R-ES_State of the CIO_2023_NEWCIO.pdf
1 MB
State of the CIO 2023 sample slides
This year’s global study highlights the CIO’s increasing involvement with cybersecurity, as well as their initiatives to increase operational efficiency
State of the CIO 2023 sample slides
This year’s global study highlights the CIO’s increasing involvement with cybersecurity, as well as their initiatives to increase operational efficiency.
Security Priorities Study 2022 white paper
This white paper provides insight into the various security projects that organizations are currently focused on and will be prioritizing in the coming year so you can best build out your marketing plans.
https://resources.foundryco.com
@Engineer_Computer
This year’s global study highlights the CIO’s increasing involvement with cybersecurity, as well as their initiatives to increase operational efficiency
State of the CIO 2023 sample slides
This year’s global study highlights the CIO’s increasing involvement with cybersecurity, as well as their initiatives to increase operational efficiency.
Security Priorities Study 2022 white paper
This white paper provides insight into the various security projects that organizations are currently focused on and will be prioritizing in the coming year so you can best build out your marketing plans.
https://resources.foundryco.com
@Engineer_Computer
گفتار هاب یک هکر کلاه سفید از ۸ آسیب پذیری که پیدا و ثبت کرده است
https://m.youtube.com/watch?si=NKInsVokCAZhKx84&v=2VB4Zd5C8N8&feature=youtu.be
@Engineer_Computer
https://m.youtube.com/watch?si=NKInsVokCAZhKx84&v=2VB4Zd5C8N8&feature=youtu.be
@Engineer_Computer
YouTube
I Found 8 CVEs in 2 Weeks (And You Can Too!)
📚 Resources:
Enroll in my Courses (search for Tyler Ramsbey)
🔗 https://academy.simplycyber.io
Support me on Ko-Fi
🔗 https://ko-fi.com/tylerramsbey
Join Hack Smarter
🔗 https://hacksmarter.org/ Join the Hack Smarter community: https://hacksmarter.org
---…
Enroll in my Courses (search for Tyler Ramsbey)
🔗 https://academy.simplycyber.io
Support me on Ko-Fi
🔗 https://ko-fi.com/tylerramsbey
Join Hack Smarter
🔗 https://hacksmarter.org/ Join the Hack Smarter community: https://hacksmarter.org
---…
زنجیره ای از آسیب پذیریها برای هک آیفون
https://thehackernews.com/2023/12/most-sophisticated-iphone-hack-ever.html
@Engineer_Computer
https://thehackernews.com/2023/12/most-sophisticated-iphone-hack-ever.html
@Engineer_Computer
کشف کی لاگر ؛ در لینوکس
https://wazuh.com/blog/detecting-keyloggers-on-linux-endpoints/
@Engineer_Computer
https://wazuh.com/blog/detecting-keyloggers-on-linux-endpoints/
@Engineer_Computer
Wazuh
Detecting keyloggers (T1056.001) on Linux endpoints | Wazuh
This blog post focuses on detecting Indicators of Compromise (IoC) for keyloggers that utilize living-off-the-land (LOTL) techniques.
بررسی یک سناریوی نفوذ
سطح : متوسط
https://medium.com/@thismanera/indicators-blue-team-labs-investigations-9b89876979ca
@Engineer_Computer
سطح : متوسط
https://medium.com/@thismanera/indicators-blue-team-labs-investigations-9b89876979ca
@Engineer_Computer
نهفقط ویدئو؛
هر فایلی را من بعد در یوتیوب ذخیره کنید !!
https://github.com/DvorakDwarf/Infinite-Storage-Glitch
@Engineer_Computer
هر فایلی را من بعد در یوتیوب ذخیره کنید !!
https://github.com/DvorakDwarf/Infinite-Storage-Glitch
@Engineer_Computer
بد نیست به این مقایسه نگاهی بیاندازیم
دیتابیس KEV لیست آسیب پذیری هایی است که در جهان بیشتر از سایرین درحال اکسپلویت و سوء استفاده است . این لیست توسط سازمان CISA به روز میشود
@Engineer_Computer
دیتابیس KEV لیست آسیب پذیری هایی است که در جهان بیشتر از سایرین درحال اکسپلویت و سوء استفاده است . این لیست توسط سازمان CISA به روز میشود
@Engineer_Computer
مقایسه رمزنگاری چین با آمریکا
https://medium.com/asecuritysite-when-bob-met-alice/how-do-the-chinese-ciphers-compare-with-nist-standards-2b6f94c200bf
@Engineer_Computer
https://medium.com/asecuritysite-when-bob-met-alice/how-do-the-chinese-ciphers-compare-with-nist-standards-2b6f94c200bf
@Engineer_Computer
Medium
How Do The Chinese Ciphers Compare with NIST Standards?
