Pakistani hacking group Team Insane PK defaced Burger Singh's website and left a defacing message. The company responded by acknowledging the attack and expressing confidence they would overcome it.
@Engineer_Computer
@Engineer_Computer
A researcher has disclosed how he was able to access the personal identifiable information (PII) of potentially 185 million Indian citizens – and create counterfeit driving licenses to boot.
On February 20, student and cybersecurity researcher Robin Justin published a blog post containing the details of vulnerabilities impacting Sarathi Parivahan, the website for India’s Ministry of Road Transport and Highways.
The portal allows citizens to apply for a learner’s permit or driving license. Justin was attempting to apply for the latter when, within minutes, he stumbled upon endpoints with broken access controls and missing authorization checks.
@Engineer_Computer
On February 20, student and cybersecurity researcher Robin Justin published a blog post containing the details of vulnerabilities impacting Sarathi Parivahan, the website for India’s Ministry of Road Transport and Highways.
The portal allows citizens to apply for a learner’s permit or driving license. Justin was attempting to apply for the latter when, within minutes, he stumbled upon endpoints with broken access controls and missing authorization checks.
@Engineer_Computer
GenAI Emerges As Top Cybersecurity Threat For This Year, Says Report
GenAI is occupying significant headspace for security leaders as another challenge to manage but also offers an opportunity to harness its capabilities to augment security at an operational level.
@Engineer_Computer
GenAI is occupying significant headspace for security leaders as another challenge to manage but also offers an opportunity to harness its capabilities to augment security at an operational level.
@Engineer_Computer
AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details.
https://github.com/mrwadams/attackgen
@Engineer_Computer
https://github.com/mrwadams/attackgen
@Engineer_Computer
GitHub
GitHub - mrwadams/attackgen: AttackGen is a cybersecurity incident response testing tool that leverages the power of large language…
AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incid...
آیا پسورد شما هم لو رفته است ؟
در این سایت از این موضوع مطلع شوید
In February of 2021, the largest dataset of leaked credentials (emails, usernames, and passwords) named COMB (Combination Of Many Breaches) was leaked to the public. It was the largest data leak of all time, containing over 3.2 billion credentials combined across from various other data breaches over the years from services such as Netflix, LinkedIn and many others
https://www.proxynova.com/tools/comb/
ابزاری برای اتومات کردن جستجوها
https://github.com/JoelGMSec/LeakSearch
@Engineer_Computer
در این سایت از این موضوع مطلع شوید
In February of 2021, the largest dataset of leaked credentials (emails, usernames, and passwords) named COMB (Combination Of Many Breaches) was leaked to the public. It was the largest data leak of all time, containing over 3.2 billion credentials combined across from various other data breaches over the years from services such as Netflix, LinkedIn and many others
https://www.proxynova.com/tools/comb/
ابزاری برای اتومات کردن جستجوها
https://github.com/JoelGMSec/LeakSearch
@Engineer_Computer
ProxyNova
Search for leaked passwords inside the largest dataset of all time (Combination Of Many Breaches)
Find out if your email or password has been leaked to the public using this free tool that allows you to search across the largest data breaches ever leaked.
در بیش از ۱۰۰۰ رول الستیک جستجو انجام دهید
https://elastic.github.io/detection-rules-explorer/
@Engineer_Computer
https://elastic.github.io/detection-rules-explorer/
@Engineer_Computer
elastic.github.io
Elastic Detection Rules
Detection Rules is the home for rules used by Elastic Security.
در راستای مبانی تحلیل حافظه
آشنایی با ساختار OS
What _EPROCESS & Process Environment Block?
ماژولهای Volatility در تحلیل حافظه بر این ساختارهای سیستم عامل استوار هستند
این ساختار را در لینک زیر مطالعه کنیم
https://imphash.medium.com/windows-process-internals-a-few-concepts-to-know-before-jumping-on-memory-forensics-823d72d4d7b8
@Engineer_Computer
آشنایی با ساختار OS
What _EPROCESS & Process Environment Block?
ماژولهای Volatility در تحلیل حافظه بر این ساختارهای سیستم عامل استوار هستند
این ساختار را در لینک زیر مطالعه کنیم
https://imphash.medium.com/windows-process-internals-a-few-concepts-to-know-before-jumping-on-memory-forensics-823d72d4d7b8
@Engineer_Computer
Medium
Windows Process Internals : A few Concepts to know before jumping on Memory Forensics
I have been revising memory forensics lately and realized that there are very important concepts related to Windows Internals that need to…
⭕️ شرکت نرم افزاری چارگون که اتوماسیون اداری برای اکثر شرکتها و سازمانهای دولتی و دانشگاهی استفاده میشه هک شده و هشدار برای تمامی مشتری ها ارسال شده.
