📃 "Fingerprints para detectar y evadir sandboxes conocidos" https://www.hackplayers.com/2020/06/fingerprints-para-detectar-y-evadir-sandboxes.html
Hackplayers
Fingerprints para detectar y evadir sandboxes conocidos
Hoy en día detonar malware en una sandbox es uno de los métodos más usados a la hora de analizar malware, sobretodo cuando tenemos un mo...
The Basics of Exploit Development:
1. Win32 Buffer Overflows
https://www.coalfire.com/The-Coalfire-Blog/January-2020/The-Basics-of-Exploit-Development-1
2. SEH Overflows
https://www.coalfire.com/The-Coalfire-Blog/March-2020/The-Basics-of-Exploit-Development-2-SEH-Overflows
3. Egg Hunters
https://www.coalfire.com/The-Coalfire-Blog/May-2020/The-Basics-of-Exploit-Development-3-Egg-Hunters
1. Win32 Buffer Overflows
https://www.coalfire.com/The-Coalfire-Blog/January-2020/The-Basics-of-Exploit-Development-1
2. SEH Overflows
https://www.coalfire.com/The-Coalfire-Blog/March-2020/The-Basics-of-Exploit-Development-2-SEH-Overflows
3. Egg Hunters
https://www.coalfire.com/The-Coalfire-Blog/May-2020/The-Basics-of-Exploit-Development-3-Egg-Hunters
Coalfire
Coalfire Blog
Resource covering the most important issues in IT security and compliance as well as insights on IT GRC issues that impact the industries that we serve.
Buenas noches.
Vengo a compartirles un script que termine hoy.
hack-wpa2 es una herramienta basada en bash de linux que utiliza la Suite de Aircrack para automatizar la configuracion y el ataque, tener en cuenta que el script no viene con diccionario.
Les dejo un saludo:
https://github.com/Anonimo501/hack-wpa2.git
Vengo a compartirles un script que termine hoy.
hack-wpa2 es una herramienta basada en bash de linux que utiliza la Suite de Aircrack para automatizar la configuracion y el ataque, tener en cuenta que el script no viene con diccionario.
Les dejo un saludo:
https://github.com/Anonimo501/hack-wpa2.git
GitHub
GitHub - Anonimo501/hack-wpa2
Contribute to Anonimo501/hack-wpa2 development by creating an account on GitHub.
ULTIMATE HACKING PACKAGE
1. Cyber security analyst training
2. Cyber security advanced test detecting techniques
3. Cyber security Malicious software detector
4. Cyber security source code defender
5. Cyber security threat intelligence research
6. Cyber security web application defender
7. Cyber training 365 certified ethical Hacker
8. Cyber training 365 computer hacker and forensics
9. Cyber training 365 kali 101
Total size: 36.90 GB
https://mega.nz/folder/HGg2TCTA#CjyPNP3bktKV9w4_g2xUDg/folder/vfgiDK4T
1. Cyber security analyst training
2. Cyber security advanced test detecting techniques
3. Cyber security Malicious software detector
4. Cyber security source code defender
5. Cyber security threat intelligence research
6. Cyber security web application defender
7. Cyber training 365 certified ethical Hacker
8. Cyber training 365 computer hacker and forensics
9. Cyber training 365 kali 101
Total size: 36.90 GB
https://mega.nz/folder/HGg2TCTA#CjyPNP3bktKV9w4_g2xUDg/folder/vfgiDK4T
mega.nz
File folder on MEGA
SIGRed: vulnerabilidad crítica en el servidor DNS de Windows (CVE-2020-1350)
https://www.hackplayers.com/2020/07/sigred-vulnerabilidad-critica-en-dns-windows.html
https://www.hackplayers.com/2020/07/sigred-vulnerabilidad-critica-en-dns-windows.html
Hackplayers
SIGRed: vulnerabilidad crítica en el servidor DNS de Windows (CVE-2020-1350)
Los investigadores de Checkpoint se propusieron encontrar una vulnerabilidad mediante la cual comprometer un dominio de Windows, preferib...
Apache today released updated versions of Tomcat Server to patch two DoS vulnerabilities residing in the WebSocket (CVE-2020-13935) and HTTP/2 (CVE-2020-13934) implementations.
