BlackHat Europe 2022:
Shoggoth - Asmjit Based Polymorphic Shellcode Encryptor
https://github.com/frkngksl/Shoggoth
Shoggoth - Asmjit Based Polymorphic Shellcode Encryptor
https://github.com/frkngksl/Shoggoth
GitHub
GitHub - frkngksl/Shoggoth: Shoggoth: Asmjit Based Polymorphic Encryptor
Shoggoth: Asmjit Based Polymorphic Encryptor. Contribute to frkngksl/Shoggoth development by creating an account on GitHub.
StealthHook - A method for hooking a function without modifying memory protection
https://www.x86matthew.com/view_post?id=stealth_hook
https://www.x86matthew.com/view_post?id=stealth_hook
Frida script to bypass common methods of sslpining Android
https://gist.github.com/incogbyte/1e0e2f38b5602e72b1380f21ba04b15e
https://gist.github.com/incogbyte/1e0e2f38b5602e72b1380f21ba04b15e
Gist
Frida script to bypass common methods of sslpining Android
Frida script to bypass common methods of sslpining Android - mixunpin.js
❤1
Dirty-Vanity
A POC for the new injection technique, abusing windows fork API to evade EDRs.
https://github.com/deepinstinct/Dirty-Vanity
A POC for the new injection technique, abusing windows fork API to evade EDRs.
https://github.com/deepinstinct/Dirty-Vanity
GitHub
GitHub - deepinstinct/Dirty-Vanity: A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www…
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass...
Routing_security.pdf
3.3 MB
"Routing Security: BGP Incidents, Mitigation Techniques and Policy Actions", 2022.
Folina, Shadow Credentials, and WSUS exploitation
https://0xdf.gitlab.io/2022/12/10/htb-outdated.html
https://0xdf.gitlab.io/2022/12/10/htb-outdated.html
0xdf hacks stuff
HTB: Outdated
Outdated has three steps that are all really interesting. First, I’ll exploit Folina by sending a link to an email address collected via recon over SMB. Then I’ll exploit shadow credentials to move laterally to the next user. Finally, I’ll exploit the Windows…
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods
https://github.com/p0dalirius/Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods
https://github.com/p0dalirius/Coercer
GitHub
GitHub - p0dalirius/Coercer: A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through…
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods. - p0dalirius/Coercer
OWASP Secure Code Review Guide
https://github.com/OWASP/www-project-code-review-guide
https://github.com/OWASP/www-project-code-review-guide
GitHub
GitHub - OWASP/www-project-code-review-guide: OWASP Code Review Guide Web Repository
OWASP Code Review Guide Web Repository. Contribute to OWASP/www-project-code-review-guide development by creating an account on GitHub.
A Custom Python Backdoor for VMWare ESXi Servers
https://blogs.juniper.net/en-us/threat-research/a-custom-python-backdoor-for-vmware-esxi-servers
https://blogs.juniper.net/en-us/threat-research/a-custom-python-backdoor-for-vmware-esxi-servers
Juniper Networks
A Custom Python Backdoor for VMWare ESXi Servers
Juniper Threat Labs analyzes a backdoor installed on a compromised VMware ESXi server that can execute arbitrary commands and launch reverse shells.
The Most Popular & Fastest Growing Open Source Security Projects on GitHub
https://opensourcesecurityindex.io
https://opensourcesecurityindex.io
opensourcesecurityindex.io
Open Source Security Index
The Most Popular & Fastest Growing Open Source Security Projects on GitHub
apk.sh is a Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK
https://github.com/ax/apk.sh
https://github.com/ax/apk.sh
GitHub
GitHub - ax/apk.sh: Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuilding…
Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuilding and patching an APK. - ax/apk.sh
BEE·bot - OSINT automation for hackers.
https://github.com/blacklanternsecurity/bbot
https://github.com/blacklanternsecurity/bbot
GitHub
GitHub - blacklanternsecurity/bbot: The recursive internet scanner for hackers. 🧡
The recursive internet scanner for hackers. 🧡. Contribute to blacklanternsecurity/bbot development by creating an account on GitHub.
👍1
Incident Response Methodologies 2022
https://github.com/certsocietegenerale/IRM
// EN/ES/FR/RU Versions
https://github.com/certsocietegenerale/IRM
// EN/ES/FR/RU Versions
GitHub
GitHub - certsocietegenerale/IRM: Incident Response Methodologies 2022
Incident Response Methodologies 2022. Contribute to certsocietegenerale/IRM development by creating an account on GitHub.
Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg
https://blog.exodusintel.com/2022/12/19/linux-kernel-exploiting-a-netfilter-use-after-free-in-kmalloc-cg
https://blog.exodusintel.com/2022/12/19/linux-kernel-exploiting-a-netfilter-use-after-free-in-kmalloc-cg
Exodus Intelligence
Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg - Exodus Intelligence
By Sergi Martinez Overview It’s been a while since our last technical blogpost, so here’s one right on time for the Christmas holidays. We describe a method to exploit a use-after-free in the Linux kernel when objects are allocated in a specific slab cache…
XLLing in Excel - Evolution of malicious XLLs
https://blog.talosintelligence.com/xlling-in-excel-malicious-add-ins
https://blog.talosintelligence.com/xlling-in-excel-malicious-add-ins
Cisco Talos Blog
Threat Spotlight: XLLing in Excel - threat actors using malicious add-ins
As more and more users adopt new versions of Microsoft Office, it is likely that threat actors will turn away from VBA-based malicious documents to other formats such as XLLs or rely on exploiting newly discovered vulnerabilities to launch malicious code.
CVE and PoC SearchBot - 0.5.0
@pocfather_bot
Bot helps to keep up to date with new CVEs and search new POC's
Added
▪️ New sources of information about CVE vendor/products: nvd.nist.gov and cve.org;
▪️ Feedback answer option.
Changed
▪️ App's architecture;
▪️ APIv2 from nvd.nist.gov is now used;
▪️ Changed message-broker software;
▪️ Default level now is set to ALL;
▪️ PoC search based on CVE description and vendor/product;
▪️ The manual query PoCs now uses the logical AND.
Fixed
▪️ Vendor/products duplication issue;
▪️ Settings menu errors;
▪️ Number of minor bugs.
@pocfather_bot
Bot helps to keep up to date with new CVEs and search new POC's
Added
▪️ New sources of information about CVE vendor/products: nvd.nist.gov and cve.org;
▪️ Feedback answer option.
Changed
▪️ App's architecture;
▪️ APIv2 from nvd.nist.gov is now used;
▪️ Changed message-broker software;
▪️ Default level now is set to ALL;
▪️ PoC search based on CVE description and vendor/product;
▪️ The manual query PoCs now uses the logical AND.
Fixed
▪️ Vendor/products duplication issue;
▪️ Settings menu errors;
▪️ Number of minor bugs.
🔥3
Evading Detection: A Beginner's Guide to Obfuscation - 2022
https://www.youtube.com/watch?v=wvKwk1wcXvM
https://www.youtube.com/watch?v=wvKwk1wcXvM
YouTube
Evading Detection: A Beginner's Guide to Obfuscation - 2022
Have you wanted to learn some more advanced Windows evasion techniques? Here is your chance to learn from the experts. This 2-hour long webinar will cover the basics of Windows Defenses such as Event and Script Block Logging, Anti-Malware Scan Interface (AMSI)…
#Conferences
TOP-20 Leading Cybersecurity Conferences in 2023:
