#Research
"Sniper Backdoor: Single Client Targeted Backdoor Attack in Federated Learning", 2022.

#tools
#Red_Team_Tactics
BlackHat Europe 2022:
Shoggoth - Asmjit Based Polymorphic Shellcode Encryptor
https://github.com/frkngksl/Shoggoth

#WebApp_Security
"WebSpec: Towards Machine-Checked Analysis of Browser Security Mechanisms", 2022.
]-> Tool: https://github.com/secpriv/webspec

#Threat_Research
1. Hooking System Calls in Windows 11 22H2: bug in copying the process handle on the current latest version of Avast Free Antivirus (22.11.6041 build 22.11.7716.762)
https://the-deniss.github.io/posts/2022/12/08/hooking-system-calls-in-windows-11-22h2-like-avast-antivirus.html
2. Kubernetes Threat Matrix v.3
https://www.microsoft.com/en-us/security/blog/2022/12/07/mitigate-threats-with-the-new-threat-matrix-for-kubernetes

Track User's Smartphone/Pc Ip And Gps Location.

#OSINT

https://github.com/spyboy-productions/r4ven

Only for spamming.

SMS-gate for fun

https://www.pentagrid.ch/en/blog/open-source-sms-gateway-for-pentest-projects/

#sms #gateway #mobile_terror

https://github.com/pentagridsec/smsgate

BlackProxies service is gaining popularity among hackers

⚡️IB researchers from DomainTools found a new market of resident proxies, where, according to advertising, they sell access to a million proxy addresses around the world. Experts warn that BlackProxies is quickly gaining popularity among hackers, phishers, merchants and fraudsters, although it supposedly prohibits harmful and illegal actions.

According to experts, the appearance of a large platform of this kind is a notable event, considering that over the past couple of years, law enforcement agencies have closed several similar services, including RESNET and INSORG.

In the report, it is noted that resident proxies, as a rule, use the IP address of ordinary users, and not the address space of data centers, which makes them ideal for launching trading bots, as well as for criminals who want to " hide" in ordinary traffic. Sometimes users become proxy servers voluntarily (for a separate fee), but more often it happens because their computers, IoT devices and routers are infected with malware.

Cybercriminals, as a rule, use resident proxies to increase the effectiveness of their attacks, hiding from law enforcement and agencies blockers.

BlackProxies operators claim that they have access to a pool of 1,000,000 IP addresses from around the world, all of them come from real users, which ensures the required unlocking, low detection rate and good speed. In addition, the service offers an automatic rotation system that automatically updates the IP address, guaranteeing that every request is executed from a new address.

Also, a control panel with real-time usage statistics and a REST API are provided to service clients to ensure flexibility and possibly resale opportunities.

The price of BlackProxies services is estimated at 14 dollars per day, 39 dollars per week or 89 dollars per month (the trial package costs 4.9 dollars).

DomainTools analysts studied the platform and found that claims about a huge pool of IP addresses are false. Actually, the service has approximately 180,000 available IP addresses. Researchers note that this is still not much and significantly surpasses the possibilities of many other platforms and botnets.

It is also noted in the report that one of the infrastructure IP-addresses of the service was previously connected to other shadow platforms.

Bleeping Computer reports that currently BlackProxies is active on hacker forums, in topics devoted to credential stuffing attacks and account capture.

https://www.domaintools.com/resources/blog/purpose-built-criminal-proxy-services-and-the-malicious-activity-they-enable/

Uncovering Your First Blind SQLi

Bugbounty Article : https://bugbountyguide.org/2022/12/08/uncovering-your-first-blind-sql-injection-vulnerability/

#bugbounty #infosec #hacking #cybersecurity

Studying Active Directory?

Here are 5 blogs you should definitely check out.
1. lnkd.in/geyHTm_8
2. lnkd.in/g87pewRe
3. adsecurity.org
4. dirkjanm.io
5. lnkd.in/gcwsw-Nf

#Pentesting #CyberSec #bugbounty #infosec #ActiveDirectory

Ak bar jarur dekhna

#Red_Team_Tactics
1. Hijacking service workers via DOM Clobbering
https://portswigger.net/research/hijacking-service-workers-via-dom-clobbering
2. Abusing Reddit API to host the C2 traffic
https://github.com/kleiton0x00/RedditC2
3. Abusing JSON-Based SQL to Bypass WAF
https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf

#Research
"COVID-bit: Keep a Distance of (at least) 2m From My Air-Gap Computer", Dec. 2022.

#tools
#Offensive_security
1. smsgate - open source SMS gateway for pentest projects
https://github.com/pentagridsec/smsgate
]-> https://www.pentagrid.ch/en/blog/open-source-sms-gateway-for-pentest-projects
2. r4ven - Track IP and GPS Location
https://github.com/spyboy-productions/r4ven

#WLAN_Security
"Non-Cooperative Wi-Fi Localization & its Privacy Implications", 2022.

// A new location revealing privacy attack on non-cooperative Wi-Fi devices

#exploit
1. CVE-2022-23475:
daloRADIUS Vulnerablity
https://securityonline.info/cve-2022-23475-account-take-over-flaw-in-open-source-radius-web-management-app

2. Django RCE(DJRCE) exploitation with leaked SECRET_KEY variable
https://github.com/0xuf/DJRCE

3. Exploit collection for some Service DCOM Object LPE vulnerability (by SeImpersonatePrivilege abuse)
https://github.com/zcgonvh/DCOMPotato

#Threat_Research
BlackHat Europe 2022:
"Turning EDRs to malicious wipers using 0-day exploits".
]-> https://github.com/SafeBreach-Labs/aikido_wiper

Hacking the Furbo Dog Camera: Part III
https://ift.tt/Lt4OqH7

Submitted December 09, 2022 at 02:29AM by somersetrecon
via reddit https://ift.tt/1RVGUd7

Using ChatGPT to Generate Phishing Campaigns
https://ift.tt/jg86Dzk

Submitted December 09, 2022 at 08:32AM by rickyrockslide
via reddit https://ift.tt/cNmWALR