CVE-2023-36745: Microsoft Exchange Server RCE
https://securityonline.info/microsoft-exchange-server-rce-cve-2023-36745-flaw-gets-poc-exploit/
PoC: https://github.com/N1k0la-T/CVE-2023-36745
https://securityonline.info/microsoft-exchange-server-rce-cve-2023-36745-flaw-gets-poc-exploit/
PoC: https://github.com/N1k0la-T/CVE-2023-36745
Daily CyberSecurity
Microsoft Exchange Server RCE (CVE-2023-36745) Flaw Gets PoC Exploit
Proof-of-concept (PoC) exploit code has been published for a Microsoft Exchange Server vulnerability tracked as CVE-2023-36745
Beginners Guide to Building a Hardware Hacking Lab
https://voidstarsec.com/hw-hacking-lab/vss-lab-guide
https://voidstarsec.com/hw-hacking-lab/vss-lab-guide
VoidStar Security Wiki
VSS Hardware Hacking Wiki and Blog Entries
🔥3
Secret Handshake A Mutual TLS Based C2 Communication Channel - John Conwell | CypherCon 6.0
https://www.youtube.com/watch?v=AOWFM-JhW3g&list=PLUC_sTnMl8NxZqs4b2Rt8VygLaquV5vY_
https://www.youtube.com/watch?v=AOWFM-JhW3g&list=PLUC_sTnMl8NxZqs4b2Rt8VygLaquV5vY_
YouTube
Secret Handshake A Mutual TLS Based C2 Communication Channel - John Conwell | CypherCon 6.0
(S6:E57) Secret Handshake A Mutual TLS Based C2 Communication Channel - John Conwell - CypherCon 6.0 - Wisconsin
Secret Handshake A Mutual TLS Based C2 Communication Channel
One of the goals of malware command & control (C2) communication is to blend into…
Secret Handshake A Mutual TLS Based C2 Communication Channel
One of the goals of malware command & control (C2) communication is to blend into…
Obfuscating native code for fun: Part 1 - Introduction
https://blog.es3n1n.eu/posts/obfuscator-pt-1/
https://github.com/es3n1n/obfuscator
https://blog.es3n1n.eu/posts/obfuscator-pt-1/
https://github.com/es3n1n/obfuscator
blog.es3n1n.eu
Obfuscating native code for fun: Part 1 - Introduction
In this series of posts, I will try to cover all the common knowledge you would need to create your PE bin2bin obfuscator. This year I saw a rise of interest in the topics of software obfuscation and deobfuscation, yet I didn’t see any new open-source projects…
Ghidra Basics - Identifying, Decoding and Fixing Encrypted Strings
https://embee-research.ghost.io/ghidra-basics-identifying-and-decoding-encrypted-strings/
https://embee-research.ghost.io/ghidra-basics-identifying-and-decoding-encrypted-strings/
Embee Research
How To Use Ghidra For Malware Analysis - Identifying, Decoding and Fixing Encrypted Strings
Manual identification, decryption and fixing of encrypted strings using Ghidra and x32dbg.
Bypassing UAC via COM component IARPUninstallStringLauncher
https://3gstudent.github.io/通过COM组件IARPUninstallStringLauncher绕过UAC
https://3gstudent.github.io/通过COM组件IARPUninstallStringLauncher绕过UAC
3gstudent-Blog
通过COM组件IARPUninstallStringLauncher绕过UAC
0x00 前言
Reverse engineering Android 2FA OTP application
https://marcoguerri.github.io/2023/09/09/android-home-banking.html
https://marcoguerri.github.io/2023/09/09/android-home-banking.html
marcoguerri
Reverse engineering Android 2FA OTP application
As part of my disaster recovery plan, I want to have offline backup of 2FA codes for online banking to generate OTPs without my phone in case of emergency. This required reverse engineering my bank’s Android OTP application, that I expected would reveal some…
Powershell Tips & Tricks(RTC0024)
https://redteamrecipe.com/powershell-tips-tricks/
https://redteamrecipe.com/powershell-tips-tricks/
ExpiredDomains.com
redteamrecipe.com is for sale! Check it out on ExpiredDomains.com
Buy redteamrecipe.com for 195 on GoDaddy via ExpiredDomains.com. This premium expired .com domain is ideal for establishing a strong online identity.
🔥3
👍4
Mapping Virtual to Physical Adresses Using Superfetch
https://www.outflank.nl/blog/2023/12/14/mapping-virtual-to-physical-adresses-using-superfetch/
https://www.outflank.nl/blog/2023/12/14/mapping-virtual-to-physical-adresses-using-superfetch/
pandora
A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers:
- Chromium
- 1Password
- Firefox
- Dashlane
- Keeper
- LastPass
- Roboform
- Bitwarden
- Norton
- Bitdefender
- Ironvest
- Passwarden
- Avira
- Passwordboss
https://github.com/efchatz/pandora
A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers:
- Chromium
- 1Password
- Firefox
- Dashlane
- Keeper
- LastPass
- Roboform
- Bitwarden
- Norton
- Bitdefender
- Ironvest
- Passwarden
- Avira
- Passwordboss
https://github.com/efchatz/pandora
GitHub
GitHub - efchatz/pandora: A red team tool that assists into extracting/dumping master credentials and/or entries from different…
A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers. - efchatz/pandora
🔥4
A useful resource containing information about all the CVEs that Microsoft patches in its monthly updates.
https://patchapalooza.com/
https://patchapalooza.com/
🔥3
AtlasLdr
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
https://github.com/Krypteria/AtlasLdr
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
https://github.com/Krypteria/AtlasLdr
GitHub
GitHub - Krypteria/AtlasLdr: Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls - Krypteria/AtlasLdr
🔥3
The art of subdomain monitoring
https://medium.com/@muhannadahmed042/the-art-of-subdomain-monitoring-da610a0f8031
https://medium.com/@muhannadahmed042/the-art-of-subdomain-monitoring-da610a0f8031
🔥4
SMTP Smuggling - Spoofing E-Mails Worldwide
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
SEC Consult
SMTP Smuggling - Spoofing E-Mails Worldwide
Introducing a novel technique for e-mail spoofing
✍3🔥2👍1👏1
By combining Frida with an enhanced version of Tenet, Frinet facilitates the study of large programs, vulnerability research and root-cause analysis on iOS, Android, Windows and most architectures.
https://www.synacktiv.com/publications/frinet-reverse-engineering-made-easier
https://www.synacktiv.com/publications/frinet-reverse-engineering-made-easier
Synacktiv
Frinet: reverse-engineering made easier
Ghidriff: Ghidra Binary Diffing Engine
https://clearbluejar.github.io/posts/ghidriff-ghidra-binary-diffing-engine/
https://clearbluejar.github.io/posts/ghidriff-ghidra-binary-diffing-engine/
clearbluejar
Ghidriff: Ghidra Binary Diffing Engine
As seen in most security blog posts today, binary diffing tools are essential for reverse engineering, vulnerability research, and malware analysis. Patch diffing is a technique widely used to identify changes across versions of binaries as related to security…