π OTX AlienVault β Open Threat Exchange platformasi
OTX (Open Threat Exchange) by AlienVault β bu dunyo boβylab kiber tahdidlar haqidagi maβlumotlarni almashish uchun yaratilgan eng yirik open threat intelligence platformalaridan biri.
β‘οΈ Real-time IOC maβlumotlari
π¦ Malware va phishing indikatorlari
π Threat hunting uchun foydali feedβlar
π€ Global cybersecurity community bilan hamkorlik
OTX orqali xavfsizlik mutaxassislari zararli IP, domain, hash va boshqa indikatorlarni kuzatib borishi hamda yangi tahdidlarga tezkor javob qaytarishi mumkin.
Threat Intelligence β bu faqat maβlumot emas, balki himoya strategiyasidir. π‘
#OTX #AlienVault #ThreatIntelligence #CyberSecurity #ThreatHunting #SOC #BlueTeam #InfoSec
OTX (Open Threat Exchange) by AlienVault β bu dunyo boβylab kiber tahdidlar haqidagi maβlumotlarni almashish uchun yaratilgan eng yirik open threat intelligence platformalaridan biri.
β‘οΈ Real-time IOC maβlumotlari
π¦ Malware va phishing indikatorlari
π Threat hunting uchun foydali feedβlar
π€ Global cybersecurity community bilan hamkorlik
OTX orqali xavfsizlik mutaxassislari zararli IP, domain, hash va boshqa indikatorlarni kuzatib borishi hamda yangi tahdidlarga tezkor javob qaytarishi mumkin.
Threat Intelligence β bu faqat maβlumot emas, balki himoya strategiyasidir. π‘
#OTX #AlienVault #ThreatIntelligence #CyberSecurity #ThreatHunting #SOC #BlueTeam #InfoSec
β€1π1
Forwarded from JavaSec
Bugun Active Directory'ning eng eski, eng kuchli, lekin hali ham real muhitlarda uchraydigan zaifligi haqida gaplashamiz... π±
Domain Admin'ni 10 daqiqada, hech qanday parol crack qilmasdan, hech qanday CVE ishlatmasdan olish mumkinligini bilasizmi?
Faqat bitta noto'g'ri belgilangan checkbox kifoya.
Unconstrained Delegation o'zi nima?π€
Kerberos'da delegation β bir service boshqa user nomidan boshqa service'ga ulanishi uchun ruxsat. Misol: IIS server foydalanuvchi nomidan MSSQL'ga so'rov yuboradi.
Lekin Unconstrained β bu eng erkin shakli. Domain admin shunday sozlagan:
Mantiq oddiy ko'rinadi. Lekin asl xavf shu yerda.
Lekin tabiiy savol tug'iladi β Domain Admin nega oddiy serverga ulansin?π
Kutib o'tirmaymiz. SpoolSample degan tool bor β Microsoft'ning Print Spooler service'idagi MS-RPRN protocol'ini abuse qiladi. Bitta komanda:
Bu DC'ga so'rov yuboradi: "Mening serverim'ga ulanib printer holatini tekshirib bersang-chi". DC bu so'rovni bajaradi β SRV01'ga authenticate bo'ladi. Va Unconstrained yoqilgani uchun β o'zining
Rubeus'ni
Domain Controller'ning computer account TGT'si qo'limizda.
Mimikatz'ga ticket'ni import qilamiz:
Natija β
Domain compromised. krbtgt qo'limizda. Forest tugadi. π³οΈ
Eng katta xato β "biz Kerberos ishlatyapmiz, hammasi xavfsiz" deb o'ylash.
Chunki Kerberos'ning o'zi xavfsiz emas β uning sozlamasi xavfsiz qiladi. Bitta
Telegramπ± Linkedin π±
Domain Admin'ni 10 daqiqada, hech qanday parol crack qilmasdan, hech qanday CVE ishlatmasdan olish mumkinligini bilasizmi?
Faqat bitta noto'g'ri belgilangan checkbox kifoya.
Tasavvur qiling. Internal pentest'dasiz. Klassik vektorlar yopiq β Kerberoasting natijasiz, NTLM relay'da SMB signing yoqilgan, ASREP-roasting bo'sh. Bir necha soat urinib ko'rasiz. Keyin enumeration paytida bittagina komanda ishlatasiz:
Get-NetComputer -Unconstrained
Va bitta server chiqadi. Shu lahzadan boshlab β hammasi tugadi.
Unconstrained Delegation o'zi nima?