And, so, NIST has defined AES as the standard for symmetric key encryption. But, NIST was pinpointed in possibly pushing a cipher with an…
داستانی از آلوده شدن به باج افزار و بازپس گیری داده ها با رمزگشایی آنها
https://securityscorecard.com/blog/when-hackers-get-hacked-a-cybersecurity-triumph/
@Engineer_Computer
https://securityscorecard.com/blog/when-hackers-get-hacked-a-cybersecurity-triumph/
@Engineer_Computer
ایده بگیریم : پله پله تا فریفتن
دور خوردن CrowdStrike
استقرار تیم آفنس در کنار تیم SOC برای یافتن راههای دورخوردن و اینکه SOC فهمید یا نه
https://medium.com/@komodoconsulting2022/bypassing-crowdstrike-in-an-enterprise-production-network-in-3-different-ways-50c8b6abca6e
@Engineer_Computer
دور خوردن CrowdStrike
استقرار تیم آفنس در کنار تیم SOC برای یافتن راههای دورخوردن و اینکه SOC فهمید یا نه
https://medium.com/@komodoconsulting2022/bypassing-crowdstrike-in-an-enterprise-production-network-in-3-different-ways-50c8b6abca6e
@Engineer_Computer
Advanced Windows Post-Exploitation.pdf
3.6 MB
تاختن در میانه ی سیستم عامل ویندوز
تخریب تا نهایت ممکن
سطح : پیشرفته
به راهکارهای مقابله در مراحل مختلف ؛ فکر کنید
@Engineer_Computer
تخریب تا نهایت ممکن
سطح : پیشرفته
به راهکارهای مقابله در مراحل مختلف ؛ فکر کنید
@Engineer_Computer
بعنوان یک امنیت چی ،
با لینوکس دوست باشیم
https://abarrak.gitbook.io/linux-sysops-handbook/
@Engineer_Computer
با لینوکس دوست باشیم
https://abarrak.gitbook.io/linux-sysops-handbook/
@Engineer_Computer
abarrak.gitbook.io
Linux SysOps Handbook
معماری امن سازمان
مقاله ای از ISACA
https://www.isaca.org/resources/isaca-journal/issues/2017/volume-4/enterprise-security-architecturea-top-down-approach
@Engineer_Computer
مقاله ای از ISACA
https://www.isaca.org/resources/isaca-journal/issues/2017/volume-4/enterprise-security-architecturea-top-down-approach
@Engineer_Computer
ISACA
2017 Volume 4 Enterprise Security ArchitectureA Top down Approach
Enterprise Security Architecture—A Top-down Approach. SABSA, COBIT and TOGAF & their relationships with security framework for enterprises.
https://blog.rsisecurity.com/enterprise-information-security-architecture-what-you-need-to-know/
@Engineer_Computer
@Engineer_Computer
RSI Security
Enterprise Information Security Architecture: What You Need To Know | RSI Security
Do you know how enterprise information security architecture can help protect your company's information? Find out everything you need to know here.
در بخشی از عملیات هک ؛ دستور whoami لازم است تا ببینی که هستی
اما
رولها در SOC و جرم شناسان بسیار به این کلمه حساس هستند لذا
راهکارهای جایگزین :
** واقعا خلاقیت چه ها که نمیکند!!
https://github.com/ricardojoserf/WhoamiAlternatives/
@Engineer_Computer
اما
رولها در SOC و جرم شناسان بسیار به این کلمه حساس هستند لذا
راهکارهای جایگزین :
** واقعا خلاقیت چه ها که نمیکند!!
https://github.com/ricardojoserf/WhoamiAlternatives/
@Engineer_Computer
GitHub
GitHub - ricardojoserf/WhoamiAlternatives: Different methods to get current username without using whoami
Different methods to get current username without using whoami - ricardojoserf/WhoamiAlternatives
⭕️Memory Patcher ای نوشته شده است که با استفاده از تکنیک API Hooking، تغییراتی در سیستم مورد نظر اعمال میکند. این ابزار ویژگیهای زیر را داراست:
#RedTeam #MalDev
@Engineer_Computer
1. Anti Debugging: Disables specific anti-debugging mechanisms to facilitate debugging in certain scenarios.
2. BSoD (Blue Screen of Death): Prevents or mitigates potential causes leading to system crashes or blue screen errors
3. BlockInput:Controls the system's input-blocking functionality to manage or bypass certain input restrictions.
4. FindWindow:Modifies the behavior of the FindWindow API function for specific use cases
#RedTeam #MalDev
@Engineer_Computer
GitHub
GitHub - idkhidden/winapipatcher: WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain…
WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment. - idkhidden/winapipatcher