This script extracts metadata from image files and returns it as a pandas dataframe. It uses the piexif library to extract metadata from the images, and the geopy library to convert GPS coordinates to place names.
π£DevOpsMuffin39
Interesting. Unnecessary usage of pandas though... why not return a simple object array? Keep the initial data structure simple and let the user decide what to do with it.
π€Fergobirck
Is it good?
π€Fit-Special-8416
π@malwr
π£DevOpsMuffin39
Interesting. Unnecessary usage of pandas though... why not return a simple object array? Keep the initial data structure simple and let the user decide what to do with it.
π€Fergobirck
Is it good?
π€Fit-Special-8416
π@malwr
GitHub
script-toolbox/exif_df.py at main Β· tg12/script-toolbox
This repository contains a collection of scripts and tools that I have written to solve various problems that I have come across. - tg12/script-toolbox
The US Military Cyber Professionals Associatian calls for the creation of a US Cyber Force - the Brits have one and the US want one too
π£digicat
They need to get rid of the space force, and implement a cyber force
π€clear-carbon-hands
As a guy in one of the military cyber forces, please no. The issues with conducting cyber operations wonβt go away if we all wear the same uniform
π€Grumps-Tucan
π@malwr
π£digicat
They need to get rid of the space force, and implement a cyber force
π€clear-carbon-hands
As a guy in one of the military cyber forces, please no. The issues with conducting cyber operations wonβt go away if we all wear the same uniform
π€Grumps-Tucan
π@malwr
public.milcyber.org
MCPA - Legislation
The MCPA calls for the creation of a US Cyber Force!
Disclaimer: The views expressed in this statement do not necessarily reflect the opinions of all organization members, advisors, or partners.
Disclaimer: The views expressed in this statement do not necessarily reflect the opinions of all organization members, advisors, or partners.
Is there a way to make the name field of a global structure wider? I can't read the method names
π£fwork
Yes, one of the buttons on top bar of the listing opens a block of various headers. You can resize those headers just as table headers and by that change the width of the listing contents.
π€d_stroid
π@malwr
π£fwork
Yes, one of the buttons on top bar of the listing opens a block of various headers. You can resize those headers just as table headers and by that change the width of the listing contents.
π€d_stroid
π@malwr
Time Travel Debugging IDA plugin, ttddbg, 1.1.0 is out with new tracing feature ! Based on #IDA database, arguments and return value are pretty-printed !
Enjoy βοΈπ°οΈπ
https://github.com/airbus-cert/ttddbg
π£citronneur
π@malwr
Enjoy βοΈπ°οΈπ
https://github.com/airbus-cert/ttddbg
π£citronneur
π@malwr
π1
π£ Exciting news for all JADX users! π
I've just released an official video guide on how to use my new latest Dynamic Scripting Plugin, JADXecute!
#ReverseEngineering #AndroidDev
https://www.youtube.com/watch?v=g0r3C1iEeBg
π£lauriewired
π@malwr
I've just released an official video guide on how to use my new latest Dynamic Scripting Plugin, JADXecute!
#ReverseEngineering #AndroidDev
https://www.youtube.com/watch?v=g0r3C1iEeBg
π£lauriewired
π@malwr
YouTube
JADXecute: Dynamic Scripting For JADX
Introducing my new tool JADXecute! JADXecute is a plugin for JADX that enhances its functionality by adding Dynamic Code Execution abilities.
With JADXecute, you can dynamically run Java code to modify or print components of the jadx-gui output. JADXecuteβ¦
With JADXecute, you can dynamically run Java code to modify or print components of the jadx-gui output. JADXecuteβ¦
π1
Windows kernel drivers for red team tools development
Introduction series by @Idov31
Part 1: https://idov31.github.io/2022/07/14/lord-of-the-ring0-p1.html
Part 2: https://idov31.github.io/2022/08/04/lord-of-the-ring0-p2.html
Part 3: https://idov31.github.io/2022/10/30/lord-of-the-ring0-p3.html
#windows #kernel #redteam #malware #infosec #cybersecurity #learning
π£0xor0ne
π@malwr
Introduction series by @Idov31
Part 1: https://idov31.github.io/2022/07/14/lord-of-the-ring0-p1.html
Part 2: https://idov31.github.io/2022/08/04/lord-of-the-ring0-p2.html
Part 3: https://idov31.github.io/2022/10/30/lord-of-the-ring0-p3.html
#windows #kernel #redteam #malware #infosec #cybersecurity #learning
π£0xor0ne
π@malwr
I made a writeup on #Magniber #ransomware (from 2022) demonstrating the capabilities of the latest #TinyTracer: https://hshrzd.wordpress.com/2023/03/30/magniber-ransomware-analysis/
π£hasherezade
π@malwr
π£hasherezade
π@malwr
π1
Walk through an incident where initial access was obtained through exploitation of CVE-2023-0669 (Go AnyWhere MFT) a day after the release of the vuln and 4 days before a patch was released. Also, I have some thoughts on vuln adoption by criminals.
