تستر هاي نفوذ
بخوانيد😎


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.21

In an attempt to hide their activities, the Magecart group of hackers are now encoding stolen credit card information into images—hosted on the backdoored e-commerce server—before exfiltrating the data.

Read details:
https://thehackernews.com/2021/07/magecart-hackers-hide-stolen-credit.html


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.21

A PERFECT STARTER FOR BEGINNERS - TRYHACKME PRE SECURITY PATH
https://hacklido.com/blog/197


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.21

Az 500- microsoft😁
Q-a


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.21

Recap materials! - Cyber Threat Intelligence

CTI Recording:
https://drive.google.com/file/d/19RipZ052VWlXCGjk64r9fixj-Jmds12S/view?usp=sharing

CTI Presentation:
https://drive.google.com/file/d/1yqmlQ_JLJEBwDDJg6PTH7vHi0yL2pbkv/view?usp=sharing

CTI Intro Slides:
https://drive.google.com/file/d/1H7MevmwvNrBbtzWgEZYstnAOTOvWskxy/view?usp=sharing


‎-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.21

كمي لبخند😏

‏مهریه مامان بزرگم ۱۴ هزار تومنه !با بابا بزرگم دعوا کردن بابا بزرگم یه پاکت وینستون درآورد انداخت جلوش گفت اینم مهریت پاشو برو خونه بابات :)))

‏بابابزرگم ۹۴سالشه
به بچش که ۷۳ سالشه گفته صبحا با اقای احمدی نرو پارک ادم سالمی نیست.
اقای احمدی ۷۸ سالشه😂


-😛-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.21

#استخدام #جذب

موقعیت امریه ی سربازی در شرکت دانش بنیان
شرکت ما یک شرکت دانش بنیان فعال در زمینه تخصصی امنیت اطلاعات هست ، در حال حاضر برای گسترش تیم فنی در تهران با شرایط استخدام به صورت امریه برای سربازی ، در حوزه آزمون نفوذ دنبال یک همکار خوب هستیم
ممنون میشیم در صورتی که علاقه مند به فعالیت در این حوزه هستید رزومه هاتون رو برای من و یا به آدرس زیر
hr@padrasys.ir
ارسال کنید.
توانایی های مورد نیاز :
آشنایی با فرایند ها ، ابزار ها و تکنیک های آزمون نفوذ وب ، شبکه
آشنایی با استاندارد های مرتبط با آزمون نفوذ وب همچون
OWASP
آشنایی با ابزار های حوزه آزمون نفوذ همچون پویشگرها Acunetix,netsparker,burpSuite,...
توانایی تهیه گزارش آزمون نفوذ
اشنایی و توانایی کار با سیستم عامل لینوکس همچون
Kali linux
محل شرکت : سید خندان

#cybersecurity #infosec


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.21

-✌🏼-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.21

https://letsdefend.io/beta.html


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22

- اگر 1 جلد کتاب بخوانید ممکن است به کتاب خواندن علاقه مند شوید.
- اگر 2 جلد کتاب بخوانید حتما به کتاب خواندن علاقه مند می شوید.
- اگر 3 جلد کتاب بخوانید به فکر فرو می روید.
- اگر 4 جلد کتاب بخوانید در خلوت با خودتان حرف می زنید.
- اگر 5 جلد کتاب بخوانید سیاهی ها را سفید و سفیدی ها را سیاه می بینید.
- اگر 6 جلد کتاب بخوانید نسبت به خیلی عقاید و نظرات بی باور میشوید و به توده های مردم و باورهایشان خشم می گیرید.
- اگر 7 جلد کتاب بخوانید کم کم عقاید و نظرات جدید پیدا می کنید.
- اگر 8 جلد کتاب بخوانید در مورد عقاید جدیدتان با دیگران بحث می کنید.
- اگر 9 جلد کتاب بخوانید در بحث ها یتان کار به مجادله می کشد.
- اگر 10 جلد کتاب بخوانید کم کم یاد می گیرید که با کسانی که کمتر از ده جلد کتاب خوانده اند بحث نکنید.
- اگر 100 جلد کتاب بخوانید دیگر با کسی بحث نمی کنید و سکوت پیشه می گیرید.
- اگر 1000 جلد کتاب بخوانید آن وقت است که یاد گرفته اید دیگر تحت تاثیر مکتوبات قرار نگیرید و با مهربانی در کنار دیگر مردمان زندگی می کنید و اگر کمکی از دستتان بر بیاید در حق دیگران و جامعه انجام میدهید و در فرصت مناسب سراغ کتاب هزار و یکم میروید ...


-به درستي-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22

exploit
CVE-2021-35042:
SQL injection via unsanitized QuerySet.order_by() input in Django <3.1.13, <3.2.5
https://github.com/YouGina/CVE-2021-35042

Blue Team Techniques
Authentication, authorization, traceability and auditability for SSH accesses
https://github.com/ovh/the-bastion

Threat Research
15 Actionable Ways to Use Google Search Operators for safety
https://ahrefs.com/blog/google-advanced-search-operators

Cloud Security
Multi-Cloud Security Auditing Tool🤪
https://github.com/nccgroup/ScoutSuite
// Supported:
- Amazon Web Services;
- Microsoft Azure;
- Google Cloud Platform;
- Alibaba Cloud;
- Oracle Cloud Infrastructure.


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22

Malware analysis
1. Hancitor tries XLL as initial malware file
https://isc.sans.edu/forums/diary/Hancitor+tries+XLL+as+initial+malware+file/27618
2. Lazarus campaign TTPs and evolution👍🏽
https://cybersecurity.att.com/blogs/labs-research/lazarus-campaign-ttps-and-evolution

Red Team Tactics
1. Reflected XSS Through Insecure Dynamic Loading
https://infosecwriteups.com/reflected-xss-through-insecure-dynamic-loading-dbf4d33611e0
2. Red Team phishing😁
https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki#phishing-setup

ThreatResearch
UDP Technology IP Camera vulnerabilities👍🏽
https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities

Pentesting Cheatsheets
Convenient commands for your pentesting/red-teaming engagements, OSCP and CTFs👍🏽👍🏽
https://www.ired.team/offensive-security-experiments/offensive-security-cheetsheets


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22

Offensive security
1. Local file inclusion discovery and exploitation tool
https://github.com/hansmach1ne/lfimap
2. Adding a native sniffer to your implants:
decomposing and recomposing PktMon
https://adepts.of0x.cc/pktmon-dissection

Blue Team Techniques
QuickSand (ver.2) document and PDF malware analysis tool
https://github.com/tylabs/quicksand


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22

Whitepaper
"Hell’s Gate", 2021.
]-> Repo:
https://github.com/am0nsec/HellsGate


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22

Research
"An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors", 2021.


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22

Tech book
"Linux Debugging, Disassembling, Reversing. Practical Foundations: Training Course", 2021.


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22

Attack Mental Models and
Reference Frameworks
The following is a list of some of the most useful mental models
commonly referenced in Infosec as well as the incredibly useful
frameworks that are being developed to standardize and organize key
cyber attack and defense techniques, threat intelligence and data.
• The Lockheed Martin Cyber Kill Chain
• Incident Response Cycle (NIST SP800-61r2)
• David Bianco’s Pyramid of Pain
• The Diamond Model of Intrusion Analysis
• MITRE ATT&CK – list of attacker tactics, techniques, procedures, tools,
threat groups, mitigation and detection options, and much more!
‒ ATT&CK Navigator – Supplementary visualization tool
• MITRE Shield – Tactics, techniques, and a knowledgebase for active defense
• ATC RE&CT – A framework, collection and data
source for incident response techniques
‒ RE&CT Navigator – Supplementary visualization tool


