added new section "links", removed display of time/date in particular pages

config.toml

@@ -52,6 +52,38 @@ publishDir = "/var/www/qrz.is"
     name = "Tags"
     weight = 4
     url = "/tags/"
+[[menu.main]]
+    name = "Links"
+    weight = 5
+    url = "/links/"
+[[menu.main]]
+    name = "About"
+    weight = 6
+    url = "/about/"
+[[menu.main]]
+    name = "Impressum"
+    weight = 7
+    url = "/impressum/"
+[[menu.main]]
+    name = "RSS"
+    weight = 6
+    url = "/index.xml"
+[[menu.footer]]
+    name = "Git"
+    weight = 5
+    url = "https://git.qrz.is/clemens/"
+[[menu.footer]]
+    name = "Mastodon"
+    weight = 6
+    url = "https://mastodon.radio/@michael"
+[[menu.footer]]
+    name = "QRZ"
+    weight = 7
+    url = "https://qrz.com/DB/DK1MI"
+[[menu.footer]]
+    name = "Privacy/Datenschutz"
+    weight = 8
+    url = "/privacy/"
 [[menu.main]]
     name = "About"
     weight = 5

content/impressum.md

@@ -3,6 +3,7 @@ title: "Impressum"
 slug:  "impressum"
 date: 2018-05-03T16:42:59+02:00
 draft: false
+showthedate: false
 ---
 
