#Threat_Research
Traffic signals: The VASTFLUX Takedown
https://www.humansecurity.com/learn/blog/traffic-signals-the-vastflux-takedown

#tools
#Red_Team_Tactics
1. qscan - Quick Network Scanner
https://github.com/0xor0ne/qscan
+ its companion command line tool qsc:
https://github.com/0xor0ne/qscan/tree/main/qsc
2. Bypassing Applocker, UAC, and Getting Administrative Persistence
https://assume-breach.medium.com/home-grown-red-team-bypassing-applocker-uac-and-getting-administrative-persistence-88b85c81343e

#DFIR
ShareFinder: How Threat Actors Discover File Shares
https://thedfirreport.com/2023/01/23/sharefinder-how-threat-actors-discover-file-shares

#Tech_book
#Cloud_Security
"Wireshark for Network Forensics: An Essential Guide for IT and Cloud Professionals", 2023.

Bug : Facebook Group Members Disclosure

Intro : A Non-member can determine if someone is the member of a private group or not via CometHovercardQueryRendererQuery graphQL mutation.

Video POC:- https://system32.ink/news-feed/p/176/

A #browser_extension for OSINT search
https://github.com/ninoseki/mitaka

The all-in-one Red Team #extension for Web Pentest
https://github.com/LasCC/Hack-Tools

#Malware_analysis
1. Analyzing Malicious OneNote Documents
https://blog.didierstevens.com/2023/01/22/analyzing-malicious-onenote-documents
2. Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
https://securelist.com/roaming-mantis-dns-changer-in-malicious-mobile-app/108464

#exploit
1. A Step-By-Step Introduction To The Use Of ROP Gadgets To Bypass DEP
https://cybergeeks.tech/a-step-by-step-introduction-to-the-use-of-rop-gadgets-to-bypass-dep

2. b3typer - Simple typer bug
https://blog.bi0s.in/2023/01/23/Pwn/bi0sCTF22-b3typer

3. CVE-2022-2347:
U-Boot - Unchecked Download Size/Direction in USB DFU
https://research.nccgroup.com/2023/01/20/technical-advisory-u-boot-unchecked-download-size-and-direction-in-usb-dfu-cve-2022-2347

#tools
#IoT_Security
bamf - tool which utilizes Shodan to detect vulnerable IoT devices
https://github.com/malwaredllc/bamf

#tools
#Blue_Team_Techniques
LogSlash - The New Standard Method of Log Reduction
https://github.com/FoxIO-LLC/LogSlash

#Research
"StealthyIMU: Stealing Permission-protected Private Information From Smartphone Voice Assistant Using Zero-Permission Sensors", NDSS 2023.

]-> Repo: https://github.com/Samsonsjarkal/StealthyIMU

#Infosec_Standards
NIST SP 800-190:
"Application Container Security Guide", 2017.

WordPress Plugin Elementor 3.6.2 – Remote Code Execution (RCE) (Authenticated)] Date: 04/16/2022

Exploit:- https://system32.ink/news-feed/p/177/

Internet Camera Exploitation Tool
This is a tool meant to assist cyber security researchers on discovering outdated and vulnerable camera systems on the internet by utilizing shodan.io

I was able to discover thousands of vulnerable cameras using it

Tool:- https://system32.ink/news-feed/p/179/

#Red_Team_Tactics
1. Elevation of Privilege from Local Admin to gMSA
https://aadinternals.com/post/local_admin_to_gmsa
2. Keeping LSA secrets out of physical memory
https://github.com/elastic/Silhouette
3. Basic SSTI - Server-Side Template Injection (2023)
https://infosecwriteups.com/basic-ssti-server-side-template-injection-2023-da4995583554

#Tech_book
"Phishing and Communication Channels: A Guide to Identifying and Mitigating Phishing Attacks", 2021.

#Malware_analysis
Detecting malicious artifacts using an ETW consumer in kernel mode
https://www.countercraftsec.com/blog/detecting-malicious-artifacts-using-an-etw-consumer-in-kernel-mode

#hardening
A tool for checking the security hardening options of the Linux kernel
https://github.com/a13xp0p0v/kconfig-hardened-check