Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π± 7 #Android Widgets to Supercharge Your Phone or #Tablet
https://undercodenews.com/7-android-widgets-to-supercharge-your-phone-or-tablet/
@Undercode_News
https://undercodenews.com/7-android-widgets-to-supercharge-your-phone-or-tablet/
@Undercode_News
UNDERCODE NEWS
7 Android Widgets to Supercharge Your Phone or Tablet - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#GitHub #Copilot's Free Tier Expands to JetBrains IDEs
https://undercodenews.com/github-copilots-free-tier-expands-to-jetbrains-ides/
@Undercode_News
https://undercodenews.com/github-copilots-free-tier-expands-to-jetbrains-ides/
@Undercode_News
UNDERCODE NEWS
GitHub Copilot's Free Tier Expands to JetBrains IDEs - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from DailyCVE
π΄ SSID Injection Vulnerability in Systeminformation Module (Critical)
https://dailycve.com/ssid-injection-vulnerability-in-systeminformation-module-critical/
@Daily_CVE
https://dailycve.com/ssid-injection-vulnerability-in-systeminformation-module-critical/
@Daily_CVE
DailyCVE
SSID Injection Vulnerability in Systeminformation Module (Critical) - DailyCVE
2024-12-20 : A critical vulnerability exists in the `systeminformation` module, specifically in the `getWindowsIEEE8021x` function. This vulnerability allows attackers to [β¦]
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Lazarus Group's Evolving Tactics: A Deep Dive into Operation DreamJob
https://undercodenews.com/lazarus-groups-evolving-tactics-a-deep-dive-into-operation-dreamjob/
@Undercode_News
https://undercodenews.com/lazarus-groups-evolving-tactics-a-deep-dive-into-operation-dreamjob/
@Undercode_News
UNDERCODE NEWS
Lazarus Group's Evolving Tactics: A Deep Dive into Operation DreamJob - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Getting Fit for Deep Space: International Space Station Gears Up for Longer Missions
https://undercodenews.com/getting-fit-for-deep-space-international-space-station-gears-up-for-longer-missions/
@Undercode_News
https://undercodenews.com/getting-fit-for-deep-space-international-space-station-gears-up-for-longer-missions/
@Undercode_News
UNDERCODE NEWS
Getting Fit for Deep Space: International Space Station Gears Up for Longer Missions - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from DailyCVE
π΄ Oqtane Framework, Incorrect Access Control, #CVE-2024-XXXX (High)
https://dailycve.com/oqtane-framework-incorrect-access-control-cve-2024-xxxx-high/
@Daily_CVE
https://dailycve.com/oqtane-framework-incorrect-access-control-cve-2024-xxxx-high/
@Daily_CVE
DailyCVE
Oqtane Framework, Incorrect Access Control, CVE-2024-XXXX (High) - DailyCVE
2024-12-20 Oqtane Framework version 6.0.0 is susceptible to an Incorrect Access Control vulnerability. This flaw allows attackers to circumvent passcode [β¦]
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#Google's Efficiency Push: A Closer Look
https://undercodenews.com/googles-efficiency-push-a-closer-look/
@Undercode_News
https://undercodenews.com/googles-efficiency-push-a-closer-look/
@Undercode_News
UNDERCODE NEWS
Google's Efficiency Push: A Closer Look - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π Stop Research Rabbit Holes: Shop Smarter with #Amazon's #AI Shopping Guides
https://undercodenews.com/stop-research-rabbit-holes-shop-smarter-with-amazons-ai-shopping-guides/
@Undercode_News
https://undercodenews.com/stop-research-rabbit-holes-shop-smarter-with-amazons-ai-shopping-guides/
@Undercode_News
UNDERCODE NEWS
Stop Research Rabbit Holes: Shop Smarter with Amazon's AI Shopping Guides - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
π¦Hacking Search Queries :
1. Shodan
A search engine for discovering internet-connected devices such as servers, routers, and IoT devices.
2. ExploitDB
A comprehensive database of publicly available exploits and vulnerabilities for security professionals.