 Michael Clemens  

content/links/hamradio.md

@@ -0,0 +1,170 @@
+---
+title: "Amateur Radio"
+date: 2018-10-26T18:08:59+02:00
+draft: false
+showthedate: false
+---
+
+
+# Know-how
+  * [Funken via analoge Funk-Relais](https://hb9zz.ethz.ch/en/relaisfunk)
+  * [DC4KU - Werner Schnorrenberg](http://dc4ku.darc.de/) - huge collection of information
+
+# Transceivers
+
+## Xiegu G90
+  * [Latest G90 firmwares](https://www.sinotel.co.uk/index.php?main_page=page&id=24)
+  * [G90 user group on groups.io](https://groups.io/g/XieguG90)
+
+# Tutorials
+
+  * [UV-5R Cheat Sheet](https://w7apk.com/baofeng)
+
+
+# Software
+
+  * Logging Software
+    * [YFKlog](http://fkurz.net/ham/yfklog.html) - curses based CLI ham radio logbook
+    * [Fast Log Entry (FLE)](https://www.df3cb.com/fle/) - plain text windows logging tool
+    * [CQRLOG](https://www.cqrlog.com) - ham radio logbook for Linux
+    * [Log4OM](http://www.log4om.com/) - ham radio logbook for Windows
+    * [Cloudlog](https://www.magicbug.co.uk/cloudlog/) - Web based amateur radio logging application built using PHP & MySQL supports general station logging tasks from HF to Microwave with supporting applications to support CAT control.
+
+  * Weblogs
+    * [Club Log](https://clublog.org/)
+    * [HRDLOG](http://www.hrdlog.net/)
+
+# Operating Modes
+
+  * FT8
+    * [FT8 Operating Guide](https://www.g4ifb.com/FT8_Hinson_tips_for_HF_DXers.pdf) - Excellent FT8 manual
+  * CW
+    * Learning CW
+      * [Learn CW Online](https://lcwo.net)
+      * [CWops Morse Code Trainer](https://morsecode.scphillips.com/trainer.html)
+      * [CWops Academy](https://cwops.org/cw-academy-2/)
+      * [A SW Keyer for remote operations](https://iw7dmh.jimdofree.com/utilities-for-remote-operations/sw-keyer-for-remote-operations/) - RS232 interface for morse keys
+      * [Paper on Farnsforth Technique](http://www.arrl.org/files/file/Technology/x9004008.pdf)
+      * [Road to CW](http://www.k4co.org/MiscDocuments/Road_to_CW_de_W4ALF.pdf)
+      * [CW Lernen](https://www.dl3hm.de/CW_Lernen.html) - good german article on learning CW
+      * [A Visual Farnsworth CW Trainer](https://cwtrainer.loomcom.com/)
+      * [W1AW Code Practice MP3 Files](http://www.arrl.org/code-practice-files)
+      * [Learning CW Morse code by KN3B](http://kn3b.com/learning-cw-morse-code.html)
+
+    * CW QSO Examples
+      * [Making a CW QSO by K3WWP](http://www.naqcc.info/cw_qsos.html)
+      * [CW QSO Formats; Ham Radio Morse Contact](https://www.electronics-notes.com/articles/ham_radio/morse_code/cw-qso-morse-contact.php)
+      * [Basics of a CW QSO!](https://www.emdrc.com.au/basics-of-a-cw-qso/)
+
+    * CW Keyer
+      * [Open CW Keyer MK2](https://www.hamshop.cz/open-cw-keyer-c27/open-cw-keyer-i196/)
+      * [NanoKeyer](https://nanokeyer.wordpress.com/get-one/)
+      * [Funtronics K3NG Keyer](https://elekitsorparts.com/product/funtronics-k3ng-keyer-fk-10-99-winkey-emulation)
+      * [K1EL Keyer](https://www.hamcrafters2.com)
+      * [K3NG Keyer List](https://github.com/k3ng/k3ng_cw_keyer/wiki/180-Kits-and-Kitting)
+
+  * APRS
+    * [Baofeng UV5R TRRS Adapter](https://github.com/johnboiles/BaofengUV5R-TRRS)
+    * [aprs.fi](https://aprs.fi) - APRS map
+    * [APRS mit APRSDroid](https://www.instructables.com/id/APRS-and-the-UV-5R/)
+
+  * DMR
+
+    * DMR General
+      * [BAOFENG RD-5R DMR HT & DMR basics](https://vk2ji.com/baofeng-rd-5r-dmr-ht/)
+      * [RT3S: Handhabung des Codeplug im BM-Netz](http://www.mdtweb.de/index.php/projekte/nachrichtentechnik/betriebstechnik/handhabung-des-codeplug-im-bm-netz)
+      * [Gute Einfuehrung in DMR](https://www.dk7lst.de/cms/?q=dmr)
+
+    * DMR Repeater Lists
+      * [spacesupport.de](http://www.spacesupport.de/repeater-liste.php)
+      * [bm262.de/dl/](http://bm262.de/dl/)
+      * [ham-digital.org](https://ham-digital.org/dmr-rptrreg.php#DEU)
+      * [https://repeatermap.de/](https://repeatermap.de/)
+
+    * Brandmeister
+      * [Brandmeister Top Activity](https://app.brandmeisteractivity.live/)
+
+  * Echolink
+    * [UV-R5 + Rpi3 = Echolink Repeater](http://www.pakhams.com/index.php?option=com_content&view=article&id=178:pi3echolink&catid=45:misc&Itemid=157)
+    * [Interfacing the UV5R with a Raspberry PI 3 Echolink-Svxlink](https://blog.bacarde.com/2017/05/07/interfacing-uv5r-raspberry-pi-3-echolink-svxlink/)
+    * [LC-Link Echolink Interface](https://www.landolt.de/info/afuinfo/echolink.htm)
+
+  * Packet Radio
+
+    * [Soundmodem](http://uz7.ho.ua/packetradio.htm) - Windows application which replaces a modem/TNC
+    * [direwolf](https://github.com/wb2osz/direwolf) - software "soundcard" AX.25 packet modem/TNC and APRS encoder/decoder
+    * [FlexNet](http://www.afthd.tu-darmstadt.de/~flexnet/intro.html) - a modular AX.25 stack
+    * [Paxon](http://www.paxon.de) - Packet Radio Terminal Program
+    * [DireWolf Presentation](https://microhams.blob.core.windows.net/content/2018/03/MHDC2018-WB2OSZ.pdf)
