#WebApp_Security
1. Backdoor .NET applications via startup hooks
https://rastamouse.me/net-startup-hooks
2. Teler-waf - Go HTTP middleware that provide teler IDS functionality to protect against web-based attacks and improve the security web applications
https://github.com/kitabisa/teler-waf
1. Backdoor .NET applications via startup hooks
https://rastamouse.me/net-startup-hooks
2. Teler-waf - Go HTTP middleware that provide teler IDS functionality to protect against web-based attacks and improve the security web applications
https://github.com/kitabisa/teler-waf
GitHub
GitHub - teler-sh/teler-waf: teler-waf is a Go HTTP middleware that protects local web services from OWASP Top 10 threats, known…
teler-waf is a Go HTTP middleware that protects local web services from OWASP Top 10 threats, known vulnerabilities, malicious actors, botnets, unwanted crawlers, and brute force attacks. - teler-s...
#Malware_analysis
1. The Mac Malware of 2022
https://objective-see.org/blog/blog_0x71.html
2. New version of Raspberry Robin
https://www.securityjoes.com/post/raspberry-robin-detected-itw-targeting-insurance-financial-institutes-in-europe
1. The Mac Malware of 2022
https://objective-see.org/blog/blog_0x71.html
2. New version of Raspberry Robin
https://www.securityjoes.com/post/raspberry-robin-detected-itw-targeting-insurance-financial-institutes-in-europe
Objective-See
The Mac Malware of 2022 👾
A comprehensive analysis of the year's new malware
#exploit
#reversing
1. Vulnerability in Synology NAS
https://paper.seebug.org/2038
2. Reverse Engineering and Exploiting an IoT TotoLink N100RE bug
https://faradaysec.com/faraday-ctf-2022-write-up-reverse-engineering-and-exploiting-an-iot-bug
3. ESI Injection PoCs
https://infosecwriteups.com/exploring-the-world-of-esi-injection-b86234e66f91
#reversing
1. Vulnerability in Synology NAS
https://paper.seebug.org/2038
2. Reverse Engineering and Exploiting an IoT TotoLink N100RE bug
https://faradaysec.com/faraday-ctf-2022-write-up-reverse-engineering-and-exploiting-an-iot-bug
3. ESI Injection PoCs
https://infosecwriteups.com/exploring-the-world-of-esi-injection-b86234e66f91
Faraday
Reverse Engineering and Exploiting an IoT bug - Faraday
In most of the write-ups of CTF, reverse engineering concepts are taken for granted. This is a problem for newcomers that are unfamiliar with some basic concepts or don’t have prior experience in this field. However, this will be different. In this video…
#Sec_code_review
OWASP Mobile Application Security Testing Guide (MASTG)
https://github.com/OWASP/owasp-mastg
OWASP Mobile Application Security Testing Guide (MASTG)
https://github.com/OWASP/owasp-mastg
GitHub
GitHub - OWASP/mastg: The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security…
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA...
#tools
#Malware_analysis
VBScript & VBA source-to-source deobfuscator with partial-evaluation
https://github.com/airbus-cert/vbSparkle
#Malware_analysis
VBScript & VBA source-to-source deobfuscator with partial-evaluation
https://github.com/airbus-cert/vbSparkle
GitHub
GitHub - airbus-cert/vbSparkle: VBScript & VBA source-to-source deobfuscator with partial-evaluation
VBScript & VBA source-to-source deobfuscator with partial-evaluation - airbus-cert/vbSparkle
#Offensive_security
1. Google Hacking Database (GHDB)
https://github.com/readloud/Google-Hacking-Database-GHDB
2. NTP Fingerprinting
https://isc.sans.edu/diary/Its+about+time+OS+Fingerprinting+using+NTP/29394
3. Powershell scripts for post exploitation
https://github.com/ItsCyberAli/PowerMeUp
1. Google Hacking Database (GHDB)
https://github.com/readloud/Google-Hacking-Database-GHDB
2. NTP Fingerprinting
https://isc.sans.edu/diary/Its+about+time+OS+Fingerprinting+using+NTP/29394
3. Powershell scripts for post exploitation
https://github.com/ItsCyberAli/PowerMeUp
GitHub
GitHub - readloud/Google-Hacking-Database: The GHDB is an index of search queries (we call them dorks) used to find publicly available…
The GHDB is an index of search queries (we call them dorks) used to find publicly available information, intended for pentesters and security researchers. - readloud/Google-Hacking-Database
EarSpy.pdf
3.7 MB
#Research
"EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers", 2022.
"EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers", 2022.
#tools
#Blue_Team_Techniques
1. DeTT&CT: Automate your detection coverage with dettectinator
https://blog.nviso.eu/2023/01/04/dettct-automate-your-detection-coverage-with-dettectinator
]-> Python library to DeTT&CT YAML files:
https://github.com/siriussecurity/dettectinator
2. Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data
https://github.com/montysecurity/InfraHunter
#Blue_Team_Techniques
1. DeTT&CT: Automate your detection coverage with dettectinator
https://blog.nviso.eu/2023/01/04/dettct-automate-your-detection-coverage-with-dettectinator
]-> Python library to DeTT&CT YAML files:
https://github.com/siriussecurity/dettectinator
2. Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data
https://github.com/montysecurity/InfraHunter
NVISO Labs
DeTT&CT: Automate your detection coverage with dettectinator
Introduction Last year, I published an article on mapping detection to the MITRE ATT&CK framework using DeTT&CT. In the article, we introduced DeTT&CT and explored its features and usag…
#Malware_analysis
1. Unpacking RedLine Stealer
https://dr4k0nia.github.io/posts/Unpacking-RedLine-Stealer
2. String Obfuscation The Malware Way
https://dr4k0nia.github.io/posts/String-Obfuscation-The-Malware-Way
1. Unpacking RedLine Stealer
https://dr4k0nia.github.io/posts/Unpacking-RedLine-Stealer
2. String Obfuscation The Malware Way
https://dr4k0nia.github.io/posts/String-Obfuscation-The-Malware-Way
dr4k0nia
Unpacking RedLine Stealer
In this post, we are going to take a look at Redline Stealer, a well-known .NET based credential stealer. I will focus on unpacking the managed payload and extracting it’s config, for a more detailed analysis of the payload you can check out this post by…
NASim.pdf
1.7 MB
#Threat_Research
#Red_Team_Tactics
"Autonomous Penetration Testing using Reinforcement Learning"
]-> Network Attack Simulator: https://github.com/Jjschwartz/NetworkAttackSimulator
#Red_Team_Tactics
"Autonomous Penetration Testing using Reinforcement Learning"
]-> Network Attack Simulator: https://github.com/Jjschwartz/NetworkAttackSimulator
#exploit
1. CVE-2022-46164:
NodeBB Account Takeover Flaw
https://github.com/stephenbradshaw/CVE-2022-46164-poc
2. CVE-2022-23087:
"Escaping from bhyve"
https://www.synacktiv.com/publications/escaping-from-bhyve.html
https://github.com/synacktiv/bhyve
1. CVE-2022-46164:
NodeBB Account Takeover Flaw
https://github.com/stephenbradshaw/CVE-2022-46164-poc
2. CVE-2022-23087:
"Escaping from bhyve"
https://www.synacktiv.com/publications/escaping-from-bhyve.html
https://github.com/synacktiv/bhyve
GitHub
GitHub - stephenbradshaw/CVE-2022-46164-poc: Basic POC exploit for CVE-2022-46164
Basic POC exploit for CVE-2022-46164. Contribute to stephenbradshaw/CVE-2022-46164-poc development by creating an account on GitHub.