http://mail-archives.us.apache.org/mod_mbox/www-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E
http://mail-archives.us.apache.org/mod_mbox/www-announce/202007.mbox/%3Cad62f54e-8fd7-e326-25f1-3bdf1ffa3818%40apache.org%3E
http://mail-archives.us.apache.org/mod_mbox/www-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E
http://mail-archives.us.apache.org/mod_mbox/www-announce/202007.mbox/%3Cad62f54e-8fd7-e326-25f1-3bdf1ffa3818%40apache.org%3E
📕 PDF Revista UnderDOCS - Diciembre 2019, Número 5
https://underc0de.org/foro/e-zines/t41366/msg137616/#msg137616
📕 PDF Revista UnderDOCS - Enero 2020, Número 6
https://underc0de.org/foro/e-zines/t41548/msg138108/#msg138108
📕 PDF Revista UnderDOCS - Febrero 2020, Número 7
https://underc0de.org/foro/e-zines/t41728/msg138492/#msg138492
📕 PDF Revista UnderDOCS - Marzo 2020, Número 8
https://underc0de.org/foro/e-zines/t41893/msg138943/#msg138943
📕 PDF Revista UnderDOCS - Abril 2020, Número 9
https://underc0de.org/foro/e-zines/underdocs-abril-2020-numero-9/msg139527/#msg139527
📕 PDF Revista UnderDOCS - Mayo 2020, Número 10
https://underc0de.org/foro/e-zines/underdocs-mayo-2020-numero-10/msg140117/#msg140117
📕 PDF Revista UnderDOCS - Junio 2020, Número 11
https://underc0de.org/foro/e-zines/underdocs-junio-2020-numero-11/msg140607/#msg140607
https://underc0de.org/foro/e-zines/t41366/msg137616/#msg137616
📕 PDF Revista UnderDOCS - Enero 2020, Número 6
https://underc0de.org/foro/e-zines/t41548/msg138108/#msg138108
📕 PDF Revista UnderDOCS - Febrero 2020, Número 7
https://underc0de.org/foro/e-zines/t41728/msg138492/#msg138492
📕 PDF Revista UnderDOCS - Marzo 2020, Número 8
https://underc0de.org/foro/e-zines/t41893/msg138943/#msg138943
📕 PDF Revista UnderDOCS - Abril 2020, Número 9
https://underc0de.org/foro/e-zines/underdocs-abril-2020-numero-9/msg139527/#msg139527
📕 PDF Revista UnderDOCS - Mayo 2020, Número 10
https://underc0de.org/foro/e-zines/underdocs-mayo-2020-numero-10/msg140117/#msg140117
📕 PDF Revista UnderDOCS - Junio 2020, Número 11
https://underc0de.org/foro/e-zines/underdocs-junio-2020-numero-11/msg140607/#msg140607
Red Team Tactics:
Bypassing LSA Protection
(aka Protected Process Light) without Mimikatz
on Windows 10 1903/1909/2004
https://www.redcursor.com.au/blog/bypassing-lsa-protection-aka-protected-process-light-without-mimikatz-on-windows-10
PoC:
https://github.com/RedCursorSecurityConsulting/PPLKiller
Bypassing LSA Protection
(aka Protected Process Light) without Mimikatz
on Windows 10 1903/1909/2004
https://www.redcursor.com.au/blog/bypassing-lsa-protection-aka-protected-process-light-without-mimikatz-on-windows-10
PoC:
https://github.com/RedCursorSecurityConsulting/PPLKiller
Red Cursor
Bypassing LSA Protection without Mimikatz on Windows 10 - Red Cursor
Starting with Windows 8.1 (and Server 2012 R2) Microsoft introduced a feature termed LSA Protection. This feature is based on the ...
DNSdumpster.com-- https://dnsdumpster.com/
Hunter-- https://hunter.io/
Intelligence X --https://intelx.io/
Pastebin --https://pastebin.com/
GitHub -- https://github.com/
Shodan – https://www.shodan.io/
FOFA -- https://fofa.so/
Google Hacking Database (GHDB) -- https://www.exploit-db.com/google-hacking-database
Hunter-- https://hunter.io/
Intelligence X --https://intelx.io/
Pastebin --https://pastebin.com/
GitHub -- https://github.com/
Shodan – https://www.shodan.io/
FOFA -- https://fofa.so/
Google Hacking Database (GHDB) -- https://www.exploit-db.com/google-hacking-database
DNSDumpster.com
DNSDumpster - Find & lookup dns records for recon & research
Free domain research tool to discover hosts related to a domain. Find visible hosts from the attackers perspective for Red and Blue Teams.
Bootstrap MITM en HTTPs y la directiva preload en HSTS
http://feedproxy.google.com/~r/ElLadoDelMal/~3/nOQv6hEL37c/bootstrap-mitm-en-https-y-la-directiva.html
http://feedproxy.google.com/~r/ElLadoDelMal/~3/nOQv6hEL37c/bootstrap-mitm-en-https-y-la-directiva.html
Elladodelmal
Bootstrap MITM en HTTPs y la directiva preload en HSTS
Blog personal de Chema Alonso, CDCO Telefónica, 0xWord, MyPublicInbox, sobre seguridad, hacking, hackers y Cálico Electrónico.
CVE-2020-6512:
Google Chrome <84.0.4147.89 - Type Confusion in V8
PoC:
https://chromium.googlesource.com/v8/v8.git/+/c16f62d6e943756d8b4170a36f61e666ced82e6d/test/mjsunit/compiler/regress-1084820.js
Google Chrome <84.0.4147.89 - Type Confusion in V8
PoC:
https://chromium.googlesource.com/v8/v8.git/+/c16f62d6e943756d8b4170a36f61e666ced82e6d/test/mjsunit/compiler/regress-1084820.js
Bypassing LSA Protection (aka Protected Process Light) without Mimikatz on Windows 10
https://www.redcursor.com.au/blog/bypassing-lsa-protection-aka-protected-process-light-without-mimikatz-on-windows-10
https://www.redcursor.com.au/blog/bypassing-lsa-protection-aka-protected-process-light-without-mimikatz-on-windows-10
Red Cursor
Bypassing LSA Protection without Mimikatz on Windows 10 - Red Cursor
Starting with Windows 8.1 (and Server 2012 R2) Microsoft introduced a feature termed LSA Protection. This feature is based on the ...
