#exploit
1. CVE-2022-42864:
Concurrent Execution using Shared Resource with Improper Synchronization ("Race Condition")
https://muirey03.blogspot.com/2023/01/cve-2022-42864-diabolical-cookies.html
2. CVE-2022-25637:
Multiple TOCTOU vulns in peripheral devices (Razer, EVGA, MSI, AMI)
https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
1. CVE-2022-42864:
Concurrent Execution using Shared Resource with Improper Synchronization ("Race Condition")
https://muirey03.blogspot.com/2023/01/cve-2022-42864-diabolical-cookies.html
2. CVE-2022-25637:
Multiple TOCTOU vulns in peripheral devices (Razer, EVGA, MSI, AMI)
https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
#Offensive_security
1. Scripts and Executables for Pentest & Forensics
https://github.com/S3cur3Th1sSh1t/Creds
2. APCLdr - Payload Loader With Evasion Features
https://github.com/NUL0x4C/APCLdr
1. Scripts and Executables for Pentest & Forensics
https://github.com/S3cur3Th1sSh1t/Creds
2. APCLdr - Payload Loader With Evasion Features
https://github.com/NUL0x4C/APCLdr
#tools
#Blue_Team_Techniques
Patches for Waterfall to improve overall performance, fix memory issues and protect against attacks
https://github.com/2lstudios-mc/FlameCord
#Blue_Team_Techniques
Patches for Waterfall to improve overall performance, fix memory issues and protect against attacks
https://github.com/2lstudios-mc/FlameCord
#tools
Utility to find hidden Linux kernel modules
https://github.com/jafarlihi/modreveal
]-> LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64):
https://github.com/m0nad/Diamorphine
Utility to find hidden Linux kernel modules
https://github.com/jafarlihi/modreveal
]-> LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64):
https://github.com/m0nad/Diamorphine
NIST_IR_8401.pdf
1.8 MB
#Infosec_Standards
NIST IR 8401:
"Satellite Ground Segment:
Applying the Cybersecurity Framework to Assure Satellite Command and Control", December 2022.
NIST IR 8401:
"Satellite Ground Segment:
Applying the Cybersecurity Framework to Assure Satellite Command and Control", December 2022.
WDIMT.pdf
834.4 KB
#Research
"Website Defacement Detection and Monitoring Methods: A Review", 2022.
]-> Web Defacement Detection Tool:
https://github.com/CERT-hr/Web-Defacement-Detection-Tool
"Website Defacement Detection and Monitoring Methods: A Review", 2022.
]-> Web Defacement Detection Tool:
https://github.com/CERT-hr/Web-Defacement-Detection-Tool
Hi Techies, Ethical Hackers and Cyber security enthusiasts. I am offering a great opportunity to you all to work with us at Techofide.
Here is the link to apply: https://forms.gle/4c4zohet8oKbBv6D8
Waiting for your responses everyone! Have a great day😀
Here is the link to apply: https://forms.gle/4c4zohet8oKbBv6D8
Waiting for your responses everyone! Have a great day😀
⚡1
Forwarded from 卩ro 爪Cracker
This media is not supported in your browser
VIEW IN TELEGRAM
90% Pakistan is out of electricity after major cyber attack on electricity systems.
बिजली प्रणालियों पर बड़े साइबर हमले के बाद 90% पाकिस्तान में बिजली गुल।
बिजली प्रणालियों पर बड़े साइबर हमले के बाद 90% पाकिस्तान में बिजली गुल।
👍4❤1
CVE-2023-22809 – sudo Privilege escalation
Affected sudo versions: 1.8.0 to 1.9.12p1
This script automates the exploitation of the CVE-2023-22809 vulnerability to gain a root shell.
Script: https://system32.ink/news-feed/p/170/
Affected sudo versions: 1.8.0 to 1.9.12p1
This script automates the exploitation of the CVE-2023-22809 vulnerability to gain a root shell.
Script: https://system32.ink/news-feed/p/170/
👍3
🔥2
Echidna – A Fast Smart Contract Fuzzer
Echidna is a weird creature that eats bugs and is highly electrosensitive (with apologies to Jacob Stanley)
https://system32.ink/news-feed/p/173/
Echidna is a weird creature that eats bugs and is highly electrosensitive (with apologies to Jacob Stanley)
https://system32.ink/news-feed/p/173/
PhoneSploit Pro
PhoneSploit with Metasploit Integration.
