Jit-Picking: Differential Fuzzing of JavaScript Engines [PDF](https://mu00d8.me/paper/bernhard22jitpicking.pdf)
🗣Gallus
🎖@malwr
🗣Gallus
🎖@malwr
SpyGuard:: a forked and enhanced version of TinyCheck. The main objective is to detect signs of compromise by monitoring network flows transmitted by a device.
🗣lugh
🎖@malwr
🗣lugh
🎖@malwr
GitHub
GitHub - SpyGuard/SpyGuard: SpyGuard is a forked and enhanced version of TinyCheck. SpyGuard's main objective is to detect signs…
SpyGuard is a forked and enhanced version of TinyCheck. SpyGuard's main objective is to detect signs of compromise by monitoring network flows transmitted by a device. - SpyGuard/SpyGuard
👍1🔥1
Free online cybercrime intelligence tools from info-stealers data
Find it here
What is it? - this (first to the left) free tool lets you search any domain and discover:
\- How many compromised employees & users a domain (company) has based on a cybercrime database composed of millions of compromised computers worldwide.
\- The external attack surface of that domain that is known to threat actors - each of the URLs have corresponding compromised credentials that are used by threat actors as an initial attack vector.
Why is it useful?
\- Risk assessment - looking up a domain and seeing it has a lot of compromised employees can indicate the company is not up to date with proper security measures, each compromised employee indicates that someone in the company downloaded and executed an info-stealing malware and had all their corporate credentials, personal credentials, cookies, documents, etc stolen by hackers that are using the credentials as an initial attack vector.
\- Assets discovery (External attack surface) - the tool let you see the top 5 URLs that compromised employees & clients had credentials to, often these URLs are not attainable anywhere else because internal URLs accessed by users & employees are not indexed anywhere and cannot be scraped.
🗣Malwarebeasts
🎖@malwr
Find it here
What is it? - this (first to the left) free tool lets you search any domain and discover:
\- How many compromised employees & users a domain (company) has based on a cybercrime database composed of millions of compromised computers worldwide.
\- The external attack surface of that domain that is known to threat actors - each of the URLs have corresponding compromised credentials that are used by threat actors as an initial attack vector.
Why is it useful?
\- Risk assessment - looking up a domain and seeing it has a lot of compromised employees can indicate the company is not up to date with proper security measures, each compromised employee indicates that someone in the company downloaded and executed an info-stealing malware and had all their corporate credentials, personal credentials, cookies, documents, etc stolen by hackers that are using the credentials as an initial attack vector.
\- Assets discovery (External attack surface) - the tool let you see the top 5 URLs that compromised employees & clients had credentials to, often these URLs are not attainable anywhere else because internal URLs accessed by users & employees are not indexed anywhere and cannot be scraped.
🗣Malwarebeasts
🎖@malwr
Hudson Rock
Hudson Rock - Infostealer Intelligence Solutions
Powered by Hudson Rock's continuously augmented cybercrime database, composed of millions of machines compromised by Infostealers in global malware spreading campaigns.
👍2
Why don't Windows functions begin with a pointless MOV EDI,EDI instruction on x86-64?
🗣aqrit
That instruction wasn't actually pointless. It was a 2 byte instruction that allowed for a short jump. This would allow for hot patching of a function.
👤alittlejolly
🎖@malwr
🗣aqrit
That instruction wasn't actually pointless. It was a 2 byte instruction that allowed for a short jump. This would allow for hot patching of a function.
👤alittlejolly
🎖@malwr
Microsoft News
Why don’t Windows functions begin with a pointless MOV EDI,EDI instruction on x86-64?
Applying the hot-patch in a different way.
🔥1
Fuzzing Web Applications using FFuf
FFuf is a fast web fuzzer written in Go. This article explains how to use FFuf to enumerate directories and break authentication in web applications. https://medium.com/@manishmshiva/fuzzing-web-applications-using-ffuf-c4ad74190b72
🗣manishmanalath
🎖@malwr
FFuf is a fast web fuzzer written in Go. This article explains how to use FFuf to enumerate directories and break authentication in web applications. https://medium.com/@manishmshiva/fuzzing-web-applications-using-ffuf-c4ad74190b72
🗣manishmanalath
🎖@malwr
Medium
Fuzzing Web Applications using FFuf
FFuf is a fast web fuzzer written in Go. In, this article we will learn how to use FFuf to enumerate directories and break authentication…
🔥1
DenuvoSoftwareSolutions/SiMBA: Efficient Deobfuscation of Linear Mixed Boolean-Arithmetic Expressions
🗣jeandrew
🎖@malwr
🗣jeandrew
🎖@malwr
GitHub
GitHub - DenuvoSoftwareSolutions/SiMBA: Efficient Deobfuscation of Linear Mixed Boolean-Arithmetic Expressions
Efficient Deobfuscation of Linear Mixed Boolean-Arithmetic Expressions - DenuvoSoftwareSolutions/SiMBA
PcapPlusPlus v22.11 released - C++ library for capturing and analyzing network packets
🗣seladb
This release contains a lot of interesting features, here are some of them:
Finally moved to C++11!!
Support of 8 new network protocols, which brings the total number of protocols to 40 (!!)
DPDK support improvements
And more!!
Feel free to check it out and provide your feedback.
I'm available for any questions you might have.
👤seladb
🎖@malwr
🗣seladb
This release contains a lot of interesting features, here are some of them:
Finally moved to C++11!!
Support of 8 new network protocols, which brings the total number of protocols to 40 (!!)
DPDK support improvements
And more!!
Feel free to check it out and provide your feedback.
I'm available for any questions you might have.
👤seladb
🎖@malwr
GitHub
Release November 2022 Release · seladb/PcapPlusPlus
November 2022 release of PcapPlusPlus (v22.11)
This package contains
Binaries compiled for Ubuntu 22.04 LTS, 20.04 LTS, 18.04 LTS
Binaries compiled for CentOS 7
Binaries compiled for Fedora 34
Bin...
This package contains
Binaries compiled for Ubuntu 22.04 LTS, 20.04 LTS, 18.04 LTS
Binaries compiled for CentOS 7
Binaries compiled for Fedora 34
Bin...
Microsoft Section52 ICS Forensics Tools is an open source forensic toolkit for analyzing Industrial PLC metadata and project files
🗣jnazario
🎖@malwr
🗣jnazario
🎖@malwr
GitHub
GitHub - microsoft/ics-forensics-tools: Microsoft ICSpector (ICS Forensics Tools framework) is an open-source forensics framework…
Microsoft ICSpector (ICS Forensics Tools framework) is an open-source forensics framework that enables the analysis of Industrial PLC metadata and project files. - microsoft/ics-forensics-tools
Accidental $70k Google Pixel Lock Screen Bypass
🗣digicat
Great writeup , thanks for sharing
👤DanSec
🎖@malwr
🗣digicat
Great writeup , thanks for sharing
👤DanSec
🎖@malwr
bugs.xdavidhu.me
Accidental $70k Google Pixel Lock Screen Bypass
David Schütz's bug bounty writeups
👍2
European Parliament legislative resolution of 10 November 2022 on the proposal for a directive of the European Parliament and of the Council on measures for a high common level of cybersecurity across the Union, repealing Directive (EU) 2016/1148 (COM(2020)0823 – C9-0422/2020 – 2020/0359(COD))
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr