#Conferences
TOP-20 Leading Cybersecurity Conferences in 2023:
1. IEEE S&P (July 3-7)
https://www.ieee-security.org/TC/EuroSP2023/accepted_and_awards.html
2. ENISA Cybersecurity Standardisation Conference
https://www.enisa.europa.eu/events/cybersecurity_standardisation_2023
3. USENIX Security (Aug. 9-11)
https://www.usenix.org/conference/usenixsecurity23
4. NDSS (27 Feb. - 03 Mar.)
https://www.internetsociety.org/events/ndss/2023
5. ESORICS (European Symposium on Research in Computer Security, Sept. 25-29)
https://www.esorics2023.org
6. Nullcon Berlin (March 9-10)
https://nullcon.net/berlin-2023
7. International Conference on Cybersecurity and Common Problems (ICCCP, Jan. 30-31)
https://waset.org/cybersecurity-and-common-problems-conference-in-january-2023-in-sydney
8. Pwn2Own Miami (Feb.14-16)
https://www.zerodayinitiative.com/Pwn2OwnMiami2023Rules.html
9. International Conference on Cybersecurity and Hacking (ICCH, Jan. 07-08)
https://conferenceindex.org/event/international-conference-on-cybersecurity-and-hacking-icch-2023-january-tokyo-jp
10. RSA Conference 2023 (Apr. 24-27)
https://www.rsaconference.com/usa
11. JSAC 2023 (Jan. 25-26)
https://jsac.jpcert.or.jp
12. SANS 2023 Cyber Security Training (Apr. 2-7)
https://www.sans.org/cyber-security-training-events/2023
13. IEEE Symposium on Security and Privacy (May 22-25)
https://sp2023.ieee-security.org
14. National Cyber Summit (Sep. 20-21)
https://www.nationalcybersummit.com
15. ACM WiSec 2023 (May 29 - June 1st)
https://wisec2023.surrey.ac.uk
16. Zer0Con (April, 2023)
https://zer0con.org/?ref=infosec-conferences.com
17. DEF CON 31 (Aug. 10-13)
https://defcon.org/html/defcon-31/dc-31-cfi.html
18. Black Hat
Spring Trainings (Mar. 13-16, 2023):
https://www.blackhat.com/tr-23
USA (Aug. 5-10, 2023): https://www.blackhat.com/upcoming.html#usa
Asia (May 9-12, 2023): https://www.blackhat.com/upcoming.html#asia
19. BSides SF 2023 (Apr.22-23)
https://bsidessf.org/cfp
20. European Interdisciplinary Cybersecurity Conference (EICC, Jun.14-15)
https://www.fvv.um.si/eicc2023
TOP-20 Leading Cybersecurity Conferences in 2023:
1. IEEE S&P (July 3-7)
https://www.ieee-security.org/TC/EuroSP2023/accepted_and_awards.html
2. ENISA Cybersecurity Standardisation Conference
https://www.enisa.europa.eu/events/cybersecurity_standardisation_2023
3. USENIX Security (Aug. 9-11)
https://www.usenix.org/conference/usenixsecurity23
4. NDSS (27 Feb. - 03 Mar.)
https://www.internetsociety.org/events/ndss/2023
5. ESORICS (European Symposium on Research in Computer Security, Sept. 25-29)
https://www.esorics2023.org
6. Nullcon Berlin (March 9-10)
https://nullcon.net/berlin-2023
7. International Conference on Cybersecurity and Common Problems (ICCCP, Jan. 30-31)
https://waset.org/cybersecurity-and-common-problems-conference-in-january-2023-in-sydney
8. Pwn2Own Miami (Feb.14-16)
https://www.zerodayinitiative.com/Pwn2OwnMiami2023Rules.html
9. International Conference on Cybersecurity and Hacking (ICCH, Jan. 07-08)
https://conferenceindex.org/event/international-conference-on-cybersecurity-and-hacking-icch-2023-january-tokyo-jp
10. RSA Conference 2023 (Apr. 24-27)
https://www.rsaconference.com/usa
11. JSAC 2023 (Jan. 25-26)
https://jsac.jpcert.or.jp
12. SANS 2023 Cyber Security Training (Apr. 2-7)
https://www.sans.org/cyber-security-training-events/2023
13. IEEE Symposium on Security and Privacy (May 22-25)
https://sp2023.ieee-security.org
14. National Cyber Summit (Sep. 20-21)
https://www.nationalcybersummit.com
15. ACM WiSec 2023 (May 29 - June 1st)
https://wisec2023.surrey.ac.uk
16. Zer0Con (April, 2023)
https://zer0con.org/?ref=infosec-conferences.com
17. DEF CON 31 (Aug. 10-13)
https://defcon.org/html/defcon-31/dc-31-cfi.html
18. Black Hat
Spring Trainings (Mar. 13-16, 2023):
https://www.blackhat.com/tr-23
USA (Aug. 5-10, 2023): https://www.blackhat.com/upcoming.html#usa
Asia (May 9-12, 2023): https://www.blackhat.com/upcoming.html#asia
19. BSides SF 2023 (Apr.22-23)
https://bsidessf.org/cfp
20. European Interdisciplinary Cybersecurity Conference (EICC, Jun.14-15)
https://www.fvv.um.si/eicc2023
ENISA
Cybersecurity Standardisation Conference 2023
European Standardisation in support of the EU cybersecurity legislation.
