Forwarded from Deadly malware xp
#Blue_Team_Techniques
1. Recognizing the APT groups most likely responsible for a cybersecurity incident from the MITRE ATT&CK techniques in the incident report of the incident
https://gitlab.com/bontchev/whodunit
2. Open source tool to aid in SOC investigations
https://github.com/zdhenard42/SOC-Multitool
1. Recognizing the APT groups most likely responsible for a cybersecurity incident from the MITRE ATT&CK techniques in the incident report of the incident
https://gitlab.com/bontchev/whodunit
2. Open source tool to aid in SOC investigations
https://github.com/zdhenard42/SOC-Multitool
GitLab
Vesselin Bontchev / whodunit · GitLab
Recognizing the most likely APT groups responsible for an incident
Forwarded from Deadly malware xp
IPv6_security.pdf
14.3 MB
#Whitepaper
"IPv6 Security Guide", 2022.
"IPv6 Security Guide", 2022.
👍1
Forwarded from Deadly malware xp
#Malware_analysis
Unraveling the techniques of Mac ransomware
https://www.microsoft.com/en-us/security/blog/2023/01/05/unraveling-the-techniques-of-mac-ransomware
Unraveling the techniques of Mac ransomware
https://www.microsoft.com/en-us/security/blog/2023/01/05/unraveling-the-techniques-of-mac-ransomware
👍1
Forwarded from Deadly malware xp
#exploit
PandoraFMS NG765 - Pre-Auth RCE
https://3sjay.github.io/2023/01/06/pandoraFMS-Pre-Auth-RCE.html
PandoraFMS NG765 - Pre-Auth RCE
https://3sjay.github.io/2023/01/06/pandoraFMS-Pre-Auth-RCE.html
Esjay’s Blog
PandoraFMS - Pre-Auth Remote Code Execution
Assessed Version: PandoraFMS NG 765
Forwarded from Deadly malware xp
#Red_Team_Tactics
How To Attack Admin Panels Successfully
Part 1: https://infosecwriteups.com/how-to-attack-admin-panels-successfully-72c90eeb818c
Part 2: https://medium.com/geekculture/how-to-attack-admin-panels-successfully-part-2-9316c3caad3a
How To Attack Admin Panels Successfully
Part 1: https://infosecwriteups.com/how-to-attack-admin-panels-successfully-72c90eeb818c
Part 2: https://medium.com/geekculture/how-to-attack-admin-panels-successfully-part-2-9316c3caad3a
Medium
How To Attack Admin Panels Successfully
Attacking Web Apps Admin Panels The Right Way
Forwarded from Deadly malware xp
#Malware_analysis
1. Unpack Brute Ratel (BRC4) stager and extract config
https://github.com/matthw/malware_analysis/tree/main/brc4
2. Reversing AutoIT Scripts
https://isc.sans.edu/diary/AutoIT%20Remains%20Popular%20in%20the%20Malware%20Landscape/29408
3. A Deep Dive Into poweRAT: Stealer/RAT Combo Polluting PyPI
https://blog.phylum.io/a-deep-dive-into-powerat-a-newly-discovered-stealer/rat-combo-polluting-pypi
1. Unpack Brute Ratel (BRC4) stager and extract config
https://github.com/matthw/malware_analysis/tree/main/brc4
2. Reversing AutoIT Scripts
https://isc.sans.edu/diary/AutoIT%20Remains%20Popular%20in%20the%20Malware%20Landscape/29408
3. A Deep Dive Into poweRAT: Stealer/RAT Combo Polluting PyPI
https://blog.phylum.io/a-deep-dive-into-powerat-a-newly-discovered-stealer/rat-combo-polluting-pypi
GitHub
malware_analysis/brc4 at main · matthw/malware_analysis
Contribute to matthw/malware_analysis development by creating an account on GitHub.
Forwarded from Deadly malware xp
GitLab
Vesselin Bontchev / bpfdscan · GitLab
A BPFDoor scanner
Forwarded from Deadly malware xp
#Threat_Research
1. Exploit Party: Bring Your Own Vulnerable Driver Attacks
https://fourcore.io/blogs/bring-your-own-vulnerable-driver-attack
2. Analyzing CVE-2022-46630 (DLL Hijacking in Squirrel.Windows)
https://archcloudlabs.com/projects/cve-2022-46330
1. Exploit Party: Bring Your Own Vulnerable Driver Attacks
https://fourcore.io/blogs/bring-your-own-vulnerable-driver-attack
2. Analyzing CVE-2022-46630 (DLL Hijacking in Squirrel.Windows)
https://archcloudlabs.com/projects/cve-2022-46330
FourCore
Exploit Party: Bring Your Own Vulnerable Driver Attacks
BYOVD or Bring Your Own Vulnerable Driver is an attack where a threat actor brings a legitimately signed and vulnerable driver to perform malicious actions on the system. In a BYOVD attack, the attacker can use the vulnerabilities in the driver to execute…
Forwarded from Deadly malware xp
Supply_Chains_Taxonomy.pdf
896.7 KB
#Research
"Taxonomy of Attacks on Open-Source Software Supply Chains", 2022.