+    * [Packet Radio Slides](https://www.darc.de/fileadmin/filemounts/distrikte/c/ortsverbaende/15/Infos/VortragPacketRadioDG5MHF.pdf)
+    * [Packet Radio Slides dk0mav](http://www.afug.uni-goettingen.de/~dk0mav/Packet-Radio%20Informationsmappe.pdf)
+    * [Packetradio ohne Modem](http://db0fhn.efi.fh-nuernberg.de/~dl3rtl/html/soundmodem.html) - Soundmodem + FlexNet + Paxon
+    * [V4Chat](https://elektronikbasteln.pl7.de/v4-chat-chatten-auf-kurzwelle-fuer-funkamateure.html) - Chatten über Kurzwelle
+    * [10m Digipeater DF0MOT](http://www.trg-radio.de/index.php/df0mot-10m)
+
+  * SSTV
+    * [The SSTV Handbook](http://sstv-handbook.com/) - Everything you ever want to know about SSTV in one PDF
+
+  * Hamshack Hotline
+
+    * [Hamshack Hotline](https://hamshackhotline.com/)
+    * [Presentation on HH](www.w7aia.org/meetings_files/docs/2019-03-01_ham_shack_hotline_AA6RV.pdf) - some very informative slides
+
+  * HAMNET
+
+    * [Packet Radio über HAMNET](https://hamnet.funkzentrum.de/wie-kann-ich-teilnehmen/packet-radio-uebers-hamnet.html)
+    * [Dienste im HAMNET](https://hamnet.funkzentrum.de/user-service-netz.html)
+    * [DB0STB-2](https://hamnetdb.net/index.cgi?q=db0stb-2)
+    * [Ubiquiti Litebeam 5AC Gen2 Anleitung](https://dl.ubnt.com/qsg/LBE-5AC-Gen2/LBE-5AC-Gen2_DE.html)
+    * [Hamnet Präsentation](https://mum.mikrotik.com/presentations/DE16/presentation_3539_1464940888.pdf)
+    * [Hamnet Workshop Dormagen](https://www.afu.rwth-aachen.de/images/vortraege/Hamnet_Workshop_Dormagen.pdf)
+    * [Einführung in Hamnet](https://www.darc.de/fileadmin/filemounts/distrikte/p/ortsverbaende/18/Hamnet/Einfuehrung_in_HAMNET_2016-02-05_e.pdf)
+
+# Tech
+
+  * DIY
+    * [PL-Stecker an Koax-Kabel löten](https://dh7lm.wordpress.com/2014/10/05/pl-stecker-an-koax-kabel-loten-so-funktionierts/)
+    * [Carbon Arrow Yagi Antenna](https://tysonpower.de/blog/carbon-arrow-yagi-antenna)
+    * [Homebrew Programming Cable for Retevis RT95](http://iz3zvo.altervista.org/build-program-cable-anytone-at-5888uv-intek-hr-2040/)
+
+  *  Electronics
+    * [Elektronik Kompendium](https://www.elektronik-kompendium.de/)
+    * [Burkhard Kainka](http://www.b-kainka.de/)
+    * [Wumpus Welt der Radios](http://www.welt-der-alten-radios.de/detektor-bauprojekte--80.html)
+
+  * RFI
+    * [Sounds of RFI](http://www.arrl.org/sounds-of-rfi) - Sound samples of different RFI sources
+
+# Community
+  * [The ON4KST amateur radio chat](http://www.on4kst.org/chat/start.php)
+  * [/r/amateurradio](https://www.reddit.com/r/amateurradio/)
+
+# Ham Weather / Propagation
+  * [AirScout - Software for Aircraft Scatter Prediction](http://www.airscout.eu/index.html)
+  * [William Hepburn's Worldwide Tropospheric Ducting Forecast](http://www.dxinfocentre.com/tropo_eur.html)
+  * [VHF Propagation Map](http://aprs.mennolink.org/)
+
+# DXCluster
+  * [DXHeat](https://dxheat.com/dxc/) - Modern, responsive DXCluster web application
+  * [dx-cluster.de](http://dx-cluster.de/index.php)
+
+# VHF/UHF
+  * [Die modernen Werzeuge des UKW Amateurs](http://funkperlen.blogspot.com/2018/01/die-modernen-wekzeuge-des-ukw-amateurs.html)
+  * [Beacons](http://dk8jg.de/Baken%202m%2070cm%2023cm%20in%20DL%202013.pdf)
+
+# ADIF Analysis/Mapping
+  * [Adventure Radio Log Analyzer](http://analyzer.adventureradio.de/)
+
+# Exam Preparation
+  * [HamRadioTrainer](http://hamradiotrainer.de/) - Die intelligente Lernsoftware für die Amateurfunkprüfung (Windows/Wine)
+  * [afup.a36.de](https://www.afup.a36.de/) - Prüfungstraining für das Amateurfunkzeugnis (Web based)
+  * [DARC Online Lehrgang](https://www.darc.de/der-club/referate/ajw/darc-online-lehrgang/)
+  * [Lichtblicke, Kruecken](https://www.dl9hcg.a36.de/) - PDF Slides, Zu jeder Frage des Prüfungs­kataloges wird der komplette Lösungsweg auf einer ganzen Bildschirmseite angezeigt.
+  * [Lizenzkochbuch](http://www.qslonline.de/hk/eigen/lizenzkochbuch.htm) - printed book, 15€
+  * [Fragenkatalog der BNetzA](https://www.bundesnetzagentur.de/cln_1432/DE/Sachgebiete/Telekommunikation/Unternehmen_Institutionen/Frequenzen/Funkzeugnisse/Amateurfunk/amateurfunk-node.html)
+  * [Class E and A license preparation](http://ham-radio-apps.com/amateurfunk-lizenz/) - iOS Apps
+  * [Bueffeln.net](https://www.bueffeln.net/Pruefung/Amateurfunk) - Web based + App, 20€
+  * [Rufzeichenliste der BNetzA](https://www.bundesnetzagentur.de/SharedDocs/Downloads/DE/Sachgebiete/Telekommunikation/Unternehmen_Institutionen/Frequenzen/Amateurfunk/Rufzeichenliste/Rufzeichenliste_AFU.pdf?__blob=publicationFile)
+  * [Rufzeichensuche der BNetzA](https://ans.bundesnetzagentur.de/Amateurfunk/Rufzeichen.aspx)
+  * [Prüfungstermine](https://www.bundesnetzagentur.de/SharedDocs/Downloads/DE/Sachgebiete/Telekommunikation/Unternehmen_Institutionen/Frequenzen/Amateurfunk/Pr%C3%BCfungstermine/Termine_Afu_Pruefungen.pdf?__blob=publicationFile)
+