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22

زمانی مرکز عملیات امنیت شما یک مرکز درست درمون محسوب میشه که:
Metrics
Metrics are used in a SOC as an incredibly important feedback mechanism.
This feedback is for both the SOC to measure itself, and as a communication
mechanism between the SOC and upper management. Internal metrics tracked
and watched by those inside the SOC need to show both measurements
telling those in the SOC if things are operating in the range of “business
as usual”, as well as how improvement initiatives and projects are
progressing. External metrics must focus on giving upper management the
information it needs to make risk and budget decisions, as well as clearly
demonstrate the return on investment being produced by the security
team. This section contains concepts and assessment considerations for
your metrics. Remember, success in the SOC relies on effectiveness in
both day-to-day operational tasks as well as continuous improvement


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22

Open-Source Tools
While there are many commercial cyber defense tools for all purposes,
teams with constrained budgets need not worry. In the hands of a driven and
motivated team, a world-class cyber defense can still easily be crafted using the
plethora of outstanding open-source and free solutions that are now available.
Here are some SOC team favorites across various categories:
Incident Management Systems
• TheHive
• FIR
Network Security Monitoring
• IDS, network metadata
‒ Suricata: IDS, network metadata, and PCAP capable
‒ EVEbox: Alert triage
‒ Snort
‒ Zeek
• Full Packet Capture
‒ Moloch
‒ Google Stenographer
‒ Netsniff-ng
• Distributions
‒ Security Onion
‒ RockNSM
Endpoint monitoring / HIDS
• NXLog Community Edition: logging agent
• OSQuery
• OSSEC: HIDS
• Sysmon
• Wazuh: HIDS
Incident Response
• Kansa
• Velociraptor
Malware Sandbox and Malware Analysis
• Cuckoo Sandbox
• REMnux: malware analysis tools Linux distro
Threat Intelligence Platforms
• MISP
• OpenCTI
Purple Team Testing and Reporting
• Vectr
SIEM / Log Management
• Elastic Stack
‒ Elastalert: Alerting Engine
Security Orchestration Automation and Response
• NSA Walkoff
• Shuffle


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22

Podcasts
There are many high-quality podcasts available revolving around
the different aspects of cybersecurity, and this is by no means a
complete list. But it is provided as a great place to get started.
SANS / GIAC Produced Podcasts
• BLUEPRINT – John Hubbard
• GIAC Trust Me I’m Certified – Jason Nickola
• SANS Internet Storm Center – Johannes Ullrich
General
• Beers with Talos
• Brakeing Down Security
• Cyber Security Interviews
• The CyberWire Daily
• Darknet Diaries
• Defensive Security Podcast
• Hacker Valley Studio
• FireEye State of the Hack
• Paul’s Security Weekly, Enterprise Security Weekly
• Security Now


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22

Books
Security Operations/Reference
• Crafting the InfoSec Playbook: Security Monitoring and Incident Response
Master Plan – Jeff Bollinger, Brandon Enrich, & Matthew Valite
• MITRE Top 10 Strategies of a World Class CSOC –
MITRE/Carson Zimmerman - FREE
• Blue Team Handbook: Incident Response Edition: A Condensed Field
Guide for the Cyber Security Incident Responder – Don Murdoch
• Blue Team Handbook: SOC, SIEM, and Threat-Hunting: A Condensed Guide
for the Security Operations Team and Threat Hunter – Don Murdoch
• Blue Team Field Manual – Alan White & Ben Clark
Malware
• Practical Malware Analysis - Michael Sikorski & Andrew Honig
• Malware Data Science - Joshua Saxe & Hillary Sanders
Incident Response
• Applied Incident Response – Steve Anson
Honeypots / Active Defense
• Intrusion Detection Honeypots: Detection Through Deception – Chris Sanders
• Offensive Countermeasures: The Art of Active Defense –
John Strand, Paul Asadoorian, & Ethan Robish
Threat Intelligence
• Intelligence-Driven Incident Response: Outwitting the
Adversary – Scott J. Roberts & Rebekah Brown


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1400.04.22