#tools
#Blue_Team_Techniques
1. Simple Bash IOC Scanner
https://github.com/Neo23x0/Fenrir
2. Firewalls under the hood - UFW
https://blog.kanbach.org/post/firewalls-under-the-hood-ufw
#Blue_Team_Techniques
1. Simple Bash IOC Scanner
https://github.com/Neo23x0/Fenrir
2. Firewalls under the hood - UFW
https://blog.kanbach.org/post/firewalls-under-the-hood-ufw
GitHub
GitHub - Neo23x0/Fenrir: Simple Bash IOC Scanner
Simple Bash IOC Scanner. Contribute to Neo23x0/Fenrir development by creating an account on GitHub.
#Offensive_security
1. A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
https://github.com/bohops/DynamicDotNet
2. Payload generator to exfiltrate user cookies through the PHP info page bypassing the HttpOnly flag during XSS exploitation
https://github.com/HackCommander/PHP-info-cookie-stealer
3. From SQL Injection to RCE on Intel DCM (CVE-2022-21225)
https://www.rcesecurity.com/2022/12/from-zero-to-hero-part-2-intel-dcm-sql-injection-to-rce-cve-2022-21225
1. A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
https://github.com/bohops/DynamicDotNet
2. Payload generator to exfiltrate user cookies through the PHP info page bypassing the HttpOnly flag during XSS exploitation
https://github.com/HackCommander/PHP-info-cookie-stealer
3. From SQL Injection to RCE on Intel DCM (CVE-2022-21225)
https://www.rcesecurity.com/2022/12/from-zero-to-hero-part-2-intel-dcm-sql-injection-to-rce-cve-2022-21225
GitHub
GitHub - bohops/DynamicDotNet: A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
A collection of various and sundry code snippets that leverage .NET dynamic tradecraft - bohops/DynamicDotNet
#tools
#Threat_Research
1. Return Address Spoofing on x64
https://offensivecraft.wordpress.com/2022/12/08/the-stack-series-return-address-spoofing-on-x64
2. Detecting heap memory pitfalls
https://antonio-cooler.gitbook.io/coolervoid-tavern/detecting-heap-memory-pitfalls
]-> https://github.com/CoolerVoid/heap_detective
#Threat_Research
1. Return Address Spoofing on x64
https://offensivecraft.wordpress.com/2022/12/08/the-stack-series-return-address-spoofing-on-x64
2. Detecting heap memory pitfalls
https://antonio-cooler.gitbook.io/coolervoid-tavern/detecting-heap-memory-pitfalls
]-> https://github.com/CoolerVoid/heap_detective
offensivecraft
The Stack Series: Return Address Spoofing on x64
introduction The stack of a process has the potential to give away the true nature of the running program in the memory. Hence it is one of the monitored entities by the security solutions. When a …
#exploit
1. ThinkPHP latest RCE reproduction and analysis
https://xz.aliyun.com/t/11940
2. Folina, Shadow Credentials, and WSUS exploitation
https://0xdf.gitlab.io/2022/12/10/htb-outdated.html
3. CVE-2022-1361:
Improper Neutralization of Special Elements Used In a SQL Command: New Technique Discovered To Bypass WAF Of Several Vendors
https://gbhackers.com/bypass-web-application-firewalls/amp
1. ThinkPHP latest RCE reproduction and analysis
https://xz.aliyun.com/t/11940
2. Folina, Shadow Credentials, and WSUS exploitation
https://0xdf.gitlab.io/2022/12/10/htb-outdated.html
3. CVE-2022-1361:
Improper Neutralization of Special Elements Used In a SQL Command: New Technique Discovered To Bypass WAF Of Several Vendors
https://gbhackers.com/bypass-web-application-firewalls/amp
#Malware_analysis
1. Drokbk Malware
https://www.secureworks.com/blog/drokbk-malware-uses-github-as-dead-drop-resolver
2. Typosquat/Ransomware Campaign in PyPI and NPM
https://blog.phylum.io/phylum-detects-active-typosquatting-campaign-in-pypi
1. Drokbk Malware
https://www.secureworks.com/blog/drokbk-malware-uses-github-as-dead-drop-resolver
2. Typosquat/Ransomware Campaign in PyPI and NPM
https://blog.phylum.io/phylum-detects-active-typosquatting-campaign-in-pypi
Secureworks
Drokbk Malware Uses GitHub as Dead Drop Resolver
A subgroup of the Iranian COBALT MIRAGE threat group leverages Drokbk for persistence.
