attacking_safari_2022.pdf
1.4 MB
#Threat_Research
"Attacking Safari in 2022".
"Attacking Safari in 2022".
#tools
#Threat_Research
1. Detection of Lateral Movement with the Sliver C2 Framework
https://blogs.vmware.com/security/2023/01/detection-of-lateral-movement-with-the-sliver-c2-framework.html
]-> https://github.com/vmware-samples/tau-research
2. Java code inspector for web vulnerability scan
https://github.com/4ra1n/code-inspector
3. Survey of security mitigations and architectures, December 2022
https://saaramar.github.io/memory_safety_blogpost_2022
#Threat_Research
1. Detection of Lateral Movement with the Sliver C2 Framework
https://blogs.vmware.com/security/2023/01/detection-of-lateral-movement-with-the-sliver-c2-framework.html
]-> https://github.com/vmware-samples/tau-research
2. Java code inspector for web vulnerability scan
https://github.com/4ra1n/code-inspector
3. Survey of security mitigations and architectures, December 2022
https://saaramar.github.io/memory_safety_blogpost_2022
VMware Security Blog
Detection of Lateral Movement with the Sliver C2 Framework
Here's how an attacker may use Sliver to generate an implant, control it, and move laterally within a corporate network, and what network traffic this activity may generate.
automated_threat_handbook_v1-2.pdf
1.6 MB
#Whitepaper
#Threat_Research
#WebApp_Security
"OWASP Automated Threats Handbook: Web Applications, Version 1.2".
#Threat_Research
#WebApp_Security
"OWASP Automated Threats Handbook: Web Applications, Version 1.2".
Forwarded from Deadly malware xp
#Threat_Research
1. SSH Key Injection Vulnerability in Google Cloud Compute Engine
https://blog.stazot.com/ssh-key-injection-google-cloud
2. Network Security Trends: August-October 2022
https://unit42.paloaltonetworks.com/network-security-trends-aug-oct-2022
3. Learn EVM Attacks: A collection of Foundry tests reproducing exploits, bug bounty reports, and theoretical vulnerabilities on EVM chains
https://github.com/coinspect/learn-evm-attacks
1. SSH Key Injection Vulnerability in Google Cloud Compute Engine
https://blog.stazot.com/ssh-key-injection-google-cloud
2. Network Security Trends: August-October 2022
https://unit42.paloaltonetworks.com/network-security-trends-aug-oct-2022
3. Learn EVM Attacks: A collection of Foundry tests reproducing exploits, bug bounty reports, and theoretical vulnerabilities on EVM chains
https://github.com/coinspect/learn-evm-attacks
Sivanesh Ashok
SSH key injection in Google Cloud Compute Engine [Google VRP]
This write-up is the first in a series of write-ups about bugs that I, and Sreeram, found in Google Cloud during 2022. After hunting for bugs continuously in common Google apps such as Drive, we wanted to venture into Google Cloud. This was the first bug…
Forwarded from Deadly malware xp
#Threat_Research
1. Java XML security issues and how to address them
https://semgrep.dev/blog/2022/xml-security-in-java
2. QT QML Vulnerability
https://blog.talosintelligence.com/vulnerability-spotlight-integer-and-buffer-overflow-vulnerabilities-found-in-qt-qml
1. Java XML security issues and how to address them
https://semgrep.dev/blog/2022/xml-security-in-java
2. QT QML Vulnerability
https://blog.talosintelligence.com/vulnerability-spotlight-integer-and-buffer-overflow-vulnerabilities-found-in-qt-qml
Semgrep
XML Security in Java
In this blog post, you can read just how much of a mess Java XML security is
#Threat_Research
#Malware_analysis
1. Way Into Creating a Polymorphic Malware using ChatGPT
https://www.cyberark.com/resources/threat-research-blog/chatting-our-way-into-creating-a-polymorphic-malware
2. Batloader Malware
https://www.trendmicro.com/en_us/research/23/a/batloader-malware-abuses-legitimate-tools-uses-obfuscated-javasc.html
#Malware_analysis
1. Way Into Creating a Polymorphic Malware using ChatGPT
https://www.cyberark.com/resources/threat-research-blog/chatting-our-way-into-creating-a-polymorphic-malware
2. Batloader Malware
https://www.trendmicro.com/en_us/research/23/a/batloader-malware-abuses-legitimate-tools-uses-obfuscated-javasc.html
#Threat_Research
Exploiting null-dereferences in the Linux kernel
https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html
Exploiting null-dereferences in the Linux kernel
https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html
#Threat_Research
Traffic signals: The VASTFLUX Takedown
https://www.humansecurity.com/learn/blog/traffic-signals-the-vastflux-takedown
Traffic signals: The VASTFLUX Takedown
https://www.humansecurity.com/learn/blog/traffic-signals-the-vastflux-takedown
#Threat_Research
#Blue_Team_Techniques
1. At the Edge of Tier Zero: The Curious Case of the RODC
https://posts.specterops.io/at-the-edge-of-tier-zero-the-curious-case-of-the-rodc-ef5f1799ca06
2. Sigma Rule to Detect Uncommon Keyboard Layout Loads
https://gist.github.com/Neo23x0/62a75d4bbd26aa9164fa73384f6a1410
]-> Sysmon Config: https://github.com/SwiftOnSecurity/sysmon-config/pull/92/files
#Blue_Team_Techniques
1. At the Edge of Tier Zero: The Curious Case of the RODC
https://posts.specterops.io/at-the-edge-of-tier-zero-the-curious-case-of-the-rodc-ef5f1799ca06
2. Sigma Rule to Detect Uncommon Keyboard Layout Loads
https://gist.github.com/Neo23x0/62a75d4bbd26aa9164fa73384f6a1410
]-> Sysmon Config: https://github.com/SwiftOnSecurity/sysmon-config/pull/92/files
#Threat_Research
Sliver Malware with BYOVD Distributing Due to Sunlogin Vulnerability Attack
https://asec.ahnlab.com/ko/46208
Sliver Malware with BYOVD Distributing Due to Sunlogin Vulnerability Attack
https://asec.ahnlab.com/ko/46208