Adventures in Shellcode Obfuscation! Part 1: Overview
#redsiege
by Mike Saunders, Principal Security Consultant This blog is the first in a series of articles on methods for obfuscating shellcode. I’ll be focusing on how to obfuscate […]
via RedSiege Blog (author: Red Siege)
#redsiege
by Mike Saunders, Principal Security Consultant This blog is the first in a series of articles on methods for obfuscating shellcode. I’ll be focusing on how to obfuscate […]
via RedSiege Blog (author: Red Siege)
ScriptBlock Smuggling: Spoofing PowerShell Security Logs and Bypassing AMSI Without Reflection or Patching
#bcsecurity
Note: All code samples shown in the post can be found in our repo here In recent years, PowerShell tradecraft has seen a drop in popularity among pentesters, red teams, and to some extent APTs. There are several reasons for this, but at the core, it was the introduction of [...]
via BC Security Blog (author: Hubbl3)
#bcsecurity
Note: All code samples shown in the post can be found in our repo here In recent years, PowerShell tradecraft has seen a drop in popularity among pentesters, red teams, and to some extent APTs. There are several reasons for this, but at the core, it was the introduction of [...]
via BC Security Blog (author: Hubbl3)
Let’s Clone a Cloner...To Meet My Needs
#trustedsec
It was my second Physical Penetration Test here at TrustedSec and I was paired with colleague Paul Burkeland. After arriving at the hotel, Paul stated that he needed 16 AA batteries, so we went to the local CVS. I was…
via TrustedSec Blog (author: Costa Petros)
#trustedsec
It was my second Physical Penetration Test here at TrustedSec and I was paired with colleague Paul Burkeland. After arriving at the hotel, Paul stated that he needed 16 AA batteries, so we went to the local CVS. I was…
via TrustedSec Blog (author: Costa Petros)
How Privileged Identity Management Affects Conditional Access Policies
#specterops
via SpecterOps Team Medium (author: Hope Walker)
#specterops
via SpecterOps Team Medium (author: Hope Walker)
Medium
How Privileged Identity Management Affects Conditional Access Policies
Introduction
Adventures in Shellcode Obfuscation! Part 2: Hail Caesar!
#redsiege
by Mike Saunders, Principal Security Consultant This blog is the second in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series […]
via RedSiege Blog (author: Red Siege)
#redsiege
by Mike Saunders, Principal Security Consultant This blog is the second in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series […]
via RedSiege Blog (author: Red Siege)
Playing Games with PCI Compliance Deadlines
#trustedsec
The new version 4.0 of the PCI DSS standard that applies to organizations that handle payment cards is now mandatory as of April 01, 2024. As a QSA, I’ve heard rumblings about organizations that moved their annual PCI…
via TrustedSec Blog (author: Chris Camejo)
#trustedsec
The new version 4.0 of the PCI DSS standard that applies to organizations that handle payment cards is now mandatory as of April 01, 2024. As a QSA, I’ve heard rumblings about organizations that moved their annual PCI…
via TrustedSec Blog (author: Chris Camejo)
Media is too big
VIEW IN TELEGRAM
Phone Switch Labs CTF – Walk-Through
#redsiege
by Douglas Berdeaux, Senior Security Consultant CTF redsiege.com/phoneswitch Getting Started Phone phreaking is the practice of exploring and hacking telephones, telephone switches, telephone test equipment, and physically exploring the telephone […]
via RedSiege Blog (author: Red Siege)
#redsiege
by Douglas Berdeaux, Senior Security Consultant CTF redsiege.com/phoneswitch Getting Started Phone phreaking is the practice of exploring and hacking telephones, telephone switches, telephone test equipment, and physically exploring the telephone […]
via RedSiege Blog (author: Red Siege)
Release v2.0 - Everything Everywhere All At Once
#bruteratel
Brute Ratel v2.0 [codename Metamorphosis] is now available for download. This release introduces significant changes compared to previous versions, so it’s strongly recommended to review this blog, the private videos, and the documentation before using it. The Badger component has undergone extensive rewrites, featuring major updates in evasion tactics and new functionalities. The server has been optimized for speed and efficiency, with significant improvements to the licensing algorithm, ensuring each license is linked to a specific host to prevent misuse. However, the license can still be transfered from one host to another while deactivating the previous one. Additionally, several minor updates have been made to the Commander, which operators will notice during operation.