#Malware_analysis
1. Invisbile npm malware evading security checks
https://jfrog.com/blog/invisible-npm-malware-evading-security-checks-with-crafted-versions
2. Azov Ransomware: Polymorphic Wiper
https://research.checkpoint.com/2022/pulling-the-curtains-on-azov-ransomware-not-a-skidsware-but-polymorphic-wiper
1. Invisbile npm malware evading security checks
https://jfrog.com/blog/invisible-npm-malware-evading-security-checks-with-crafted-versions
2. Azov Ransomware: Polymorphic Wiper
https://research.checkpoint.com/2022/pulling-the-curtains-on-azov-ransomware-not-a-skidsware-but-polymorphic-wiper
JFrog
Invisible npm malware - evading security checks with crafted versions
The npm CLI has a very convenient and well-known security feature – when installing an npm package, the CLI checks the package and all of its dependencies for well-known vulnerabilities – The check is triggered on package installation (when running npm install)…
👍1
#exploit
1. CVE-2022-45025:
Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)
https://github.com/yuriisanin/CVE-2022-45025
2. Exploring Chrome’s CVE-2020-6418
https://blog.haboob.sa/blog/exploring-chromes-cve-2020-6418-part1
3. CVE-2022-39066:
SQL Injection Vulnerability in ZTE MF286R
https://github.com/v0lp3/CVE-2022-39066
1. CVE-2022-45025:
Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)
https://github.com/yuriisanin/CVE-2022-45025
2. Exploring Chrome’s CVE-2020-6418
https://blog.haboob.sa/blog/exploring-chromes-cve-2020-6418-part1
3. CVE-2022-39066:
SQL Injection Vulnerability in ZTE MF286R
https://github.com/v0lp3/CVE-2022-39066
GitHub
GitHub - yuriisanin/CVE-2022-45025: [PoC] Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)
[PoC] Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom) - yuriisanin/CVE-2022-45025
PCI_Sec_Soft_Std_1_2.pdf
914.3 KB
#Infosec_Standards
"PCI Software Security Framework - Secure Software Requirements and Assessment Procedures", Version 1.2, Dec. 2022.
"PCI Software Security Framework - Secure Software Requirements and Assessment Procedures", Version 1.2, Dec. 2022.
#Offensive_security
1. AV Evasion Methodology
https://book.hacktricks.xyz/windows-hardening/av-bypass
2. Bypassing MacOS Privacy Controls
https://blog.xpnsec.com/bypassing-macos-privacy-controls
1. AV Evasion Methodology
https://book.hacktricks.xyz/windows-hardening/av-bypass
2. Bypassing MacOS Privacy Controls
https://blog.xpnsec.com/bypassing-macos-privacy-controls
#Threat_Research
1. Exploitable memory corruption using CVE-2020-25669 and Linux Kernel
https://www.synopsys.com/blogs/software-security/cyrc-case-study-linux-kernel-vulnerability
2. Zeek-Formatted Threat Intelligence Feeds
https://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds
1. Exploitable memory corruption using CVE-2020-25669 and Linux Kernel
https://www.synopsys.com/blogs/software-security/cyrc-case-study-linux-kernel-vulnerability
2. Zeek-Formatted Threat Intelligence Feeds
https://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds
Blackduck
In-Depth Analysis of Linux Kernel Vulnerability: CVE-2020-25669 | Black Duck Blog
Delve into our comprehensive analysis of the Linux Kernel vulnerability CVE-2020-25669, exploring the memory corruption issue and its exploitability.