content/links/infosec.md

@@ -0,0 +1,243 @@
+---
+title: "Information Security"
+date: 2022-06-07T08:00:00+02:00
+draft: false
+showthedate: false
+---
+
+# Threat Intelligence Portals/Feeds
+  * [IBM X-Force Exchange](https://exchange.xforce.ibmcloud.com) - Cloud platform for sharing threat intel data
+  * [OTX threat intelligence](https://otx.alienvault.com) - AlienVault Open Threat Intelligence Community
+  * [List of Threat Intelligence Feeds](https://intelmq.readthedocs.io/en/latest/Feeds)
+  * [csirtg.io](https://csirtg.io/)
+  * [CentralOps Whois](https://centralops.net/co/) - in depth whois with IP history
+  * [VirusTotal](https://www.virustotal.com/) - You have to know VirusTotal
+  * [GitHub - sroberts/awesome-iocs: A collection of sources of indicators of compromise](https://github.com/sroberts/awesome-iocs)
+
+# Threat Intelligence Tools
+  * [IntelMQ](https://www.enisa.europa.eu/topics/csirt-cert-services/community-projects/incident-handling-automation) - Solution for collecting and processing security feeds, pastebins, tweets using a message queue protocol
+  * [harpoon](https://www.randhome.io/blog/2018/02/23/harpoon-an-osint-/-threat-intelligence-tool/) - CLI tool for open source and threat intelligence
+  * [Bearded-Avenger / CIF](https://csirtgadgets.com/collective-intelligence-framework) - CIF allows you to combine known malicious threat information from many sources and use that information for incident response, detection and mitigation.
+  * [MISP](https://www.misp-project.org) - Self-hosted threat information sharing platform
+  * [Cyber Threat Intelligence Tools](https://gbhackers.com/cyber-threat-intelligence-tools/) - Very extensive list of tools 
+  * [urlQuery](http://urlquery.net/) - Gives you a screenshot of a given site along with all HTTP transactions (request and response) and executed JS
+  * [OSINT Framework](https://osintframework.com/)
+
+# Threat Detection
+  * [Blue Team fundamentals Part Two: Windows Processes.](https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2)
+  * [Detect Password Spraying With Windows Event Log Correlation – Welcome to the Ziemba.Ninja Infosec Blog!](https://www.ziemba.ninja/?p=66)
+  * [Download Windows security audit events from Official Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=50034)
+  * [GitHub - MHaggis/sysmon-dfir: Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.](https://github.com/MHaggis/sysmon-dfir)
+  * [Endpoint detection Superpowers on the cheap — part 1](https://medium.com/p/endpoint-detection-superpowers-on-the-cheap-part-1-e9c28201ac47)
+  * [Windows RDP-Related Event Logs: Identification, Tracking, and Investigation | Ponder The Bits](https://ponderthebits.com/2018/02/windows-rdp-related-event-logs-identification-tracking-and-investigation/)
+  * [GitHub - Neo23x0/APTSimulator: A toolset to make a system look as if it was the victim of an APT attack](https://github.com/Neo23x0/APTSimulator)
+  * [GitHub - 0x4D31/awesome-threat-detection: A curated list of awesome threat detection and hunting resources](https://fb.me/4hCASkUkD)
+  * [Hack the Hacker – Fuzzing Mimikatz On Windows With WinAFL & Heatmaps (0day) | SEC Consult](https://www.sec-consult.com/en/blog/2017/09/hack-the-hacker-fuzzing-mimikatz-on-windows-with-winafl-heatmaps-0day/index.html)
+  * [Tales of a Threat Hunter 1](https://www.eideon.com/2017-09-09-THL01-Mimikatz/)
+  * [GitHub - sroberts/awesome-iocs: A collection of sources of indicators of compromise](https://github.com/sroberts/awesome-iocs)
+  * [ion-storm/sysmon-config: Sysmon configuration file template with default high-quality event tracing](https://github.com/ion-storm/sysmon-config)
+  * [Greater Visibility Through PowerShell Logging « Threat Research Blog | FireEye Inc](https://www.fireeye.com/blog/threat-research/2016/02/greater_visibilityt.html)
+  * [Know your Windows Processes or Die Trying](http://www.sysforensics.org/2014/01/know-your-windows-processes/)
+  * [http://blog.rootshell.be/2012/01/17/monitoring-pastebin-com-within-your-siem/](http://blog.rootshell.be/2012/01/17/monitoring-pastebin-com-within-your-siem/)
+  * [FCL - Fileless Command Lines](https://github.com/chenerlich/FCL)
+
+# Data Scraping
+  * [pystemon](https://github.com/cvandeplas/pystemon) - Monitoring tool for PasteBin-alike sites written in Python
+
+# Vulnerability Management
+  * [https://vulners.com](https://vulners.com) - Vulnerability search engine - ("Google for Hackers")
+
+# Honeypots
+  * [ssh-auth-logger](https://github.com/JustinAzoff/ssh-auth-logger) - works great in combination with CIF and csirtg.io, see [explodingwoodchucks.com](https://www.explodingwoodchucks.com/build-a-ssh-sensor)
+  * [cowrie](https://github.com/cowrie/cowrie) - successor to kippo
+  * [High Interaction Honeypots with Sysdig and Falco](https://labs.mwrinfosecurity.com/blog/high-interaction-honeypots-with-sysdig-and-falco)
+
+# Tools - Packet String Data (PSTR)
+  * [URLsnarf](http://)
+  * [Httpry](https://github.com/jbittel/httpry) - HTTP logging and information retrieval tool
+  * [Justsniffer](https://github.com/onotelli/justniffer) - a network protocol analyzer that captures network traffic
+
+# Incident Response
+  * [Incident Response](http://www.cst.ucf.edu/about/information-security-office/incident-response/)
+  * [Cyber Probe - Capturing, Analysing and Responding to Cyber Attacks](http://www.kitploit.com/2017/01/cyber-probe-capturing-analysing-and.html)
+  * [Basics of Windows Incident Response – JP](https://jordanpotti.com/2017/01/20/basics-of-windows-incident-response/)
+  * [PENTEST-WIKI](https://github.com/nixawk/pentest-wiki)
+  * [https://github.com/meirwah/awesome-incident-response](https://github.com/meirwah/awesome-incident-response)
+
+# Incident Analysis
+
+## Malware Analysis
+
+### Detection
+
+  * [https://virustotal.github.io/yara/](Yara) - Signature based detection
+  * [https://ssdeep-project.github.io/ssdeep/usage.html](ssdeep) - Fuzzy Hashing
+  * [https://github.com/Dynetics/Malfunction](malfunction) - Fuzzy Hasing
+
+### String Extraction
+
+  * [https://blog.didierstevens.com/programs/xorsearch/](xorstrings)
+  * [https://github.com/fireeye/flare-floss](floss) - Automatic decoder function detection and usage, Extracts ASCII and UTF-16-le strings
+  * [https://docs.microsoft.com/en-us/sysinternals/downloads/strings](strings)
+
+### PE
+
+  * [PE Wiki](https://code.google.com/p/corkami/wiki/PE101)
+  * [PE Infographic](https://i.imgur.com/pHjcI.png)
+  * [pescanner.py](https://code.google.com/p/malwarecookbook/source/browse/trunk/3/8/pescanner.py)	
+  * [pestudio](http://www.winitor.com/)
+  * [Manalyze](https://github.com/JusticeRage/Manalyze)
+  * [Dependency Walker](http://dependencywalker.com/)
+
+### Graphical Analysis
+
+  * [Binvis](binvis.io)
+  * [Cantor Dust](https://sites.google.com/site/xxcantorxdustxx/)
+
+### Disassembler