3. Censys
Provides real-time data about devices and servers exposed to the internet, assisting with vulnerability assessments.
4. SecurityTrails
Offers in-depth DNS and domain data, useful for gathering intelligence on domains and their infrastructure.
5. ZoomEye
Similar to Shodan, this search engine focuses on finding devices and services exposed to the internet.
6. VirusTotal
A tool that analyzes files and URLs for potential threats using multiple antivirus engines and tools.
7. Maltego
A powerful tool for open-source intelligence (OSINT) gathering, mapping relationships between people, domains, and networks.
8. Google Dorks
A technique that uses advanced search operators to find specific information on websites, often used in penetration testing.
9. GreyNoise
A threat intelligence platform that helps to identify and filter out background noise in network traffic to focus on real threats.
10. Foca
A tool for gathering metadata from documents, websites, and emails to perform digital reconnaissance and OSINT collection.
11. Recon-ng
A full-featured web reconnaissance framework for open-source intelligence gathering, helping to identify and map online targets.
12. OSINT Framework
A structured framework that categorizes various open-source intelligence tools to help with cyber investigations.
13. TheHarvester
A tool for gathering emails, subdomains, hosts, and other information from public sources to assist with penetration testing.
14. ThreatMiner
A tool for gathering threat intelligence data, including information about malware and attacks, from various sources.
15. Spokeo
A tool for aggregating information about individuals, often used in social engineering and OSINT investigations.
16. Whois Lookup
A query tool for obtaining domain registration information, often used to find the owner of a domain or IP address.
17. Robtex
A network intelligence platform that provides DNS, IP address, and ASN lookup information for network reconnaissance.
18. OpenVAS
An open-source vulnerability scanner used for detecting security issues and weaknesses in networks and systems.
19. Nmap
A network scanning tool that helps detect devices, services, and vulnerabilities within a network, frequently used in penetration testing.
20. Netcraft
A tool for gathering web server information, including the hosting provider and the software stack used by websites.
21. Recon.sh
A simple OSINT tool used for gathering information about a domain, including emails, DNS records, and other associated data.
22. Sublist3r
A fast subdomain enumeration tool used to find subdomains associated with a target domain.
23. Wappalyzer
A tool that helps identify technologies used on websites, such as frameworks, web servers, and content management systems (CMS).
24. BuiltWith
Provides detailed information about the technologies used on websites, including advertising networks, analytics tools, and CMS platforms.
25. Pentesterslab
A collection of resources and tools aimed at penetration testers, focusing on offensive security.
26. Burp Suite
A popular tool used by ethical hackers for web application security testing, including scanning for vulnerabilities.
27. Hydra
A powerful password-cracking tool used for brute-force attacks on network services.
28. Mimikatz
A tool for extracting plaintext passwords, Kerberos tickets, and other sensitive information from Windows systems.
29. Cuckoo Sandbox
An automated malware analysis tool that executes suspicious files in a controlled environment to analyze their behavior.
30. ThreatCrowd
A tool for analyzing and investigating malware, IP addresses, and other threat intelligence data.
31. VirusShare
A malware sample sharing platform useful for gathering information on known malicious files and their characteristics.
32. IBM X-Force Exchange
1. Shodan
A search engine for discovering internet-connected devices such as servers, routers, and IoT devices.
2. ExploitDB
A comprehensive database of publicly available exploits and vulnerabilities for security professionals.
3. Censys
Provides real-time data about devices and servers exposed to the internet, assisting with vulnerability assessments.
4. SecurityTrails
Offers in-depth DNS and domain data, useful for gathering intelligence on domains and their infrastructure.
5. ZoomEye
Similar to Shodan, this search engine focuses on finding devices and services exposed to the internet.
6. VirusTotal
A tool that analyzes files and URLs for potential threats using multiple antivirus engines and tools.
7. Maltego
A powerful tool for open-source intelligence (OSINT) gathering, mapping relationships between people, domains, and networks.
