AniNIX/Wiki
3
0
Fork 0
Code Issues 9 Pull Requests 3 Releases Activity

Compare commits

base: AniNIX:main
Branches Tags
AniNIX:main AniNIX:pentesting-team AniNIX:lnl-ended AniNIX:rss-validator-hook AniNIX:hire
AniNIX:0.0
..
compare: AniNIX:pentesting-team
Branches Tags
AniNIX:main AniNIX:pentesting-team AniNIX:lnl-ended AniNIX:rss-validator-hook AniNIX:hire
AniNIX:0.0

1 Commits
main ... pentesting

Author SHA1 Message Date
DarkFeather
649117eeaf Adding Pentesting recruiting page 2024-07-18 13:10:03 -05:00
4 changed files with 73 additions and 56 deletions
Expand all files Collapse all files

6
PKGBUILD
View File

@@ -3,8 +3,12 @@ makedepends=('make>=4.2','gcc','mono')
checkdepends=()
optdepends=()
pkgname="$(git config remote.origin.url | rev | cut -f 1 -d '/' | rev | sed 's/.git$//')"
pkgver="$(git describe --tag --abbrev=0)"."$(( `git log "$(git describe --tag --abbrev=0)"..HEAD | grep -c commit` + 1 ))"."$(git rev-parse --short HEAD)"
pkgver="$(git describe --tag --abbrev=0)"."$(git rev-parse --short HEAD)"
pkgrel=1
pkgrel() {
echo $(( `git log "$(git describe --tag --abbrev=0)"..HEAD | grep -c commit` + 1 ))
}
epoch="$(git log | grep -c commit)"
pkgdesc="$(head -n 1 README.md)"
arch=("x86_64")
url="$(git config remote.origin.url | sed 's/.git$//')"

29
Policies/Pentesting_And_CTF_Team.md Normal file
View File

@@ -0,0 +1,29 @@
# Overview
The AniNIX is looking to put together a penetration testing, ethical hacking, and cyber capture-the-flag team. The purpose of the group is to develop competent & ethical professionals, break down cybersecurity gatekeeping, and improve the Internet community writ large. The code name for this team is the `3NCLAVE`.
# Requirements to Join
In order to join this team, you must meet the following requirements:
* Have a Discord account and a Hack The Box account.
* Proficiency with Kali Linux or other hacking distribution, IRC, and Git.
* Have a demonstrated body of work in computing, primarily in a Linux environment.
* This can be a home lab, provided it can be demonstrated in a Discord screen share or by external access
* This can be GitHub, HackerOne, BugCrowd, etc. accounts with activity.
* This can be a career in IT -- ideally, this should be able to be validated with a coordinated challenge and answer to a professional email address or phone number
* Have a willingness to learn and ethical mindset
* Be sponsored by a current team member
* Be willing to comply with the AniNIX [User Ethics](/AniNIX/Wiki/src/branch/main/Policies/User_Ethics.md)
# Operation
This organization will function as a semi-democratic collective. The Owners group as captured in AniNIX/Foundation will retain veto powers & ownership of the IP. Otherwise, any group member may propose participating in bug bounty or capture-the-flag event through IRC & Discord -- the rest of the group can opt into this activity as they're able & interested. Proposals to changes in operation, methods, etc. will be discussed through issues on this platform & solidified through 2/3 majority approval in a merge request. Other operational procedures will be discussed in the group project repo.
When members are approved, they will be added to the appropriate project on AniNIX/Foundation. More details on our operation will be controlled to that location.
# What Do We Do
This organization is an ethical hacking group. This means that we comply, as much as possible, to ethical & legal frameworks. We will only attempt to compromise systems that we have been authorized, in writing, to inspect. These authorizations will either come in the form of lab files shared by our members to be tested in firewalled or air-gapped home labs, bug bounty postings, or official capture-the-flag events being hosted by organizations like Hack The Box. Members are specifically not authorized to test exploits & vulnerabilities on the community writ large.
When ethics conflicts with legality, ethics wins via civil disobedience. That is, if we were to receive a court order compromising the security of our members, operation will cease. If law were to outlaw cybersecurity research, we would pivot to be a bug-fixing development group instead. The fundamental rule is to do good without disrupting systems that people need and to find collaborative ways to contribute to the world.