+
+  * [IDA]()
+  * [Radare2](https://www.radare.org)
+  * [RetDec](https://retdec.com/)
+
+### PDF Analysis
+
+  * [malicious-pdf-analysis-ebook](http://didierstevens.com/files/data/malicious-pdf-analysis-ebook.zip)
+  * [pdf-parser.py](https://blog.didierstevens.com/2008/10/30/pdf-parserpy/)
+  * [pdftk](https://www.pdflabs.com/tools/pdftk-the-pdf-toolkit/)
+  * [peepdf](https://github.com/jesparza/peepdf)
+
+### Office Analysis
+
+  * [viper](http://viper.li/)
+  * [vipermonkey](https://github.com/decalage2/ViperMonkey)
+  * [oledumpi.py](https://blog.didierstevens.com/programs/oledump-py/)
+  * [Quicksand lite](https://github.com/tylabs/quicksand_lite)
+
+## Filesystem Analysis
+
+  * [Sleuthkit](http://www.sleuthkit.org/index.php)
+  * [FireBrick](http://digitalfire.ucd.ie/?page_id=1011) - Software Write Blocker
+
+## Shellcode Analysis
+  * [Yara rule](https://github.com/Yara-Rules/rules/tree/master/Antidebug_AntiVM)
+  * [Viper Module](https://github.com/viper-framework/viper/blob/master/viper/modules/shellcode.py)
+  * [Shellcode Detector](http://blog.didierstevens.com/2014/09/29/update-xorsearch-with-shellcode-detector/)
+
+# Reconnaissance
+  * [shodan.io](https://shodan.io) - service banner search engine
+  * [A Shodan Tutorial and Primer](https://danielmiessler.com/study/shodan/)
+  * [AutoNSE - Massive NSE (Nmap Scripting Engine) AutoSploit And AutoScanner - KitPloit - PenTest Tools for your Security Arsenal ☣](http://www.kitploit.com/2018/04/autonse-massive-nse-nmap-scripting.html)
+  * [GitHub - gpoguy/GetVulnerableGPO: PowerShell script to find 'vulnerable' security-related GPOs that should be hardended](https://github.com/gpoguy/GetVulnerableGPO)
+  * [PowerShell: Get all logged on Users per Computer/OU/Domain (Get-UserLogon) – SID-500.COM](https://sid-500.com/2018/02/28/powershell-get-all-logged-on-users-per-computer-ou-domain-get-userlogon/)
+  * [port-scan-automation: Automate NMAP Scans & Generate Custom Nessus Policies Automatically • Penetration Testing](https://securityonline.info/port-scan-automation-automate-nmap-scans-generate-custom-nessus-policies-automatically/)
+  * [Vision2 - Nmap's XML result parse and NVD's CPE correlation to search CVE - KitPloit - PenTest Tools for your Security Arsenal ☣](http://www.kitploit.com/2017/09/vision2-nmaps-xml-result-parse-and-nvds.html?m=1)
+  * [Retrieving scan results through Nessus API | Alexander V. Leonov](https://avleonov.com/2016/06/03/retrieving-scan-results-through-nessus-api/)
+  * [Nmap Cheat Sheet](https://highon.coffee/blog/nmap-cheat-sheet/)
+
+# (Post-)Exploitation
+  * [GitHub - mubix/post-exploitation: Post Exploitation Collection](https://github.com/mubix/post-exploitation)
+  * [GitHub - skelsec/pypykatz: Mimikatz implementation in pure Python](https://github.com/skelsec/pypykatz)
+  * [(403) http://blog.secu.dk/blog/Tunnels_in_a_hard_filtered_network/](http://blog.secu.dk/blog/Tunnels_in_a_hard_filtered_network/)
+  * [A Red Teamer's guide to pivoting](https://artkond.com/2017/03/23/pivoting-guide/)
+  * [How to use weaponized PDF documents to steal Windows credentialsSecurity Affairs](https://securityaffairs.co/wordpress/71856/hacking/weaponized-pdf-hack-windows.html)
+  * [GitHub - dylanaraps/pure-bash-bible: 📖 A collection of pure bash alternatives to external processes.](https://github.com/dylanaraps/pure-bash-bible/)
+  * [Untitled (http://LetMeOutOfYour.Net)](http://letmeoutofyour.net/)
+  * [Passing the hash with native RDP client (mstsc.exe) - Blog | Michael Eder](https://michael-eder.net/post/2018/native_rdp_pass_the_hash/)
+  * [Top Five Ways I Got Domain Admin on Your Internal Network before Lunch (2018 Edition)](https://medium.com/@adam.toscher/top-five-ways-i-got-domain-admin-on-your-internal-network-before-lunch-2018-edition-82259ab73aaa)
+  * [Digging passwords in Linux swap -  Sevagas](http://blog.sevagas.com/?Digging-passwords-in-Linux-swap)
+  * [GitHub - quentinhardy/msdat: MSDAT: Microsoft SQL Database Attacking Tool](https://github.com/quentinhardy/msdat)
+  * [How to Bypass Application Whitelisting & AV - Black Hills Information Security](https://www.blackhillsinfosec.com/how-to-bypass-application-whitelisting-av/)
+  * [Weaponization of Nessus Plugins](https://depthsecurity.com/blog/weaponization-of-nessus-plugins)
+  * [Getting SYSTEM – Decoder's Blog](https://decoder.cloud/2018/02/02/getting-system/)
+  * [SSH Hijacking for lateral movement | xorl %eax, %eax](https://xorl.wordpress.com/2018/02/04/ssh-hijacking-for-lateral-movement/)
+  * [awesome-windows-exploitation/README.md at master · enddo/awesome-windows-exploitation · GitHub](https://github.com/enddo/awesome-windows-exploitation/blob/master/README.md)
+  * [GitHub - gobiasinfosec/Wireless_Query: Query Active Directory for Workstations and then pull their Wireless Network Passwords](https://github.com/gobiasinfosec/Wireless_Query)
+  * [(500) https://raw.githubusercontent.com/enigma0x3/Invoke-LoginPrompt/master/Invoke-LoginPrompt.ps1](https://raw.githubusercontent.com/enigma0x3/Invoke-LoginPrompt/master/Invoke-LoginPrompt.ps1)
+  * [Step by step Metasploit walkthrough](https://www.zero-day.io/metasploitwalkthrough/)
+  * [Ping is okay? – Right? – MSitPros Blog](https://msitpros.com/?p=3877)
+  * [How to get SQL Server Sysadmin Privileges as a Local Admin with PowerUpSQL](https://blog.netspi.com/get-sql-server-sysadmin-privileges-local-admin-powerupsql/#disqus_thread)
+  * [Applocker Bypass via Registry Key Manipulation](https://www.contextis.com/resources/blog/applocker-bypass-registry-key-manipulation/)
+  * [Bypassing Application Whitelisting with BGInfo – MSitPros Blog](https://msitpros.com/?p=3831)
+  * [Mimikatz in JS - Courtesy of James Forshaw - https://github.com/tyranid/DotNetToJScript ;-) · GitHub](https://gist.github.com/subTee/b30e0bcc7645c790fcd993cfd0ad622f)
+  * [GitHub - nccgroup/redsnarf: RedSnarf is a pen-testing / red-teaming tool for Windows environments](https://github.com/nccgroup/redsnarf)
+  * [Breaking Out! of Applications Deployed via Terminal Services, Citrix, and Kiosks](https://blog.netspi.com/breaking-out-of-applications-deployed-via-terminal-services-citrix-and-kiosks/)
+  * [Mimikatz Against Virtual Machine Memory Part 1 Carnal0wnage - Attack Research Blog Carnal0wnage & Attack Research Blog](http://carnal0wnage.attackresearch.com/2014/05/mimikatz-against-virtual-machine-memory.html)
+  * [Powershell script to automatically generate a malicious Excel document with different payloads and persistence methods. : netsec](https://www.reddit.com/r/netsec/comments/2rzky1/powershell_script_to_automatically_generate_a/)
+  * [Dumping Windows Credentials | Securus Global Blog](https://www.securusglobal.com/community/2013/12/20/dumping-windows-credentials/) 
+  * [Pass the Hash on Windows 8.1](https://samsclass.info/lulz/pth-8.1.htm)
