Skinnyboy_backdoor.pdf
5.6 MB
Threat_Research
"A Not so Fancy Game Exploring the New Skinnyboy Bear’s Backdoor", 2021.
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
"A Not so Fancy Game Exploring the New Skinnyboy Bear’s Backdoor", 2021.
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
https://github.com/madebygps/self-taught-guide-to-cloud-computing
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
GitHub
GitHub - learntocloud/learn-to-cloud: A courseware built on the belief that anyone can learn foundational cloud engineering skills…
A courseware built on the belief that anyone can learn foundational cloud engineering skills with the right guide and discipline - learntocloud/learn-to-cloud
Offensive security
1. SharpHook - Offensive api hooking tool written in C#
https://github.com/IlanKalendarov/SharpHook
2. Elf binary infector
https://github.com/sad0p/d0zer
Red Team Tactics
1. Evade AV with obfuscated payloads
https://github.com/smokeme/payloadGenerator
2. Writing non-writable memory (PoC)
https://github.com/Maff1t/WindowsPermsPoC
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
1. SharpHook - Offensive api hooking tool written in C#
https://github.com/IlanKalendarov/SharpHook
2. Elf binary infector
https://github.com/sad0p/d0zer
Red Team Tactics
1. Evade AV with obfuscated payloads
https://github.com/smokeme/payloadGenerator
2. Writing non-writable memory (PoC)
https://github.com/Maff1t/WindowsPermsPoC
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
GitHub
GitHub - IlanKalendarov/SharpHook: SharpHook is an offensive API hooking tool designed to catch various credentials within the…
SharpHook is an offensive API hooking tool designed to catch various credentials within the API call. - IlanKalendarov/SharpHook
The following information will be useful for the requirement 10
https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/siem-for-better-visibility-for-an-analyst-to-handle-an-incident/amp/
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/siem-for-better-visibility-for-an-analyst-to-handle-an-incident/amp/
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
SIEM Better Visibility for SOC Analyst to Handle an Incident with Event ID
Event ID for SIEM better visibility for an analyst, Incident handling, Event ID, Security Operation Center, Log analysis, Soc Architecture
Forwarded from PardisCo
🔴🟢🔴🟢🔴🟢
دوستان عزیز بعد از اینکه گوگل شروع به تحریم IP های ایران کرد وب سایت هایی مثل ifconfig.me و ipinfo.io که برای پیدا کردن Public IP که روی سرور هست یا روی Edge Router برای NAT استفاده شده مورد استفاده قرار میگیرند به دلیل استفاده از بستر Google Cloud Platform از دسترس IP های ایران خارج شدند.
به همین دلیل ما برای نیاز خودمون یک سرویس مشابه راه اندازی کردیم که در پروژه های خودمون استفاده کنیم.
چند روز قبل من وقت پیدا کردم که یک دامنه با آدرس myadd.ir ثبت کنم و سرویس رو Public کنم که همه بتونن از اون استفاده کنند.
اگر روی PC نیاز دارید که Public IP رو پیدا کنید میتونید به راحتی روی Web Browser آدرس http://myadd.ir رو باز کنید و Public IP رو مشاهده کنید و اگر روی سرور لینوکس نیاز دارید که Public IP رو پیدا کنید میتونید با اجرای فرمان curl myadd.ir در ترمینال لینوکس به راحتی Public IP رو مشاهده کنید.
همچنین اگر دوستانی دارید که از این تحریم رنج میبرند لطفا این پیام رو برای اون ها هم Forward کنید که کار دوستان هم راه بیفته 🌺🌺🌺
دوستان عزیز بعد از اینکه گوگل شروع به تحریم IP های ایران کرد وب سایت هایی مثل ifconfig.me و ipinfo.io که برای پیدا کردن Public IP که روی سرور هست یا روی Edge Router برای NAT استفاده شده مورد استفاده قرار میگیرند به دلیل استفاده از بستر Google Cloud Platform از دسترس IP های ایران خارج شدند.
به همین دلیل ما برای نیاز خودمون یک سرویس مشابه راه اندازی کردیم که در پروژه های خودمون استفاده کنیم.
چند روز قبل من وقت پیدا کردم که یک دامنه با آدرس myadd.ir ثبت کنم و سرویس رو Public کنم که همه بتونن از اون استفاده کنند.
اگر روی PC نیاز دارید که Public IP رو پیدا کنید میتونید به راحتی روی Web Browser آدرس http://myadd.ir رو باز کنید و Public IP رو مشاهده کنید و اگر روی سرور لینوکس نیاز دارید که Public IP رو پیدا کنید میتونید با اجرای فرمان curl myadd.ir در ترمینال لینوکس به راحتی Public IP رو مشاهده کنید.