https://securityintelligence.com/posts/x-force-prevents-zero-day-from-going-anywhere/
π£TactiKoolSec
π@malwr
https://securityintelligence.com/posts/x-force-prevents-zero-day-from-going-anywhere/
π£TactiKoolSec
π@malwr
β€1π1
Supply chain attack in 3CX Windows Electron DesktopApp
π£qwerty0x41
It should also be noted that the MacOS version was also trojaned. If you have installed 3CXDesktopApp-18.12.416.dmg (SHA1 3DC840D32CE86CEBF657B17CEF62814646BA8E98), you have a trojaned version.
Since it had only one C2 domain hard coded and that is offline, the malware is dormant.
Still, burn it with fire.
π€CrimsonNorseman
Some IOCs posted by a user on the 3CX forum: ~~https://www.3cx.com/community/threads/3cx-icos.119967/#post-559156~~
EDIT: thread was removed, refer to https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/#heading-5 for what seems to be up to date IOCs
π€qwerty0x41
Supply chain? So what dependency was compromised/exploited? Electron itself or a node.js library?
π€iliark
π@malwr
π£qwerty0x41
It should also be noted that the MacOS version was also trojaned. If you have installed 3CXDesktopApp-18.12.416.dmg (SHA1 3DC840D32CE86CEBF657B17CEF62814646BA8E98), you have a trojaned version.
Since it had only one C2 domain hard coded and that is offline, the malware is dormant.
Still, burn it with fire.
π€CrimsonNorseman
Some IOCs posted by a user on the 3CX forum: ~~https://www.3cx.com/community/threads/3cx-icos.119967/#post-559156~~
EDIT: thread was removed, refer to https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/#heading-5 for what seems to be up to date IOCs
π€qwerty0x41
Supply chain? So what dependency was compromised/exploited? Electron itself or a node.js library?
π€iliark
π@malwr
π€1
Bypassing DEP with gap restrictions
π£CarelessOne7933
Like it is a new technique... It's basically what everyone is doing since ever to prevent shellcode corruption
π€Void_Sec
π@malwr
π£CarelessOne7933
Like it is a new technique... It's basically what everyone is doing since ever to prevent shellcode corruption
π€Void_Sec
π@malwr
divyanshu-mehta.gitbook.io
Bypassing DEP - Increasing the Gap
This blog talks about how to use WriteProcessMemory API Call for executing shellcode in a scenario where there is very less gap between shellcode and WriteProcessMemory call skeleton
Our team from @Unit42_Intel released a blog related to 3CXDesktopApp supply chain attack. Enjoy!
https://unit42.paloaltonetworks.com/3cxdesktopapp-supply-chain-attack/
#dfir #supplychainattack #Unit42
π£r3nzsec
π@malwr
https://unit42.paloaltonetworks.com/3cxdesktopapp-supply-chain-attack/
#dfir #supplychainattack #Unit42
π£r3nzsec
π@malwr
#sslpinning #frida #mitm #android
New video up on YouTube showcasing the concepts of SSL pinning and how to bypass different types of SSL pinning in android.
@fridadotre @mobilesecurity_
https://youtu.be/iooYH0S2Y3o
π£SecFatal
π@malwr
New video up on YouTube showcasing the concepts of SSL pinning and how to bypass different types of SSL pinning in android.
@fridadotre @mobilesecurity_
https://youtu.be/iooYH0S2Y3o
π£SecFatal
π@malwr
YouTube
How to Bypass Multiple SSL Pinning on Android
#android #sslpinning #frida #pentest #mobilesecurity #mitm
Hey Guys, in this video i have explained about capturing the HTTPS traffic from a very well obfuscated android application. Since the app is obfuscated and using SSL Pinning even if an attacker triesβ¦
Hey Guys, in this video i have explained about capturing the HTTPS traffic from a very well obfuscated android application. Since the app is obfuscated and using SSL Pinning even if an attacker triesβ¦
https://github.com/ggerganov/kbd-audio
this tool lets you extract text from an audio recording of keyboard strokes, right now, for free
i am not making this shit up, you can potentially steal a password from an audio recording in an office
π£f4micom
π@malwr
this tool lets you extract text from an audio recording of keyboard strokes, right now, for free
i am not making this shit up, you can potentially steal a password from an audio recording in an office
π£f4micom
π@malwr
π€2