Windows Server Containers Are Open, and Here’s How You Can Break Out
https://unit42.paloaltonetworks.com/windows-server-containers-vulnerabilities/
https://unit42.paloaltonetworks.com/windows-server-containers-vulnerabilities/
Unit 42
Windows Server Containers Are Open, and Here's How You Can Break Out
We demonstrate a complete technique to escalate privileges and escape Windows Server Containers.
AD Attack
1) Performing domain recon using PS
https://t.co/Pt6VpJqGdO
2) Attack mapping with bloodhound
https://t.co/CpmB4XW3pq
3) Extracting passwd hashes
https://t.co/f55XUSyx1k
4) Pass-the-hash attacks with mimikatz
https://t.co/PPkBjPpVgK
https://t.co/9RxAVyidDw
1) Performing domain recon using PS
https://t.co/Pt6VpJqGdO
2) Attack mapping with bloodhound
https://t.co/CpmB4XW3pq
3) Extracting passwd hashes
https://t.co/f55XUSyx1k
4) Pass-the-hash attacks with mimikatz
https://t.co/PPkBjPpVgK
https://t.co/9RxAVyidDw
Stealthbits Technologies
Performing Domain Reconnaissance Using PowerShell
In this post, we will cover a few of the different ways that PowerShell can be used by attackers to map out your environment and chose their targets.
Curso: Curso Udemy Hacking Ético Profesional Ingreso al Sistema
Descarga--
Mega: https://mega.nz/folder/BM5xQYKA#ICxzGuO6DhdB8Bp_DFNTbg
Descarga--
Mega: https://mega.nz/folder/BM5xQYKA#ICxzGuO6DhdB8Bp_DFNTbg
mega.nz
File folder on MEGA
ya que en esta ocacion les muestro como actua con una prueba real y como crearlo donde les muestro actualmente una lista de todos los rasomware que existen actualmente y probamos un de los mas potente aparte de WannaCry . que con este termine infetandome yo entre otras maquinas ya que este video lo hago solo con fines "educativos para poder entender un poco mas su funcionamiento". mis recomendaciones serian si desiden hacer las pruebas en sus maquinas les recomiendo que configuren bien su maquinas virtual que no sea en modo compartido... https://www.youtube.com/watch?v=mXLD1_ocCc8
CCNA Tutorials
1 - CCNA Cloud: https://mega.nz/#F!h8J1Rb5L!5Yr9Uc2deHaAcRe2cl1qMg
2 - CCNA Collaboration: https://mega.nz/#F!xloRCCKR!T6grMYndq4x30YDPdQBSpQ
3 - CCNA Cyber Ops: https://mega.nz/#F!E8ZznLjK!7svH9q5kuygqXoeRSgGwmQ
4 - CCNA Data Center: https://mega.nz/#F!Ek5RABhR!ex2c5WgXAxzA3U8AUDnLvg
5 - CCNA Routing and Switching: https://mega.nz/#F!44RBVLBD!Rz7MhffUkRKA3KT-X0f4Ng
6 - CCNA Security: https://mega.nz/#F!VooVWb5b!SYOifjCW569KQ5pkpe4taA
7 - CCNA Service Provider: https://mega.nz/#F!R4Q3hZpI!qKYBgyYPz5IbvGJp_2TNvA
8 - CCNA Wireless: https://mega.nz/#F!5k5RiBZD!3euwAjHUwTT2uDjSNd62PQ
1 - CCNA Cloud: https://mega.nz/#F!h8J1Rb5L!5Yr9Uc2deHaAcRe2cl1qMg
2 - CCNA Collaboration: https://mega.nz/#F!xloRCCKR!T6grMYndq4x30YDPdQBSpQ
3 - CCNA Cyber Ops: https://mega.nz/#F!E8ZznLjK!7svH9q5kuygqXoeRSgGwmQ
4 - CCNA Data Center: https://mega.nz/#F!Ek5RABhR!ex2c5WgXAxzA3U8AUDnLvg
5 - CCNA Routing and Switching: https://mega.nz/#F!44RBVLBD!Rz7MhffUkRKA3KT-X0f4Ng
6 - CCNA Security: https://mega.nz/#F!VooVWb5b!SYOifjCW569KQ5pkpe4taA
7 - CCNA Service Provider: https://mega.nz/#F!R4Q3hZpI!qKYBgyYPz5IbvGJp_2TNvA
8 - CCNA Wireless: https://mega.nz/#F!5k5RiBZD!3euwAjHUwTT2uDjSNd62PQ
mega.nz
MEGA provides free cloud storage with convenient and powerful always-on privacy. Claim your free 20GB now