همچنین اگر دوستانی دارید که از این تحریم رنج میبرند لطفا این پیام رو برای اون ها هم Forward کنید که کار دوستان هم راه بیفته 🌺🌺🌺
You use Azure Security Center.
You receive a security alert in Security Center.
You need to view recommendations to resolve the alert in Security Center.
Solution: From Security alerts, you select the alert, select Take Action, and then expand the Mitigate the threat section.
Does this meet the goal?
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
#informationsecurity #securitymanagement #azure #datasecurity
You receive a security alert in Security Center.
You need to view recommendations to resolve the alert in Security Center.
Solution: From Security alerts, you select the alert, select Take Action, and then expand the Mitigate the threat section.
Does this meet the goal?
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
#informationsecurity #securitymanagement #azure #datasecurity
Microsoft Security Operations Analyst v1.0
https://lnkd.in/dF33mxr
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
https://lnkd.in/dF33mxr
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
lnkd.in
LinkedIn
This link will take you to a page that’s not on LinkedIn
JupyterLab: Jupyter’s Next-Generation Notebook Interface
JupyterLab is a web-based interactive development environment for Jupyter notebooks, code, and data. JupyterLab is flexible: configure and arrange the user interface to support a wide range of workflows in data science, scientific computing, and machine learning. JupyterLab is extensible and modular: write plugins that add new components and integrate with existing ones.
https://jupyter.org/
https://lnkd.in/dF5PyB4
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
JupyterLab is a web-based interactive development environment for Jupyter notebooks, code, and data. JupyterLab is flexible: configure and arrange the user interface to support a wide range of workflows in data science, scientific computing, and machine learning. JupyterLab is extensible and modular: write plugins that add new components and integrate with existing ones.
https://jupyter.org/
https://lnkd.in/dF5PyB4
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
jupyter.org
Project Jupyter
The Jupyter Notebook is a web-based interactive computing platform. The notebook combines live code, equations, narrative text, visualizations, interactive dashboards and other media.
You need to receive a security alert when a user attempts to sign in from a location that was never used by the other users in your organization to sign in.
Which anomaly detection policy should you use?
A. Impossible travel
B. Activity from anonymous IP addresses
C. Activity from infrequent country
D. Malware detection
https://lnkd.in/daUf3kW
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
Which anomaly detection policy should you use?
A. Impossible travel
B. Activity from anonymous IP addresses
C. Activity from infrequent country
D. Malware detection
https://lnkd.in/daUf3kW
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
lnkd.in
LinkedIn
This link will take you to a page that’s not on LinkedIn
Microsoft Digital Defense Report
Get deep analysis about current threat trends and extensive insight from our experts on topics including big game ransomware, phishing, IoT threats, nation state activity, and more.
https://lnkd.in/dV2A355
Why Read This Report
In our 14-criterion evaluation of enterprise detection and response providers, we identified the 12 most significant ones — Bitdefender, BlackBerry Cylance, CrowdStrike, Cybereason, Elastic, Kaspersky, McAfee, Microsoft, Palo Alto Networks, SentinelOne, Trend Micro, and VMware Carbon Black — and researched, analyzed, and scored them. This report shows how each provider measures up and helps security and risk professionals select the right one for their needs.
https://lnkd.in/d5ddU7Y
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
Get deep analysis about current threat trends and extensive insight from our experts on topics including big game ransomware, phishing, IoT threats, nation state activity, and more.
https://lnkd.in/dV2A355
Why Read This Report
In our 14-criterion evaluation of enterprise detection and response providers, we identified the 12 most significant ones — Bitdefender, BlackBerry Cylance, CrowdStrike, Cybereason, Elastic, Kaspersky, McAfee, Microsoft, Palo Alto Networks, SentinelOne, Trend Micro, and VMware Carbon Black — and researched, analyzed, and scored them. This report shows how each provider measures up and helps security and risk professionals select the right one for their needs.
