π 50 Methods For Lsass Dump.
This article introduces 50 methods for extracting authentication data from LSASS memory:
https://redteamrecipe.com/50-methods-for-lsass-dumprtc0002
#Pentest #AD
@geekcode π΅οΈββοΈ
Without going too deep into theory, Local Security Authority Subsystem Service (also known as LSASS) is a process (executable file C:\Windows\System32\lsass.exe) responsible for managing various authentication subsystems of the #Windows OS. Among his tasks: checking the βcredsβ of local and domain accounts during various scenarios of requesting access to the system, generating security tokens for active user sessions, working with Security Support Providers (SSP), etc.
This article introduces 50 methods for extracting authentication data from LSASS memory:
https://redteamrecipe.com/50-methods-for-lsass-dumprtc0002
#Pentest #AD
@geekcode π΅οΈββοΈ
Forwarded from Cyber Agents
CrowdStrike's recent update has led to major disruptions for businesses worldwide, causing Windows workstations to crash.
This incident affects businesses across various sectors, from airlines to hospitals.
Read : https://thehackernews.com/2024/07/faulty-crowdstrike-update-crashes.html
@cyberagents
This incident affects businesses across various sectors, from airlines to hospitals.
Read : https://thehackernews.com/2024/07/faulty-crowdstrike-update-crashes.html
@cyberagents
ESET researchers have discovered a zero-day exploit targeting Telegram for Android. An exploit called EvilVideo appeared for sale on an underground forum on June 6, 2024. Attackers used this vulnerability to distribute malicious files through Telegram channels, groups and chats, disguising them as multimedia files.
β The vulnerability allowed sending malicious files that looked like videos in unprotected versions of Telegram for Android (10.14.4 and older). The exploit was found on the XSS forum, where a seller demonstrated its work in a public Telegram channel. This allowed the researchers to obtain the malicious file and test it.
It also turned out that the seller of the exploit offered a cryptor service for Android, making malicious files invisible to antiviruses. This service has been advertised on the same XSS forum since January 2024.
#0day #Telegram
@geekcode
Please open Telegram to view this post
VIEW IN TELEGRAM
π2
π Google's AI agent helped find a vulnerability in SQLite before the official update
Google Project Zero showed the results of a new approach to finding vulnerabilities in popular software using large language models (LLM). As part of the experimental project π "Big Sleep" π€, their AI agent was able to find a vulnerability in the SQLite DBMS, causing considerable interest among information security specialists.
The problem was discovered in π¨βπ» stack buffer underflow in SQLite. The vulnerability was quickly fixed by the developers in October 2024 before the new update was released to the public.
@geekcode π
Google Project Zero showed the results of a new approach to finding vulnerabilities in popular software using large language models (LLM). As part of the experimental project π "Big Sleep" π€, their AI agent was able to find a vulnerability in the SQLite DBMS, causing considerable interest among information security specialists.
The problem was discovered in π¨βπ» stack buffer underflow in SQLite. The vulnerability was quickly fixed by the developers in October 2024 before the new update was released to the public.
@geekcode π
Forwarded from Cyber Agents
Facebook, Instagram, WhatsApp hit by massive worldwide outage
https://www.bleepingcomputer.com/news/technology/facebook-instagram-whatsapp-hit-by-massive-worldwide-outage/
@cyberagents
https://www.bleepingcomputer.com/news/technology/facebook-instagram-whatsapp-hit-by-massive-worldwide-outage/
@cyberagents
β€1
PAPIMonitor: python tool based on Frida for monitoring user-select APIs during the app execution
https://github.com/Dado1513/PAPIMonitor
@geekcode π
https://github.com/Dado1513/PAPIMonitor
@geekcode π
GitHub
GitHub - Dado1513/PAPIMonitor: Python API Monitor for Android apps
Python API Monitor for Android apps. Contribute to Dado1513/PAPIMonitor development by creating an account on GitHub.
UrlScanIO Chrome/Firefox Extension
A tool to quickly retrieve information about active tab URL:
- domain/IP/ASN
- domain creation date
- phishing/malware reputation
and more.
https://chromewebstore.google.com/detail/urlscanio/loehkbkhflmmkempgkdpkkhghdiegicp
@geekcode π
A tool to quickly retrieve information about active tab URL:
- domain/IP/ASN
- domain creation date
- phishing/malware reputation
and more.
https://chromewebstore.google.com/detail/urlscanio/loehkbkhflmmkempgkdpkkhghdiegicp
@geekcode π
Forwarded from Cyber Agents
π 16 billion passwords from Apple, Google, Facebook leaked online
β Hackers leaked 16 billion logins and passwords from Apple, Google, GitHub, Telegram, Instagram, Facebook accounts
According to experts, most of this data has not been published anywhere before, meaning the data is fresh
@cyberagents π§βπ»
β Hackers leaked 16 billion logins and passwords from Apple, Google, GitHub, Telegram, Instagram, Facebook accounts
According to experts, most of this data has not been published anywhere before, meaning the data is fresh
@cyberagents π§βπ»