Forwarded from Deadly malware xp
#tools
#Offensive_security
1. Alcatraz - x64 binary obfuscator
https://github.com/weak1337/Alcatraz
2. Phantom DLL Hollower
https://github.com/daem0nc0re/TangledWinExec/tree/main/PhantomDllHollower
#Offensive_security
1. Alcatraz - x64 binary obfuscator
https://github.com/weak1337/Alcatraz
2. Phantom DLL Hollower
https://github.com/daem0nc0re/TangledWinExec/tree/main/PhantomDllHollower
GitHub
GitHub - weak1337/Alcatraz: x64 binary obfuscator
x64 binary obfuscator. Contribute to weak1337/Alcatraz development by creating an account on GitHub.
👍2
Forwarded from Deadly malware xp
aws_sec_incident_resp.pdf
749.1 KB
#Cloud_Security
"AWS Security Incident Response Guide", 2022.
"AWS Security Incident Response Guide", 2022.
Forwarded from Deadly malware xp
#Red_Team_Tactics
1. NTLMRecon: identify commonly accessible NTLM authentication endpoints
https://github.com/praetorian-inc/NTLMRecon#installation
2. Bypass firewalls with of-CORs and typo-squatting
https://github.com/trufflesecurity/of-cors
1. NTLMRecon: identify commonly accessible NTLM authentication endpoints
https://github.com/praetorian-inc/NTLMRecon#installation
2. Bypass firewalls with of-CORs and typo-squatting
https://github.com/trufflesecurity/of-cors
GitHub
GitHub - praetorian-inc/NTLMRecon: A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM…
A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints. - praetorian-inc/NTLMRecon
Forwarded from Deadly malware xp
#exploit
1. The OWASSRF + TabShell exploit chain
https://blog.viettelcybersecurity.com/tabshell-owassrf
2. CVE-2022-3515/CVE-2022-47629:
Integer overflow bug Libksba library (x.509)
https://github.com/elttam/publications/blob/master/writeups/CVE-2022-47629.md
3. CVE-2022-44877:
Centos Web Panel 7 Unauthenticated RCE
https://github.com/numanturle/CVE-2022-44877
1. The OWASSRF + TabShell exploit chain
https://blog.viettelcybersecurity.com/tabshell-owassrf
2. CVE-2022-3515/CVE-2022-47629:
Integer overflow bug Libksba library (x.509)
https://github.com/elttam/publications/blob/master/writeups/CVE-2022-47629.md
3. CVE-2022-44877:
Centos Web Panel 7 Unauthenticated RCE
https://github.com/numanturle/CVE-2022-44877
👍1
Forwarded from Deadly malware xp
#Malware_analysis
1. Unveiling of a large resilient infrastructure distributing Raccoon and Vidar information stealers
https://blog.sekoia.io/unveiling-of-a-large-resilient-infrastructure-distributing-information-stealers
2. Pupy RAT hiding under WerFault’s cover
https://labs.k7computing.com/index.php/pupy-rat-hiding-under-werfaults-cover
1. Unveiling of a large resilient infrastructure distributing Raccoon and Vidar information stealers
https://blog.sekoia.io/unveiling-of-a-large-resilient-infrastructure-distributing-information-stealers
2. Pupy RAT hiding under WerFault’s cover
https://labs.k7computing.com/index.php/pupy-rat-hiding-under-werfaults-cover
Sekoia.io Blog
Unveiling of a large resilient infrastructure distributing information stealers
The distribution methods used to distribute infostealer are varied, ranging from malspam to fake installers. Discover their infection chains.
Forwarded from Deadly malware xp
#compilers
.NET Just-In-Time (JIT) Compiler Hooking
https://vx.zone/2023/01/03/jithooking-utku.html
]-> https://github.com/rhotav/JITK
.NET Just-In-Time (JIT) Compiler Hooking
https://vx.zone/2023/01/03/jithooking-utku.html
]-> https://github.com/rhotav/JITK
👍1
Forwarded from ㅤㅤㅤㅤㅤㅤ ㅤㅤㅤㅤㅤㅤ
Leaked FBI Operating System that is used by a certain division known as the Computer Analysis Response Team (CART)
https://anonfiles.com/61C7FcQcy5/fbi_cart_v6.0_iso
https://anonfiles.com/61C7FcQcy5/fbi_cart_v6.0_iso
⚡6👍1
Forwarded from 𝙋𝙧𝙤𝙩𝙤𝙘𝙤𝙡 𝙉𝙞𝙘𝙠