1. IEEE S&P (July 3-7)
https://www.ieee-security.org/TC/EuroSP2023/accepted_and_awards.html
2. ENISA Cybersecurity Standardisation Conference
https://www.enisa.europa.eu/events/cybersecurity_standardisation_2023
3. USENIX Security (Aug. 9-11)
https://www.usenix.org/conference/usenixsecurity23
4. NDSS (27 Feb. - 03 Mar.)
https://www.internetsociety.org/events/ndss/2023
5. ESORICS (European Symposium on Research in Computer Security, Sept. 25-29)
https://www.esorics2023.org
6. Nullcon Berlin (March 9-10)
https://nullcon.net/berlin-2023
7. International Conference on Cybersecurity and Common Problems (ICCCP, Jan. 30-31)
https://waset.org/cybersecurity-and-common-problems-conference-in-january-2023-in-sydney
8. Pwn2Own Miami (Feb.14-16)
https://www.zerodayinitiative.com/Pwn2OwnMiami2023Rules.html
9. International Conference on Cybersecurity and Hacking (ICCH, Jan. 07-08)
https://conferenceindex.org/event/international-conference-on-cybersecurity-and-hacking-icch-2023-january-tokyo-jp
10. RSA Conference 2023 (Apr. 24-27)
https://www.rsaconference.com/usa
11. JSAC 2023 (Jan. 25-26)
https://jsac.jpcert.or.jp
12. SANS 2023 Cyber Security Training (Apr. 2-7)
https://www.sans.org/cyber-security-training-events/2023
13. IEEE Symposium on Security and Privacy (May 22-25)
https://sp2023.ieee-security.org
14. National Cyber Summit (Sep. 20-21)
https://www.nationalcybersummit.com
15. ACM WiSec 2023 (May 29 - June 1st)
https://wisec2023.surrey.ac.uk
16. Zer0Con (April, 2023)
https://zer0con.org/?ref=infosec-conferences.com
17. DEF CON 31 (Aug. 10-13)
https://defcon.org/html/defcon-31/dc-31-cfi.html
18. Black Hat
Spring Trainings (Mar. 13-16, 2023):
https://www.blackhat.com/tr-23
USA (Aug. 5-10, 2023): https://www.blackhat.com/upcoming.html#usa
Asia (May 9-12, 2023): https://www.blackhat.com/upcoming.html#asia
19. BSides SF 2023 (Apr.22-23)
https://bsidessf.org/cfp
20. European Interdisciplinary Cybersecurity Conference (EICC, Jun.14-15)
https://www.fvv.um.si/eicc2023
TOP-20 Leading Cybersecurity Conferences in 2023:
1. IEEE S&P (July 3-7)
https://www.ieee-security.org/TC/EuroSP2023/accepted_and_awards.html
2. ENISA Cybersecurity Standardisation Conference
https://www.enisa.europa.eu/events/cybersecurity_standardisation_2023
3. USENIX Security (Aug. 9-11)
https://www.usenix.org/conference/usenixsecurity23
4. NDSS (27 Feb. - 03 Mar.)
https://www.internetsociety.org/events/ndss/2023
5. ESORICS (European Symposium on Research in Computer Security, Sept. 25-29)
https://www.esorics2023.org
6. Nullcon Berlin (March 9-10)
https://nullcon.net/berlin-2023
7. International Conference on Cybersecurity and Common Problems (ICCCP, Jan. 30-31)
https://waset.org/cybersecurity-and-common-problems-conference-in-january-2023-in-sydney
8. Pwn2Own Miami (Feb.14-16)
https://www.zerodayinitiative.com/Pwn2OwnMiami2023Rules.html
9. International Conference on Cybersecurity and Hacking (ICCH, Jan. 07-08)
https://conferenceindex.org/event/international-conference-on-cybersecurity-and-hacking-icch-2023-january-tokyo-jp
10. RSA Conference 2023 (Apr. 24-27)
https://www.rsaconference.com/usa
11. JSAC 2023 (Jan. 25-26)
https://jsac.jpcert.or.jp
12. SANS 2023 Cyber Security Training (Apr. 2-7)
https://www.sans.org/cyber-security-training-events/2023
13. IEEE Symposium on Security and Privacy (May 22-25)
https://sp2023.ieee-security.org
14. National Cyber Summit (Sep. 20-21)
https://www.nationalcybersummit.com
15. ACM WiSec 2023 (May 29 - June 1st)
https://wisec2023.surrey.ac.uk
16. Zer0Con (April, 2023)
https://zer0con.org/?ref=infosec-conferences.com
17. DEF CON 31 (Aug. 10-13)
https://defcon.org/html/defcon-31/dc-31-cfi.html
18. Black Hat
Spring Trainings (Mar. 13-16, 2023):
https://www.blackhat.com/tr-23
USA (Aug. 5-10, 2023): https://www.blackhat.com/upcoming.html#usa
Asia (May 9-12, 2023): https://www.blackhat.com/upcoming.html#asia
19. BSides SF 2023 (Apr.22-23)
https://bsidessf.org/cfp
20. European Interdisciplinary Cybersecurity Conference (EICC, Jun.14-15)
https://www.fvv.um.si/eicc2023
ENISA
Cybersecurity Standardisation Conference 2023
European Standardisation in support of the EU cybersecurity legislation.
👍1