+  * [Basic Linux Privilege Escalation](https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/)
+  * [GitHub - wtsxDev/Penetration-Testing: List of awesome penetration testing resources, tools and other shiny things](https://github.com/wtsxDev/Penetration-Testing)
+  * [p0wnedShell - PowerShell Runspace Post Exploitation Toolkit - Darknet](http://www.darknet.org.uk/2017/01/p0wnedshell-powershell-runspace-post-exploitation-toolkit/)
+  * [WifiHistoryView - Displays history of connections to wireless networks on your computer](http://www.nirsoft.net/utils/wifi_history_view.html)
+  * [How to Bypass Anti-Virus to Run Mimikatz - Black Hills Information Security](http://www.blackhillsinfosec.com/?p=5555)
+  * [“Fileless” UAC Bypass Using eventvwr.exe and Registry Hijacking | enigma0x3](https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/comment-page-1/#comment-1080)
+  * [Explore Hidden Networks With Double Pivoting – Pentest Blog](https://pentest.blog/explore-hidden-networks-with-double-pivoting/)
+  * [Decrypting Modern McAfee ePolicy Orchestrator Credentials | #!/bin/blog](http://bertman.net/2016/12/decrypting-modern-mcafee-epolicy-orchestrator-credentials/)
+
+# Malware Analysis
+  * [Painless Cuckoo Sandbox Installation | NVISO LABS – blog](https://blog.nviso.be/2018/04/12/painless-cuckoo-sandbox-installation/)
+  * [How to become the best Malware Analyst E-V-E-R](http://www.hexacorn.com/blog/2018/04/14/how-to-become-the-best-malware-analyst-e-v-e-r/)
+  * [VirusTotal Blog: Meet VirusTotal Droidy, our new Android sandbox](http://blog.virustotal.com/2018/04/meet-virustotal-droidy-our-new-android.html)
+  * [How to Share Malware Samples With Other Researchers](https://zeltser.com/share-malware-with-researchers/)
+  * [ANY.RUN](https://any.run/)
+  * [Any.Run - An Interactive Malware Analysis Tool - Is Now Open To The Public](https://www.bleepingcomputer.com/news/security/anyrun-an-interactive-malware-analysis-tool-is-now-open-to-the-public/)
+  * [malware.one LOGIN](https://malware.one/index.php?action=login)
+  * [Malware Analysis for the Incident Responder](https://blogs.cisco.com/security/malware-analysis-for-the-incident-responder)
+  * [GitHub - ANSSI-FR/caradoc: A PDF parser and validator](https://github.com/ANSSI-FR/caradoc)
+  * [Extract text and media content from docx | govolution](https://govolution.wordpress.com/2017/01/18/extract-text-and-media-content-from-docx/)
+  * [GitHub - K2/EhTrace: ATrace is a tool for tracing execution of binaries on Windows.](https://github.com/K2/EhTrace)
+  * [https://github.com/DidierStevens/DidierStevensSuite](https://github.com/DidierStevens/DidierStevensSuite)
+
+# Hardening / Configuration Auditing
+
+## OS Hardening
+  * [CIS Controls V7 Measures & Metrics](https://www.cisecurity.org/white-papers/cis-controls-v7-measures-metrics/)
+  * [PaulSec/awesome-windows-domain-hardening: A curated list of awesome Security Hardening techniques for Windows.](https://github.com/PaulSec/awesome-windows-domain-hardening)
+  * [selinux-coloring-book](http://people.redhat.com/duffy/selinux/selinux-coloring-book_A4-Stapled.pdf)
+  * [lateralblast/lunar: A UNIX security auditing tool based on several security frameworks](https://github.com/lateralblast/lunar)
+  * [https://adsecurity.org/?p=2288](https://adsecurity.org/?p=2288)
+  * [http://www.tenable.com/blog/compliance-auditing-with-microsoft-powershell](http://www.tenable.com/blog/compliance-auditing-with-microsoft-powershell)
+  * [10 best practices for Windows security - TechRepublic](http://www.techrepublic.com/blog/10-things/-10-best-practices-for-windows-security/)
+  * [A Look into Linux Hardening in the Wild](https://capsule8.com/blog/millions-of-binaries-later-a-look-into-linux-hardening-in-the-wild/)
+
+## Web Server Hardening
+  * [Nginx Quick Reference](https://github.com/trimstray/nginx-quick-reference)
+  * [GitHub - yandex/gixy: Nginx configuration static analyzer](https://github.com/yandex/gixy)
+  * [securityheaders.com](https://securityheaders.com/) - Check the configuration of your website's security headers
+  * [webbkoll.dataskydd.net](https://webbkoll.dataskydd.net) - Checks websites for privacy leaks and security headers
+
+# SIEM Solutions
+  * [AlienVault](https://www.alienvault.com/products/ossim) - Open Source SIEM solution
+  * [McAfee Enterprise Security Manager](https://www.mcafee.com/enterprise/de-de/products/enterprise-security-manager.html)
+  * [ArcSight](https://software.microfocus.com/en-us/products/siem-security-information-event-management/overview) 
+  * [QRadar](https://www.ibm.com/marketplace/ibm-qradar-siem) - IBM's SIEM solution
+  * [LogRhythm](https://logrhythm.com/)
+  * [Splunk](https://www.splunk.com) - Log management tool with SIEM ambitions
+  * [Exabeam](https://www.exabeam.com/) - Looks promising
+  * [Logpoint](https://www.logpoint.com)
+  * [Gartner Peer Insights](https://www.gartner.com/reviews/market/security-information-event-management) - Gartner's SIEM rankings
+
+# SOC Related Stuff
+  * [SIEM use cases development workflow – Agile all the things! | SPL>Ninja](https://spl.ninja/2017/10/15/siem-use-cases-development-workflow-agile-all-the-things/)
+  * [Lessons learned from the Microsoft SOC—Part 1: Organization](https://www.microsoft.com/security/blog/2019/02/21/lessons-learned-from-the-microsoft-soc-part-1-organization/)
+
+# Awareness
+  * [Our Approach to Employee Security Training | PagerDuty](https://www.pagerduty.com/blog/security-training-at-pagerduty/)
+
+# Other Stuff
+  * [GitHub - m4b/bingrep: like grep, but for binaries](https://github.com/m4b/bingrep/)
+  * [GitHub - vulnersCom/getsploit: Command line utility for searching and downloading exploits](https://github.com/vulnersCom/getsploit)
+  * [Microsoft releases new IT tool, Policy Analyzer - MSPoweruser](https://mspoweruser.com/microsoft-releases-new-tool-policy-analyzer/)
+  * [nexxai/CryptoBlocker: A script to deploy File Server Resource Manager and associated scripts to block infected users](https://github.com/nexxai/CryptoBlocker)
+  * [GitHub - securitywithoutborders/hardentools](https://github.com/securitywithoutborders/hardentools)
+  * [GitHub - juliocesarfort/public-pentesting-reports: Curated list of public penetration test reports released by several consulting firms and academic security groups](https://github.com/juliocesarfort/public-pentesting-reports)
+  * [CyberChef](https://gchq.github.io/CyberChef/) - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
+
+# Leaked Password Databases
+  * [Random](https://publicdbhost.dmca.gripe/random/)
+  * [databases.today](https://databases.today/search.php)
+
+# Password Lists
+  * [CrackStation](https://crackstation.net/crackstation-wordlist-password-cracking-dictionary.htm) - 1,493,677,782 Passwords
+  * [Rockyou.txt](http://scrapmaker.com/download/data/wordlists/dictionaries/rockyou.txt) - the standard