#DFIR
New Windows 11 Pro (22H2) Evidence of Execution Artifact
https://aboutdfir.com/new-windows-11-pro-22h2-evidence-of-execution-artifact
New Windows 11 Pro (22H2) Evidence of Execution Artifact
https://aboutdfir.com/new-windows-11-pro-22h2-evidence-of-execution-artifact
AboutDFIR - The Definitive Compendium Project
New Windows 11 Pro (22H2) Evidence of Execution Artifact! - AboutDFIR - The Definitive Compendium Project
By: Andrew Rathbun and Lucas Gonzalez Background In the last week of December 2022, on the Digital Forensics Discord Server, some discussion was brought up by a member in the #computer-forensics channel asking if anyone knew a Windows 11 folder path of interest…
👍1
Zero_Click_Attacks.pdf
1.2 MB
#Research
"Experience Report on the Challenges and Opportunities in Securing Smartphones Against Zero-Click Attacks", 2022.
"Experience Report on the Challenges and Opportunities in Securing Smartphones Against Zero-Click Attacks", 2022.
Open_CyKG.pdf
1.5 MB
#Research
#Threat_Research
"Open-CyKG: An Open Cyber Threat Intelligence Knowledge Graph", 2021.
]-> https://github.com/IS5882/Open-CyKG
#Threat_Research
"Open-CyKG: An Open Cyber Threat Intelligence Knowledge Graph", 2021.
]-> https://github.com/IS5882/Open-CyKG
API_Security_Best_Practices.pdf
2.4 MB
#Whitepaper
API Security Best Practices Guide: Comprehensive list of security best practices to secure your APIs throughout their lifecycle + API Security Checklist
]-> APIKit: Discovery, Scan and Audit APIs Toolkit: https://github.com/API-Security/APIKit
API Security Best Practices Guide: Comprehensive list of security best practices to secure your APIs throughout their lifecycle + API Security Checklist
]-> APIKit: Discovery, Scan and Audit APIs Toolkit: https://github.com/API-Security/APIKit
Security_Strategies_Linux.epub
32.1 MB
#Tech_book
"Security Strategies in Linux Platforms and Applications. Third Edition", 2022.
"Security Strategies in Linux Platforms and Applications. Third Edition", 2022.
👍1
rsa_2048.pdf
6.2 MB
#Research
#cryptography
"Factoring integers with sublinear resources on a superconducting quantum processor", Dec. 2022.
#cryptography
"Factoring integers with sublinear resources on a superconducting quantum processor", Dec. 2022.
iOS_macOS_Kernel_Trenches.pdf
2.2 MB
#Offensive_security
"More Tales from the iOS/macOS Kernel Trenches (Kernel: CVE-2022-22640, IOGPU (Kernel Driver): CVE-2022-32821)"
"More Tales from the iOS/macOS Kernel Trenches (Kernel: CVE-2022-22640, IOGPU (Kernel Driver): CVE-2022-32821)"
🔹 Usefull Websites 🔹
1. Digital Library - Archive.org
2. Online Courses - w3schools.com
3. Screenshot Taker (Permanent) - Archive.is
4. Learn Languages - Duolingo.com
5. Screenshot Taker (HD) - Screenshot.guru
6. Bypass Login (Websites) - Bugmenot.com
7. Graphic Softwares - Vectr.com
8. Cracked Softwares - CrackingPatching.com
9. File Sharing (2GB) - wetransfer.com
10. Autodraw (A.I) - Autodraw.com
1. Digital Library - Archive.org
2. Online Courses - w3schools.com
3. Screenshot Taker (Permanent) - Archive.is
4. Learn Languages - Duolingo.com
5. Screenshot Taker (HD) - Screenshot.guru
6. Bypass Login (Websites) - Bugmenot.com
7. Graphic Softwares - Vectr.com
8. Cracked Softwares - CrackingPatching.com
9. File Sharing (2GB) - wetransfer.com
10. Autodraw (A.I) - Autodraw.com
👍1
👍2