Anomali-Managing_Threat_Intelligence_Playbook.pdf
5.8 MB
Hi! As you know, we davno ugoreli po threat Intelligence, so we do provide yet another material for TI skillz improving. Enjoy the reading from Anomali. No, it is not a f*cking marketing. It`s just to keep your hands on whats going.
Microsoft Internet Explorer v11 XML External Entity Injection 0day + PoC Exploit
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-INTERNET-EXPLORER-v11-XML-EXTERNAL-ENTITY-INJECTION-0DAY.txt
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-INTERNET-EXPLORER-v11-XML-EXTERNAL-ENTITY-INJECTION-0DAY.txt
Threat-intelligence-handbook.pdf
7.5 MB
Do not miss! This book was in "hide" status and has recently become available in public. Godnota po #threat #intelligence.
CYBEREDGE: "The Threat Intelligence Handbook. A Practical Guide for Security Teams to Unlocking the Power of Intelligence"
CYBEREDGE: "The Threat Intelligence Handbook. A Practical Guide for Security Teams to Unlocking the Power of Intelligence"
Playtech is looking for:
1) SOC analyst (light skills level)
https://rabota.ua/company2701998/vacancy7601858
2) Security Engineer (advanced level)
https://rabota.ua/company2701998/vacancy7601425
1) SOC analyst (light skills level)
https://rabota.ua/company2701998/vacancy7601858
2) Security Engineer (advanced level)
https://rabota.ua/company2701998/vacancy7601425
virustotal-for-investigators.pdf
8.8 MB
Meet some new godnota!
"VirusTotal for Investigators". Methods for using VirusTotal data to deep dive into malware campaigns.
"VirusTotal for Investigators". Methods for using VirusTotal data to deep dive into malware campaigns.
Firefox, CVE-2018-18500 A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash.
+ POC exploit.
https://github.com/sophoslabs/CVE-2018-18500/
+ POC exploit.
https://github.com/sophoslabs/CVE-2018-18500/
GitHub
GitHub - sophoslabs/CVE-2018-18500: PoC for CVE-2018-18500 - Firefox Use-After-Free
PoC for CVE-2018-18500 - Firefox Use-After-Free. Contribute to sophoslabs/CVE-2018-18500 development by creating an account on GitHub.
APT34 / OILRIG LEAK, QUICK ANALYSIS by MISTERCH0C:
https://misterch0c.blogspot.com/2019/04/apt34-oilrig-leak.html
https://misterch0c.blogspot.com/2019/04/apt34-oilrig-leak.html
Blogspot
APT34 / OILRIG Leak, Quick Analysis
Few weeks ago a group of Iranian hackers called "Lab Dookhtegan" started leaking information about the operations of APT34 / OILRIG which su...
BlueCommand is a dashboard and tooling front-end for PowerShell Empire using PowerShell Universal Dashboard from Adam Driscoll.
https://github.com/leeberg/BlueCommand
https://github.com/leeberg/BlueCommand
GitHub
GitHub - leeberg/BlueCommand: Dashboarding and Tooling front-end for PowerShell Empire using PowerShell Universal Dashboard
Dashboarding and Tooling front-end for PowerShell Empire using PowerShell Universal Dashboard - leeberg/BlueCommand
DLL hijacking and #lateral #movement. Discovery methodology, detections, proof of concept code, demos and more!
https://posts.specterops.io/lateral-movement-scm-and-dll-hijacking-primer-d2f61e8ab992
https://posts.specterops.io/lateral-movement-scm-and-dll-hijacking-primer-d2f61e8ab992
SpecterOps
Blog - SpecterOps
Your new best friend: Introducing BloodHound Community Edition!
Fileless linux malware framework thats crossplatform and allows users to easily create and manage payloads. Meet fireELF!
https://github.com/rek7/fireELF
https://github.com/rek7/fireELF
GitHub
GitHub - rek7/fireELF: fireELF - Fileless Linux Malware Framework
fireELF - Fileless Linux Malware Framework. Contribute to rek7/fireELF development by creating an account on GitHub.
Sandmap: #NMAP on steroids. Is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques.|
https://github.com/trimstray/sandmap
https://github.com/trimstray/sandmap
GitHub
GitHub - trimstray/sandmap: Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles. - trimstray/sandmap