Forensia

Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.

#Unloading Sysmon Driver.
#Gutmann Method File Shredding.
#USNJrnl Disabler.
#Prefetch Disabler.
#Log Eraser and Event log Disabler.
#User Assist Update Time Disabler.
#Access Time Disabler.
#Clear Recent Items
#Clear Shim Cache
#Clear RecentFileCache
#Clear ShellBag
#File Melting Capabilities.

https://system32.ink/news-feed/p/139/

Class

Topic: Sql injection

Time: 8 Pm IST

Details: https://system32.ink/classes

Host: @vanshsec

Invite Link (Web) : https://system32.ink/zoom-meetings/sqli/?pak=QnhXbW50UHpUcnlwUHJ0ekpRYlBlZz09&join=V2NzRklocno1Ylc1YUVyWUVrRFI1QT09&type=meeting&redirect

Jyada se jyada sankhya me aakar class ki shobha ka Aanand leve, dhnywaad

Gmailc2

A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions.

C2 Feature:
▫️ Persistence (type persist)
▫️ Shell Access
▫️ System Info (type info)
▫️ More Features Will Be Added

Features:
▫️ FUD Ratio 0/40
▫️ Bypass Any EDR's Solutions
▫️ Bypass Any Network Restrictions
▫️ Commands Are Being Sent in Base64 And Decoded on server side
▫️ No More Tcp Shits

https://system32.ink/news-feed/p/151/

#tools
#Red_Team_Tactics
1. Forensia - Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase
https://github.com/PaulNorman01/Forensia
2. VirusTotalC2 - Abusing VirusTotal API to host C2 traffic
https://github.com/D1rkMtr/VirusTotalC2

#Threat_Research
"Attacking Safari in 2022".

#Malware_analysis
Analysis of CVE-2022-42475 - FortiOS - heap-based buffer overflow in SSLVPNd
https://www.fortinet.com/blog/psirt-blogs/analysis-of-fg-ir-22-398-fortios-heap-based-buffer-overflow-in-sslvpnd

#exploit
1. Redis 6.0.16 - RCE
https://medium.com/@emil.lerner/hacking-redis-for-fun-and-ctf-points-3450c351bec1

2. Linux kernel exploit development
https://breaking-bits.gitbook.io/breaking-bits/exploit-development/linux-kernel-exploit-development?s=09

#Research
"CHRONOS: Time-Aware Zero-Shot Identification of Libraries from Vulnerability Reports", 2023.
]-> Repo: https://github.com/soarsmu/Chronos

#tools
#Threat_Research
1. Detection of Lateral Movement with the Sliver C2 Framework
https://blogs.vmware.com/security/2023/01/detection-of-lateral-movement-with-the-sliver-c2-framework.html
]-> https://github.com/vmware-samples/tau-research
2. Java code inspector for web vulnerability scan
https://github.com/4ra1n/code-inspector
3. Survey of security mitigations and architectures, December 2022
https://saaramar.github.io/memory_safety_blogpost_2022

#Offensive_security
1. All Common Ports: Enumerations and Exploitations
https://pentestbook.six2dez.com/enumeration/ports#general
2. Explorer Persistence technique: Hijacking cscapi.dll order loading path and writing malicious dll into C:\Windows\cscapi.dll
https://github.com/D1rkMtr/ExplorerPersist

#Whitepaper
#Threat_Research
#WebApp_Security
"OWASP Automated Threats Handbook: Web Applications, Version 1.2".

#Hardware_Security
How Signal Works inside the Kernel
https://f0rm2l1n.github.io/2022-09-07-How-Signal-Works-inside-the-Kernel

#Tech_book
"CEH Version 12 Lab Manual: Ethical Hacking and Countermeasures" (.pdf, full course, 2112 pages), 2022.

#DFIR
Analysing Hayabusa Results with jq
https://github.com/Yamato-Security/hayabusa/blob/main/doc/AnalysisWithJQ-English.md

Class Starting At 8:00 Pm

Join Now Invite Link (Web) : https://system32.ink/zoom-meetings/sqli/?pak=QnhXbW50UHpUcnlwUHJ0ekpRYlBlZz09&join=V2NzRklocno1Ylc1YUVyWUVrRFI1QT09&type=meeting&redirect