Forwarded from ☠️Lèx Légîøn☠️
☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️
#GiveawayOnRepublicDay
TryHackMe 1 Month 3 Vouchers Giveaway...
If Anyone is interested in this giveaway then Dope-Me(DM)...with your TryHackMe ID
We'll review your TryHackMe account and based on your progress we will try to ask some basic questions...
After that you will be given your TryHackMe Coupon...
Dm :- @lexlegion
☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️
#GiveawayOnRepublicDay
TryHackMe 1 Month 3 Vouchers Giveaway...
If Anyone is interested in this giveaway then Dope-Me(DM)...with your TryHackMe ID
We'll review your TryHackMe account and based on your progress we will try to ask some basic questions...
After that you will be given your TryHackMe Coupon...
Dm :- @lexlegion
☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️
👍1
#Threat_Research
#Blue_Team_Techniques
1. At the Edge of Tier Zero: The Curious Case of the RODC
https://posts.specterops.io/at-the-edge-of-tier-zero-the-curious-case-of-the-rodc-ef5f1799ca06
2. Sigma Rule to Detect Uncommon Keyboard Layout Loads
https://gist.github.com/Neo23x0/62a75d4bbd26aa9164fa73384f6a1410
]-> Sysmon Config: https://github.com/SwiftOnSecurity/sysmon-config/pull/92/files
#Blue_Team_Techniques
1. At the Edge of Tier Zero: The Curious Case of the RODC
https://posts.specterops.io/at-the-edge-of-tier-zero-the-curious-case-of-the-rodc-ef5f1799ca06
2. Sigma Rule to Detect Uncommon Keyboard Layout Loads
https://gist.github.com/Neo23x0/62a75d4bbd26aa9164fa73384f6a1410
]-> Sysmon Config: https://github.com/SwiftOnSecurity/sysmon-config/pull/92/files
❤1
#Infographics
Linux Kernel Defence Map (v.5.13)
shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies
https://github.com/a13xp0p0v/linux-kernel-defence-map
Linux Kernel Defence Map (v.5.13)
shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies
https://github.com/a13xp0p0v/linux-kernel-defence-map
#exploit
1. CVE-2022-38181:
Vulnerability in the Arm Mali GPU
https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug
2. CVE-2023-0210:
Linux Kernel Unauthenticated Remote Heap Overflow Within KSMBD
https://sysdig.com/blog/cve-2023-0210-linux-kernel-unauthenticated-remote-heap-overflow
1. CVE-2022-38181:
Vulnerability in the Arm Mali GPU
https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug
2. CVE-2023-0210:
Linux Kernel Unauthenticated Remote Heap Overflow Within KSMBD
https://sysdig.com/blog/cve-2023-0210-linux-kernel-unauthenticated-remote-heap-overflow
#hardening
Digging into Linux namespaces
Part 1: https://blog.quarkslab.com/digging-into-linux-namespaces-part-1.html
Part 2: https://blog.quarkslab.com/digging-into-linux-namespaces-part-2.html
Digging into Linux namespaces
Part 1: https://blog.quarkslab.com/digging-into-linux-namespaces-part-1.html
Part 2: https://blog.quarkslab.com/digging-into-linux-namespaces-part-2.html
Cisco_Networks (3).pdf
35.3 MB
#Tech_book
"Cisco Networks:
Engineers’ Handbook of Routing, Switching, and Security with IOS, NX-OS, and ASA", 2021.
"Cisco Networks:
Engineers’ Handbook of Routing, Switching, and Security with IOS, NX-OS, and ASA", 2021.
👍2
LODEINFO.pdf
14.9 MB
#Malware_analysis
"Fighting to LODEINFO: Investigation for Continuous Cyberespionage Based on Open Source", 2023.
]-> LODEINFO Triage Tools:
https://github.com/nflabs/aa_tools/tree/main/lodeinfo
"Fighting to LODEINFO: Investigation for Continuous Cyberespionage Based on Open Source", 2023.
