AWS PENTESTING
https://github.com/redskycyber/Cloud-Security/blob/main/AWS-Security-Pentesting-Resources.md
Join us : @geekcode π
https://github.com/redskycyber/Cloud-Security/blob/main/AWS-Security-Pentesting-Resources.md
Join us : @geekcode π
π€WhatWeb - WhatWeb's next generation web scanner identifies websites.
Its purpose is to answer the question: βWhat kind of website is this?β
WhatWeb also identifies version numbers, email addresses, account IDs, web platform modules, SQL errors, and more.
πGitHub
@geekcode
Its purpose is to answer the question: βWhat kind of website is this?β
WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistical/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1,800 plugins, each of which recognizes something different .
WhatWeb also identifies version numbers, email addresses, account IDs, web platform modules, SQL errors, and more.
πGitHub
@geekcode
Forwarded from Cyber Agents
π Hacker IntelBroker claims to have stolen Apple source codes
IntelBroker on BreachForums claimed to have stolen the source code for several internal tools from Apple.
π According to the report, βApple.com suffered a data breach in June 2024,β which led to the disclosure of information. IntelBroker claims that as a result it has obtained the source code for the following internal company tools: AppleConnect-SSO, Apple-HWE-Confluence-Advanced and AppleMacroPlugin.
@cyberagents
IntelBroker on BreachForums claimed to have stolen the source code for several internal tools from Apple.
π According to the report, βApple.com suffered a data breach in June 2024,β which led to the disclosure of information. IntelBroker claims that as a result it has obtained the source code for the following internal company tools: AppleConnect-SSO, Apple-HWE-Confluence-Advanced and AppleMacroPlugin.
Little is known about Apple-HWE-Confluence-Advanced and AppleMacroPlugin. But AppleConnect-SSO is an authentication system that allows you to access certain applications on the Apple network. This system is known to be integrated with the Directory Services database to provide secure access to internal resources.
@cyberagents
Monitor file system changes using fsmon
βͺοΈsupports Linux, iOS, OS X, Android
βͺοΈidentify when are binaries loaded (root)
βͺοΈget dropped payloads (root)
βͺοΈidentify when are which files opened at app's runtime (db, txt, log, temp...) (non-root)
https://www.mobile-hacker.com/2024/06/24/monitoring-android-file-system-with-fsmon/
@geekcode
βͺοΈsupports Linux, iOS, OS X, Android
βͺοΈidentify when are binaries loaded (root)
βͺοΈget dropped payloads (root)
βͺοΈidentify when are which files opened at app's runtime (db, txt, log, temp...) (non-root)
https://www.mobile-hacker.com/2024/06/24/monitoring-android-file-system-with-fsmon/
@geekcode
Mobile Hacker
Monitoring Android file system with fsmon
FileSystem Monitor (fsmon) allows you to monitor file system events at runtime on Linux, OSX, iOS and Android systems. Useful for bug bounty hunters, malware analyst
π 50 Methods For Lsass Dump.
This article introduces 50 methods for extracting authentication data from LSASS memory:
https://redteamrecipe.com/50-methods-for-lsass-dumprtc0002
#Pentest #AD
@geekcode π΅οΈββοΈ
Without going too deep into theory, Local Security Authority Subsystem Service (also known as LSASS) is a process (executable file C:\Windows\System32\lsass.exe) responsible for managing various authentication subsystems of the #Windows OS. Among his tasks: checking the βcredsβ of local and domain accounts during various scenarios of requesting access to the system, generating security tokens for active user sessions, working with Security Support Providers (SSP), etc.
This article introduces 50 methods for extracting authentication data from LSASS memory:
https://redteamrecipe.com/50-methods-for-lsass-dumprtc0002
#Pentest #AD
@geekcode π΅οΈββοΈ
Forwarded from Cyber Agents
CrowdStrike's recent update has led to major disruptions for businesses worldwide, causing Windows workstations to crash.
This incident affects businesses across various sectors, from airlines to hospitals.
Read : https://thehackernews.com/2024/07/faulty-crowdstrike-update-crashes.html
@cyberagents
This incident affects businesses across various sectors, from airlines to hospitals.
Read : https://thehackernews.com/2024/07/faulty-crowdstrike-update-crashes.html
@cyberagents
ESET researchers have discovered a zero-day exploit targeting Telegram for Android. An exploit called EvilVideo appeared for sale on an underground forum on June 6, 2024. Attackers used this vulnerability to distribute malicious files through Telegram channels, groups and chats, disguising them as multimedia files.
β The vulnerability allowed sending malicious files that looked like videos in unprotected versions of Telegram for Android (10.14.4 and older). The exploit was found on the XSS forum, where a seller demonstrated its work in a public Telegram channel. This allowed the researchers to obtain the malicious file and test it.
It also turned out that the seller of the exploit offered a cryptor service for Android, making malicious files invisible to antiviruses. This service has been advertised on the same XSS forum since January 2024.
#0day #Telegram
@geekcode
Please open Telegram to view this post
VIEW IN TELEGRAM
π2
π Google's AI agent helped find a vulnerability in SQLite before the official update
Google Project Zero showed the results of a new approach to finding vulnerabilities in popular software using large language models (LLM). As part of the experimental project π "Big Sleep" π€, their AI agent was able to find a vulnerability in the SQLite DBMS, causing considerable interest among information security specialists.
The problem was discovered in π¨βπ» stack buffer underflow in SQLite. The vulnerability was quickly fixed by the developers in October 2024 before the new update was released to the public.
@geekcode π
Google Project Zero showed the results of a new approach to finding vulnerabilities in popular software using large language models (LLM). As part of the experimental project π "Big Sleep" π€, their AI agent was able to find a vulnerability in the SQLite DBMS, causing considerable interest among information security specialists.
The problem was discovered in π¨βπ» stack buffer underflow in SQLite. The vulnerability was quickly fixed by the developers in October 2024 before the new update was released to the public.
@geekcode π
Forwarded from Cyber Agents
Facebook, Instagram, WhatsApp hit by massive worldwide outage
https://www.bleepingcomputer.com/news/technology/facebook-instagram-whatsapp-hit-by-massive-worldwide-outage/
@cyberagents
https://www.bleepingcomputer.com/news/technology/facebook-instagram-whatsapp-hit-by-massive-worldwide-outage/
@cyberagents
β€1