An All-In-One hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
https://system32.ink/news-feed/p/174/
PhoneSploit with Metasploit Integration.
An All-In-One hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
https://system32.ink/news-feed/p/174/
👍2❤1
SQLi Hunter v2 is a python program that checks for SQL (and Blind) injection vulnerability in URL’s. The program is designed to be easy to use, practical and beneficial. The intention of this tool is to include it in your ethical Bug Bounty Hunting methodology. Please do not use this tool on any website without having its permission.
https://system32.ink/news-feed/p/175/
https://system32.ink/news-feed/p/175/
#Offensive_security
1. Cobalt Strike Beacon Object File for kernel exploitation using AMD's Ryzen Master Driver (version 17)
https://github.com/tijme/amd-ryzen-master-driver-v17-exploit
2. A script to automate privilege escalation with CVE-2023-22809 vulnerability
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
1. Cobalt Strike Beacon Object File for kernel exploitation using AMD's Ryzen Master Driver (version 17)
https://github.com/tijme/amd-ryzen-master-driver-v17-exploit
2. A script to automate privilege escalation with CVE-2023-22809 vulnerability
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
#Analytics
Cybersecurity Trends Q1/23:
⬆️ Pwd spraying/creds stuffing;
⬆️ Phishing w/ new file types, eg .one, .iso, .lnk;
⬆️ Rust malware / loaders (+Go +Nim +Zig);
⬆️ Sliver implants;
⬆️ Abused legit RA software;
⬆️ Abused legit encryption tools (ransom);
⬆️ Token/Cloud API abuse;
⬇️ Malware attacks on non-standard ports;
⬇️ E-Skimming Incidents;
⬇️ Office Macros.
Cybersecurity Trends Q1/23:
⬆️ Pwd spraying/creds stuffing;
⬆️ Phishing w/ new file types, eg .one, .iso, .lnk;
⬆️ Rust malware / loaders (+Go +Nim +Zig);
⬆️ Sliver implants;
⬆️ Abused legit RA software;
⬆️ Abused legit encryption tools (ransom);
⬆️ Token/Cloud API abuse;
⬇️ Malware attacks on non-standard ports;
⬇️ E-Skimming Incidents;
⬇️ Office Macros.
#Hardware_Security
Intel iTLB multihit bug
https://www.tacitosecurity.com/multihit.html
]-> PoC: https://github.com/ergot86/itlb_poc
Intel iTLB multihit bug
https://www.tacitosecurity.com/multihit.html
]-> PoC: https://github.com/ergot86/itlb_poc
#hardening
#Blue_Team_Techniques
Recommendations to mitigate OWASP API Security Top 10 threats using API Management
https://learn.microsoft.com/en-us/azure/api-management/mitigate-owasp-api-threats
#Blue_Team_Techniques
Recommendations to mitigate OWASP API Security Top 10 threats using API Management
https://learn.microsoft.com/en-us/azure/api-management/mitigate-owasp-api-threats
#Threat_Research
Traffic signals: The VASTFLUX Takedown
https://www.humansecurity.com/learn/blog/traffic-signals-the-vastflux-takedown
Traffic signals: The VASTFLUX Takedown
https://www.humansecurity.com/learn/blog/traffic-signals-the-vastflux-takedown
#tools
#Red_Team_Tactics
1. qscan - Quick Network Scanner
https://github.com/0xor0ne/qscan
+ its companion command line tool qsc:
https://github.com/0xor0ne/qscan/tree/main/qsc
2. Bypassing Applocker, UAC, and Getting Administrative Persistence
https://assume-breach.medium.com/home-grown-red-team-bypassing-applocker-uac-and-getting-administrative-persistence-88b85c81343e
#Red_Team_Tactics
1. qscan - Quick Network Scanner
https://github.com/0xor0ne/qscan
+ its companion command line tool qsc:
https://github.com/0xor0ne/qscan/tree/main/qsc
2. Bypassing Applocker, UAC, and Getting Administrative Persistence
https://assume-breach.medium.com/home-grown-red-team-bypassing-applocker-uac-and-getting-administrative-persistence-88b85c81343e
#DFIR
ShareFinder: How Threat Actors Discover File Shares
https://thedfirreport.com/2023/01/23/sharefinder-how-threat-actors-discover-file-shares
ShareFinder: How Threat Actors Discover File Shares
https://thedfirreport.com/2023/01/23/sharefinder-how-threat-actors-discover-file-shares