Attacking Self-Hosted Skype for Business/Microsoft Lync Installations

https://www.trustedsec.com/2017/08/attacking-self-hosted-skype-businessmicrosoft-lync-installations/

Vehículos autónomos hackeados con falsas señales de tráfico

Cada día somos testigos de nuevos avances en la conducción autónoma de vehículos. Muchas empresas presentan prototipos y algunos incluso ya lo tienen en producción como Tesla autopilot. Estos vehículos son capaces de analizar el entorno que les rodea y de esa forma conducir por ellos mismos, sin intervención humana alguna.

http://www.elladodelmal.com/2017/08/vehiculos-autonomos-hackeados-con.html

Project Sonar - Mo' Data, Mo' Research

Since its inception, Rapid7's Project Sonar has aimed to share the data and knowledge we've gained from our Internet scanning and collection activities with the larger information security community. Over the years this has resulted in vulnerability disclosures, research papers, conference presentations, community collaboration and data. Lots and lots of data.


https://community.rapid7.com/community/infosec/blog/2017/05/09/sonar-mo-data-mo-research

Malware Analysis ElmersGlue Ransomware (another skid #ransomware with hardcoded key)

https://www.youtube.com/watch?v=x11AQ3iu8dI

How to C in 2016 matt.sh/howto-c

Reverse Engineering Malware 102 https://securedorg.github.io/RE102/

Así las cosas con el bitcoin en este momento 😬

1 #bitcoin = $67255.00 MXN

$3773.71 USD

1 USD = 17.82MXN

The radio frequency spectrum + machine learning = DARPA's new Radio Frequency Machine Learning Systems program

https://www.darpa.mil/news-events/2017-08-11a #iot

PyREBox - Python scriptable Reverse Engineering Sandbox

PyREBox is a Python scriptable Reverse Engineering sandbox. It is based on QEMU, and its goal is to aid reverse engineering by providing dynamic analysis and debugging capabilities from a different perspective. PyREBox allows to inspect a running QEMU VM, modify its memory or registers, and to instrument its execution, by creating simple scripts in python to automate any kind of analysis. QEMU (when working as a whole-system-emulator) emulates a complete system (CPU, memory, devices...). By using VMI techniques, it does not require to perform any modification into the guest operating system, as it transparently retrieves information from its memory at run-time.

https://github.com/Cisco-Talos/pyrebox

Official Black Hat Arsenal Tools Github Repository

This github account maps to the Black Hat Arsenal tools since its inception in 2011. For readibility, the tools are classified by category and not by session.



https://github.com/toolswatch/blackhat-arsenal-tools

Remote format string exploit in syslog() - bin 0x1E

Solving final1 from exploit-exercises.com with a format string vulnerability because of syslog().

https://www.youtube.com/watch?v=MBz5C9Wa6KM

Pafish - Tool to Detect Sandboxes and Analysis Environments in the Same Way as Malware Families Do

https://github.com/a0rtega/pafish

Here's a picture of @MalwareTechBlog and @marciahofmann before the hearing.

Descubrir la infraestructura interna de SAP con Metasploit
Un ERP (Enterprise Resource Planning) es un software de gestión utilizado por empresas para la mejor administración y el aprovechamiento más optimo de sus recursos. También persigue simplificar los procesos involucrados en las gestiones de las empresas. Están íntimamente ligados a los sistemas de producción, ya que por lo general, gestionan inventarios, pedidos, etcétera.

http://www.elladodelmal.com/2017/08/descubrir-la-infraestructura-interna-de.html

Facebook Uses Data from Onavo To Track Apps and Services Which People Use

http://www.iphonehacks.com/2017/08/facebook-uses-data-from-onavo-to-track-apps-services-people-use.html

Accidentally typo to bypass administration access.

https://c0rni3sm.blogspot.mx/2017/08/accidentally-typo-to-bypass.html

Releasing WinREPL, a "read-eval-print loop" shell for x86+x64 assembly on Windows. Great for playing with shellcode.

https://github.com/zerosum0x0/WinREPL

Computer Security and Privacy in DNA Sequencing

http://dnasec.cs.washington.edu/

Philip K. Dick