#Infographics
#Infosec_Standards
Types of VPN
]-> RFC4026: "Provider Provisioned VPN Terminology", 2018.
https://datatracker.ietf.org/doc/rfc4026
#Infosec_Standards
Types of VPN
]-> RFC4026: "Provider Provisioned VPN Terminology", 2018.
https://datatracker.ietf.org/doc/rfc4026
Dirty_Vanity.pdf
2.3 MB
#Red_Team_Tactics
BlackHat Europe 2022:
"Dirty Vanity: A New Approach to Code injection & EDR bypass".
]-> A PoC for the new injection technique, abusing windows fork API to evade EDRs:
https://github.com/deepinstinct/Dirty-Vanity
BlackHat Europe 2022:
"Dirty Vanity: A New Approach to Code injection & EDR bypass".
]-> A PoC for the new injection technique, abusing windows fork API to evade EDRs:
https://github.com/deepinstinct/Dirty-Vanity
Routing_security.pdf
3.3 MB
#Whitepaper
"Routing Security: BGP Incidents, Mitigation Techniques and Policy Actions", 2022.
"Routing Security: BGP Incidents, Mitigation Techniques and Policy Actions", 2022.
Forwarded from CYBER TRICKS ZONE 🇮🇳🚩 (𝙋𝙧𝙤𝙩𝙤𝙘𝙤𝙡 𝙉𝙞𝙘𝙠)
Git cheat-sheet.pdf
987.4 KB
Media is too big
VIEW IN TELEGRAM
🇮🇷 Iranian rap about corrupt actors who are in the position of spies
Based on observations in Iran, there are actors who are willing to sell their homeland for money and spy for other countries.
This issue has made the people of Iran very angry with some famous actors.
It is expected that the Iranian government will take care of the request of its people and deal seriously with these spies.
via "shabzadeh".
#Celebrity_2zari #Green_card #Iranian_rap
@YourJiniNews
Based on observations in Iran, there are actors who are willing to sell their homeland for money and spy for other countries.
This issue has made the people of Iran very angry with some famous actors.
It is expected that the Iranian government will take care of the request of its people and deal seriously with these spies.
via "shabzadeh".
#Celebrity_2zari #Green_card #Iranian_rap
@YourJiniNews
👍1
I Can Help You To Clear & Give the training & exam solutions on the below certifications
1_CEH.
2_CEH Practical.
3_eJPT.
4_eCCPTv2.
5_eWPT.
6_eWPTxv2.
7_CRTP.
8_CRTO.
9_OSCP.
10_OSWE.
11_OSEP.
12_OSWP.
13_CPENT
14_CHFI
15_eCPTxv2
16_PNPT
17_Burpsuite exam
Remote Exam Support possible.
If anyone needs message me.
Lower prices & passing guaranteed!
Follow: https://t.me/alexserviceez
Ping @examsolutionz
We have added new exam of burpsuite solutions
1_CEH.
2_CEH Practical.
3_eJPT.
4_eCCPTv2.
5_eWPT.
6_eWPTxv2.
7_CRTP.
8_CRTO.
9_OSCP.
10_OSWE.
11_OSEP.
12_OSWP.
13_CPENT
14_CHFI
15_eCPTxv2
16_PNPT
17_Burpsuite exam
Remote Exam Support possible.
If anyone needs message me.
Lower prices & passing guaranteed!
Follow: https://t.me/alexserviceez
Ping @examsolutionz
We have added new exam of burpsuite solutions
Telegram
Exam solutions
ALL EXAM SOLUTIONS FROM OFFENSIVE SECURITY , ELEARNSECURITY , PENTESTER ACEDEMY and much more are shared by us.
👍2