Kerberos'da delegation β bir service boshqa user nomidan boshqa service'ga ulanishi uchun ruxsat. Misol: IIS server foydalanuvchi nomidan MSSQL'ga so'rov yuboradi.
Lekin Unconstrained β bu eng erkin shakli. Domain admin shunday sozlagan:
"Bu serverga to'liq ishonaman. U istalgan service nomidan istalgan joyga kira oladi."
Mantiq oddiy ko'rinadi. Lekin asl xavf shu yerda.
Foydalanuvchi shu serverga authenticate bo'lganda β KDC uning TGT'sini ham server'ga birga yuboradi. Server bu TGT'ni LSASS xotirasida saqlaydi. Foydalanuvchi keyin "logout" qilsa ham β TGT cache'da qoladi.
Server compromise bo'lsa β o'sha userning butun identity'si siznikida.
Lekin tabiiy savol tug'iladi β Domain Admin nega oddiy serverga ulansin?
Kutib o'tirmaymiz. SpoolSample degan tool bor β Microsoft'ning Print Spooler service'idagi MS-RPRN protocol'ini abuse qiladi. Bitta komanda:
SpoolSample.exe dc01 srv01Bu DC'ga so'rov yuboradi: "Mening serverim'ga ulanib printer holatini tekshirib bersang-chi". DC bu so'rovni bajaradi β SRV01'ga authenticate bo'ladi. Va Unconstrained yoqilgani uchun β o'zining
DC01$ TGT'sini birga yuboradi. β‘οΈPrint Spooler default holatda yoqilgan. Domain Controllers'da ham yoqilgan. 2024-yilning oxiriga kelib ham β hali yoqilgan muhitlar bor.
Rubeus'ni
monitor /interval:5 mode'da ishga tushiramiz. SpoolSample otamiz. Bir necha sekunddan keyin terminalda:[*] Found new TGT: DC01$@CHILD.JAVASEC.LOCALDomain Controller'ning computer account TGT'si qo'limizda.
Bu yerda yangi savol: Computer account'da local admin huquqi yo'q-ku? To'g'ri. Lekin DC computer account'da boshqa narsa bor β
DCSync
huquqi.
Mimikatz'ga ticket'ni import qilamiz:
kerberos::ptt dc01.kirbi
lsadump::dcsync /domain:child.javasec.local /user:Administrator
Natija β
Hash NTLM: e7d6a507...Domain compromised. krbtgt qo'limizda. Forest tugadi. π³οΈ
Eng katta xato β "biz Kerberos ishlatyapmiz, hammasi xavfsiz" deb o'ylash.
Chunki Kerberos'ning o'zi xavfsiz emas β uning sozlamasi xavfsiz qiladi. Bitta
Trust this computer for delegation to any service checkbox'i β va butun forest tugaydi.Telegram
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
β€1
28M Telegram userlari menimcha olishga arziydi albatta OSINT va Threat Intellegence bilan shug'ullanadiganlar uchun bu ajyoib topilma bo'ladi. Holbuki barcha bu yo'nalish bilan shug'ullanadiganlarning o'zlari yig'adigan databasa lari bo'ladi va bu yondashuv ish jarayonida juda ham qo'l keladi.
#OSINT #TH #BreachForum #DataLeak
#OSINT #TH #BreachForum #DataLeak
π2
SecList for CyberStudents
28M Telegram userlari menimcha olishga arziydi albatta OSINT va Threat Intellegence bilan shug'ullanadiganlar uchun bu ajyoib topilma bo'ladi. Holbuki barcha bu yo'nalish bilan shug'ullanadiganlarning o'zlari yig'adigan databasa lari bo'ladi va bu yondashuvβ¦
1.37GB π₯)
π₯16
SecList for CyberStudents
28M Telegram userlari menimcha olishga arziydi albatta OSINT va Threat Intellegence bilan shug'ullanadiganlar uchun bu ajyoib topilma bo'ladi. Holbuki barcha bu yo'nalish bilan shug'ullanadiganlarning o'zlari yig'adigan databasa lari bo'ladi va bu yondashuvβ¦
Hali o'zim analiz qilmadim. Lekin analiz qilganlarning aytishlaricha 3k dan ortiq uz ga taaluqli telefon raqamlar bor ekan π
π9π1
π¨ Critical Uber API Vulnerability | UUIDs Are NOT Security ($2,000 Bounty)
Real-world BOLA vulnerability affecting Uber APIs. In this video I explain how missing object-level authorization allowed access to sensitive restaurant analytics using UUID manipulation + Burp Suite.