]-> LODEINFO Triage Tools:
https://github.com/nflabs/aa_tools/tree/main/lodeinfo
OpenCVe
OpenCVE is a platform used to locally import the list of CVEs and perform searches on it (by vendors, products, CVSS, CWE...).
Users subscribe to vendors or products, and OpenCVE alerts them when a new CVE is created or when an update is done in an existing CVE.
https://system32.ink/news-feed/p/182/
OpenCVE is a platform used to locally import the list of CVEs and perform searches on it (by vendors, products, CVSS, CWE...).
Users subscribe to vendors or products, and OpenCVE alerts them when a new CVE is created or when an update is done in an existing CVE.
https://system32.ink/news-feed/p/182/
Gank-RECON
Subdomains enumeration, various scans and testing of some vulnerabilities.
https://system32.ink/news-feed/p/183/
Subdomains enumeration, various scans and testing of some vulnerabilities.
https://system32.ink/news-feed/p/183/
Forwarded from 卩ro 爪Cracker
Whacking a phishing admin panel for fun and profit
https://ift.tt/RpX7QeP
Submitted January 26, 2023 at 10:32AM by thehunter699
via reddit https://ift.tt/Ia3shPl
https://ift.tt/RpX7QeP
Submitted January 26, 2023 at 10:32AM by thehunter699
via reddit https://ift.tt/Ia3shPl
Medium
Destroying the Scammers Portal — SBI Scam
Greetings to all readers,
Forwarded from 卩ro 爪Cracker
Binary Ninja HashDB Plugin
Binary Ninja plugin for interacting with the OALabs HashDB service.
https://github.com/cxiao/hashdb_bn
Binary Ninja plugin for interacting with the OALabs HashDB service.
https://github.com/cxiao/hashdb_bn
#Sec_code_review
Statistical Analysis to Detect Uncommon Code
https://synthesis.to/2023/01/26/uncommon_instruction_sequences.html
Statistical Analysis to Detect Uncommon Code
https://synthesis.to/2023/01/26/uncommon_instruction_sequences.html
#exploit
1. CVE-2023-23504:
XNU Heap Underwrite in dlil.c
https://adamdoupe.com/blog/2023/01/23/cve-2023-23504-xnu-heap-underwrite-in-dlil-dot-c
2. CVE-2023-24055:
KeePass 2.5x PoC
https://github.com/alt3kx/CVE-2023-24055_PoC
3. CVE-2022-34689:
CryptoAPI spoofing vulnerability
https://github.com/akamai/akamai-security-research/tree/main/PoCs/CVE-2022-34689
1. CVE-2023-23504:
XNU Heap Underwrite in dlil.c
https://adamdoupe.com/blog/2023/01/23/cve-2023-23504-xnu-heap-underwrite-in-dlil-dot-c
2. CVE-2023-24055:
KeePass 2.5x PoC
https://github.com/alt3kx/CVE-2023-24055_PoC
3. CVE-2022-34689:
CryptoAPI spoofing vulnerability
https://github.com/akamai/akamai-security-research/tree/main/PoCs/CVE-2022-34689
#Red_Team_Tactics
1. Proxying DLL Loads For Hiding ETWTI Stack Tracing
https://0xdarkvortex.dev/proxying-dll-loads-for-hiding-etwti-stack-tracing
2. Python module for running BOFs
https://github.com/rkbennett/pybof
1. Proxying DLL Loads For Hiding ETWTI Stack Tracing
https://0xdarkvortex.dev/proxying-dll-loads-for-hiding-etwti-stack-tracing
2. Python module for running BOFs
https://github.com/rkbennett/pybof
#Threat_Research
Sliver Malware with BYOVD Distributing Due to Sunlogin Vulnerability Attack
https://asec.ahnlab.com/ko/46208
Sliver Malware with BYOVD Distributing Due to Sunlogin Vulnerability Attack
https://asec.ahnlab.com/ko/46208
Bounce_Ticket_SilverIodide.pdf
5.7 MB
#Whitepaper
"Bounce the Ticket and Silver Iodide Attacks on Azure AD Kerberos", 2023.
"Bounce the Ticket and Silver Iodide Attacks on Azure AD Kerberos", 2023.