Media is too big
VIEW IN TELEGRAM
⭕️ حل چالش مهندسی معکوس اندروید با موبایل در مسابقات #RavinCTF
Android SecureNote-1 چالش
#Reverse #CTF #Android
@Engineer_Computer
Android SecureNote-1 چالش
#Reverse #CTF #Android
@Engineer_Computer
WINDOWS FORENSICS Cheat Sheet.pdf
11.6 MB
برگه تقلب فارنزیک ویندوز
این مستند ۶۸ صفحه ای ، تقریبا حوزه ویندوز فارنزیک را پوشش داده است . و میتواند بعنوان یک تمپلیت برای یادگیری فارنزیک سنز ۵۰۰ استفاده شود.
روش کار اینطور است که سرفصل مطلب را از این مستند مطالعه میفرمایید؛ اگر متوجه نشدید شروع میکنید در اینترنت یا متریال سنز ۵۰۰ در آن زمینه مطالعه میکنید .
فیلمهای یوتیوب در زمینه ای که اشکال دارید بسیار راهگشا است.
@Engineer_Computer
این مستند ۶۸ صفحه ای ، تقریبا حوزه ویندوز فارنزیک را پوشش داده است . و میتواند بعنوان یک تمپلیت برای یادگیری فارنزیک سنز ۵۰۰ استفاده شود.
روش کار اینطور است که سرفصل مطلب را از این مستند مطالعه میفرمایید؛ اگر متوجه نشدید شروع میکنید در اینترنت یا متریال سنز ۵۰۰ در آن زمینه مطالعه میکنید .
فیلمهای یوتیوب در زمینه ای که اشکال دارید بسیار راهگشا است.
@Engineer_Computer
⭕️ اگر با C2 معروف Cobalt Strike کار کرده باشید با Beacon Object File (BOF) ها آشنا هستید.BOF ای توسعه داده شده که جایگزینی برای دستورات Spawnas و Inject است که با دستور spawn_with [pid] [listener] از آن میتوان استفاده کرد.
حال به فرایند آن میپردازیم:
#RedTeam #Beacon #C2
@Engineer_Computer
حال به فرایند آن میپردازیم:
Obtain a handle to the target process.
Obtain a handle to the process' primary token.
Duplicate the primary token to an impersonation token.
Get the Beacon spawnto value.
Attempt to spawn a new process with the duplicated token using CreateProcessWithTokenW.
If this attempt fails, try CreateProcessAsUserW.
Inject the Beacon shellcode into the spawned process.
Link to the Beacon in the case of P2P.
#RedTeam #Beacon #C2
@Engineer_Computer
GitHub
GitHub - rasta-mouse/SpawnWith
Contribute to rasta-mouse/SpawnWith development by creating an account on GitHub.
Media is too big
VIEW IN TELEGRAM
⭕️ حل چالش مهندسی معکوس اندروید با موبایل در مسابقات #RavinCTF
Android SecureNote-2 چالش دوم
#reverse #Android #CTF
@Engineer_Computer
Android SecureNote-2 چالش دوم
#reverse #Android #CTF
@Engineer_Computer
تریاژ جدید از پلتفرم دیوار به مبلغ 50 میلیون 🔥🩶
آسیب پذیری ترکیب IDOR و عدم برسی سطح دسترسی رویه سامانه اصلی دیوار بود.
@Engineer_Computer
آسیب پذیری ترکیب IDOR و عدم برسی سطح دسترسی رویه سامانه اصلی دیوار بود.
@Engineer_Computer
🔥1
⚠️ Lazarus Group hackers found exploiting a Windows kernel zero-day vulnerability (CVE-2024-21338) weeks after a patch was released, allowing them to gain system-level control and disable security software on targeted systems.
Details here:
https://thehackernews.com/2024/02/lazarus-hackers-exploited-windows.html
Iranian hackers are using fake job offers to target Middle East industries, particularly in aerospace, aviation, and defense. The cyberattacks have been linked to threat group UNC1549, backed by Iran.
Learn more:
https://thehackernews.com/2024/02/iran-linked-unc1549-hackers-target.html
@Engineer_Computer
Details here:
https://thehackernews.com/2024/02/lazarus-hackers-exploited-windows.html
Iranian hackers are using fake job offers to target Middle East industries, particularly in aerospace, aviation, and defense. The cyberattacks have been linked to threat group UNC1549, backed by Iran.
