Leveraging AWS for Incident Response: Part 2
https://medium.com/faun/leveraging-aws-for-incident-response-part-2-bac66bfaf1a1
—————————————————————-
If you find information in this channel is useful, please consider to share this channel https://t.me/petruk_feed
https://medium.com/faun/leveraging-aws-for-incident-response-part-2-bac66bfaf1a1
—————————————————————-
If you find information in this channel is useful, please consider to share this channel https://t.me/petruk_feed
Medium
Leveraging AWS for Incident Response: Part 2
In my previous post (https://medium.com/@tstillz17/leveraging-aws-for-incident-response-part-1-2963bb31bc05) we covered how AWS resources…
Stanford Web Security Course
https://web.stanford.edu/class/cs253/
https://web.stanford.edu/class/cs253/
web.stanford.edu
CS253 - Web Security
Principles of web security. The fundamentals and state-of-the-art in web security. Attacks and countermeasures. Topics include: the browser security model, web app vulnerabilities, injection, denial-of-service, TLS attacks, privacy, fingerprinting, same-origin…
Salah satu anggota di komunitas lagi dapat ujian dari Tuhan, anak tersayangnya terkena meningitis-TB dan sekarang membutuhkan biaya untuk operasi kurang lebih 50juta.
Saya berharap kemurahan hati bagi yang membaca postingan ini, dipersilakan untuk membantu materi ataupun hanya doa terbaik.
Untuk penggalangan dana secara terkoordinir bisa ke beberapa rekening berikut:
Jenius cashtag: $petruknisme
BCA: PM saya pribadi untuk norek @petruknisme
Uang akan disumbangkan minggu ini.
https://kitabisa.com/campaign/banturenjana
Terima kasih sudah meluangkan waktunya untuk membaca pesan ini, sehat selalu, semoga Tuhan mengasihi.
Saya berharap kemurahan hati bagi yang membaca postingan ini, dipersilakan untuk membantu materi ataupun hanya doa terbaik.
Untuk penggalangan dana secara terkoordinir bisa ke beberapa rekening berikut:
Jenius cashtag: $petruknisme
BCA: PM saya pribadi untuk norek @petruknisme
Uang akan disumbangkan minggu ini.
https://kitabisa.com/campaign/banturenjana
Terima kasih sudah meluangkan waktunya untuk membaca pesan ini, sehat selalu, semoga Tuhan mengasihi.
Kitabisa.com
Bantu adik Renjana pulih dari sakitnya
Mohon bantuan doa dan donasinya untuk kesembuhan buah hati kami, Renjana
Petruknisme's Feed pinned «Salah satu anggota di komunitas lagi dapat ujian dari Tuhan, anak tersayangnya terkena meningitis-TB dan sekarang membutuhkan biaya untuk operasi kurang lebih 50juta. Saya berharap kemurahan hati bagi yang membaca postingan ini, dipersilakan untuk membantu…»
IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
https://github.com/OWASP/IoTGoat
https://github.com/OWASP/IoTGoat
GitHub
GitHub - OWASP/IoTGoat: IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals…
IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices. - OWASP/IoTGoat
Red Teamer’s Cookbook: BYOI (Bring Your Own Interpreter)
https://www.blackhillsinfosec.com/red-teamers-cookbook-byoi-bring-your-own-interpreter/
https://www.blackhillsinfosec.com/red-teamers-cookbook-byoi-bring-your-own-interpreter/
Black Hills Information Security
Red Teamer's Cookbook: BYOI (Bring Your Own Interpreter) - Black Hills Information Security
Marcello Salvati // This fairly lengthy blog post aims at providing Red Team Operators ideas on how to incorporate BYOI tradecraft into their own custom tooling and get those creative […]
A tool to dump Java serialization streams in a more human readable form.
https://github.com/NickstaDB/SerializationDumper
https://github.com/NickstaDB/SerializationDumper
GitHub
GitHub - NickstaDB/SerializationDumper: A tool to dump Java serialization streams in a more human readable form.
A tool to dump Java serialization streams in a more human readable form. - NickstaDB/SerializationDumper
Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project
https://github.com/GhostPack/Rubeus
https://github.com/GhostPack/Rubeus
GitHub
GitHub - GhostPack/Rubeus: Trying to tame the three-headed dog.
Trying to tame the three-headed dog. Contribute to GhostPack/Rubeus development by creating an account on GitHub.
jq is such a nifty tool that not nealry enough people know about. If you’re working with json data, even just small bits here and there, it’s worth knowing the basics to make some simple data manipulations possible.
https://0xdf.gitlab.io/2018/12/19/jq.html
https://0xdf.gitlab.io/2018/12/19/jq.html
0xdf hacks stuff
You Need To Know jq
jq is such a nifty tool that not nealry enough people know about. If you’re working with json data, even just small bits here and there, it’s worth knowing the basics to make some simple data manipulations possible. And if you want to become a full on jq…
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
https://github.com/sensepost/reGeorg
https://github.com/sensepost/reGeorg
GitHub
GitHub - sensepost/reGeorg: The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and…
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn. - sensepost/reGeorg
Mapping suppliers of Personal Protective Equipment (PPE) with Aleph and Maltego
https://www.maltego.com/blog/mapping-suppliers-of-personal-protective-equipment-ppe-with-aleph-and-maltego/
https://www.maltego.com/blog/mapping-suppliers-of-personal-protective-equipment-ppe-with-aleph-and-maltego/
Maltego
Mapping suppliers of Personal Protective Equipment (PPE) with Aleph and Maltego
In this article, we’ll walk through an investigation we conducted to find and map a network of suppliers of such PPE across Europe and other geographies, using a prototype integration of the OCCRP’s Aleph data platform.
Intro to Shellcode Analysis: Tools and Techniques
https://www.sans.org/webcasts/intro-shellcode-analysis-tools-techniques-113610
https://www.sans.org/webcasts/intro-shellcode-analysis-tools-techniques-113610
www.sans.org
Intro to Shellcode Analysis: Tools and Techniques - SANS Institute
Frequently in malware investigations, we come across shellcode used after exploiting a vulnerability or being injected into a process. In this webcast, we'll look at some of the tools and techniques the malware analyst can use to start investigating what…