■■□□□ Tool: Certificate Ripper 🔐
A CLI tool to extract server certificates.
https://github.com/Hakky54/certificate-ripper
A CLI tool to extract server certificates.
https://github.com/Hakky54/certificate-ripper
GitHub
GitHub - Hakky54/certificate-ripper: 🔐 A CLI tool to extract server certificates
🔐 A CLI tool to extract server certificates. Contribute to Hakky54/certificate-ripper development by creating an account on GitHub.
Report171-FindingYou-Oct-26.pdf
6.9 MB
■■■■□ Citizen-Lab report.
Finding You
The Network Effect of
Telecommunications Vulnerabilities
for Location Disclosure
Finding You
The Network Effect of
Telecommunications Vulnerabilities
for Location Disclosure
By Gary Miller and Christopher Parsons.■■□□□ Israel-Palestine Cyber-War update: Disinformation campaign by Israeli netizens.
Telegram group created to delete any fact started against Israel by reputed individuals and those who share is being reported to social media accounts as hate and thereby deleted.
●This complacency by social media organisations is apparently due to Israeli who are at higher levels in the organisation.
Screenshot shared as success rate of deletion by the admins if this group through the employees at higher positions.
Twitter and YouTube seem to be immune to these disinformation tactics.
"5.11 report, weekend at the policy teams.
We have compiled the user rating in the group, we will soon issue beautiful update reports including individual performance reports.
Thanks everyone for a great job! 🇮🇱"
Telegram group created to delete any fact started against Israel by reputed individuals and those who share is being reported to social media accounts as hate and thereby deleted.
●This complacency by social media organisations is apparently due to Israeli who are at higher levels in the organisation.
Screenshot shared as success rate of deletion by the admins if this group through the employees at higher positions.
Twitter and YouTube seem to be immune to these disinformation tactics.
We have compiled the user rating in the group, we will soon issue beautiful update reports including individual performance reports.
Thanks everyone for a great job! 🇮🇱"
cKure
■■□□□ Israel-Palestine Cyber-War update: Disinformation campaign by Israeli netizens. Telegram group created to delete any fact started against Israel by reputed individuals and those who share is being reported to social media accounts as hate and thereby…
■■□□□ As previously shared here: https://t.me/cKure/13014
The disinformation campaign results are corroborated by Aljazeera: https://www.aljazeera.com/features/2023/10/24/shadowbanning-are-social-media-giants-censoring-pro-palestine-voices
The social media agencies are not only infiltrated by the pro Israel lobby who delete posts just because they are critical of Israel (or critique them) and not necessary against the community guidelines but by the state entities forcing them as well. The repercussions and statements from the social media giants are posted here: https://www.isoc.org.il/regulating-digital-services/israel/platform-policies-iron-swords
The disinformation campaign results are corroborated by Aljazeera: https://www.aljazeera.com/features/2023/10/24/shadowbanning-are-social-media-giants-censoring-pro-palestine-voices
The social media agencies are not only infiltrated by the pro Israel lobby who delete posts just because they are critical of Israel (or critique them) and not necessary against the community guidelines but by the state entities forcing them as well. The repercussions and statements from the social media giants are posted here: https://www.isoc.org.il/regulating-digital-services/israel/platform-policies-iron-swords
■■■■■ iObfuscate: Unraveling iOS Obfuscation Techniques
During this talk, I examine multiple examples of #Reverse Engineering #iOS obfuscation techniques. Obfuscation strives to hide the underlying functionality of applications. This is particularly important in iOS applications that include a plethora of additional symbol data susceptible to reversing. I also release my new repository iOS Reverse Engineering repository.
https://github.com/LaurieWired/ObjectiveByTheSea2023
During this talk, I examine multiple examples of #Reverse Engineering #iOS obfuscation techniques. Obfuscation strives to hide the underlying functionality of applications. This is particularly important in iOS applications that include a plethora of additional symbol data susceptible to reversing. I also release my new repository iOS Reverse Engineering repository.
https://github.com/LaurieWired/ObjectiveByTheSea2023
GitHub
GitHub - LaurieWired/ObjectiveByTheSea2023: This contains notes and slides for my Objective by the Sea talk
This contains notes and slides for my Objective by the Sea talk - LaurieWired/ObjectiveByTheSea2023
■■■■□ webcopilot: enumerate subdomains of the target and detect vulnerabilities.
https://github.com/h4r5h1t/webcopilot
https://securityonline.info/webcopilot-enumerate-subdomains-of-the-target-and-detect-vulnerabilities/#google_vignette
https://github.com/h4r5h1t/webcopilot
https://securityonline.info/webcopilot-enumerate-subdomains-of-the-target-and-detect-vulnerabilities/#google_vignette
GitHub
GitHub - h4r5h1t/webcopilot: An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf…
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities. - h4r5h1t/webcopilot
■■■■■ DFIR Toolkit v0.9 releases: CLI tools for forensic investigation of Windows artifacts.
https://securityonline.info/dfir-toolkit-cli-tools-for-forensic-investigation-of-windows-artifacts/
https://securityonline.info/dfir-toolkit-cli-tools-for-forensic-investigation-of-windows-artifacts/
■■■■■ Octopii: A Personally Identifiable Information (PII) scanner that uses Optical Character Recognition (OCR), regular expression lists and Natural Language Processing (NLP) to search public-facing locations for Government ID, addresses, emails etc in images, PDFs and documents.
https://github.com/redhuntlabs/Octopii
https://github.com/redhuntlabs/Octopii
GitHub
GitHub - redhuntlabs/Octopii: An AI-powered Personal Identifiable Information (PII) scanner.