@Engineer_Computer
@Engineer_Computer
Media is too big
VIEW IN TELEGRAM
⭕️ حل چالش مهندسی معکوس اندروید با موبایل در مسابقات #RavinCTF
Android SecureNote-1 چالش
#Reverse #CTF #Android
@Engineer_Computer
Android SecureNote-1 چالش
#Reverse #CTF #Android
@Engineer_Computer
WINDOWS FORENSICS Cheat Sheet.pdf
11.6 MB
برگه تقلب فارنزیک ویندوز
این مستند ۶۸ صفحه ای ، تقریبا حوزه ویندوز فارنزیک را پوشش داده است . و میتواند بعنوان یک تمپلیت برای یادگیری فارنزیک سنز ۵۰۰ استفاده شود.
روش کار اینطور است که سرفصل مطلب را از این مستند مطالعه میفرمایید؛ اگر متوجه نشدید شروع میکنید در اینترنت یا متریال سنز ۵۰۰ در آن زمینه مطالعه میکنید .
فیلمهای یوتیوب در زمینه ای که اشکال دارید بسیار راهگشا است.
@Engineer_Computer
این مستند ۶۸ صفحه ای ، تقریبا حوزه ویندوز فارنزیک را پوشش داده است . و میتواند بعنوان یک تمپلیت برای یادگیری فارنزیک سنز ۵۰۰ استفاده شود.
روش کار اینطور است که سرفصل مطلب را از این مستند مطالعه میفرمایید؛ اگر متوجه نشدید شروع میکنید در اینترنت یا متریال سنز ۵۰۰ در آن زمینه مطالعه میکنید .
فیلمهای یوتیوب در زمینه ای که اشکال دارید بسیار راهگشا است.
@Engineer_Computer
⭕️ اگر با C2 معروف Cobalt Strike کار کرده باشید با Beacon Object File (BOF) ها آشنا هستید.BOF ای توسعه داده شده که جایگزینی برای دستورات Spawnas و Inject است که با دستور spawn_with [pid] [listener] از آن میتوان استفاده کرد.
حال به فرایند آن میپردازیم:
#RedTeam #Beacon #C2
@Engineer_Computer
حال به فرایند آن میپردازیم:
Obtain a handle to the target process.
Obtain a handle to the process' primary token.
Duplicate the primary token to an impersonation token.
Get the Beacon spawnto value.
Attempt to spawn a new process with the duplicated token using CreateProcessWithTokenW.
If this attempt fails, try CreateProcessAsUserW.
Inject the Beacon shellcode into the spawned process.
Link to the Beacon in the case of P2P.
#RedTeam #Beacon #C2
@Engineer_Computer
GitHub
GitHub - rasta-mouse/SpawnWith
Contribute to rasta-mouse/SpawnWith development by creating an account on GitHub.
Media is too big
VIEW IN TELEGRAM
⭕️ حل چالش مهندسی معکوس اندروید با موبایل در مسابقات #RavinCTF
Android SecureNote-2 چالش دوم
#reverse #Android #CTF
@Engineer_Computer
Android SecureNote-2 چالش دوم
#reverse #Android #CTF
@Engineer_Computer
تریاژ جدید از پلتفرم دیوار به مبلغ 50 میلیون 🔥🩶
آسیب پذیری ترکیب IDOR و عدم برسی سطح دسترسی رویه سامانه اصلی دیوار بود.
@Engineer_Computer
آسیب پذیری ترکیب IDOR و عدم برسی سطح دسترسی رویه سامانه اصلی دیوار بود.
@Engineer_Computer
🔥1
⚠️ Lazarus Group hackers found exploiting a Windows kernel zero-day vulnerability (CVE-2024-21338) weeks after a patch was released, allowing them to gain system-level control and disable security software on targeted systems.
Details here:
https://thehackernews.com/2024/02/lazarus-hackers-exploited-windows.html
Iranian hackers are using fake job offers to target Middle East industries, particularly in aerospace, aviation, and defense. The cyberattacks have been linked to threat group UNC1549, backed by Iran.
