Подборка ресурсов с базой стандартных паролей+пары паролей.
1. defpass.com
2. many-passwords.github.io
3. fortypoundhead.com
4. cirt.net
5. datarecovery.com
6. passwordsdatabase.com
7. default-password.info
8. www.routerpasswords.com
Translation: ru-en
A selection of resources with a database of standard passwords + pairs of passwords.
1.defpass.com
2.many-passwords.github.io
3. fortypoundhead.com
4. cirt.net
5.datarecovery.com
6.passwordsdatabase.com
7.default-password.info
8. www.routerpasswords.com
1. defpass.com
2. many-passwords.github.io
3. fortypoundhead.com
4. cirt.net
5. datarecovery.com
6. passwordsdatabase.com
7. default-password.info
8. www.routerpasswords.com
Translation: ru-en
A selection of resources with a database of standard passwords + pairs of passwords.
1.defpass.com
2.many-passwords.github.io
3. fortypoundhead.com
4. cirt.net
5.datarecovery.com
6.passwordsdatabase.com
7.default-password.info
8. www.routerpasswords.com
Приятного стендоффа)
[ Archive: https://ping-admin.com/free_test/result/16691176185b03fv4le676ma5f1041b7.html
Translation: ru-en
Happy standoff)
[Archive: https://ping-admin.com/free_test/result/16691176185b03fv4le676ma5f1041b7.html
[ Archive: https://ping-admin.com/free_test/result/16691176185b03fv4le676ma5f1041b7.html
Translation: ru-en
Happy standoff)
[Archive: https://ping-admin.com/free_test/result/16691176185b03fv4le676ma5f1041b7.html
Forwarded from 卩ro 爪Cracker
Fuzzing the web for mysterious bugs
https://ift.tt/NMDbPpi
Submitted November 21, 2022 at 11:02PM by hisxo
via reddit https://ift.tt/iGyt8g1
https://ift.tt/NMDbPpi
Submitted November 21, 2022 at 11:02PM by hisxo
via reddit https://ift.tt/iGyt8g1
0Xacb
Till REcollapse - 0xacb
Welcome back to my blog. In this post, I’ll explain the REcollapse technique. I’ve been researching it for the last couple of years to discover weirdly simpl...
👍2
Forwarded from 卩ro 爪Cracker
Windows 10 Hardening Script
This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on).
References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
https://gist.github.com/mackwage/08604751462126599d7e52f233490efe
This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on).
References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
https://gist.github.com/mackwage/08604751462126599d7e52f233490efe
🏆1
Forwarded from 卩ro 爪Cracker
Vehicle OSINT Tool Collection
A comprehensive list of websites, add-ons, repositories, and other tools useful for finding information on a target vehicle.
https://github.com/TheBurnsy/Vehicle-OSINT-Collection
A comprehensive list of websites, add-ons, repositories, and other tools useful for finding information on a target vehicle.
https://github.com/TheBurnsy/Vehicle-OSINT-Collection
🔥🔥🔥Play With Windows Defender - ASR
This article mainly uses the previous research to unravel the mystery of Windows Defender's ASR rules. Due to the limited domestic reference materials, most of them refer to foreign conferences and topics.
This article mainly uses the previous research to unravel the mystery of Windows Defender's ASR rules. Due to the limited domestic reference materials, most of them refer to foreign conferences and topics.
🛡DotDumper: Automatically Unpacking DotNet Based Malware
The automatic detection and classification of any given file in a reliable manner is often considered the holy grail of malware analysis. The trials and tribulations to get there are plenty, which is why the creation of such a system is held in high regard. When it comes to DotNet targeting binaries, our new open-source tool DotDumper aims to assist in several of the crucial steps along the way: logging (in-memory) activity, dumping interesting memory segments, and extracting characteristics from the given sample.
The automatic detection and classification of any given file in a reliable manner is often considered the holy grail of malware analysis. The trials and tribulations to get there are plenty, which is why the creation of such a system is held in high regard. When it comes to DotNet targeting binaries, our new open-source tool DotDumper aims to assist in several of the crucial steps along the way: logging (in-memory) activity, dumping interesting memory segments, and extracting characteristics from the given sample.
❤1
🔥🔥🔥nRF52 Debug Resurrection (APPROTECT Bypass)
💾Part1
This security investigation presents a way to bypass the APPROTECT on a protected nRF52840, in order to reactivate the Serial Wire Debug Interface (SWD), offering full debug capabilities on the target (R/W access to Flash/RAM/Registers, Code Exec and reprogramming). All the nRF52 versions are impacted.
💾Part2
In this post author presents how to:
💥exploit a real product based on nRF52840 to extract the Firmware and reactivate the SWD interface.
💥reproduce the attack on others nRF52 SoCs to confirm the vulnerability in all the nRF52 versions
⚠️Due to its intrinsic characteristics, the vulnerability cannot be patched without Silicon redesign, leading to a countless number of vulnerable devices on the field forever.