content/links/retro.md

@@ -0,0 +1,31 @@
+---
+title: "Retro Computing"
+date: 2018-10-26T18:08:59+02:00
+draft: false
+showthedate: false
+---
+
+# General Information
+  * [C64 Wiki](https://www.c64-wiki.de) - All the info you need
+
+# Bug hunting/fixing
+  * [The Pictorial C64 Fault Guide](https://derbian.webs.com/c64diag/) - The Pictorial C64 Fault Guide
+  * [Die Platinen des C64](http://www.cbmhardware.de/show.php?r=1&id=25/Die%20Platinen%20des%20C64) - All the mainboards with all the chips explained
+
+# Games
+  * [C64-Games.de](http://www.c64games.de/) - All the games you want
+  * [CSDb](https://csdb.dk/search/advancedresult.php?form[category]=releases&rrelease_type[]=46&showprpage=1000) - List of Easyflash releases
+  * [Gamebase64](http://www.gamebase64.com) - "An attempt to document ALL Commodore 64 gameware before it's too late!"
+  * [Gamebase64 Games](ftp://8bitfiles.net/gamebase_64/Games/) - FTP archive of all Gamebase64 game files
+  * [C64 game releases in 2019](https://docs.google.com/spreadsheets/d/1uoePmZPU6CAaXeTmu1yt29saKZQzxdzCamcLeCLWff8/edit#gid=0)
+
+# DIY Projects
+  * [10$ C64 Wifi Card](https://1200baud.wordpress.com/2017/03/04/build-your-own-9600-baud-c64-wifi-modem-for-20/)
+  * [User port cartridge case](https://www.thingiverse.com/thing:1545605) - Perfect for your DIY C64 wifi modem
+
+# Shops / Publishers
+  * [Protovision](https://www.protovision.games/shop/) - Sam's Journey, Galencia, Hardware etc.
+  * [Individual Computers](https://icomp.de/shop-icomp/de/shop.html) - Jens Schoenfeld's shop, many unique hardware
+  * [Pixelwizard Shop](https://shop.pixelwizard.eu/commodore-c64/) - Brand new C64C cases
+  * [Poly.play](https://www.polyplay.xyz/Commodore-64-128_3) - Original ROMs, Tapecart, labels, JiffyDOS etc.
+

