#Offensive_security
1. .pkg signature verification bypass on macOS
https://sector7.computest.nl/post/2023-01-xar
2. Restoring Dyld Memory Loading
https://blog.xpnsec.com/restoring-dyld-memory-loading
1. .pkg signature verification bypass on macOS
https://sector7.computest.nl/post/2023-01-xar
2. Restoring Dyld Memory Loading
https://blog.xpnsec.com/restoring-dyld-memory-loading
defion.security
Bad things come in large packages: .pkg signature verification bypass on macOS
Code signing of applications is an essential element of macOS security. Besides signing applications, it is also possible to sign installer packages (.pkg files
TROJANPUZZLE.pdf
2.8 MB
#Research
"TROJANPUZZLE: Covertly Poisoning Code-Suggestion Models", 2023.
"TROJANPUZZLE: Covertly Poisoning Code-Suggestion Models", 2023.
#Threat_Research
DER Entitlements: The (Brief) Return of the Psychic Paper (CVE-2022-42855)
https://googleprojectzero.blogspot.com/2023/01/der-entitlements-brief-return-of.html
DER Entitlements: The (Brief) Return of the Psychic Paper (CVE-2022-42855)
https://googleprojectzero.blogspot.com/2023/01/der-entitlements-brief-return-of.html
projectzero.google
DER Entitlements: The (Brief) Return of the Psychic Paper
Posted by Ivan Fratric, Project Zero Note: The vulnerability discussed here, CVE-2022-42855, w...
Forensia
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
#Unloading Sysmon Driver.
#Gutmann Method File Shredding.
#USNJrnl Disabler.
#Prefetch Disabler.
#Log Eraser and Event log Disabler.
#User Assist Update Time Disabler.
#Access Time Disabler.
#Clear Recent Items
#Clear Shim Cache
#Clear RecentFileCache
#Clear ShellBag
#File Melting Capabilities.
https://system32.ink/news-feed/p/139/
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
#Unloading Sysmon Driver.
#Gutmann Method File Shredding.
#USNJrnl Disabler.
#Prefetch Disabler.
#Log Eraser and Event log Disabler.
#User Assist Update Time Disabler.
#Access Time Disabler.
#Clear Recent Items
#Clear Shim Cache
#Clear RecentFileCache
#Clear ShellBag
#File Melting Capabilities.
https://system32.ink/news-feed/p/139/
Class
Topic: Sql injection
Time: 8 Pm IST
Details: https://system32.ink/classes
Host: @vanshsec
Invite Link (Web) : https://system32.ink/zoom-meetings/sqli/?pak=QnhXbW50UHpUcnlwUHJ0ekpRYlBlZz09&join=V2NzRklocno1Ylc1YUVyWUVrRFI1QT09&type=meeting&redirect
Jyada se jyada sankhya me aakar class ki shobha ka Aanand leve, dhnywaad
Topic: Sql injection
Time: 8 Pm IST
Details: https://system32.ink/classes
Host: @vanshsec
Invite Link (Web) : https://system32.ink/zoom-meetings/sqli/?pak=QnhXbW50UHpUcnlwUHJ0ekpRYlBlZz09&join=V2NzRklocno1Ylc1YUVyWUVrRFI1QT09&type=meeting&redirect
Jyada se jyada sankhya me aakar class ki shobha ka Aanand leve, dhnywaad
👌4🍾2
Gmailc2
A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions.
C2 Feature:
▫️ Persistence (type persist)
▫️ Shell Access
▫️ System Info (type info)
▫️ More Features Will Be Added
Features:
▫️ FUD Ratio 0/40
▫️ Bypass Any EDR's Solutions
▫️ Bypass Any Network Restrictions
▫️ Commands Are Being Sent in Base64 And Decoded on server side
▫️ No More Tcp Shits
https://system32.ink/news-feed/p/151/
A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions.
C2 Feature:
▫️ Persistence (type persist)
▫️ Shell Access
▫️ System Info (type info)
▫️ More Features Will Be Added
Features:
▫️ FUD Ratio 0/40
▫️ Bypass Any EDR's Solutions
▫️ Bypass Any Network Restrictions
▫️ Commands Are Being Sent in Base64 And Decoded on server side
▫️ No More Tcp Shits
https://system32.ink/news-feed/p/151/
#tools
#Red_Team_Tactics
1. Forensia - Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase
https://github.com/PaulNorman01/Forensia
2. VirusTotalC2 - Abusing VirusTotal API to host C2 traffic
https://github.com/D1rkMtr/VirusTotalC2
#Red_Team_Tactics
1. Forensia - Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase
https://github.com/PaulNorman01/Forensia
2. VirusTotalC2 - Abusing VirusTotal API to host C2 traffic
https://github.com/D1rkMtr/VirusTotalC2
GitHub
GitHub - PaulNorman01/Forensia: Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase. - PaulNorman01/Forensia
attacking_safari_2022.pdf
1.4 MB
#Threat_Research
"Attacking Safari in 2022".
