How do you get a debit/credit card without linking it to you?
For Ops Sec purposes:
- how will you get a debit/credit card or whatsoever that you can use to pay for AWS etc without having it traced back to you?
P.S.: Legal methods only please. Please don’t suggest buying off credit card details from dumps etc.
🗣Huang_Hua
The way you’re asking this question is most certainly for nefarious based purposes. Most threat actors will use compromised aws accounts or buy cc dumps.
👤AstroBoy1337
If you are doing legal and authorized testing, this is not necessary. As others have suggested, it is actually better to identify yourself to these services so they know that you aren't a real threat actor - otherwise, they suspend your account, you have bigger problems. They will be more likely to reach out if you information is legit and verifiable. I even use a +pentest alias in my contact email address.
For sketchier services (like residential proxy providers, in my experience) you can use something like Privacy.com, or use crypto if they accept it. The circumstances where you have to consider a service provider in your threat model as an authorized res teamer is few and far between.
👤DoctorGasbag
Buy a cash card from Walmart or Le Target Boutique (Target). You hand them cash, they will activate it there, and you can use that for subsequent online transactions executed over a VPN. Those don't work with Azure but *shrugs* there are plenty of other providers that they do work with. I haven't tried them with AWS.
👤CellUpper5067
🎖@malwr
For Ops Sec purposes:
- how will you get a debit/credit card or whatsoever that you can use to pay for AWS etc without having it traced back to you?
P.S.: Legal methods only please. Please don’t suggest buying off credit card details from dumps etc.
🗣Huang_Hua
The way you’re asking this question is most certainly for nefarious based purposes. Most threat actors will use compromised aws accounts or buy cc dumps.
👤AstroBoy1337
If you are doing legal and authorized testing, this is not necessary. As others have suggested, it is actually better to identify yourself to these services so they know that you aren't a real threat actor - otherwise, they suspend your account, you have bigger problems. They will be more likely to reach out if you information is legit and verifiable. I even use a +pentest alias in my contact email address.
For sketchier services (like residential proxy providers, in my experience) you can use something like Privacy.com, or use crypto if they accept it. The circumstances where you have to consider a service provider in your threat model as an authorized res teamer is few and far between.
👤DoctorGasbag
Buy a cash card from Walmart or Le Target Boutique (Target). You hand them cash, they will activate it there, and you can use that for subsequent online transactions executed over a VPN. Those don't work with Azure but *shrugs* there are plenty of other providers that they do work with. I haven't tried them with AWS.
👤CellUpper5067
🎖@malwr
Reddit
From the redteamsec community on Reddit
Explore this post and more from the redteamsec community
👍4
New ways to inject system CA certificates in Android 14
🗣pimterry
Been using this the last couple days. Loved the ingenuity to it
👤tysear
This is an update to a previous post from a couple of weeks back, discussed quite a bit in this sub over here: https://httptoolkit.com/blog/android-14-install-system-ca-certificate/
👤pimterry
🎖@malwr
🗣pimterry
Been using this the last couple days. Loved the ingenuity to it
👤tysear
This is an update to a previous post from a couple of weeks back, discussed quite a bit in this sub over here: https://httptoolkit.com/blog/android-14-install-system-ca-certificate/
👤pimterry
🎖@malwr
Httptoolkit
New ways to inject system CA certificates in Android 14
A couple of weeks ago I published a post about changes in Android 14 that fundamentally break existing approaches to installing system-level CA certificates,...
Cisco buying Splunk
https://www.cnbc.com/2023/09/21/cisco-acquiring-splunk-for-157-a-share-in-cash.html
🗣Natural_Sherbert_391
🎖@malwr
https://www.cnbc.com/2023/09/21/cisco-acquiring-splunk-for-157-a-share-in-cash.html
🗣Natural_Sherbert_391
🎖@malwr
CNBC
Cisco makes largest ever acquisition, buying cybersecurity company Splunk for $28 billion in cash
Cisco said it was acquiring cybersecurity software company Splunk for $157 a share in a cash deal worth about $28 billion.
reverse engineering nrf51 firmware
I recently managed to extract the firmware from a nrf51822 chip over swd. The problem is, I am an absolute beginner to reverse engineering firmware, binwalk comes up blank, and other things I've tried, like firmware mod kit, have come up blank. I have also managed to open it in ghidra, but it doesn't seem to be quite right. I have found this git repository(https://github.com/DigitalSecurity/nrf5x-tools) that can help with reversing, and the scripts seem to be correctly identifying the firmware binary as from an nrf51822, but for actually reversing the firmware the script requires IDA pro's python api, which is not at all viable given its price. Is there any way to do something similar in ghidra or some other software?
