Reverse engineering of Android Phoenix RAT
Analysis: https://cryptax.medium.com/reverse-engineering-of-android-phoenix-b59693c03bd3
Phoenix overview: https://cryptax.medium.com/android-phoenix-authors-claims-sample-identification-and-trends-f199cbc9901d
@Engineer_Computer
Analysis: https://cryptax.medium.com/reverse-engineering-of-android-phoenix-b59693c03bd3
Phoenix overview: https://cryptax.medium.com/android-phoenix-authors-claims-sample-identification-and-trends-f199cbc9901d
@Engineer_Computer
Medium
Reverse engineering of Android/Phoenix
Android/Phoenix is a malicious Remote Access Tool. Its main goal is to extensively spy on the victim’s phone (grab all screenshots, steal…
JSON Smuggling: A far-fetched intrusion detection evasion technique
https://grimminck.medium.com/json-smuggling-a-far-fetched-intrusion-detection-evasion-technique-51ed8f5ee05f
@Engineer_Computer
https://grimminck.medium.com/json-smuggling-a-far-fetched-intrusion-detection-evasion-technique-51ed8f5ee05f
@Engineer_Computer
Medium
JSON Smuggling: A far-fetched intrusion detection evasion technique
TL:DR Insignificant whitespaces in the JSON standard can be used to encode data without breaking the format. This could aid malicious…
Zero-Day (via CVE-2023-45866): Exploiting Zero-click Android Bluetooth vulnerability to inject keystrokes without pairing.
https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/
@Engineer_Computer
https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/
@Engineer_Computer
Mobile Hacker
Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing Mobile Hacker
[update 2024-02-19] This vulnerability can be even used to remotely wipe data of targeted Android smartphone. Using this vulnerability it is possible to guess user lock screen PIN. After five incorrect PINs device is locked out for 30 seconds. This operation…
Bypassing Wi-Fi Encryption by Manipulating Transmit Queues.
https://www.usenix.org/system/files/usenixsecurity23-schepers.pdf
@Engineer_Computer
https://www.usenix.org/system/files/usenixsecurity23-schepers.pdf
@Engineer_Computer
آخرین قربانی حملات SQL Injection و XSS
https://www.bleepingcomputer.com/news/security/hackers-steal-data-of-2-million-in-sql-injection-xss-attacks/
@Engineer_Computer
https://www.bleepingcomputer.com/news/security/hackers-steal-data-of-2-million-in-sql-injection-xss-attacks/
@Engineer_Computer
BleepingComputer
Hackers steal data of 2 million in SQL injection, XSS attacks
A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site noscripting (XSS) attacks.
رسیدگی کنید
در کاتالوگ KEV درج شده است
CVE-2023-29357
شیر پوینت
https://thehackernews.com/2024/01/act-now-cisa-flags-active-exploitation.html
@Engineer_Computer
در کاتالوگ KEV درج شده است
CVE-2023-29357
شیر پوینت
https://thehackernews.com/2024/01/act-now-cisa-flags-active-exploitation.html
@Engineer_Computer
🔖Extract domains from a list of subdomains or URLs. :
If you know a better way to extract domains from a list of subdomains, please comment below👇🏻
#BugBounty #BugBountyTools
— Share & Support Us —
@Engineer_Computer
cat subdomainslist.txt | while read line; do python -c "import tldextract;domain = tldextract.extract('$line');extracted=str(domain.domain)+'.'+str(domain.suffix);print(extracted) if domain.domain != '' and extracted[-1] != '.' else False"; doneIf you know a better way to extract domains from a list of subdomains, please comment below👇🏻
#BugBounty #BugBountyTools
— Share & Support Us —
@Engineer_Computer
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Three
https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873
@Engineer_Computer
https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873
@Engineer_Computer
Medium
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Three
Hellow world!
مطمئن شین که Outlook شما وصله شده!
هکرها میتونن از راه دور، رمزهای ورود به سیستم ویندوز 🔑 NTLM شما رو سرقت کنن
آسیب پذیری CVE-2023-35636 در قابلیت تقویم Outlook وجود داره که از طریق دعوتنامه هایی که بهطور خاص ساخته شدهن، راهاندازی میشه
جزئیات در اینجا: https://thehackernews.com/2024/01/researchers-uncover-outlook.html
#امنیت_سایبری #هک #آسیب_پذیری
#cybersecurity #hacking #vulnerability
@Engineer_Computer
هکرها میتونن از راه دور، رمزهای ورود به سیستم ویندوز 🔑 NTLM شما رو سرقت کنن
آسیب پذیری CVE-2023-35636 در قابلیت تقویم Outlook وجود داره که از طریق دعوتنامه هایی که بهطور خاص ساخته شدهن، راهاندازی میشه
جزئیات در اینجا: https://thehackernews.com/2024/01/researchers-uncover-outlook.html
#امنیت_سایبری #هک #آسیب_پذیری
#cybersecurity #hacking #vulnerability
@Engineer_Computer
🔍 موتورهای جستجو برای پنتسترها
🔍 Search Engine for Pentesters
#searchengine #pentester #cyber #hacking #cybersecurity
@Engineer_Computer
🔍 Search Engine for Pentesters
#searchengine #pentester #cyber #hacking #cybersecurity
@Engineer_Computer
👍1
بررسی محل هایی از رجیستری که بد افزارها برای لانچ خود در هنگام بوت سیستم استفاده میکنند.
یک کوئری اسپلانک برای نگاه به این محل ها را در لینک زیر میبینیم
https://research.splunk.com/endpoint/f5f6af30-7aa7-4295-bfe9-07fe87c01a4b/
@Engineer_Computer
یک کوئری اسپلانک برای نگاه به این محل ها را در لینک زیر میبینیم
https://research.splunk.com/endpoint/f5f6af30-7aa7-4295-bfe9-07fe87c01a4b/
@Engineer_Computer
Splunk Security Content
Detection: Registry Keys Used For Persistence
Updated Date: 2025-09-18 ID: f5f6af30-7aa7-4295-bfe9-07fe87c01a4b Author: Jose Hernandez, David Dorsey, Teoderick Contreras, Rod Soto, Splunk Type: TTP Product: Splunk Enterprise Security Denoscription The following analytic identifies modifications to registry…
a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it effectively useless if ran morethan 5 minutes the system freezes to death.
https://github.com/cpu0x00/EternelSuspention
@Engineer_Computer
https://github.com/cpu0x00/EternelSuspention
@Engineer_Computer
GitHub
GitHub - cpu0x00/EternelSuspention: a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making…
a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless - GitHub - cpu0x00/EternelSuspention: a simple poc showcasing the ability of an adm...
Disable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)
https://github.com/EvilGreys/Disable-Windows-Defender-
@Engineer_Computer
https://github.com/EvilGreys/Disable-Windows-Defender-
@Engineer_Computer