Forwarded from 卩ro 爪Cracker
Antivirus Evasion: Tearing AMSI down with 3 bytes only
https://ift.tt/kMY4CuL
Submitted January 11, 2023 at 02:51AM by juliocesarfort
via reddit https://ift.tt/LhRMPQj
https://ift.tt/kMY4CuL
Submitted January 11, 2023 at 02:51AM by juliocesarfort
via reddit https://ift.tt/LhRMPQj
Blaze Information Security
Antivirus Evasion: Tearing AMSI Down With 3 Bytes Only
This post aims on showcasing one of the many possible techniques for bypassing antivirus solutions through in-memory patching of AMSI instructions.
🏆3
Forwarded from 卩ro 爪Cracker
Taking over a Dead IoT Company
https://ift.tt/2GoPbpf
Submitted January 11, 2023 at 02:38AM by phree_radical
via reddit https://ift.tt/L6GMBgS
https://ift.tt/2GoPbpf
Submitted January 11, 2023 at 02:38AM by phree_radical
via reddit https://ift.tt/L6GMBgS
Kevin Chung
Taking over a Dead IoT Company
5 years after NYCTrainSign collapsed, I investigate why the company failed and end up writing an exploit to take over their fleet.
👍2
Forwarded from 卩ro 爪Cracker
Cacti: Unauthenticated Remote Code Execution (CVE-2022-46169)
https://ift.tt/BUxzjQ9
Submitted January 11, 2023 at 05:28AM by monoimpact
via reddit https://ift.tt/hcIzBt2
https://ift.tt/BUxzjQ9
Submitted January 11, 2023 at 05:28AM by monoimpact
via reddit https://ift.tt/hcIzBt2
Sonarsource
Cacti: Unauthenticated Remote Code Execution
Learn how we discovered a critical vulnerability in Cacti with the help of SonarCloud.
#Fuzzing
Fuzztruction - prototype of a fuzzer that does not directly mutate inputs but instead uses a so-called generator application to produce an input for our fuzzing target
https://github.com/fuzztruction/fuzztruction#preparing-the-runtime-environment-docker-image
Fuzztruction - prototype of a fuzzer that does not directly mutate inputs but instead uses a so-called generator application to produce an input for our fuzzing target
https://github.com/fuzztruction/fuzztruction#preparing-the-runtime-environment-docker-image
GitHub
GitHub - fuzztruction/fuzztruction
Contribute to fuzztruction/fuzztruction development by creating an account on GitHub.
👌1
#exploit
1. CVE-2022-31705:
Geekpwn 2022 Vmware EHCI OOB
https://github.com/s0duku/cve-2022-31705
2. Linux >=4.10: UAF in __do_semtimedop() due to lockless check outside RCU section
https://bugs.chromium.org/p/project-zero/issues/detail?id=2391
3. Lexmark Printers/Copiers haxx 0-day Exploit
https://github.com/blasty/lexmark
1. CVE-2022-31705:
Geekpwn 2022 Vmware EHCI OOB
https://github.com/s0duku/cve-2022-31705
2. Linux >=4.10: UAF in __do_semtimedop() due to lockless check outside RCU section
https://bugs.chromium.org/p/project-zero/issues/detail?id=2391
3. Lexmark Printers/Copiers haxx 0-day Exploit
https://github.com/blasty/lexmark
GitHub
GitHub - s0duku/cve-2022-31705: CVE-2022-31705 (Geekpwn 2022 Vmware EHCI OOB) POC
CVE-2022-31705 (Geekpwn 2022 Vmware EHCI OOB) POC - s0duku/cve-2022-31705
👌1
BlockScope.pdf
822.1 KB
#Research
"BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects", 2022.
]-> https://github.com/VPRLab/BS_VulnReport
"BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects", 2022.