8. Google Dorks
A technique that uses advanced search operators to find specific information on websites, often used in penetration testing.
9. GreyNoise
A threat intelligence platform that helps to identify and filter out background noise in network traffic to focus on real threats.
10. Foca
A tool for gathering metadata from documents, websites, and emails to perform digital reconnaissance and OSINT collection.
11. Recon-ng
A full-featured web reconnaissance framework for open-source intelligence gathering, helping to identify and map online targets.
12. OSINT Framework
A structured framework that categorizes various open-source intelligence tools to help with cyber investigations.
13. TheHarvester
A tool for gathering emails, subdomains, hosts, and other information from public sources to assist with penetration testing.
14. ThreatMiner
A tool for gathering threat intelligence data, including information about malware and attacks, from various sources.
15. Spokeo
A tool for aggregating information about individuals, often used in social engineering and OSINT investigations.
16. Whois Lookup
A query tool for obtaining domain registration information, often used to find the owner of a domain or IP address.
17. Robtex
A network intelligence platform that provides DNS, IP address, and ASN lookup information for network reconnaissance.
18. OpenVAS
An open-source vulnerability scanner used for detecting security issues and weaknesses in networks and systems.
19. Nmap
A network scanning tool that helps detect devices, services, and vulnerabilities within a network, frequently used in penetration testing.
20. Netcraft
A tool for gathering web server information, including the hosting provider and the software stack used by websites.
21. Recon.sh
A simple OSINT tool used for gathering information about a domain, including emails, DNS records, and other associated data.
22. Sublist3r
A fast subdomain enumeration tool used to find subdomains associated with a target domain.
23. Wappalyzer
A tool that helps identify technologies used on websites, such as frameworks, web servers, and content management systems (CMS).
24. BuiltWith
Provides detailed information about the technologies used on websites, including advertising networks, analytics tools, and CMS platforms.
25. Pentesterslab
A collection of resources and tools aimed at penetration testers, focusing on offensive security.
26. Burp Suite
A popular tool used by ethical hackers for web application security testing, including scanning for vulnerabilities.
27. Hydra
A powerful password-cracking tool used for brute-force attacks on network services.
28. Mimikatz
A tool for extracting plaintext passwords, Kerberos tickets, and other sensitive information from Windows systems.
29. Cuckoo Sandbox
An automated malware analysis tool that executes suspicious files in a controlled environment to analyze their behavior.
30. ThreatCrowd
A tool for analyzing and investigating malware, IP addresses, and other threat intelligence data.
31. VirusShare
A malware sample sharing platform useful for gathering information on known malicious files and their characteristics.
32. IBM X-Force Exchange
A threat intelligence sharing platform where cybersecurity professionals can access and share information about threats and vulnerabilities.
33. AlienVault OTX
An open threat intelligence platform that provides a community-driven collection of actionable cybersecurity data.
34. Honeyd
A honeypot tool for simulating different types of computer systems and services to capture network-based attacks.
35. LogRhythm
A security information and event management (SIEM) tool used for monitoring and analyzing log data for suspicious activity.
36. Snort
A widely-used open-source intrusion detection system (IDS) that analyzes network traffic for malicious activity.
37. Suricata
A high-performance IDS/IPS (Intrusion Prevention System) and network security monitoring tool used to detect and block threats in real-time.
38. ZAP (OWASP Zed Attack Proxy)
A popular open-source security testing tool used to find vulnerabilities in web applications through penetration testing.
39. Social-Engineer Toolkit (SET)
A framework for automating social engineering attacks such as phishing, credential harvesting, and exploitation.
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
33. AlienVault OTX
An open threat intelligence platform that provides a community-driven collection of actionable cybersecurity data.
34. Honeyd
A honeypot tool for simulating different types of computer systems and services to capture network-based attacks.
35. LogRhythm
A security information and event management (SIEM) tool used for monitoring and analyzing log data for suspicious activity.
36. Snort
A widely-used open-source intrusion detection system (IDS) that analyzes network traffic for malicious activity.