via Brute Ratel C4 Blog (author: Chetan Nayak (chetan@bruteratel.com))
#bruteratel
Brute Ratel v2.0 [codename Metamorphosis] is now available for download. This release introduces significant changes compared to previous versions, so it’s strongly recommended to review this blog, the private videos, and the documentation before using it. The Badger component has undergone extensive rewrites, featuring major updates in evasion tactics and new functionalities. The server has been optimized for speed and efficiency, with significant improvements to the licensing algorithm, ensuring each license is linked to a specific host to prevent misuse. However, the license can still be transfered from one host to another while deactivating the previous one. Additionally, several minor updates have been made to the Commander, which operators will notice during operation.
via Brute Ratel C4 Blog (author: Chetan Nayak (chetan@bruteratel.com))
Investing to deliver more
#portswigger
We are excited to announce a strategic investment from Brighton Park Capital (BPC), a leading growth equity firm with a track record of scaling innovative technology companies. This partnership will e
via PortSwigger Blog
#portswigger
We are excited to announce a strategic investment from Brighton Park Capital (BPC), a leading growth equity firm with a track record of scaling innovative technology companies. This partnership will e
via PortSwigger Blog
Ring Around The Regex: Lessons learned from fuzzing regex libraries (Part 1)
#secretclub
Okay, if you’re reading this, you probably know what fuzzing is. As an incredibly reductive summary: fuzzing is an automated, random testing process which tries to explore the state space (e.g., different interpretations of the input or behaviour) of a program under test (PUT; sometimes also SUT, DUT, etc.). Fuzzing is often celebrated as one of the most effective ways to find bugs in programs due to its inherently random nature, which defies human expectation or bias1. The strategy has found countless security-critical bugs (think tens or hundreds of thousands) over its 30-odd-years of existence, and yet faces regular suspicion from industry and academia alike. Mostly. Fuzzers can be overfit to certain applications, intentionally or not. ↩
via Secret Club (author: addison)
#secretclub
Okay, if you’re reading this, you probably know what fuzzing is. As an incredibly reductive summary: fuzzing is an automated, random testing process which tries to explore the state space (e.g., different interpretations of the input or behaviour) of a program under test (PUT; sometimes also SUT, DUT, etc.). Fuzzing is often celebrated as one of the most effective ways to find bugs in programs due to its inherently random nature, which defies human expectation or bias1. The strategy has found countless security-critical bugs (think tens or hundreds of thousands) over its 30-odd-years of existence, and yet faces regular suspicion from industry and academia alike. Mostly. Fuzzers can be overfit to certain applications, intentionally or not. ↩
via Secret Club (author: addison)
The Dangers of Transition Mode
#trustedsec
<p>With the introduction of WPA3, it is becoming increasingly difficult to successfully exploit a wireless network. One of the main enhancements introduced in WPA3 is the Simultaneous Authentication of Equals (SAE) model.…</p>
via TrustedSec Blog (author: Michael Bond)
#trustedsec
<p>With the introduction of WPA3, it is becoming increasingly difficult to successfully exploit a wireless network. One of the main enhancements introduced in WPA3 is the Simultaneous Authentication of Equals (SAE) model.…</p>
via TrustedSec Blog (author: Michael Bond)
A hacking hat-trick: previewing three PortSwigger Research publications coming to DEF CON & Black Hat USA
#portswigger
We're delighted to announce three major research releases from PortSwigger Research will be published at both Black Hat USA and DEF CON 32. In this post, we'll offer a quick teaser of each talk, info
via PortSwigger Research
#portswigger
We're delighted to announce three major research releases from PortSwigger Research will be published at both Black Hat USA and DEF CON 32. In this post, we'll offer a quick teaser of each talk, info
via PortSwigger Research
Adventures in Shellcode Obfuscation! Part 3: Encryption
#redsiege
By Mike Saunders, Principal Security Consultant This blog is the third in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the […]
via RedSiege Blog (author: Red Siege)
#redsiege
By Mike Saunders, Principal Security Consultant This blog is the third in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the […]
via RedSiege Blog (author: Red Siege)
Adventures in Shellcode Obfuscation! Part 4: RC4 with a Twist
#redsiege
by Mike Saunders, Principal Security Consultant This blog is the fourth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series […]
via RedSiege Blog (author: Red Siege)
#redsiege
by Mike Saunders, Principal Security Consultant This blog is the fourth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the series […]
via RedSiege Blog (author: Red Siege)