]-> https://github.com/VPRLab/BS_VulnReport
👌1
#Offensive_security
1. Microsoft LAPS(E) in Judgement
https://www.trustedsec.com/blog/a-lapse-in-judgement
2. NonHeavyFTP:
A FTP Server pwn chanllenge
https://f0cus77.github.io/RWCTF-2023-NonHeavyFTP-writeup
1. Microsoft LAPS(E) in Judgement
https://www.trustedsec.com/blog/a-lapse-in-judgement
2. NonHeavyFTP:
A FTP Server pwn chanllenge
https://f0cus77.github.io/RWCTF-2023-NonHeavyFTP-writeup
TrustedSec
A LAPS(e) in Judgement
To keep things simple, instead of requiring an administrator to manually set, rotate, and store the local Administrator passwords, LAPS will do this…
👌1
#tools
#Malware_analysis
SEMA - ToolChain using Symbolic Execution for Malware Analysis
https://github.com/csvl/SEMA-ToolChain
#Malware_analysis
SEMA - ToolChain using Symbolic Execution for Malware Analysis
https://github.com/csvl/SEMA-ToolChain
👌1
#Threat_Research
1. RCE bug in JWT Secret Poisoning (CVE-2022-23529)
https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529
2. Bring-Your-Own-Vulnerable-Driver Tactic in Attempt to Bypass Endpoint Security
https://www.crowdstrike.com/blog/scattered-spider-attempts-to-avoid-detection-with-bring-your-own-vulnerable-driver-tactic
3. Navigating the Vast Ocean of Sandbox Evasions
https://unit42.paloaltonetworks.com/sandbox-evasion-memory-detection
1. RCE bug in JWT Secret Poisoning (CVE-2022-23529)
https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529
2. Bring-Your-Own-Vulnerable-Driver Tactic in Attempt to Bypass Endpoint Security
https://www.crowdstrike.com/blog/scattered-spider-attempts-to-avoid-detection-with-bring-your-own-vulnerable-driver-tactic
3. Navigating the Vast Ocean of Sandbox Evasions
https://unit42.paloaltonetworks.com/sandbox-evasion-memory-detection
Unit 42
Security Issue in JWT Secret Poisoning (Updated)
We discovered a new high-severity vulnerability (CVE-2022-23529) in the popular JsonWebToken open source project.
⚡1
Forwarded from Cyber security intelligent program
🕵️♂️StrongPity espionage campaign targeting Android users
ESET researchers identified an active campaign that we have attributed to the StrongPity APT group. Active since November 2021, the campaign has distributed a malicious app through a website impersonating Shagle – a random-video-chat service that provides encrypted communications between strangers. Unlike the entirely web-based, genuine Shagle site that doesn’t offer an official mobile app to access its services, the copycat site only provides an Android app to download and no web-based streaming is possible.
ESET researchers identified an active campaign that we have attributed to the StrongPity APT group. Active since November 2021, the campaign has distributed a malicious app through a website impersonating Shagle – a random-video-chat service that provides encrypted communications between strangers. Unlike the entirely web-based, genuine Shagle site that doesn’t offer an official mobile app to access its services, the copycat site only provides an Android app to download and no web-based streaming is possible.
📡Совсем скоро будет представлена эффективная и безопасная система система AARTOS DDS для обнаружения дронов, причем есть защита, которая подбирается индивидуально под заказчика. Сие чуда будет показано на выставке Perimeter Protection с 17 по 19 января 2023 года
Forwarded from 卩ro 爪Cracker
SpyDialer
Free search contact information by phone number, name, address or email.
Even shows the names of the neighbors, but the information displayed by the service requires additional verification.
https://spydialer.com
#osint #humint #usa
Free search contact information by phone number, name, address or email.
Even shows the names of the neighbors, but the information displayed by the service requires additional verification.
https://spydialer.com
#osint #humint #usa
Forwarded from 卩ro 爪Cracker
When searching for geolocation information, don't forget to check the whois. At https://iqwhois.com/advanced-search STREET name you can find all the sites registered to people who live there.
It's possible also search by city and zip code.
#osint #geoint
It's possible also search by city and zip code.
#osint #geoint
Forwarded from 卩ro 爪Cracker
A new feature in*huntintel.io:
1. Open Instagram Username Search Tool
2. Enter the name of the account.
3. Wait (if you think you are waiting too long, refresh the page)
4. See the geotagged user's posts on the world map!
1 month/1 check a day free (code CYBER100)
1. Open Instagram Username Search Tool
2. Enter the name of the account.
3. Wait (if you think you are waiting too long, refresh the page)
4. See the geotagged user's posts on the world map!
1 month/1 check a day free (code CYBER100)