RFC 8628 lets you phish people even if they're using WebAuthn
https://ift.tt/cpNIYLj

Submitted December 01, 2022 at 05:44AM by sanitybit
via reddit https://ift.tt/T2z6uwx

​​The PenTesters Framework (PTF)

A Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. As #pentesters, we've been accustom to the /pentest/ directories or our own toolsets that we want to keep up-to-date all of the time. We have those "go to" tools that we use on a regular basis, and using the latest and greatest is important.

PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install/update your distribution on any machine. Everything is organized in a fashion that is cohesive to the Penetration Testing Execution Standard (PTES) and eliminates a lot of things that are hardly used. PTF simplifies installation and packaging and creates an entire pentest framework for you. Since this is a framework, you can configure and add as you see fit. We commonly see internally developed repos that you can use as well as part of this framework. It's all up to you.

https://github.com/trustedsec/ptf

For a video tutorial on how to use PTF, check out our Vimeo page here: https://vimeo.com/137133837

Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328) - SUID-root program installed by default on Ubuntu
https://ift.tt/OvQHKgX

Submitted December 01, 2022 at 07:23AM by Gallus
via reddit https://ift.tt/07bJkwg

Remote code execution bug in FreeBSD's ping (CVE-2022-23093)
https://ift.tt/TrukG2P

Submitted December 01, 2022 at 09:40AM by Gallus
via reddit https://ift.tt/xfckVmZ

Bypassing Web Application Firewalls
https://ift.tt/ad0kRiL

Submitted December 01, 2022 at 04:51PM by ma-ni
via reddit https://ift.tt/fH8D37r

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.

https://github.com/p0dalirius/Coercer

#DFIR
Emotet Strikes Again - LNK File Leads to Domain Wide Ransomware
https://thedfirreport.com/2022/11/28/emotet-strikes-again-lnk-file-leads-to-domain-wide-ransomware

#Red_Team_Tactics
1. Pyramid - Python scripts/module to evade EDRs
https://github.com/naksyn/Pyramid
2. Hacking Smartwatches for Spear Phishing
https://cybervelia.com/?p=1380
3. OffSecOps: Using Jenkins For Red Team Tooling
https://http418infosec.com/offsecops-using-jenkins-for-red-team-tooling

#tools
#Sec_code_review
Heap_detective - detect heap memory pitfalls in C++/C
https://github.com/CoolerVoid/heap_detective

#exploit
1. Exploiting an N-day vBulletin PHP Object Injection Vulnerability
https://karmainsecurity.com/exploiting-an-nday-vbulletin-php-object-injection

2. CVE-2022-3654:
Chrome: heap-use-after-free in blink::LocalFrameView::PerformLayout (incomplete fix for CVE-2022-3199)
https://bugs.chromium.org/p/project-zero/issues/detail?id=2358

#tools
#OSINT
CVE and PoC SearchBot v.0.3.5:
- search and monitoring of new CVE;
- search and monitoring of PoCs.

#tools
#Offensive_security
laZzzy - shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques

#reversing
Guide to Reversing and Exploiting iOS binaries
Part 3 - Heap Overflows on iOS ARM64: Spraying, UAF
https://www.inversecos.com/2022/07/heap-overflows-on-ios-arm64-heap.html

]-> Part 1, 2:

#Threat_Research
1. Specialized Zero-Knowledge Proof failures
https://blog.trailofbits.com/2022/11/29/specialized-zero-knowledge-proof-failures
2. Windows Internet Key Exchange (IKE) RCE Vulnerability Analysis (CVE-2022-34721)
https://www.cyfirma.com/outofband/windows-internet-key-exchange-ike-remote-code-execution-vulnerability-analysis