👍1
Malicious Macros Adapt to Use Microsoft Publisher to Push Ekipa RAT
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/malicious-macros-adapt-to-use-microsoft-publisher-to-push-ekipa-rat
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/malicious-macros-adapt-to-use-microsoft-publisher-to-push-ekipa-rat
Trustwave
Malicious Macros Adapt to Use Microsoft Publisher to Push Ekipa RAT | Trustwave
After Microsoft announced this year that macros from the Internet will be blocked by default in Office , many threat actors have switched to different file types such as Windows Shortcut (LNK), ISO or ZIP files, to distribute their malware.
.NET Process injection in a new process with QueueUserAPC using D/invoke
https://gist.github.com/tothi/9cdd2be3b49cb42723726fd75df96471
https://gist.github.com/tothi/9cdd2be3b49cb42723726fd75df96471
Gist
.NET Process injection in a new process with QueueUserAPC using D/invoke - compatible with gadgettojscript
.NET Process injection in a new process with QueueUserAPC using D/invoke - compatible with gadgettojscript - DInjectQueuerAPC.cs
Writing Windows Kernel Drivers for Advanced Persistence
https://v3ded.github.io/redteam/red-team-tactics-writing-windows-kernel-drivers-for-advanced-persistence-part-1
https://v3ded.github.io/redteam/red-team-tactics-writing-windows-kernel-drivers-for-advanced-persistence-part-1
v3ded.github.io
Red Team Tactics: Writing Windows Kernel Drivers for Advanced Persistence (Part 1)
Introduction This post, as indicated by the title, will cover the topic of writing Windows kernel drivers for advanced persistence. Because the subject matte...
1. All in One Hacking tool For Hackers
https://github.com/Z4nzu/hackingtool
2. Tools and Techniques for Red Team/Penetration Testing
https://github.com/A-poc/RedTeam-Tools
https://github.com/Z4nzu/hackingtool
2. Tools and Techniques for Red Team/Penetration Testing
https://github.com/A-poc/RedTeam-Tools
GitHub
GitHub - Z4nzu/hackingtool: ALL IN ONE Hacking Tool For Hackers
ALL IN ONE Hacking Tool For Hackers. Contribute to Z4nzu/hackingtool development by creating an account on GitHub.
👍1
Dimorf - ransomware using 256-bit AES with a self-destructing, randomly generated key for Linux OS´s
https://github.com/Ort0x36/Dimorf
https://github.com/Ort0x36/Dimorf
GitHub
GitHub - Ort0x36/Dimorf: Dimorf is a ransomware using 256-bit AES with a self-destructing, randomly generated key for Linux OS´s
Dimorf is a ransomware using 256-bit AES with a self-destructing, randomly generated key for Linux OS´s - Ort0x36/Dimorf
Breaking RSA with a Quantum Computer
https://www.schneier.com/blog/archives/2023/01/breaking-rsa-with-a-quantum-computer.html
https://www.schneier.com/blog/archives/2023/01/breaking-rsa-with-a-quantum-computer.html
OWASP Mobile Application Security Testing Guide (MASTG)
https://github.com/OWASP/owasp-mastg
https://github.com/OWASP/owasp-mastg
GitHub
GitHub - OWASP/mastg: The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security…
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA...