37. Suricata
A high-performance IDS/IPS (Intrusion Prevention System) and network security monitoring tool used to detect and block threats in real-time.
38. ZAP (OWASP Zed Attack Proxy)
A popular open-source security testing tool used to find vulnerabilities in web applications through penetration testing.
39. Social-Engineer Toolkit (SET)
A framework for automating social engineering attacks such as phishing, credential harvesting, and exploitation.
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Everest #Ransomware Hits Izmocars
https://undercodenews.com/everest-ransomware-hits-izmocars/
@Undercode_News
https://undercodenews.com/everest-ransomware-hits-izmocars/
@Undercode_News
UNDERCODE NEWS
Everest Ransomware Hits Izmocars - UNDERCODE NEWS
2024-12-20
Forwarded from UNDERCODE TESTING
52075.py
6.6 KB
π¦Windows TCP/IP - RCE Checker and Denial of Service
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Everest #Ransomware Targets Genie Healthcare
https://undercodenews.com/everest-ransomware-targets-genie-healthcare/
@Undercode_News
https://undercodenews.com/everest-ransomware-targets-genie-healthcare/
@Undercode_News
UNDERCODE NEWS
Everest Ransomware Targets Genie Healthcare - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
UNDERCODE COMMUNITY
Free
π¦SOC Automation Matrix: Capabilities and Gaps!
A structured framework to evaluate and optimize SOC automation potential to pinpoint critical areas for automation, implement targeted strategies, and significantly enhance threat response capabilities.
The matrix is organized into categories containing various automation capabilities. Each capability includes:
β’ Description: A brief overview of the capability.
β’ Techniques: Technology-agnostic ideas for implementation.
β’ Examples: Relevant workflow templates.
β’ References: Additional research contributing to capability.
This tool offers a platform-agnostic approach and delivers an independent reference point for us to assess what security automation can achieve and plan the next steps.
Source: https://tinesio.notion.site/4fd14ccf93e7408c8faf96c5aca8c3fd?v=ec12309e0f42446e83c08565c5dc52b2
The SOC Automation Capability Matrix connects threat hunting with data analysis by automating how security data is collected, processed, and enriched.
Ref: Dr. Meisam Eslahi
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
A structured framework to evaluate and optimize SOC automation potential to pinpoint critical areas for automation, implement targeted strategies, and significantly enhance threat response capabilities.
The matrix is organized into categories containing various automation capabilities. Each capability includes:
β’ Description: A brief overview of the capability.
β’ Techniques: Technology-agnostic ideas for implementation.
β’ Examples: Relevant workflow templates.
β’ References: Additional research contributing to capability.
This tool offers a platform-agnostic approach and delivers an independent reference point for us to assess what security automation can achieve and plan the next steps.
Source: https://tinesio.notion.site/4fd14ccf93e7408c8faf96c5aca8c3fd?v=ec12309e0f42446e83c08565c5dc52b2
The SOC Automation Capability Matrix connects threat hunting with data analysis by automating how security data is collected, processed, and enriched.
Ref: Dr. Meisam Eslahi
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Tines_io on Notion
SOC Automation Capability Matrix | Notion
The Automation Capability Matrix describes common activities which most security operations centers can automate
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β‘οΈ #Microsoft Edge's Persistent Push: New Pop-Ups on the Horizon
https://undercodenews.com/microsoft-edges-persistent-push-new-pop-ups-on-the-horizon/
@Undercode_News
https://undercodenews.com/microsoft-edges-persistent-push-new-pop-ups-on-the-horizon/
@Undercode_News
UNDERCODE NEWS
Microsoft Edge's Persistent Push: New Pop-Ups on the Horizon - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π¨ How to Protect Your Environment from the NTLM Vulnerability
https://undercodenews.com/how-to-protect-your-environment-from-the-ntlm-vulnerability/
@Undercode_News
https://undercodenews.com/how-to-protect-your-environment-from-the-ntlm-vulnerability/
@Undercode_News
UNDERCODE NEWS
How to Protect Your Environment from the NTLM Vulnerability - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