#tools
#Malware_analysis
SEMA - ToolChain using Symbolic Execution for Malware Analysis
https://github.com/csvl/SEMA-ToolChain
#Malware_analysis
SEMA - ToolChain using Symbolic Execution for Malware Analysis
https://github.com/csvl/SEMA-ToolChain
#tools
#Malware_analysis
#Blue_Team_Techniques
Automating Malware Analysis Operations (MAOps)
https://blogs.jpcert.or.jp/en/2023/01/cloud_malware_analysis.html
]-> Malware C2 Monitoring:
https://github.com/JPCERTCC/Lucky-Visitor-Scam-IoC
]-> Malware Hunting using Cloud:
https://github.com/JPCERTCC/CobaltStrike-Config
]-> YARA CI/CD system:
https://github.com/JPCERTCC/HUILoader-research
]-> Surface Analysis System on Cloud:
https://github.com/JPCERTCC/SurfaceAnalysis-on-Cloud
]-> Memory Forensic on Cloud:
https://github.com/JPCERTCC/MemoryForensic-on-Cloud
#Malware_analysis
#Blue_Team_Techniques
Automating Malware Analysis Operations (MAOps)
https://blogs.jpcert.or.jp/en/2023/01/cloud_malware_analysis.html
]-> Malware C2 Monitoring:
https://github.com/JPCERTCC/Lucky-Visitor-Scam-IoC
]-> Malware Hunting using Cloud:
https://github.com/JPCERTCC/CobaltStrike-Config
]-> YARA CI/CD system:
https://github.com/JPCERTCC/HUILoader-research
]-> Surface Analysis System on Cloud:
https://github.com/JPCERTCC/SurfaceAnalysis-on-Cloud
]-> Memory Forensic on Cloud:
https://github.com/JPCERTCC/MemoryForensic-on-Cloud
JPCERT/CC Eyes
Automating Malware Analysis Operations (MAOps) - JPCERT/CC Eyes
I believe that automating analysis is a challenge that all malware analysts are working on for more efficient daily incident investigations. Cloud-based technologies (CI/CD, serverless, IaC, etc.) are great solutions that can automate MAOps efficiently. In…
#tools
#Blue_Team_Techniques
1. Detecting Fake Events in Azure Sign-in Logs
https://www.inversecos.com/2023/01/detecting-fake-events-in-azure-sign-in.html
2. Crassus - Windows privilege escalation discovery tool
https://github.com/vullabs/Crassus
#Blue_Team_Techniques
1. Detecting Fake Events in Azure Sign-in Logs
https://www.inversecos.com/2023/01/detecting-fake-events-in-azure-sign-in.html
2. Crassus - Windows privilege escalation discovery tool
https://github.com/vullabs/Crassus
Inversecos
Detecting Fake Events in Azure Sign-in Logs
#tools
#Red_Team_Tactics
1. Forensia - Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase
https://github.com/PaulNorman01/Forensia
2. VirusTotalC2 - Abusing VirusTotal API to host C2 traffic
https://github.com/D1rkMtr/VirusTotalC2
#Red_Team_Tactics
1. Forensia - Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase
https://github.com/PaulNorman01/Forensia
2. VirusTotalC2 - Abusing VirusTotal API to host C2 traffic
https://github.com/D1rkMtr/VirusTotalC2
GitHub
GitHub - PaulNorman01/Forensia: Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase. - PaulNorman01/Forensia
#tools
#Threat_Research
1. Detection of Lateral Movement with the Sliver C2 Framework
https://blogs.vmware.com/security/2023/01/detection-of-lateral-movement-with-the-sliver-c2-framework.html
]-> https://github.com/vmware-samples/tau-research
2. Java code inspector for web vulnerability scan
https://github.com/4ra1n/code-inspector
3. Survey of security mitigations and architectures, December 2022
https://saaramar.github.io/memory_safety_blogpost_2022
#Threat_Research
1. Detection of Lateral Movement with the Sliver C2 Framework
https://blogs.vmware.com/security/2023/01/detection-of-lateral-movement-with-the-sliver-c2-framework.html
]-> https://github.com/vmware-samples/tau-research
2. Java code inspector for web vulnerability scan
https://github.com/4ra1n/code-inspector
3. Survey of security mitigations and architectures, December 2022
https://saaramar.github.io/memory_safety_blogpost_2022
VMware Security Blog
Detection of Lateral Movement with the Sliver C2 Framework
Here's how an attacker may use Sliver to generate an implant, control it, and move laterally within a corporate network, and what network traffic this activity may generate.
Forwarded from Deadly malware xp
#tools
#Blue_Team_Techniques
1. MIMEDefang - e-mail filtering tool that works with the Sendmail "Milter" library
https://github.com/The-McGrail-Foundation/MIMEDefang
2. Automated Penetration Testing Reporting System
https://github.com/Anof-cyber/APTRS
#Blue_Team_Techniques
1. MIMEDefang - e-mail filtering tool that works with the Sendmail "Milter" library
https://github.com/The-McGrail-Foundation/MIMEDefang
2. Automated Penetration Testing Reporting System
https://github.com/Anof-cyber/APTRS
GitHub
GitHub - The-McGrail-Foundation/MIMEDefang: MIMEDefang is an e-mail filtering tool that works with the Sendmail “Milter” library.…
MIMEDefang is an e-mail filtering tool that works with the Sendmail “Milter” library. MIMEDefang lets you express your filtering policies in Perl rather than C, making it quick and easy to filter ...
#tools
#Cloud_Security
Gold Digger - tool used to help quickly discover sensitive information in files recursively
https://github.com/ustayready/golddigger
#Cloud_Security
Gold Digger - tool used to help quickly discover sensitive information in files recursively
https://github.com/ustayready/golddigger
#tools
#Cloud_Security
1. Kubernetes exploitation tool
https://github.com/Rolix44/Kubestroyer
2. Azure Attack Paths Management
https://sofblocks.github.io/azure-attack-paths
#Cloud_Security
1. Kubernetes exploitation tool
https://github.com/Rolix44/Kubestroyer
2. Azure Attack Paths Management
https://sofblocks.github.io/azure-attack-paths
#tools
#Blue_Team_Techniques
Patches for Waterfall to improve overall performance, fix memory issues and protect against attacks
https://github.com/2lstudios-mc/FlameCord
#Blue_Team_Techniques
Patches for Waterfall to improve overall performance, fix memory issues and protect against attacks
https://github.com/2lstudios-mc/FlameCord
#tools
Utility to find hidden Linux kernel modules
https://github.com/jafarlihi/modreveal
]-> LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64):
https://github.com/m0nad/Diamorphine
Utility to find hidden Linux kernel modules
https://github.com/jafarlihi/modreveal
]-> LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64):
https://github.com/m0nad/Diamorphine