Powershell scripts for post exploitation
https://github.com/ItsCyberAli/PowerMeUp
https://github.com/ItsCyberAli/PowerMeUp
👍1🔥1
NASim.pdf
1.7 MB
"Autonomous Penetration Testing using Reinforcement Learning"
Network Attack Simulator: https://github.com/Jjschwartz/NetworkAttackSimulator
Network Attack Simulator: https://github.com/Jjschwartz/NetworkAttackSimulator
👍2
x64 binary obfuscator that is able to obfuscate various different PE files including:
.exe
.dll
.sys
https://github.com/weak1337/Alcatraz
.exe
.dll
.sys
https://github.com/weak1337/Alcatraz
GitHub
GitHub - weak1337/Alcatraz: x64 binary obfuscator
x64 binary obfuscator. Contribute to weak1337/Alcatraz development by creating an account on GitHub.
The OWASSRF + TabShell exploit chain
https://blog.viettelcybersecurity.com/tabshell-owassrf
https://blog.viettelcybersecurity.com/tabshell-owassrf
OPWNAI: CYBERCRIMINALS STARTING TO USE CHATGPT
https://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt/
https://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt/
Check Point Research
OPWNAI : Cybercriminals Starting to Use ChatGPT - Check Point Research
Introduction At the end of November 2022, OpenAI released ChatGPT, the new interface for its Large Language Model (LLM), which instantly created a flurry of interest in AI and its possible uses. However, ChatGPT has also added some spice to the modern cyber…
👍1
Security Audit of Git:
CVE-2022-23521:
Truncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes
CVE-2022-41903:
Out of Bounds Memory Write in Log Formatting
https://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif
CVE-2022-23521:
Truncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes
CVE-2022-41903:
Out of Bounds Memory Write in Log Formatting
https://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif
X41 D-Sec - Penetration Tests and Source Code Audits
X41 Audited Git
X41 releases the audit report of Git
Way Into Creating a Polymorphic Malware using ChatGPT
https://www.cyberark.com/resources/threat-research-blog/chatting-our-way-into-creating-a-polymorphic-malware
https://www.cyberark.com/resources/threat-research-blog/chatting-our-way-into-creating-a-polymorphic-malware
Cyberark
Chatting Our Way Into Creating a Polymorphic Malware
Abstract ChatGPT took the world by storm being released less than two months ago, it has become prominent and is used everywhere, for a wide variety of tasks – from automation tasks to the...
👍1🥰1
A script to automate privilege escalation with CVE-2023-22809 vulnerability
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
GitHub
GitHub - n3m1sys/CVE-2023-22809-sudoedit-privesc: A script to automate privilege escalation with CVE-2023-22809 vulnerability
A script to automate privilege escalation with CVE-2023-22809 vulnerability - n3m1sys/CVE-2023-22809-sudoedit-privesc
qscan - Quick Network Scanner
https://github.com/0xor0ne/qscan
+ its companion command line tool qsc:
https://github.com/0xor0ne/qscan/tree/main/qsc
https://github.com/0xor0ne/qscan
+ its companion command line tool qsc:
https://github.com/0xor0ne/qscan/tree/main/qsc
GitHub
GitHub - 0xor0ne/qscan: Quick network scanner library. https://crates.io/crates/qscan
Quick network scanner library. https://crates.io/crates/qscan - 0xor0ne/qscan
LinWinPwn - Active Directory Vulnerability Scanner.
Scan with the help of impacket, bloodhound, crackmapexec, ldapdomaindump, lsassy, smbmap, kerbrute, adidnsdump, and more.
#AD #scan #windows
https://github.com/lefayjey/linWinPwn
Scan with the help of impacket, bloodhound, crackmapexec, ldapdomaindump, lsassy, smbmap, kerbrute, adidnsdump, and more.
#AD #scan #windows
https://github.com/lefayjey/linWinPwn
GitHub
GitHub - lefayjey/linWinPwn: linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools - lefayjey/linWinPwn
exploit.sh
1.1 KB
Script for automation of exploitation CVE-2023-22809 vulnerability to gain a root shell.
The script checks if the current user has access to run the sudoedit or sudo -e command for some file with root privileges. If it does it opens the sudoers file for the attacker to introduce the privilege escalation policy for the current user and get a root shell.
The script checks if the current user has access to run the sudoedit or sudo -e command for some file with root privileges. If it does it opens the sudoers file for the attacker to introduce the privilege escalation policy for the current user and get a root shell.