content/links/tech.md

@@ -0,0 +1,56 @@
+---
+title: "IT / Tech / Misc"
+date: 2018-10-26T18:08:59+02:00
+draft: false
+showthedate: false
+---
+
+# Lists
+
+  * [The Book of Secret Knowledge](https://github.com/exitnode/the-book-of-secret-knowledge/blob/master/README.md) - A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more.
+
+# SSL/TLS/Encryption
+  * [Let's Encrypt for internal Servers](https://blog.heckel.xyz/2018/08/05/issuing-lets-encrypt-certificates-for-65000-internal-servers/)
+  * [The Definitive 2019 Guide to Cryptographic Key Sizes and Algorithm Recommendations](https://paragonie.com/blog/2019/03/definitive-2019-guide-cryptographic-key-sizes-and-algorithm-recommendations)
+  * [AES-Performance](https://systemausfall.org/wikis/howto/AES-Performance) - Comparison of AES performance on different systems / SBCs
+
+# PKI
+
+  * [PKI Infrastructure (01) – Introduction & Certificate Lifetimes](https://www.bussink.ch/?p=661)
+
+# Backup
+  * [Restic and Backblaze B2](https://harshadsharma.com/2018/04/restic-and-backblaze-b2-for-backups)
+
+# Monitoring
+  * [PING.GG](http://ping.gg/) - The world's simplest monitoring service
+
+# Logging
+  * [GoAccess](https://goaccess.io/) - open source real-time web log analyzer and interactive viewer that runs in a terminal in \*nix systems or through your browser. 
+
+# Living in the CLI
+  * [Curseradio](https://github.com/chronitis/curseradio) - Curses CLI web radio client
+
+# ChromeOS
+  * [Serial Debugging](https://wiki.postmarketos.org/wiki/Serial_debugging) - e.g. Suzy-Q debug cable diagram
+  * [DIY SuzyQable](https://www.reddit.com/r/PixelBook/comments/ezpnmi/suzyqable_needed_in_hong_kong_for_pixelbook/)
+
+# Networking / Mikrotik
+  * [MikroTik: Zentrales Management von WiFi Access Points mit CAPsMAN](https://clemens.name/blog/mikrotik-capsman-setup/)
+  * [MikroTik: Ausführen von Skripten per SMS](https://clemens.name/blog/mikrotik-exec-scripts-via-sms/)
+  * [Mikrotik Firmware Auto Updater](https://github.com/beeyev/Mikrotik-Firmware-Auto-Updater) - automatically updates router to the latest firmware.
+  * [Mikrotik as Home Router](https://blog.ligos.net/2017-02-16/Use-A-Mikrotik-As-Your-Home-Router.html) - Use a Mikrotik as Your Home Router 
+  * [Mikrotik WiFi Performance Tuning](https://gryzli.info/2015/06/20/mikrotik-optimizing-wi-fi-performance/)
+  * [Mikrotik Wireless FAQ](https://wiki.mikrotik.com/wiki/Manual:Wireless_FAQ)
+  * [Telegram Notifications from The Dude](https://wiki.mikrotik.com/wiki/Manual:The_Dude_v6/Dude_Telegram_Example)
+  * [Common MikroTik WiFi mistakes and how to avoid them](https://mum.mikrotik.com/presentations/UK18/presentation_5900_1539209343.pdf)
+  * [Some links for MikroTik tips and scripts](https://wiert.me/2017/04/25/some-links-for-mikrotik-tips-and-scripts/) - Good collection of tips, tricks and scripts
+  * [Traffic capture from a mikrotik device to wireshark](https://www.wizzycom.net/traffic-capture-from-a-mikrotik-device-to-wireshark/)
+
+# Networking / IPv6
+  * [Pretty good YouTube series on IPv6 (german)](https://www.youtube.com/playlist?list=PLCb8EhYsrW_symL1qayFNWN1yXkUjNAFz)
+  * [Hurricane Electric IPv6 Certification](http://ipv6.he.net/certification/) - Free, fun and you get a T-Shirt
+
+
+# Networking / SSH
+  * [SSH Examples, Tips & Tunnels](https://hackertarget.com/ssh-examples-tunnels/) - Practical SSH examples to take your remote system admin game to the next level. Commands and tips to not only use SSH but master ways to move around the network.
+

content/privacy.md

@@ -3,6 +3,7 @@ title: "Datenschutzerklärung"
 slug:  "privacy"
 date: 2018-05-03T16:42:59+02:00
 draft: false
+showthedate: false
 ---
 
 Verantwortlicher im Sinne der Datenschutzgesetze, insbesondere der EU-Datenschutzgrundverordnung (DSGVO), ist:

content/projects.md

@@ -2,6 +2,7 @@
 title: "Projects"
 date: 2018-05-03T15:42:59+02:00
 draft: false
+showthedate: false
 ---
 
 #### Software Projects

themes/amberterm

@@ -1 +1 @@
-Subproject commit 498ff984a9221e59026746b12000a710ad82c24b
+Subproject commit 5b246bad08720a272aa1c7b3c4dbaa58569d0fed