualbox: create internal test vm network

$ VBoxManage dhcpserver add --netname testlab --ip --netmask --lowerip --upperip --enable

localuser-MacBook-Pro:~ localuser$ VBoxManage list dhcpservers
NetworkName:    HostInterfaceNetworking-vboxnet0
Enabled:        Yes

NetworkName:    testlab

Tuesday, May 17, 2016

Thursday, April 28, 2016

unix domain socket interface for kafka server

Bruce is a producer daemon for Apache Kafka. Bruce simplifies clients that send messages to Kafka, freeing them from the complexity of direct interaction with the Kafka cluster. Specifically, it handles the details of:
  • Routing messages to the proper brokers, and spreading the load evenly across multiple partitions for a given topic. Clients may optionally exercise control over partition assignment, such as ensuring that a group of related messages are all routed to the same partition, or even directly choosing a partition if the client knows the cluster topology.
  • Waiting for acknowledgements, and resending messages as necessary due to communication failures or Kafka-reported errors
  • Buffering messages to handle transient load spikes and Kafka-related problems
  • Tracking message discards when serious problems occur; Providing web-based discard reporting and status monitoring interfaces
  • Batching and compressing messages in a configurable manner for improved performance
  • Optional rate limiting of messages on a per-topic basis. This guards against buggy client code overwhelming the Kafka cluster with too many messages.


bruce --msg_buffer_max 65536 --receive_socket_name /var/run/bruce/bruce.socket --config_path /etc/bruce/bruce_conf.xml --log_echo --log_level LOG_DEBUG


Wednesday, April 27, 2016

advanced torrent client

Wednesday, April 13, 2016

httpd: compression

 AddType application/x-javascript .js
 AddType text/css .css
 AddOutputFilterByType DEFLATE text/css application/x-javascript text/x-component text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon application/javascript
  BrowserMatch ^Mozilla/4 gzip-only-text/html
  BrowserMatch ^Mozilla/4\.0[678] no-gzip
  BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
  Header append Vary User-Agent env=!dont-vary

Thursday, March 31, 2016

ssmtp ile konsoldan mail gonderimi


fromname="Ali Okan Yuksel"
msg="bu bir deneme mailidir"

echo -e "to: ${to}\nsubject: deneme\n\n ${msg}" | ssmtp -f "${from}" -F "${fromname}" ${to}

wkhtmltopdf: html to pdf converter

"/usr/local/bin/wkhtmltopdf %s %s" % (html_template, pdfout)
"/usr/local/bin/wkhtmltopdf -q -L 0 -R 0 -B 0 -T 0 --disable-smart-shrinking --zoom 0.7821 --encoding UTF-8 %s %s" % (html_template, pdfout))

radius performance testing with radperf tool


Authentication, Authorization, and Accounting. Performance, scalability, load testing, and validation.
One of the most critical steps when building a RADIUS system is performance characterisation. This means testing the system to see if both authentication (i.e., read-only) and accounting (i.e., read-write) behavior is acceptable.

In many cases, the performance will be good enough for normal loads. However, high loads are commonly seen when a NAS reboots and many users flood the network at the same time. If the system cannot handle this load, then it will be unsuitable for a production environment.

RadPerf helps you make this determination. It can send both authentication and accounting packets at varying rates. Even better, you do not need to know anything about RADIUS in order to use RadPerf.

Starting with a list of users and passwords in a CSV file, RadPerf can generate both authentication and accounting packets. It can simulate spikes in traffic, long-lived user sessions, and end-to-end user behavior.

Once RadPerf has finished testing, it produces a set of reports that summarize offered load versus accepted load. Total accepted packets per second can quickly be determined. These reports gives you the data that you need to make an informed decision about placing a system into production.

radperf-u14.04# ./radperf -A1,5 -c 1 -p 100 -s -f test.csv auth mysecretkey

-A1,5 parametresi ile 1 saniye sonra CREATE accounting request 5 SANIYE sonra ise  DELETE request gonderilmesini sagliyoruz.
-p paralel 100 gonderim yapildigini anlamina geliyor.

radperf - Performance testing tool for RADIUS systems.
          Copyright (C) 2012 Network RADIUS SARL.  All rights reserved.
Usage: radperf [options] server[:port] <command> [<secret>]
  <command>    One of auth, acct, status, coa, or disconnect.
  -a type     Use authentication method <type> (pap, chap, none)
  -A d,l      After Access-Accept, send accounting packets.
  -c count    Send each packet 'count' times.
  -d raddb    Set dictionary directory.
  -D file     Print packet statistics to file
  -f file     Read packets from file, not stdin.
  -F          Update Framed-IP-Address, too.
  -n num      Send a maximum of 'num' packets per second
  -p num      Send a maximum of 'num' packets in parallel.
  -q          Do not print anything out.
  -r retries  If timeout, retry sending the packet 'retries' times.
  -R realm    Realm name to append to the User-Name
  -s          Print out summary information of auth results.
  -S file     read secret from file, not command line.
  -t timeout  Wait 'timeout' seconds before retrying (may be a floating point number).
  -T template Use template file with every request
  -u number   Generate requests for 'number' users.
  -v          Show program version information.
  -x          Debugging mode.
  -4          Use IPv4 address of server
  -6          Use IPv6 address of server.

NTRadPing 1.5 RADIUS Test Utility

Posted:20 Aug 2004
File Size:71KB
Publisher:Arndt Stajta

NTRadPing is a useful tool for testing installations of your RADIUS servers. Through NTRadPing you can simulate authentication and accounting requests and send them to the RADIUS server making NTRadPing act as a NAS client.
Before you send the request to the server, you need to configure the server IP address, the RADIUS secret key stored in the server clients file, and a username.
All the other parameters are optional.
On accounting requests, the "Acct-Session-Id" attribute is also added automatically if you do not explicitly enter it in the request attribute list.
If you issue an accounting request, then the RADIUS attribute "Acct-Status-Type" is added automatically by NTRadPing depending on the type of accounting request you have chosen (start, stop or update).
In the lower left list box you can add as many RADIUS attributes as you like to your request. The list of available attributes and the relevant values in the two drop down boxes depend on the dictionary file RADDICT.DAT.
By checking the "CHAP" checkbox, you may force NTRadPing to issue authentication requests with a CHAP password instead of a default (PAP) password.
In the right list box you will get results about the RADIUS request, along with a complete dump of all the returned RADIUS attributes.
The parameters entered in the main window are preserved even after closing the application (they are stored in the registry).