Learn more:
https://thehackernews.com/2024/02/iran-linked-unc1549-hackers-target.html
@Engineer_Computer
AWS OSINT by Dorking
=Shodan Dorks
html:"AWS_ACCESS_KEY_ID"
html:"AWS_SECRET_ACCESS_KEY"
html:"AWS_SESSION_TOKEN"
noscript:"AWS S3 Explorer"
html:"AWS Elastic Beanstalk overview"
html:"OpenSearch Dashboards"
"X-Amz-Server-Side-Encryption"
noscript:"EC2 Instance Information"
http.noscript:"Amazon Cognito Developer Authentication Sample"
"Server: EC2ws"
noscript:"AWS X-Ray Sample Application"
html:"Amazon EC2 Status"
html:"AWS EC2 Auto Scaling Lab"
html:"istBucketResult"
=Search Engine Dorks
site:.s3.amazonaws.com "Company"
site:http://s3.amazonaws.com innoscript:index.of.bucket “”
site:s3.amazonaws.com "index of /" s3
site:amazonaws.com filetype:xls password
inurl:gitlab "AWS_SECRET_KEY"
inurl:pastebin "AWS_ACCESS_KEY"
inurl:s3.amazonaws.com innoscript:"AWS S3 Explorer"
=Github Dorks
Key:amazon_secret_access_key
amazonaws
aws_access
aws_access_key_id
aws_bucket aws_key
aws_secret
aws_secret_key
aws_token
bucket_password
bucketeer_aws_access_key_id
bucketeer_aws_secret_access_key
cache_s3_secret_key
cloud_watch_aws_access_key
filename:credentials
aws_access_key_id
filename:s3cfg
lottie_s3_api_key
lottie_s3_secret_key
rds.amazonaws.com password
s3_access_key
s3_access_key_id
s3_key s3_key_app_logs
s3_key_assets
s3_secret_key
sandbox_aws_access_key_id
sandbox_aws_secret_access_key
secret_key
eureka.aws
secretkey
filename:.bash_profile
aws
filename:.s3cfg
@Engineer_Computer
=Shodan Dorks
html:"AWS_ACCESS_KEY_ID"
html:"AWS_SECRET_ACCESS_KEY"
html:"AWS_SESSION_TOKEN"
noscript:"AWS S3 Explorer"
html:"AWS Elastic Beanstalk overview"
html:"OpenSearch Dashboards"
"X-Amz-Server-Side-Encryption"
noscript:"EC2 Instance Information"
http.noscript:"Amazon Cognito Developer Authentication Sample"
"Server: EC2ws"
noscript:"AWS X-Ray Sample Application"
html:"Amazon EC2 Status"
html:"AWS EC2 Auto Scaling Lab"
html:"istBucketResult"
=Search Engine Dorks
site:.s3.amazonaws.com "Company"
site:http://s3.amazonaws.com innoscript:index.of.bucket “”
site:s3.amazonaws.com "index of /" s3
site:amazonaws.com filetype:xls password
inurl:gitlab "AWS_SECRET_KEY"
inurl:pastebin "AWS_ACCESS_KEY"
inurl:s3.amazonaws.com innoscript:"AWS S3 Explorer"
=Github Dorks
Key:amazon_secret_access_key
amazonaws
aws_access
aws_access_key_id
aws_bucket aws_key
aws_secret
aws_secret_key
aws_token
bucket_password
bucketeer_aws_access_key_id
bucketeer_aws_secret_access_key
cache_s3_secret_key
cloud_watch_aws_access_key
filename:credentials
aws_access_key_id
filename:s3cfg
lottie_s3_api_key
lottie_s3_secret_key
rds.amazonaws.com password
s3_access_key
s3_access_key_id
s3_key s3_key_app_logs
s3_key_assets
s3_secret_key
sandbox_aws_access_key_id
sandbox_aws_secret_access_key
secret_key
eureka.aws
secretkey
filename:.bash_profile
aws
filename:.s3cfg
@Engineer_Computer
Amazon
Amazon S3 - Cloud Object Storage - AWS
Amazon S3 is cloud object storage with industry-leading scalability, data availability, security, and performance. S3 is ideal for data lakes, mobile applications, backup and restore, archival, IoT devices, ML, AI, and analytics.
گوگل (مندیانت )داره نیرو میگیره 🤔
https://www.google.com/about/careers/applications/jobs/results?q=Mandiant
پیشنیازهای پوزیشن ردتیم ببینید
https://www.google.com/about/careers/applications/jobs/results/102103935537291974-red-team-consultant-mandiant-google-cloud
@Engineer_Computer
https://www.google.com/about/careers/applications/jobs/results?q=Mandiant
پیشنیازهای پوزیشن ردتیم ببینید
https://www.google.com/about/careers/applications/jobs/results/102103935537291974-red-team-consultant-mandiant-google-cloud
@Engineer_Computer
Google
Search Jobs - Google Careers
Find your next job at Google — Careers at Google. Search by location, role, skills, and more.
خبر هک اپیک گیم بدون هیچ مستندی پخش شده است و فیک است🤔🤷
https://www.bleepingcomputer.com/news/security/epic-games-zero-evidence-we-were-hacked-by-mogilevich-gang/
@Engineer_Computer
https://www.bleepingcomputer.com/news/security/epic-games-zero-evidence-we-were-hacked-by-mogilevich-gang/
@Engineer_Computer
BleepingComputer
Epic Games: "Zero evidence" we were hacked by Mogilevich gang
Epic Games said they found zero evidence of a cyberattack or data theft after the Mogilevich extortion group claimed to have breached the company's servers.
Kali Linux 2024.1 Release (Micro Mirror)
نسخه جدید کالی منتشر شد
https://www.kali.org/blog/kali-linux-2024-1-release/
@Engineer_Computer
نسخه جدید کالی منتشر شد
https://www.kali.org/blog/kali-linux-2024-1-release/
@Engineer_Computer
Kali Linux
Kali Linux 2024.1 Release (Micro Mirror)
Hello 2024! Today we are unveiling Kali Linux 2024.1. As this is our the first release of the year, it does include new visual elements! Along with this we also have some exciting new mirrors to talk about, and of course some package changes - both new tools…
Windows Local Privilege Escalation Cookbook
https://github.com/nickvourd/Windows-Local-Privilege-Escalation-Cookbook
@Engineer_Computer
https://github.com/nickvourd/Windows-Local-Privilege-Escalation-Cookbook
@Engineer_Computer
GitHub
GitHub - nickvourd/Windows-Local-Privilege-Escalation-Cookbook: Windows Local Privilege Escalation Cookbook
Windows Local Privilege Escalation Cookbook. Contribute to nickvourd/Windows-Local-Privilege-Escalation-Cookbook development by creating an account on GitHub.