🗣Matlex2
🎖@malwr
I recently managed to extract the firmware from a nrf51822 chip over swd. The problem is, I am an absolute beginner to reverse engineering firmware, binwalk comes up blank, and other things I've tried, like firmware mod kit, have come up blank. I have also managed to open it in ghidra, but it doesn't seem to be quite right. I have found this git repository(https://github.com/DigitalSecurity/nrf5x-tools) that can help with reversing, and the scripts seem to be correctly identifying the firmware binary as from an nrf51822, but for actually reversing the firmware the script requires IDA pro's python api, which is not at all viable given its price. Is there any way to do something similar in ghidra or some other software?
🗣Matlex2
🎖@malwr
GitHub
GitHub - DigitalSecurity/nrf5x-tools: Nordic Semiconductor nRF5x series disassembly tools
Nordic Semiconductor nRF5x series disassembly tools - DigitalSecurity/nrf5x-tools
Binary Ninja 3.5 (Coruscant) released: mod/div deoptimization, UEFI support, auto variable naming, and more
🗣Psifertex
Coruscant? Uh, that doesn’t compute.
👤lannibal_hecter
Binary Ninja is god tier.
👤Soggy_Dingo_2767
🎖@malwr
🗣Psifertex
Coruscant? Uh, that doesn’t compute.
👤lannibal_hecter
Binary Ninja is god tier.
👤Soggy_Dingo_2767
🎖@malwr
Binary Ninja
Binary Ninja - 3.5: Expanded Universe
Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.
Reverse engineering natively-compiled .NET apps
🗣atomlib_com
Yeah
👤Other_Ad8905
No surprises here…I don’t think MS has come up with a way to handle runtime type instantiation on reflected/non-static types. unity, with il2cpp, allows you to declare types, methods, classes, whatever in a config file so you ensure they are there even if they aren’t specified in the ast directly.
👤tnavda
🎖@malwr
🗣atomlib_com
Yeah
👤Other_Ad8905
No surprises here…I don’t think MS has come up with a way to handle runtime type instantiation on reflected/non-static types. unity, with il2cpp, allows you to declare types, methods, classes, whatever in a config file so you ensure they are there even if they aren’t specified in the ast directly.
👤tnavda
🎖@malwr
Michal's low level corner
Reverse engineering natively-compiled .NET apps
Digging into internals of apps built with native AOT.
CVE-2023-36844 | PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series
🗣jnazario
🎖@malwr
🗣jnazario
🎖@malwr
AttackerKB
CVE-2023-36844 | AttackerKB
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cont…
Cryptomining malware detected on a Russian thesaurus with 5 Million+ monthly visits
🗣nareksays
🎖@malwr
🗣nareksays
🎖@malwr
Group-IB
It’s a trap: Detecting a cryptominer on a popular website using Group-IB MXDR
Group-IB analysts discovered and analyzed a cryptojacking campaign on a popular educational resource using Group-IB Managed XDR.
Critical DICOM Server Misconfigurations Lead to Exposure of 1.6M Medical Records
🗣ziyahanalbeniz
🎖@malwr
🗣ziyahanalbeniz
🎖@malwr
SOCRadar® Cyber Intelligence Inc.
Critical DICOM Server Misconfigurations Lead to Exposure of 1.6M Medical Records
In a regular threat and vulnerability hunting activity, SOCRadar has discovered during their research that thousands of DICOM servers were...
A Survey on Air-Gap Attacks: Fundamentals, Transport Means, Attack Scenarios and Challenges
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
MDPI
A Survey on Air-Gap Attacks: Fundamentals, Transport Means, Attack Scenarios and Challenges
Major public institutions and organizations that handle sensitive data frequently enforce strong security policies by implementing network separation policies that segregates their internal work networks and internet network using air gaps to prevent the…
OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes - just released discussing operation from 2021 and 2022 against Israel by Iran
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
Welivesecurity
OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes
ESET researchers document OilRig’s Outer Space and Juicy Mix campaigns, targeting Israeli organizations in 2021 and 2022
The aggressor is using cyberattacks for informational special operations against Ukraine’s partners to undermine the support of our country
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
cip.gov.ua
Державна служба спеціального зв’язку та захисту інформації України
Вебсайт Державної служби спеціального зв’язку та захисту інформації України