]-> https://riskexplorer.endorlabs.com/#/attack-tree
"Taxonomy of Attacks on Open-Source Software Supply Chains", 2022.
]-> https://riskexplorer.endorlabs.com/#/attack-tree
Forwarded from Deadly malware xp
GLeeFuzz.pdf
6 MB
#Fuzzing
"GLeeFuzz: Fuzzing WebGL Through Error Message Guided Mutation", 2022.
]-> Repo: https://github.com/HexHive/GLeeFuzz
"GLeeFuzz: Fuzzing WebGL Through Error Message Guided Mutation", 2022.
]-> Repo: https://github.com/HexHive/GLeeFuzz
Forwarded from Deadly malware xp
#exploit
SSRF attack on MySQL Server with password using php-curl
https://github.com/wupco/rwctf2023-ASTLIBRA
SSRF attack on MySQL Server with password using php-curl
https://github.com/wupco/rwctf2023-ASTLIBRA
GitHub
GitHub - wupco/rwctf2023-ASTLIBRA
Contribute to wupco/rwctf2023-ASTLIBRA development by creating an account on GitHub.
Forwarded from Deadly malware xp
PhiAttack.pdf
179 KB
#Red_Team_Tactics
"PhiAttack: Rewriting the Java Card Class Hierarchy", 2021.
"PhiAttack: Rewriting the Java Card Class Hierarchy", 2021.
Forwarded from Deadly malware xp
Java_Card_Security.pdf
1.3 MB
#Threat_Research
"Good, Bad and Ugly Design of Java Card Security" (Master’s Thesis).
// This thesis is focused on the study of logical attacks on the Java Card platform which try to exploit bugs in the implementation of the Java Card specification or try to break the security of the virtual machine by installing malformed applets. Although logical attacks are not as universal and powerful as physical attacks, it does not require expensive equipment and scales quite well...
"Good, Bad and Ugly Design of Java Card Security" (Master’s Thesis).
// This thesis is focused on the study of logical attacks on the Java Card platform which try to exploit bugs in the implementation of the Java Card specification or try to break the security of the virtual machine by installing malformed applets. Although logical attacks are not as universal and powerful as physical attacks, it does not require expensive equipment and scales quite well...
Forwarded from Deadly malware xp
Text_to_SQL_Models.pdf
7.4 MB
Forwarded from Deadly malware xp
#tools
#Blue_Team_Techniques
1. Python script that will help in finding Path Traversal/RCE vulnerability in Apache 2.4.50 (CVE-2021-42013)
https://github.com/walnutsecurity/cve-2021-42013
2. Tool to check for dependency confusion vulnerabilities in multiple package management systems
https://github.com/visma-prodsec/confused
#Blue_Team_Techniques
1. Python script that will help in finding Path Traversal/RCE vulnerability in Apache 2.4.50 (CVE-2021-42013)
https://github.com/walnutsecurity/cve-2021-42013
2. Tool to check for dependency confusion vulnerabilities in multiple package management systems
https://github.com/visma-prodsec/confused
GitHub
GitHub - walnutsecurity/cve-2021-42013: cve-2021-42013.py is a python script that will help in finding Path Traversal or Remote…
cve-2021-42013.py is a python script that will help in finding Path Traversal or Remote Code Execution vulnerability in Apache 2.4.50 - walnutsecurity/cve-2021-42013
Forwarded from Deadly malware xp
Python_for_Cybersecurity.pdf
8.9 MB
#Tech_book
"Python for Cybersecurity: Using Python for Cyber Offense and Defense", 2022.
"Python for Cybersecurity: Using Python for Cyber Offense and Defense", 2022.
Geolocation Spy (GeoSpy) - is an OSINT analysis and research tool that is used to track and execute intelligent social engineering attacks in real time.
▫️https://github.com/askmetoo/geospy
▫️https://github.com/askmetoo/geospy
2023-01-10 02-44-46.mkv
18.7 MB
⚙️ New Update On AlienFox Ultimate 🦊
Forwarded from Hackershop
Программируемая Карточка NFC RFID
4 930 рублей
#Оборудование
Translation: ru-en
Programmable NFC RFID Card
4 930 rubles
http://ali.pub/2zecs8
4 930 рублей
#Оборудование
Translation: ru-en
Programmable NFC RFID Card
4 930 rubles
http://ali.pub/2zecs8
❤1