π₯ https://youtu.be/LLagPYt-cjc
#cybersecurity #bugbounty #api #owasp
Real-world BOLA vulnerability affecting Uber APIs. In this video I explain how missing object-level authorization allowed access to sensitive restaurant analytics using UUID manipulation + Burp Suite.
π₯ https://youtu.be/LLagPYt-cjc
#cybersecurity #bugbounty #api #owasp
YouTube
Critical Uber API Vulnerability | UUIDs Are NOT Security ($2,000 Bounty) | BOLA Vulnerability PoC
π¨ Critical Uber API Vulnerability β UUIDs Are NOT Security ($2,000 Bounty)
In this video, we perform a deep technical analysis of a real-world Uber API vulnerability involving BOLA (Broken Object Level Authorization) β one of the most critical and commonβ¦
In this video, we perform a deep technical analysis of a real-world Uber API vulnerability involving BOLA (Broken Object Level Authorization) β one of the most critical and commonβ¦
https://t.me/yetimdasturchi/3654 aytganlariday oxiri vazelin bilan tugaydi bu ketishda))
π€£21πΏ12π©4π3π₯2β€1
Source: https://github.com/twintproject/
Twint or use Snscrape For Free
Platforms Supported by snscrape:
Twitter (X)
TikTok
YouTube
Reddit
GitHub
Facebook Pages (limited)
Wikipedia
Instagram (partial support)
Others (if applicable)
#OSINT #Twint #TI #X #CyberSecurity #Snscrape
Twint or use Snscrape For Free
Platforms Supported by snscrape:
Twitter (X)
TikTok
YouTube
GitHub
Facebook Pages (limited)
Wikipedia
Instagram (partial support)
Others (if applicable)
#OSINT #Twint #TI #X #CyberSecurity #Snscrape
β€1π€1
Qilayotgan ishlaringiz umuman yaxshi emas aslida....
Undan ko'ra haqiqiy proof bo'lishga harakat qilinglar! BF da buni elon qilish sizlarga hech nima bermaydi... Subdomainlarga qarasak men ham hech qachon bularga etibor bermagan ekanim oldinlari. Ko'zdan chetda qolgan subdomainlardan SQLi chiqish ehtimoli juda yuqori bo'ladi. To'g'ri BlackHat tajriba orttirish uchun yaxshidir ammo buni jar solish yaxshi emas, shunchalik info ga qiziqsang o'zing uchun olib qoy bo'ldi.... Aytgancha bu qonunga xilof hisoblanadi,,,,
#BF #DataLeak #SomeSubdomains
Undan ko'ra haqiqiy proof bo'lishga harakat qilinglar! BF da buni elon qilish sizlarga hech nima bermaydi... Subdomainlarga qarasak men ham hech qachon bularga etibor bermagan ekanim oldinlari. Ko'zdan chetda qolgan subdomainlardan SQLi chiqish ehtimoli juda yuqori bo'ladi. To'g'ri BlackHat tajriba orttirish uchun yaxshidir ammo buni jar solish yaxshi emas, shunchalik info ga qiziqsang o'zing uchun olib qoy bo'ldi.... Aytgancha bu qonunga xilof hisoblanadi,,,,
#BF #DataLeak #SomeSubdomains
π₯12π5π€£4π―2π1π1πΎ1π1πΎ1
TGPages Atlas (https://tgpages.com/atlas/map/)
An interactive map of Telegram channels that helps you quickly find communities by topic and assess their interests. This is a convenient visual catalog for a basic analysis of the Telegram ecosystem. It's a useful resource for quickly finding similar channels, tracking thematic connections, and understanding audience distribution around a specific topic.
Link to the service (https://tgpages.com/atlas/map/)
#OSINT
An interactive map of Telegram channels that helps you quickly find communities by topic and assess their interests. This is a convenient visual catalog for a basic analysis of the Telegram ecosystem. It's a useful resource for quickly finding similar channels, tracking thematic connections, and understanding audience distribution around a specific topic.
Link to the service (https://tgpages.com/atlas/map/)
#OSINT
β€2
βPwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K
https://securityaffairs.com/192209/security/pwn2own-berlin-2026-day-two-385750-more-microsoft-exchange-falls-and-the-running-total-crosses-900k.html
https://securityaffairs.com/192209/security/pwn2own-berlin-2026-day-two-385750-more-microsoft-exchange-falls-and-the-running-total-crosses-900k.html
Security Affairs
Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K
Day two of Pwn2Own Berlin 2026 saw $385,750 earned for 15 zero-days, bringing the total to $908,750 and 39 vulnerabilities over two days.
π₯3β€1