💾Part1
This security investigation presents a way to bypass the APPROTECT on a protected nRF52840, in order to reactivate the Serial Wire Debug Interface (SWD), offering full debug capabilities on the target (R/W access to Flash/RAM/Registers, Code Exec and reprogramming). All the nRF52 versions are impacted.
💾Part2
In this post author presents how to:
💥exploit a real product based on nRF52840 to extract the Firmware and reactivate the SWD interface.
💥reproduce the attack on others nRF52 SoCs to confirm the vulnerability in all the nRF52 versions
⚠️Due to its intrinsic characteristics, the vulnerability cannot be patched without Silicon redesign, leading to a countless number of vulnerable devices on the field forever.
👍2
#Malware_analysis
1. Earth Preta Spear-Phishing
https://www.trendmicro.com/en_us/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
2. Luna Moth Callback Phishing Campaign
https://unit42.paloaltonetworks.com/luna-moth-callback-phishing
3. Finding malicious PyPI packages through static code analysis
https://securitylabs.datadoghq.com/articles/guarddog-identify-malicious-pypi-packages
]-> CLI tool: https://github.com/DataDog/guarddog
1. Earth Preta Spear-Phishing
https://www.trendmicro.com/en_us/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
2. Luna Moth Callback Phishing Campaign
https://unit42.paloaltonetworks.com/luna-moth-callback-phishing
3. Finding malicious PyPI packages through static code analysis
https://securitylabs.datadoghq.com/articles/guarddog-identify-malicious-pypi-packages
]-> CLI tool: https://github.com/DataDog/guarddog
Trend Micro
Earth Preta Spear-Phishing Governments Worldwide
#tools
#Offensive_security
1. Another approach to thread stack spoofing
https://github.com/Kudaes/Unwinder
2. Dumping DPAPI credz remotely
https://github.com/login-securite/DonPAPI
3. Reverse Shell Generator
https://www.revshells.com
#Offensive_security
1. Another approach to thread stack spoofing
https://github.com/Kudaes/Unwinder
2. Dumping DPAPI credz remotely
https://github.com/login-securite/DonPAPI
3. Reverse Shell Generator
https://www.revshells.com
GitHub
GitHub - Kudaes/Unwinder: Call stack spoofing for Rust
Call stack spoofing for Rust. Contribute to Kudaes/Unwinder development by creating an account on GitHub.
#exploit
1. CVE-2022-26696:
macOS Sandbox Escape vulnerability via Terminal
https://wojciechregula.blog/post/macos-sandbox-escape-via-terminal
2. CVE-2022-33917:
Arm Mali CSF: page freed while still mapped into host userspace due to VMA split mishandling
]-> https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html
1. CVE-2022-26696:
macOS Sandbox Escape vulnerability via Terminal
https://wojciechregula.blog/post/macos-sandbox-escape-via-terminal
2. CVE-2022-33917:
Arm Mali CSF: page freed while still mapped into host userspace due to VMA split mishandling
]-> https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html
wojciechregula.blog
macOS Sandbox Escape vulnerability via Terminal
Introduction In 2020 I observed a strange behavior a sandboxed macOS app may launch any application that won’t inherit the main app’s sandbox profile. It was even funnier as the sandboxed app can spawn those new apps with environment variables. I of course…
#Malware_analysis
1. ViperSoftX: Hiding in System Logs and Spreading VenomSoftX
https://decoded.avast.io/janrubin/vipersoftx-hiding-in-system-logs-and-spreading-venomsoftx
2. DUCKTAIL: An infostealer malware targeting Facebook Business accounts (.pdf)
https://ift.tt/yrkLdsi
3. Aurora: a rising stealer flying under the radar
https://blog.sekoia.io/aurora-a-rising-stealer-flying-under-the-radar
1. ViperSoftX: Hiding in System Logs and Spreading VenomSoftX
https://decoded.avast.io/janrubin/vipersoftx-hiding-in-system-logs-and-spreading-venomsoftx
2. DUCKTAIL: An infostealer malware targeting Facebook Business accounts (.pdf)
https://ift.tt/yrkLdsi
3. Aurora: a rising stealer flying under the radar
https://blog.sekoia.io/aurora-a-rising-stealer-flying-under-the-radar
Gendigital
ViperSoftX: Hiding in System Logs and Spreading VenomSoftX
Unveiling the Stealth Tactics of ViperSoftX Malware
#tools #Fuzzing #Red_Team_Tactics
1. REcollapse - tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
https://github.com/0xacb/recollapse
2. Lateral Movement With Havoc C2 and Microsoft EDR
https://assume-breach.medium.com/home-grown-red-team-lateral-movement-with-havoc-c2-and-microsoft-edr-300b7389b1f7
1. REcollapse - tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
https://github.com/0xacb/recollapse
2. Lateral Movement With Havoc C2 and Microsoft EDR
https://assume-breach.medium.com/home-grown-red-team-lateral-movement-with-havoc-c2-and-microsoft-edr-300b7389b1f7
GitHub
GitHub - 0xacb/recollapse: REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations…
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications - 0xacb/recollapse