Use PowerShell to Find the History of USB Flash Drive Usage
https://blogs.technet.microsoft.com/heyscriptingguy/2012/05/18/use-powershell-to-find-the-history-of-usb-flash-drive-usage/
#windows
#ps
#enum
@sec_nerd_en
https://blogs.technet.microsoft.com/heyscriptingguy/2012/05/18/use-powershell-to-find-the-history-of-usb-flash-drive-usage/
#windows
#ps
#enum
@sec_nerd_en
Droidefense Engine
Advance Android Malware Analysis Framework
https://github.com/droidefense/engine
#android
#malware
@sec_nerd_en
Advance Android Malware Analysis Framework
https://github.com/droidefense/engine
#android
#malware
@sec_nerd_en
How does a #Bitcoin Transaction work? {Infographic}
#blockchain #fintech #BTC #CyberSecurity #DLT #innovation #cryptocurrency #infosec #disruption #Security #Crypto
@sec_nerd_en
#blockchain #fintech #BTC #CyberSecurity #DLT #innovation #cryptocurrency #infosec #disruption #Security #Crypto
@sec_nerd_en
https://www.malwaretech.com/2015/01/inline-hooking-for-programmers-part-2.html
#Windows_API_Hooking
#Malware
#PoC
#Windows_API_Hooking
#Malware
#PoC
Malwaretech
Inline Hooking for Programmers (Part 2: Writing a Hooking Engine)
We’ll be writing a hooking engine using trampoline based hooks as explained in the previous article (we don’t handle relative instructions as they’re very rare, but we do use atomic write operations to prevent race conditions).
First things first, we need…
First things first, we need…
IoT Pentesting 101 && IoT security 101
https://github.com/V33RU/IoTSecurity101
#iot
#pentest
#security
@sec_nerd_en
https://github.com/V33RU/IoTSecurity101
#iot
#pentest
#security
@sec_nerd_en
GitHub
GitHub - V33RU/awesome-connected-things-sec: A Curated list of Security Resources for all connected things
A Curated list of Security Resources for all connected things - V33RU/awesome-connected-things-sec
Poison Ivy Group and the Cyberespionage Campaign Against Chinese Military and Goverment
http://blogs.360.cn/post/APT_C_01_en.html
#apt
#china
@sec_nerd_en
http://blogs.360.cn/post/APT_C_01_en.html
#apt
#china
@sec_nerd_en
blogs.360.net
Poison Ivy Group and the Cyberespionage Campaign Against Chinese Military and Goverment
分享奇虎360公司的技术,与安全的互联网共同成长。
CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesigning bypass.
https://github.com/bazad/blanket
#ios
@sec_nerd_en
https://github.com/bazad/blanket
#ios
@sec_nerd_en
GitHub
GitHub - bazad/blanket: CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape,…
CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesigning bypass. - bazad/blanket
Windows Process Injection: PROPagate
https://modexp.wordpress.com/2018/08/23/process-injection-propagate/
#windows
#exploit
@sec_nerd_en
https://modexp.wordpress.com/2018/08/23/process-injection-propagate/
#windows
#exploit
@sec_nerd_en
modexp
Windows Process Injection: PROPagate
Introduction In October 2017, Adam at Hexacorn published details of a process injection technique called PROPagate. In his post, he describes how any process that uses subclassed windows has the po…
Forwarded from vulners
Researcher Discloses New Zero-Day Affecting All Versions of Windows
A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-days deadline.
Discovered by Lucas Leong of the Trend Micro Security Research team, the zero-day vulnerability resides in Microsoft Jet Database Engine that could allow an attacker to remotely execute malicious code on any vulnerable Windows computer.
The Microsoft JET Database Engine, or simply JET (Joint Engine Technology), is a database engine integrated within several Microsoft products, including Microsoft Access and Visual Basic.
An attacker must convince a targeted user into opening a specially crafted JET database file in order to exploit this vulnerability and remotely execute malicious code on a targeted vulnerable Windows computer.
Read More
ZDI Advisory
ActiveX Browser PoC
A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-days deadline.
Discovered by Lucas Leong of the Trend Micro Security Research team, the zero-day vulnerability resides in Microsoft Jet Database Engine that could allow an attacker to remotely execute malicious code on any vulnerable Windows computer.
The Microsoft JET Database Engine, or simply JET (Joint Engine Technology), is a database engine integrated within several Microsoft products, including Microsoft Access and Visual Basic.
An attacker must convince a targeted user into opening a specially crafted JET database file in order to exploit this vulnerability and remotely execute malicious code on a targeted vulnerable Windows computer.
Read More
ZDI Advisory
ActiveX Browser PoC
cloudflare bypass material
https://blog.christophetd.fr/bypassing-cloudflare-using-internet-wide-scan-data/
http://www.chokepoint.net/2017/10/exposing-server-ips-behind-cloudflare.html
http://www.securityidiots.com/Web-Pentest/Information-Gathering/Cloudflare-Bypass/Part-2-Cloudflare-Security-Bypass.html
https://medium.com/secure-hacker/bypass-cloudflare-protection-get-subdomains-ofa-website-2cb1d749c510
#web
#pentest
#bypass
#sqli
#xss
@sec_nerd_en
https://blog.christophetd.fr/bypassing-cloudflare-using-internet-wide-scan-data/
http://www.chokepoint.net/2017/10/exposing-server-ips-behind-cloudflare.html
http://www.securityidiots.com/Web-Pentest/Information-Gathering/Cloudflare-Bypass/Part-2-Cloudflare-Security-Bypass.html
https://medium.com/secure-hacker/bypass-cloudflare-protection-get-subdomains-ofa-website-2cb1d749c510
#web
#pentest
#bypass
#sqli
#xss
@sec_nerd_en
Christophe Tafani-Dereeper
CloudFlair: Bypassing Cloudflare using Internet-wide scan data - Christophe Tafani-Dereeper
Cloudflare is a service that acts as a middleman between a website and its end users, protecting it from various attacks. Unfortunately, those websites are often poorly configured, allowing an attacker to entirely bypass Cloudflare and run DDoS attacks or…
Attack Methods for Gaining Domain Admin Rights in Active Directory
https://adsecurity.org/?p=2362
#windows
#ad
@sec_nerd_en
https://adsecurity.org/?p=2362
#windows
#ad
@sec_nerd_en
Playing with CloudGoat part 1: hacking AWS EC2 service for privilege escalation
https://medium.com/@rzepsky/playing-with-cloudgoat-part-1-hacking-aws-ec2-service-for-privilege-escalation-4c42cc83f9da
#amazon
#aws
@sec_nerd_en
https://medium.com/@rzepsky/playing-with-cloudgoat-part-1-hacking-aws-ec2-service-for-privilege-escalation-4c42cc83f9da
#amazon
#aws
@sec_nerd_en
Medium
Playing with CloudGoat part 1: hacking AWS EC2 service for privilege escalation
This post is a beginning of “Playing with CloudGoat” series focused on hacking misconfigurations in AWS services. While today I’ll be…