https://lnkd.in/d5ddU7Y
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
lnkd.in
LinkedIn
This link will take you to a page that’s not on LinkedIn
Microsoft Bug Bounty Program
https://lnkd.in/dzC6P3k
Microsoft Security Response Center
https://lnkd.in/d8EStbk
https://lnkd.in/dFTxdkK
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
https://lnkd.in/dzC6P3k
Microsoft Security Response Center
https://lnkd.in/d8EStbk
https://lnkd.in/dFTxdkK
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
lnkd.in
LinkedIn
This link will take you to a page that’s not on LinkedIn
Microsoft Threat Protection leads in real-world detection in MITRE ATT&CK evaluation
سرویس و محصولات مایکروسافت با رویکرد امنیت به شدت درخور توجه هست
البته بر بستر ابر - ترند شکار تهدیدات اش و بنچ مارک با سایر وندور ها نشان میده به شدت خوب داره کار میکنه
https://lnkd.in/dKDzvCJ
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
سرویس و محصولات مایکروسافت با رویکرد امنیت به شدت درخور توجه هست
البته بر بستر ابر - ترند شکار تهدیدات اش و بنچ مارک با سایر وندور ها نشان میده به شدت خوب داره کار میکنه
https://lnkd.in/dKDzvCJ
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.30
lnkd.in
LinkedIn
This link will take you to a page that’s not on LinkedIn
در صفحات ابتدایی نمایشنامه «شاه لیر» با دو دختر بزرگ "شاه لیر" مواجه هستیم که هر دو با چاپلوسی و تملق فراوان دل پدر را به دست آورده و قدرت را از دست او خارج می کنند. در این میان دختر سوم شاه به هیچ شرطی حتی محرومیت از ارث و قدرت حاضر به تملق و گزافه گویی برای پدر نمی شود و صداقت و صراحت با شاه را به قدرت و ثروت ترجیح می دهد. دو دختر تملق گوی و همسرانشان پس از مدتی علیه پدر شورش کرده و او را از خویش می رانند، اما در نهایت دختر سوم است که به یاری او می شتابد.. شاه لیر یکی از برترین تراژدی های نوشته شده در تاریخ نمایش است که توسط نبوغ شگرف ویلیام شکسپیر پرورده شده است. شکسپیر در این نمایشنامه آز و طمع متملقان اطراف حاکمان را گوشزد می کند و یادآوری می کند که دوست و یار وفادار حاکم نه افراد تملق گوی بلکه شخصیت هاییست که برای قدرت کیسه ندوخته اند و با جسارت و شهامت اشتباهات حاکم را گوشزد می کنند و آنها را از اعمال خانه برانداز و تصمیمات جاهلانه برحذر می دارند.ولی افسوس که حاکمان و سلاطین عادت چندانی به ادبیات و مطالعه ندارند.
-آنکه تملق و چاپلوسی میکند، در دل آز و طمع می پروراند-
1400.03.31
-آنکه تملق و چاپلوسی میکند، در دل آز و طمع می پروراند-
1400.03.31
AZ500-Master.pdf
6.5 MB
AZ-500 Course Introduction
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
Bug Bounty Automation With Python The secrets of bug hunting.pdf
1.1 MB
PYTHON CRASH COURSE
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
OSINT All in one
https://start.me/p/L1rEYQ/osint4all
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
https://start.me/p/L1rEYQ/osint4all
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
Start.me
OSINT4ALL - Start.me
OSINT4ALL aims to provide practical & easy OSINT toolkit for researchers of all level to use.
Advanced Persistent Threat -APT Reference:
https://attack.mitre.org/groups/
https://github.com/cyber-research/APTMalware
https://www.thaicert.or.th/downloads/files/A_Threat_Actor_Encyclopedia.pdf
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/edit?usp=sharing
https://www.fireeye.com/current-threats/apt-groups.html
https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
https://gist.github.com/Neo23x0/c4f40629342769ad0a8f3980942e21d3
https://malpedia.caad.fkie.fraunhofer.de/actors
https://www.thaicert.or.th/downloads/files/Threat_Group_Cards_v2.0.pdf
https://apt.thaicert.or.th/cgi-bin/aptsearch.cgi
https://github.com/jeevansio/APT_Digital_Weapon
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
https://attack.mitre.org/groups/
https://github.com/cyber-research/APTMalware
https://www.thaicert.or.th/downloads/files/A_Threat_Actor_Encyclopedia.pdf
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/edit?usp=sharing
https://www.fireeye.com/current-threats/apt-groups.html
https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
https://gist.github.com/Neo23x0/c4f40629342769ad0a8f3980942e21d3
https://malpedia.caad.fkie.fraunhofer.de/actors
https://www.thaicert.or.th/downloads/files/Threat_Group_Cards_v2.0.pdf
https://apt.thaicert.or.th/cgi-bin/aptsearch.cgi
https://github.com/jeevansio/APT_Digital_Weapon
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
GitHub
GitHub - cyber-research/APTMalware: APT Malware Dataset Containing over 3,500 State-Sponsored Malware Samples
APT Malware Dataset Containing over 3,500 State-Sponsored Malware Samples - cyber-research/APTMalware
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-qos
يك مديريت وصله در سازمان شما رو ٣ هيچ از نفوذگران جلو مي اندازد
لطفا دارايي هاي سازمان را بروز - در لحظه بروز رساني كنيد
رفع عدم وصله و ميس كانفيگ
ترندي هست در كشور - اين آسيب پذيري قديمي
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
يك مديريت وصله در سازمان شما رو ٣ هيچ از نفوذگران جلو مي اندازد
لطفا دارايي هاي سازمان را بروز - در لحظه بروز رساني كنيد
رفع عدم وصله و ميس كانفيگ
ترندي هست در كشور - اين آسيب پذيري قديمي
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
Cisco
Cisco Security Advisory: Cisco IOS and IOS XE Software Quality of Service Remote Code Execution Vulnerability
A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges.