An AI-powered Personal Identifiable Information (PII) scanner. - redhuntlabs/Octopii
■■□□□ PrivFu: Kernel mode WinDbg extension and PoCs for token privilege investigation.
https://github.com/daem0nc0re/PrivFu
https://github.com/daem0nc0re/PrivFu
GitHub
GitHub - daem0nc0re/PrivFu: Kernel mode WinDbg extension and PoCs for token privilege investigation.
Kernel mode WinDbg extension and PoCs for token privilege investigation. - daem0nc0re/PrivFu
■■■□□ CVE-2022-0847 eBPF: An eBPF program to detect and defense attacks on CVE-2022-0847 (DirtyPipe).
https://github.com/h4ckm310n/CVE-2022-0847-eBPF
https://github.com/h4ckm310n/CVE-2022-0847-eBPF
GitHub
GitHub - h4ckm310n/CVE-2022-0847-eBPF: An eBPF program to detect attacks on CVE-2022-0847
An eBPF program to detect attacks on CVE-2022-0847 - h4ckm310n/CVE-2022-0847-eBPF
■■□□□ LdrLibraryEx: A small x64 library to load dll's into memory.
https://github.com/Cracked5pider/LdrLibraryEx
https://github.com/Cracked5pider/LdrLibraryEx
GitHub
GitHub - Cracked5pider/LdrLibraryEx: A small x64 library to load dll's into memory.
A small x64 library to load dll's into memory. Contribute to Cracked5pider/LdrLibraryEx development by creating an account on GitHub.
Forwarded from cKure Red
GCR - Google Calendar RAT
Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, This tool has been developed for those circumstances where it is difficult to create an entire red teaming infrastructure. To use GRC, only a Gmail account is required. The script creates a 'Covert Channel' by exploiting the event descriptions in Google Calendar. The target will connect directly to Google." It could be considered as a layer 7 application Covert Channel (but some friends would say it cannot be :) very thanks to my mates "Tortellini" https://aptw.tf)
https://github.com/MrSaighnal/GCR-Google-Calendar-RAT
Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, This tool has been developed for those circumstances where it is difficult to create an entire red teaming infrastructure. To use GRC, only a Gmail account is required. The script creates a 'Covert Channel' by exploiting the event descriptions in Google Calendar. The target will connect directly to Google." It could be considered as a layer 7 application Covert Channel (but some friends would say it cannot be :) very thanks to my mates "Tortellini" https://aptw.tf)
https://github.com/MrSaighnal/GCR-Google-Calendar-RAT
cKure Red
GCR - Google Calendar RAT Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, This tool has been developed for those circumstances where it is difficult to create an entire red teaming infrastructure. To use GRC, only a Gmail…
■■■□□ Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel.
https://thehackernews.com/2023/11/google-warns-of-hackers-absing-calendar.html
https://thehackernews.com/2023/11/google-warns-of-hackers-absing-calendar.html
■□□□□ CVE-2023-30190 (Folina) demo on windows office.
https://www.facebook.com/share/r/1sTsufbUiqV8Arvc/
https://www.facebook.com/share/r/1sTsufbUiqV8Arvc/
Facebook
Log in or sign up to view
See posts, photos and more on Facebook.
■□□□□ Cyber-Attack on Qatari Ecommerce Government by a group calling themselves 'Indian Cyber Force'. It was a DoS attack.
Target - https://ecommerce.gov.qa/
Check Host - https://check-host.net/check-report/130d6715kb0d
Duration: 2 hours (as per the group).
Target - https://ecommerce.gov.qa/
Check Host - https://check-host.net/check-report/130d6715kb0d
Duration: 2 hours (as per the group).
■■■■□ CVE-2023-22518: Improper Authorization Vulnerability in Confluence Data Center and Server.
A critical vulnerability in Atlassian Confluence Data Center and Server. The vulnerability could potentially allow unauthenticated attackers with network access to the Confluence Instance to restore the database of the Confluence instance and eventually execute arbitrary system commands.
https://github.com/ForceFledgling/CVE-2023-22518
A critical vulnerability in Atlassian Confluence Data Center and Server. The vulnerability could potentially allow unauthenticated attackers with network access to the Confluence Instance to restore the database of the Confluence instance and eventually execute arbitrary system commands.
https://github.com/ForceFledgling/CVE-2023-22518
GitHub
GitHub - ForceFledgling/CVE-2023-22518: Improper Authorization Vulnerability in Confluence Data Center and Server
Improper Authorization Vulnerability in Confluence Data Center and Server - ForceFledgling/CVE-2023-22518
■■■■□ Remote Code Execution in Tutanota Desktop due to Code Flaw.
https://www.sonarsource.com/blog/remote-code-execution-in-tutanota-desktop-due-to-code-flaw/
https://www.sonarsource.com/blog/remote-code-execution-in-tutanota-desktop-due-to-code-flaw/
Sonarsource
Remote Code Execution in Tutanota Desktop due to Code Flaw
Our Research team discovered critical code vulnerabilities in Proton Mail, Skiff, and Tutanota. This post covers an XSS vulnerability in Tutanota Desktop and how it can be prevented.
■■■■■ DuckDuckC2: A proof-of-concept C2 channel through DuckDuckGo's image proxy service. The provided example can be extended multiple ways to achieve different deployments.
https://github.com/nopcorn/DuckDuckC2
https://nopcorn.github.io/2023/09/25/duckduckgo-as-c2
https://github.com/nopcorn/DuckDuckC2
https://nopcorn.github.io/2023/09/25/duckduckgo-as-c2
GitHub
GitHub - nopcorn/DuckDuckC2: A proof-of-concept C2 channel through DuckDuckGo's image proxy service
A proof-of-concept C2 channel through DuckDuckGo's image proxy service - nopcorn/DuckDuckC2