👍1
Forwarded from Deadly malware xp
#tools
#Blue_Team_Techniques
1. MIMEDefang - e-mail filtering tool that works with the Sendmail "Milter" library
https://github.com/The-McGrail-Foundation/MIMEDefang
2. Automated Penetration Testing Reporting System
https://github.com/Anof-cyber/APTRS
#Blue_Team_Techniques
1. MIMEDefang - e-mail filtering tool that works with the Sendmail "Milter" library
https://github.com/The-McGrail-Foundation/MIMEDefang
2. Automated Penetration Testing Reporting System
https://github.com/Anof-cyber/APTRS
GitHub
GitHub - The-McGrail-Foundation/MIMEDefang: MIMEDefang is an e-mail filtering tool that works with the Sendmail “Milter” library.…
MIMEDefang is an e-mail filtering tool that works with the Sendmail “Milter” library. MIMEDefang lets you express your filtering policies in Perl rather than C, making it quick and easy to filter ...
Forwarded from Deadly malware xp
soft_dev_proc (1).pdf
147.4 KB
#Whitepaper
"Everything About the Secure Software Development Process", 12.2022.
"Everything About the Secure Software Development Process", 12.2022.
Forwarded from Deadly malware xp
#exploit
1. CVE-2023-0179:
Linux kernel stack buffer overflow in nftables
https://seclists.org/oss-sec/2023/q1/20
2. Security Audit of Git:
CVE-2022-23521:
Truncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes
CVE-2022-41903:
Out of Bounds Memory Write in Log Formatting
https://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif
1. CVE-2023-0179:
Linux kernel stack buffer overflow in nftables
https://seclists.org/oss-sec/2023/q1/20
2. Security Audit of Git:
CVE-2022-23521:
Truncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes
CVE-2022-41903:
Out of Bounds Memory Write in Log Formatting
https://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif
seclists.org
oss-sec: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup
Forwarded from Deadly malware xp
ML-FEED.pdf
841.5 KB
#Research
"ML-FEED: Machine Learning Framework for Efficient Exploit Detection", 2023.
"ML-FEED: Machine Learning Framework for Efficient Exploit Detection", 2023.
Forwarded from Deadly malware xp
#Cloud_Security
1. Azure AD Pass-Through Authentication Flaws
https://www.secureworks.com/research/azure-active-directory-pass-through-authentication-flaws
]-> PTAAgentDump tool: https://github.com/secureworks/PTAAgentDump
2. Red Teaming Microsoft Azure
https://improsec.com/tech-blog/read2own
1. Azure AD Pass-Through Authentication Flaws
https://www.secureworks.com/research/azure-active-directory-pass-through-authentication-flaws
]-> PTAAgentDump tool: https://github.com/secureworks/PTAAgentDump
2. Red Teaming Microsoft Azure
https://improsec.com/tech-blog/read2own
Sophos
Azure Active Directory Pass-Through Authentication Flaws
In May 2022, Sophos® Counter Threat Unit™ (CTU) researchers analyzed how the protocols used by Pass-Through Authentication could be exploited.
Forwarded from Deadly malware xp
#Threat_Research
1. SSH Key Injection Vulnerability in Google Cloud Compute Engine
https://blog.stazot.com/ssh-key-injection-google-cloud
2. Network Security Trends: August-October 2022
https://unit42.paloaltonetworks.com/network-security-trends-aug-oct-2022
3. Learn EVM Attacks: A collection of Foundry tests reproducing exploits, bug bounty reports, and theoretical vulnerabilities on EVM chains
https://github.com/coinspect/learn-evm-attacks
1. SSH Key Injection Vulnerability in Google Cloud Compute Engine
https://blog.stazot.com/ssh-key-injection-google-cloud
2. Network Security Trends: August-October 2022
https://unit42.paloaltonetworks.com/network-security-trends-aug-oct-2022
3. Learn EVM Attacks: A collection of Foundry tests reproducing exploits, bug bounty reports, and theoretical vulnerabilities on EVM chains
https://github.com/coinspect/learn-evm-attacks
Stazot
Sivanesh Ashok
Blog about bug bounty and infosec research
Forwarded from Deadly malware xp
#Offensive_security
1. Exploiting Distroless Images
https://www.form3.tech/engineering/content/exploiting-distroless-images
2. Exploiting CVE-2021-3490 for Container Escapes
https://www.crowdstrike.com/blog/exploiting-cve-2021-3490-for-container-escapes
1. Exploiting Distroless Images
https://www.form3.tech/engineering/content/exploiting-distroless-images
2. Exploiting CVE-2021-3490 for Container Escapes
https://www.crowdstrike.com/blog/exploiting-cve-2021-3490-for-container-escapes
www.form3.tech
Exploiting Distroless Images
An abuse of functionality in the OpenSSL binary, installed in the official Google Container Tools Distroless Base container image, allows for command execution and arbitrary file read and write on distroless containers. By abusing the enc functionality in…
Forwarded from Deadly malware xp
#Threat_Research
1. Java XML security issues and how to address them
https://semgrep.dev/blog/2022/xml-security-in-java
2. QT QML Vulnerability
https://blog.talosintelligence.com/vulnerability-spotlight-integer-and-buffer-overflow-vulnerabilities-found-in-qt-qml
1. Java XML security issues and how to address them
https://semgrep.dev/blog/2022/xml-security-in-java
2. QT QML Vulnerability
https://blog.talosintelligence.com/vulnerability-spotlight-integer-and-buffer-overflow-vulnerabilities-found-in-qt-qml
Forwarded from Deadly malware xp
#Cloud_Security
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass
https://securitylabs.datadoghq.com/articles/iamadmin-cloudtrail-bypass
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass
https://securitylabs.datadoghq.com/articles/iamadmin-cloudtrail-bypass
Datadoghq
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass
Public disclosure of a method to bypass CloudTrail for specific IAM actions.
Forwarded from Deadly malware xp
#Malware_analysis
StrongPity espionage campaign
https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users
StrongPity espionage campaign
https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users
WeLiveSecurity
StrongPity espionage campaign targeting Android users
ESET researchers uncover an active StrongPity campaign that spreads a trojanized version of the Android Telegram app posing as the Shagle video chat app.
Forwarded from Deadly malware xp
Ultraverse.pdf
10.3 MB
#Research
"Ultraverse: Efficient Retroactive Operation for Attack Recovery in Database Systems and Web Frameworks", 2023.
"Ultraverse: Efficient Retroactive Operation for Attack Recovery in Database Systems and Web Frameworks", 2023.