48
rss/aninix.xml
View File

@@ -4,23 +4,31 @@
<logo>https://foundation.aninix.net/assets/img/AniNIX.png</logo>
<link rel="self" href="https://aninix.net/aninix.xml" />
<link href="https://aninix.net/" />
<updated>2025-11-30T04:25:00Z</updated>
<updated>2022-04-14T20:30:20Z</updated>
<author>
<name>DarkFeather</name>
<name>AniNIX</name>
</author>
<id>https://aninix.net/</id>
<entry>
<title>Geofencing to the US</title>
<link href="https://aninix.net/AniNIX/Kapisi/issues/42"></link>
<updated>2025-11-30T04:25:00Z</updated>
<id>https://aninix.net/AniNIX/Kapisi/issues/42</id>
<author>
<name>DarkFeather</name>
</author>
<title>Lunch-and-Learns Ended</title>
<link href="https://aninix.net/aninix.xml#lnl-ended"></link>
<updated>2024-04-25T17:21:00Z</updated>
<id>https://aninix.net/aninix.xml#lnl-ended</id>
<summary>
Due to legal challenges posed by a number of world powers, including the Chinese PLA, Russia, the UK, and the UN, the AniNIX network will be geofenced to the US. Users using VPNs will need a US exit node or an alternate method of connecting to services. We will test this with the less user-facing services first and gradually roll it out to all.
AniNIX will be ending the Lunch-and-Learn series for the time being -- we aren't seeing enough engagement, and admins will be otherwise tasked for the near future. Please still reach out on Discord or IRC if there are topics you want to talk about, or open an issue or merge request with your ideas.
</summary>
</entry>
<entry>
<title>Lunch-and-Learns Paused 20240502 through 20240627</title>
<link href="https://aninix.net/aninix.xml#lnl-pause-20240502"></link>
<updated>2024-04-25T17:21:00Z</updated>
<id>https://aninix.net/aninix.xml#lnl-pause-20240502</id>
<summary>
AniNIX will be pausing Lunch-and-Learns effective 20240502 through 20240627 for real-life training. We will merge AniNIX/Wiki#24 on our return.
</summary>
</entry>
@@ -44,4 +52,24 @@
</summary>
</entry>
<entry>
<title>GPG Key Distribution</title>
<link href="https://foundation.aninix.net/AniNIX/ShadowArch/src/branch/main/EtcFiles/aninix.gpg"></link>
<updated>2022-01-19T00:10:00Z</updated>
<id>https://foundation.aninix.net/AniNIX/ShadowArch/src/branch/main/EtcFiles/aninix.gpg</id>
<summary>
The SKS keyservers have been shut down -- some recent attacks on the network have made their hosting untenable for the providers. We will be distributing our GPG public key via the AniNIX/ShadowArch package and on our repo. Please add it to your own keyrings.
</summary>
</entry>
<entry>
<title>Warrant Canary</title>
<link href="https://foundation.aninix.net/AniNIX/WarrantCanary"></link>
<updated>2019-12-10T12:28:00Z</updated>
<id>https://foundation.aninix.net/AniNIX/WarrantCanary</id>
<summary>
We want everyone to know that, despite recent law enforcement and Senate cries that they can't do their job without backdoors into encrypted communications, the AniNIX is committed to protecting your communications with our network. We do offer proxies of some semipublic information to outside sources -- Discord and GitHub -- but our internal services over SSH, IRCS, and HTTPS are hardened and audited. We are now additionally offering a warrant canary. This is a GPG-based device for users to know that our communications have not been compromised. If you are cybersecurity-minded, please watch the linked repo.
</summary>
</entry>
</feed>

46
rss/osint.xml
View File

@@ -4,57 +4,13 @@
<logo>https://foundation.aninix.net/assets/img/AniNIX.png</logo>
<link rel="self" href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml" />
<link href="https://aninix.net/" />
<updated>2025-08-21T12:09:04Z</updated>
<updated>2022-09-26T02:16:20Z</updated>
<author>
<name>AniNIX</name>
</author>
<id>https://aninix.net/</id>
<entry>
<title>193.142.147.0/24</title>
<link href="https://pulsedive.com/indicator/?iid=74597502"></link>
<updated>2025-12-18T15:28:00Z</updated>
<id>https://pulsedive.com/indicator/?iid=74597502</id>
<author><name>DarkFeather</name></author>
<summary>
193.142.147.209 was observed attempting CVE 2025-55182 "React2Shell" against our web front. Total event count was three. Entire /24 has been blocked.
</summary>
</entry>
<entry>
<title>147.182.128.0/17</title>
<link href="https://pulsedive.com/indicator/?iid=71233732"></link>
<updated>2025-12-18T15:28:00Z</updated>
<id>https://pulsedive.com/indicator/?iid=71233732</id>
<author><name>DarkFeather</name></author>
<summary>
This DigitalOcean IP was observed running an extensive SSH brute-force from California. We are blocking the related /17 subnet as the provider is in poor reputation. Total event count was 112.
</summary>
</entry>
<entry>
<title>93.123.109.245</title>
<link href="https://pulsedive.com/ioc/93.123.109.245"></link>
<updated>2025-08-21T12:09:04Z</updated>
<id>https://pulsedive.com/ioc/93.123.109.245</id>
<author><name>DarkFeather</name></author>
<summary>
A Bulgarian IP was observed using a suspicious user agent (l9explore) and has been classified as known bad traffic. The related /24 was blocked. Total event count is 127.
</summary>
</entry>
<entry>
<title>200.28.54.71 and 186.107.199.1</title>
<link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#200.28.54.71"></link>
<updated>2024-06-27T17:25:00Z</updated>
<id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#200.28.54.71</id>
<author><name>DarkFeather</name></author>
<summary>
Two Chilean IPs, 200.28.54.71 and 186.107.199.1, were observed using a wide spectrum of attacks, including network trojans, PHP file inclusion attempts, web shells, and Apache exploits, against our web front. Both showed a sophisticated and diverse exploit set, but neither were attempting to exploit toolchains used by our network. Both have been banned at edge. Total event count is 264.
</summary>
</entry>
<entry>
<title>84.239.54.49</title>
<link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#84.239.54.49"></link>