This Badge is My Badge
#nettitude
When it comes to covert entry assessments, successfully capturing RFID badge values can mean the difference between failure and successful entry to a target site. In a previous Labs post, “I Don’t Need a Badge – Lessons Learned from Physical Social Engineering”, we introduced the ESPKey as a method of capture. Although the ESPKey is [...]
via Nettitude Labs Blog (author: Dalton Wright)
#nettitude
When it comes to covert entry assessments, successfully capturing RFID badge values can mean the difference between failure and successful entry to a target site. In a previous Labs post, “I Don’t Need a Badge – Lessons Learned from Physical Social Engineering”, we introduced the ESPKey as a method of capture. Although the ESPKey is [...]
via Nettitude Labs Blog (author: Dalton Wright)
Gobbling Up Forensic Analysis Data Using Velociraptor
#trustedsec
Lately I have been working with Velociraptor for its endpoint and digital forensic capabilities and specifically spent time in many cases in the past two years with Velociraptor Offline Collector functions to gather…
via TrustedSec Blog (author: Thomas Millar)
#trustedsec
Lately I have been working with Velociraptor for its endpoint and digital forensic capabilities and specifically spent time in many cases in the past two years with Velociraptor Offline Collector functions to gather…
via TrustedSec Blog (author: Thomas Millar)
TrustedSec
Gobbling Up Forensic Analysis Data Using Velociraptor
Adventures in Shellcode Obfuscation! Part 11: Jargon
#redsiege
by Mike Saunders, Principal Consultant This blog is the eleventh in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the […]
via RedSiege Blog (author: Red Siege)
#redsiege
by Mike Saunders, Principal Consultant This blog is the eleventh in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the […]
via RedSiege Blog (author: Red Siege)
Using Veeam metadata for efficient extraction of Backup artefacts (2/3)
#synacktiv
via Synacktiv Blog (author: Webmaster)
#synacktiv
via Synacktiv Blog (author: Webmaster)
Shellcode: Pseudo-Random Involution (Data Masking 3)
#odzhan
Introduction Not sure if the title is an accurate description, but when you apply a self-inverse permutation or involution twice, you get back the original data and that’s pretty much what the code shown in this post does.
via modexp Blog (author: odzhan)
#odzhan
Introduction Not sure if the title is an accurate description, but when you apply a self-inverse permutation or involution twice, you get back the original data and that’s pretty much what the code shown in this post does.
via modexp Blog (author: odzhan)
Shellcode: RSA (Data Masking 4)
#odzhan
Introduction Malware like OceanLotus have used RSA-256 to hide strings. Darkhotel used RSA to hide code. For fun, some crackmes used RSA-32 or RSA-64 for simple keygen challenges. The RSA cryptosystem uses two exponents (or keys) and a modulus derived
via modexp Blog (author: odzhan)
#odzhan
Introduction Malware like OceanLotus have used RSA-256 to hide strings. Darkhotel used RSA to hide code. For fun, some crackmes used RSA-32 or RSA-64 for simple keygen challenges. The RSA cryptosystem uses two exponents (or keys) and a modulus derived
via modexp Blog (author: odzhan)
👍1
Shellcode: API Hashing with Block Ciphers (Maru4)
#odzhan
Introduction Constructing your own hash algorithm is controversial because there will always be professionals in the field of cryptography and engineering that can expose vulnerabilities in the design. I’m not encouraging anyone to construct a cryptographic hash algorithm without extensive …
via modexp Blog (author: odzhan)
#odzhan
Introduction Constructing your own hash algorithm is controversial because there will always be professionals in the field of cryptography and engineering that can expose vulnerabilities in the design. I’m not encouraging anyone to construct a cryptographic hash algorithm without extensive …
via modexp Blog (author: odzhan)
Introducing the URL validation bypass cheat sheet
#portswigger
URL validation bypasses are the root cause of numerous vulnerabilities including many instances of SSRF, CORS misconfiguration, and open redirection. These work by using ambiguous URLs to trigger URL
via PortSwigger Research
#portswigger
URL validation bypasses are the root cause of numerous vulnerabilities including many instances of SSRF, CORS misconfiguration, and open redirection. These work by using ambiguous URLs to trigger URL
via PortSwigger Research
When on Workstation, Do as the Local Browsers Do!
#trustedsec
Web browsers are common targets for many different APTs. Tools like Redline Malware or penetration testing tools such as SharpChrome or SharpChromium steal sensitive data like cookies and saved login…
via TrustedSec Blog (author: Megan Nilsen)
#trustedsec
Web browsers are common targets for many different APTs. Tools like Redline Malware or penetration testing tools such as SharpChrome or SharpChromium steal sensitive data like cookies and saved login…
via TrustedSec Blog (author: Megan Nilsen)
TrustedSec
When on Workstation, Do as the Local Browsers Do!
How to Secure Your Penetration Testing Environment with Full Disk Encryption
#redsiege
by Douglas Berdeaux, Senior Security Consultant As penetration testers, ensuring the security and integrity of our tools and data is paramount. One key aspect of this is creating […]
via RedSiege Blog (author: Justin Connors)
#redsiege
by Douglas Berdeaux, Senior Security Consultant As penetration testers, ensuring the security and integrity of our tools and data is paramount. One key aspect of this is creating […]
via RedSiege Blog (author: Justin Connors)
Revisiting the UDRL Part 3: Beacon User Data
#cobaltstrike
The UDRL and the Sleepmask are key components of Cobalt Strike’s evasion strategy, yet historically they have not worked well together. For example, prior to CS 4.10, Beacon statically calculated its location in memory using a combination of its base address and its section table. This calculation was then modified depending on the contents of [...]
via Cobalt Strike Blog (author: Robert Bearsby)
#cobaltstrike
The UDRL and the Sleepmask are key components of Cobalt Strike’s evasion strategy, yet historically they have not worked well together. For example, prior to CS 4.10, Beacon statically calculated its location in memory using a combination of its base address and its section table. This calculation was then modified depending on the contents of [...]
via Cobalt Strike Blog (author: Robert Bearsby)
Adventures in Shellcode Obfuscation! Part 12: Jigsaw
#redsiege
by Mike Saunders, Principal Consultant This blog is the twelfth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the […]
via RedSiege Blog (author: Justin Connors)
#redsiege
by Mike Saunders, Principal Consultant This blog is the twelfth in a series of blogs on obfuscation techniques for hiding shellcode. You can find the rest of the […]
via RedSiege Blog (author: Justin Connors)