Learn more:
https://thehackernews.com/2024/02/iran-linked-unc1549-hackers-target.html
@Engineer_Computer
Details here:
https://thehackernews.com/2024/02/lazarus-hackers-exploited-windows.html
Iranian hackers are using fake job offers to target Middle East industries, particularly in aerospace, aviation, and defense. The cyberattacks have been linked to threat group UNC1549, backed by Iran.
Learn more:
https://thehackernews.com/2024/02/iran-linked-unc1549-hackers-target.html
@Engineer_Computer
AWS OSINT by Dorking
=Shodan Dorks
html:"AWS_ACCESS_KEY_ID"
html:"AWS_SECRET_ACCESS_KEY"
html:"AWS_SESSION_TOKEN"
noscript:"AWS S3 Explorer"
html:"AWS Elastic Beanstalk overview"
html:"OpenSearch Dashboards"
"X-Amz-Server-Side-Encryption"
noscript:"EC2 Instance Information"
http.noscript:"Amazon Cognito Developer Authentication Sample"
"Server: EC2ws"
noscript:"AWS X-Ray Sample Application"
html:"Amazon EC2 Status"
html:"AWS EC2 Auto Scaling Lab"
html:"istBucketResult"
=Search Engine Dorks
site:.s3.amazonaws.com "Company"
site:http://s3.amazonaws.com innoscript:index.of.bucket “”
site:s3.amazonaws.com "index of /" s3
site:amazonaws.com filetype:xls password
inurl:gitlab "AWS_SECRET_KEY"
inurl:pastebin "AWS_ACCESS_KEY"
inurl:s3.amazonaws.com innoscript:"AWS S3 Explorer"
=Github Dorks
Key:amazon_secret_access_key
amazonaws
aws_access
aws_access_key_id
aws_bucket aws_key
aws_secret
aws_secret_key
aws_token
bucket_password
bucketeer_aws_access_key_id
bucketeer_aws_secret_access_key
cache_s3_secret_key
cloud_watch_aws_access_key
filename:credentials
aws_access_key_id
filename:s3cfg
lottie_s3_api_key
lottie_s3_secret_key
rds.amazonaws.com password
s3_access_key
s3_access_key_id
s3_key s3_key_app_logs
s3_key_assets
s3_secret_key
sandbox_aws_access_key_id
sandbox_aws_secret_access_key
secret_key
eureka.aws
secretkey
filename:.bash_profile
aws
filename:.s3cfg
@Engineer_Computer
=Shodan Dorks
html:"AWS_ACCESS_KEY_ID"
html:"AWS_SECRET_ACCESS_KEY"
html:"AWS_SESSION_TOKEN"
noscript:"AWS S3 Explorer"
html:"AWS Elastic Beanstalk overview"
html:"OpenSearch Dashboards"
"X-Amz-Server-Side-Encryption"
noscript:"EC2 Instance Information"
http.noscript:"Amazon Cognito Developer Authentication Sample"
"Server: EC2ws"
noscript:"AWS X-Ray Sample Application"
html:"Amazon EC2 Status"
html:"AWS EC2 Auto Scaling Lab"
html:"istBucketResult"
=Search Engine Dorks
site:.s3.amazonaws.com "Company"
site:http://s3.amazonaws.com innoscript:index.of.bucket “”
site:s3.amazonaws.com "index of /" s3
site:amazonaws.com filetype:xls password
inurl:gitlab "AWS_SECRET_KEY"
inurl:pastebin "AWS_ACCESS_KEY"
inurl:s3.amazonaws.com innoscript:"AWS S3 Explorer"
=Github Dorks
Key:amazon_secret_access_key
amazonaws
aws_access
aws_access_key_id
aws_bucket aws_key
aws_secret
aws_secret_key
aws_token
bucket_password
bucketeer_aws_access_key_id
bucketeer_aws_secret_access_key
cache_s3_secret_key
cloud_watch_aws_access_key
filename:credentials
aws_access_key_id
filename:s3cfg
lottie_s3_api_key
lottie_s3_secret_key
rds.amazonaws.com password
s3_access_key
s3_access_key_id
s3_key s3_key_app_logs
s3_key_assets
s3_secret_key
sandbox_aws_access_key_id
sandbox_aws_secret_access_key
secret_key
eureka.aws
secretkey
filename:.bash_profile
aws
filename:.s3cfg
@Engineer_Computer
Amazon
Amazon S3 - Cloud Object Storage - AWS
Amazon S3 is cloud object storage with industry-leading scalability, data availability, security, and performance. S3 is ideal for data lakes, mobile applications, backup and restore, archival, IoT devices, ML, AI, and analytics.