Evade Windows Anti-Virus:
Shelter https://www.shellterproject.com/download/ can inject shellcode into legit 32-Bit Executables and is likely to not get detected.
=============
WINDOWS
=============
CMD:
netsh advfirewall firewall show rule name=all
PS:
Get-NetFirewallRule
Show-FirewallRule
Disable Firewall on Windows 7 via CMD:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
Disable Firewall on Windows 7 via Powershell:
powershell.exe -ExecutionPolicy Bypass -Command 'Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value'`
Add File Path to Exclude From Windows Defender
Set-MpPreference -ExclusionPath "C:\Windows\System32\spool\drivers\color"
Disable Windows Defender
Set-MpPreference -DisableRealtimeMonitoring $True
==============
LINUX
==============
IP TABLES:
List Rules;
iptables -L -n
Delete Rule;
iptables -D INPUT -m conntrack --ctstate INVALID -j DROP
Delete Rule By Line Number;
1.) Get Line Numbers
iptables -L --line-numbers
2.) Delete the Line
iptables -D INPUT 3
Delete All Input Rules;
iptables -F INPUT
Delete All Rules;
iptables -F
Allow All Traffic;
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
Add Rule;
iptables -A chain firewall-rule
UFW:
List Rules;
ufw status numbered
Delete Rules;
ufw delete 4
Create Rules;
ufw allow 2222
Disable;
ufw reset
FIREWALLD:
Find Where Firewall Is Active
firewall-cmd --get-active-zones
firewall-cmd --get-services
Get Firewall Info
firewall-cmd --zone=public --list-all
Open a Port
firewall-cmd --permanent --zone=public --add-port=80/tcp
Remove Rule
firewall-cmd --zone=public --remove-port=80/tcp
Confirm Removal
firewall-cmd --zone=public --list-ports
Allow Service
firewall-cmd --zone=public --add-service=ftp
Block In and Out Connections
firewall-cmd --panic-on
firewall-cmd --query-panic
Turn Block All Connections Off
firewall-cmd --panic-off
firewall-cmd --query-panic