#Threat_Research
1.Practice of Automatic Vulnerability Mining Based on Code Attribute Graph
https://blog.0kami.cn/blog/2023/%E5%9F%BA%E4%BA%8E%E4%BB%A3%E7%A0%81%E5%B1%9E%E6%80%A7%E5%9B%BE%E7%9A%84%E8%87%AA%E5%8A%A8%E5%8C%96%E6%BC%8F%E6%B4%9E%E6%8C%96%E6%8E%98%E5%AE%9E%E8%B7%B5
2. ReVoLTE Attack - Voice calls in LTE
https://blog.cryptographyengineering.com/2020/08/12/attack-of-the-week-voice-calls-in-lte
]-> Demo/App: https://revolte-attack.net
]-> Android App that allows you to detect vulnerabilities in deployed LTE/5G networks:
https://github.com/RUB-SysSec/mobile_sentinel
]-> USENIX document:
https://www.usenix.org/conference/usenixsecurity20/presentation/rupprecht
1.Practice of Automatic Vulnerability Mining Based on Code Attribute Graph
https://blog.0kami.cn/blog/2023/%E5%9F%BA%E4%BA%8E%E4%BB%A3%E7%A0%81%E5%B1%9E%E6%80%A7%E5%9B%BE%E7%9A%84%E8%87%AA%E5%8A%A8%E5%8C%96%E6%BC%8F%E6%B4%9E%E6%8C%96%E6%8E%98%E5%AE%9E%E8%B7%B5
2. ReVoLTE Attack - Voice calls in LTE
https://blog.cryptographyengineering.com/2020/08/12/attack-of-the-week-voice-calls-in-lte
]-> Demo/App: https://revolte-attack.net
]-> Android App that allows you to detect vulnerabilities in deployed LTE/5G networks:
https://github.com/RUB-SysSec/mobile_sentinel
]-> USENIX document:
https://www.usenix.org/conference/usenixsecurity20/presentation/rupprecht
blog.0kami.cn
基于代码属性图的自动化漏洞挖掘实践 - wh1t3p1g's blog
happy hunting bugs <feedId:69986037923968000+userId:56297007026754560>
👍1
EyeSpyVPN.pdf
8.6 MB
#Whitepaper
"EyeSpy - Iranian Spyware Delivered in VPN Installers", 2023.
"EyeSpy - Iranian Spyware Delivered in VPN Installers", 2023.
Forwarded from 卩ro 爪Cracker
SUDO_KILLER
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
https://github.com/TH3xACE/SUDO_KILLER
#linux #sudo
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
https://github.com/TH3xACE/SUDO_KILLER
#linux #sudo
👍1
Forwarded from 卩ro 爪Cracker
code-inspector
Java code inspector for web vulnerability scan.
https://github.com/4ra1n/code-inspector
Java code inspector for web vulnerability scan.
https://github.com/4ra1n/code-inspector
Forwarded from 卩ro 爪Cracker
Load testing private endpoints
https://ift.tt/QnT9HYL
Submitted January 14, 2023 at 02:51AM by krstCB
via reddit https://ift.tt/qAUkBEV
https://ift.tt/QnT9HYL
Submitted January 14, 2023 at 02:51AM by krstCB
via reddit https://ift.tt/qAUkBEV
Getanteon
Kubernetes Monitoring with a 1-min Setup | Anteon
Explore how to thoroughly test the performance of user authentication flows
CVE-2023-21752
PoC for arbitrary file delete vulnerability in Windows Backup service
https://system32.ink/news-feed/p/133/
PoC for arbitrary file delete vulnerability in Windows Backup service
https://system32.ink/news-feed/p/133/
Asta-decrypt
This is a simple script that implements the decryption routine for the encrypted final stage used by the Astaroth/Guildma malware family.
Astaroth uses an AutoIT script with an embedded DLL that writes the final payload to disk as db.temp and injects it into a hollow process. https://system32.ink/news-feed/p/134/
This is a simple script that implements the decryption routine for the encrypted final stage used by the Astaroth/Guildma malware family.
Astaroth uses an AutoIT script with an embedded DLL that writes the final payload to disk as db.temp and injects it into a hollow process. https://system32.ink/news-feed/p/134/
CVE-2022-46169
Exploit to CVE-2022-46169 vulnerability on Cacti 1.2.19
https://system32.ink/news-feed/p/135/
Exploit to CVE-2022-46169 vulnerability on Cacti 1.2.19
https://system32.ink/news-feed/p/135/
PTorZillaPrint: Firefox & Tor Browser fingerprint testing. https://github.com/arkenfox/TZP
GitHub
GitHub - arkenfox/TZP
Contribute to arkenfox/TZP development by creating an account on GitHub.
#tools
#Blue_Team_Techniques
1. Detecting Fake Events in Azure Sign-in Logs
https://www.inversecos.com/2023/01/detecting-fake-events-in-azure-sign-in.html
2. Crassus - Windows privilege escalation discovery tool
https://github.com/vullabs/Crassus
#Blue_Team_Techniques
1. Detecting Fake Events in Azure Sign-in Logs
https://www.inversecos.com/2023/01/detecting-fake-events-in-azure-sign-in.html
2. Crassus - Windows privilege escalation discovery tool
https://github.com/vullabs/Crassus
Inversecos
Detecting Fake Events in Azure Sign-in Logs
Antivirus_Event_Analysis_1.11.pdf
56.8 KB
#Infographics
#Malware_analysis
Antivirus Event Analysis Cheat Sheet, ver. 1.11.0.
]-> https://www.nextron-systems.com/2023/01/13/antivirus-event-analysis-cheat-sheet-v1-11-0
#Malware_analysis
Antivirus Event Analysis Cheat Sheet, ver. 1.11.0.
]-> https://www.nextron-systems.com/2023/01/13/antivirus-event-analysis-cheat-sheet-v1-11-0
#Offensive_security
1. SCCM Site Takeover via Automatic Client Push Installation
https://posts.specterops.io/sccm-site-takeover-via-automatic-client-push-installation-f567ec80d5b1
2. Codecepticon - .NET application that allows you to obfuscate C#, VBA VB6 (macros), PowerShell source code
https://github.com/Accenture/Codecepticon
1. SCCM Site Takeover via Automatic Client Push Installation
https://posts.specterops.io/sccm-site-takeover-via-automatic-client-push-installation-f567ec80d5b1
2. Codecepticon - .NET application that allows you to obfuscate C#, VBA VB6 (macros), PowerShell source code
https://github.com/Accenture/Codecepticon
SpecterOps
SCCM Site Takeover via Automatic Client Push Installation - SpecterOps
Vulnerability alert: SCCM site takeover revealed. Watch a demo of the attack path and learn how to secure your system against this threat.