The…
The…
BTFM
Blue Team Field Manual
كتابچه ارزشمند - تيم هاي امنيت دفاعي/آبي
https://edu.heibai.org/Blue%20Team%20Field%20Manual.pdf
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
Blue Team Field Manual
كتابچه ارزشمند - تيم هاي امنيت دفاعي/آبي
https://edu.heibai.org/Blue%20Team%20Field%20Manual.pdf
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
In looking into compromised systems, often what is needed by incident responders and investigators is not enabled or configured when it comes to logging.
https://www.malwarearchaeology.com/cheat-sheets
To help get system logs properly Enabled and Configured, below are some cheat sheets to help you do logging well and so the needed data we all need is there when we look
https://www.malwarearchaeology.com/s/Windows-Logging-Cheat-Sheet_ver_Feb_2019.pdf
https://www.malwarearchaeology.com/s/Windows-Advanced-Logging-Cheat-Sheet_ver_Feb_2019_v12.pdf
https://www.malwarearchaeology.com/s/Windows-Humio-Logging-Cheat-Sheet-v10-fw66.pdf
https://www.malwarearchaeology.com/s/Windows-Splunk-Logging-Cheat-Sheet-v222.pdf
https://www.malwarearchaeology.com/s/Windows-File-Auditing-Cheat-Sheet-ver-Nov-2017-3fwr.pdf
https://www.malwarearchaeology.com/s/Windows-Registry-Auditing-Cheat-Sheet-ver-Aug-2019.pdf
https://www.malwarearchaeology.com/s/Windows-PowerShell-Logging-Cheat-Sheet-ver-Sept-2018-v22.pdf
https://www.malwarearchaeology.com/s/Windows-Sysmon-Logging-Cheat-Sheet_Jan_2020-g7sl.pdf
https://www.malwarearchaeology.com/s/Windows-ATTCK_Logging-Cheat-Sheet_ver_Sept_2018.pdf
https://www.malwarearchaeology.com/s/Windows_LOG-MD_ATTCK_Cheat_Sheet_ver_Sept_2018.pdf
https://github.com/MalwareArchaeology/ATTACK
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
https://www.malwarearchaeology.com/cheat-sheets
To help get system logs properly Enabled and Configured, below are some cheat sheets to help you do logging well and so the needed data we all need is there when we look
https://www.malwarearchaeology.com/s/Windows-Logging-Cheat-Sheet_ver_Feb_2019.pdf
https://www.malwarearchaeology.com/s/Windows-Advanced-Logging-Cheat-Sheet_ver_Feb_2019_v12.pdf
https://www.malwarearchaeology.com/s/Windows-Humio-Logging-Cheat-Sheet-v10-fw66.pdf
https://www.malwarearchaeology.com/s/Windows-Splunk-Logging-Cheat-Sheet-v222.pdf
https://www.malwarearchaeology.com/s/Windows-File-Auditing-Cheat-Sheet-ver-Nov-2017-3fwr.pdf
https://www.malwarearchaeology.com/s/Windows-Registry-Auditing-Cheat-Sheet-ver-Aug-2019.pdf
https://www.malwarearchaeology.com/s/Windows-PowerShell-Logging-Cheat-Sheet-ver-Sept-2018-v22.pdf
https://www.malwarearchaeology.com/s/Windows-Sysmon-Logging-Cheat-Sheet_Jan_2020-g7sl.pdf
https://www.malwarearchaeology.com/s/Windows-ATTCK_Logging-Cheat-Sheet_ver_Sept_2018.pdf
https://www.malwarearchaeology.com/s/Windows_LOG-MD_ATTCK_Cheat_Sheet_ver_Sept_2018.pdf
https://github.com/MalwareArchaeology/ATTACK
-آگاهي رساني امنيت سايبري-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
Malware Archaeology
Cheat-Sheets — Malware Archaeology
"Windows logging Cheat Sheet", "Splunk Logging Cheat Sheet"
https://musclewiki.com
وب سايت جالبي براي ورزش، ابزار هاي استانداردي هم براي رژيم و مصرف كالري داره🤓
-سلامتي-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
وب سايت جالبي براي ورزش، ابزار هاي استانداردي هم براي رژيم و مصرف كالري داره🤓
-سلامتي-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.03.31
MuscleWiki
MuscleWiki - Interactive Exercise Library
Click any muscle for targeted exercises. 2000+ free videos with form instructions.