"Attacking Safari in 2022".
#Malware_analysis
Analysis of CVE-2022-42475 - FortiOS - heap-based buffer overflow in SSLVPNd
https://www.fortinet.com/blog/psirt-blogs/analysis-of-fg-ir-22-398-fortios-heap-based-buffer-overflow-in-sslvpnd
Analysis of CVE-2022-42475 - FortiOS - heap-based buffer overflow in SSLVPNd
https://www.fortinet.com/blog/psirt-blogs/analysis-of-fg-ir-22-398-fortios-heap-based-buffer-overflow-in-sslvpnd
Fortinet Blog
Analysis of FG-IR-22-398 – FortiOS - heap-based buffer overflow in SSLVPNd
Fortinet published CVSS: Critical advisory FG-IR-22-398 / CVE-2022-42475 on Dec 12, 2022. This blog details our initial investigation into this malware and additional IoCs identified during our on…
#exploit
1. Redis 6.0.16 - RCE
https://medium.com/@emil.lerner/hacking-redis-for-fun-and-ctf-points-3450c351bec1
2. Linux kernel exploit development
https://breaking-bits.gitbook.io/breaking-bits/exploit-development/linux-kernel-exploit-development?s=09
1. Redis 6.0.16 - RCE
https://medium.com/@emil.lerner/hacking-redis-for-fun-and-ctf-points-3450c351bec1
2. Linux kernel exploit development
https://breaking-bits.gitbook.io/breaking-bits/exploit-development/linux-kernel-exploit-development?s=09
Medium
Hacking Redis for fun and CTF points
This post will go through an exploit that achieves code execution in the Redis server via a memory corruption issue. It works for Redis…
Chronos.pdf
805.8 KB
#Research
"CHRONOS: Time-Aware Zero-Shot Identification of Libraries from Vulnerability Reports", 2023.
]-> Repo: https://github.com/soarsmu/Chronos
"CHRONOS: Time-Aware Zero-Shot Identification of Libraries from Vulnerability Reports", 2023.
]-> Repo: https://github.com/soarsmu/Chronos
#tools
#Threat_Research
1. Detection of Lateral Movement with the Sliver C2 Framework
https://blogs.vmware.com/security/2023/01/detection-of-lateral-movement-with-the-sliver-c2-framework.html
]-> https://github.com/vmware-samples/tau-research
2. Java code inspector for web vulnerability scan
https://github.com/4ra1n/code-inspector
3. Survey of security mitigations and architectures, December 2022
https://saaramar.github.io/memory_safety_blogpost_2022
#Threat_Research
1. Detection of Lateral Movement with the Sliver C2 Framework
https://blogs.vmware.com/security/2023/01/detection-of-lateral-movement-with-the-sliver-c2-framework.html
]-> https://github.com/vmware-samples/tau-research
2. Java code inspector for web vulnerability scan
https://github.com/4ra1n/code-inspector
3. Survey of security mitigations and architectures, December 2022
https://saaramar.github.io/memory_safety_blogpost_2022
VMware Security Blog
Detection of Lateral Movement with the Sliver C2 Framework
Here's how an attacker may use Sliver to generate an implant, control it, and move laterally within a corporate network, and what network traffic this activity may generate.
#Offensive_security
1. All Common Ports: Enumerations and Exploitations
https://pentestbook.six2dez.com/enumeration/ports#general
2. Explorer Persistence technique: Hijacking cscapi.dll order loading path and writing malicious dll into C:\Windows\cscapi.dll
https://github.com/D1rkMtr/ExplorerPersist
1. All Common Ports: Enumerations and Exploitations
https://pentestbook.six2dez.com/enumeration/ports#general
2. Explorer Persistence technique: Hijacking cscapi.dll order loading path and writing malicious dll into C:\Windows\cscapi.dll
https://github.com/D1rkMtr/ExplorerPersist
Pentest-Book
Ports | Pentest Book
automated_threat_handbook_v1-2.pdf
1.6 MB
#Whitepaper
#Threat_Research
#WebApp_Security
"OWASP Automated Threats Handbook: Web Applications, Version 1.2".
#Threat_Research
#WebApp_Security
"OWASP Automated Threats Handbook: Web Applications, Version 1.2".
#Hardware_Security
How Signal Works inside the Kernel
https://f0rm2l1n.github.io/2022-09-07-How-Signal-Works-inside-the-Kernel
How Signal Works inside the Kernel
https://f0rm2l1n.github.io/2022-09-07-How-Signal-Works-inside-the-Kernel