exploit.education provides a variety of resources that can be used to learn about vulnerability analysis, exploit development, software debugging, binary analysis, and general cyber security issues.
@Engineer_Computer
http://exploit.education/
@Engineer_Computer
http://exploit.education/
شرحی بر نحوه نفوذ به MITRE و نحوه مدیریت آن
@Engineer_Computer
https://medium.com/mitre-engenuity/technical-deep-dive-understanding-the-anatomy-of-a-cyber-intrusion-080bddc679f3
@Engineer_Computer
https://medium.com/mitre-engenuity/technical-deep-dive-understanding-the-anatomy-of-a-cyber-intrusion-080bddc679f3
Medium
Technical Deep Dive: Understanding the Anatomy of a Cyber Intrusion
MITRE’s experiences detecting and responding to a nation-state cyber threat actor incident in our research and experimentation network
آنالیز تحلیلی یکی از کمپین های گروه هکری APT28
@Engineer_Computer
https://cert.pl/en/posts/2024/05/apt28-campaign/
@Engineer_Computer
https://cert.pl/en/posts/2024/05/apt28-campaign/
cert.pl
APT28 campaign targeting Polish government institutions
CERT Polska is observing a malicious e-mail campaign targeting Polish government institutions conducted by the APT28 group.
رویداد های لینوکس را بهتر تحلیل کنیم
@Engineer_Computer
https://www.socinvestigation.com/linux-event-logs-and-its-record-types-detect-respond/
@Engineer_Computer
https://www.socinvestigation.com/linux-event-logs-and-its-record-types-detect-respond/
Security Investigation - Be the first to investigate
Linux Event Logs and Its Record Types – Detect & Respond - Security Investigation
The word "auditing" is used in most technologies in a variety of contexts. As a SOC analyst, I hear the term "log auditing" at least a dozen times throughout a work shift. Mostly it will be related to Linux audit logs. The Linux Audit system is a useful feature…
⚡️ ای پی ای تشخیص وی پی ان و لوکیشن
میتوانید مشخصاتی از کاربر خود دریافت کنید .
https://api.ipapi.is
@Engineer_Computer
میتوانید مشخصاتی از کاربر خود دریافت کنید .
https://api.ipapi.is
@Engineer_Computer
🔥5👎1
هانت حرکت عرضی با SMB
@Engineer_Computer
https://bherunda.medium.com/hunting-detecting-smb-named-pipe-pivoting-lateral-movement-b4382bd1df4
@Engineer_Computer
https://bherunda.medium.com/hunting-detecting-smb-named-pipe-pivoting-lateral-movement-b4382bd1df4
Medium
Hunting & Detecting SMB Named Pipe Pivoting (Lateral Movement)
Hunting & Detecting SMB Named Pipe Pivoting (Lateral Movement) With SMB traffic being ubiquitous in enterprise networks, adversaries and Offensive Security Tools can abuse pivoting over SMB named …
دستوری با کاربرد فراوان
خیلی در تیم CERT به کار میاد
@Engineer_Computer
https://evotec-pl.cdn.ampproject.org/c/s/evotec.pl/the-only-powershell-command-you-will-ever-need-to-find-out-who-did-what-in-active-directory/amp/
خیلی در تیم CERT به کار میاد
@Engineer_Computer
https://evotec-pl.cdn.ampproject.org/c/s/evotec.pl/the-only-powershell-command-you-will-ever-need-to-find-out-who-did-what-in-active-directory/amp/
Evotec
The only PowerShell Command you will ever need to find out who did what in Active Directory - Evotec
While the noscript of this blog may be a bit exaggeration, the command I'm trying to show here does it's best to deliver on the promise. What you're about to witness here is something I've worked on for a while now, and it meets my basic needs. If you don't…
Forwarded from جادی | Jadi
نات کوین از امروز قراره قابل خرید و فروش باشه.
من گفته بودم اگر کسی پولی بذاره بخشیش به مخاطبین میرسه تا سرمایه گذار به پول بزرگتری برسه، الانم این اتفاق در جریانه.
معذرت میخوام از کسانی که به خاطر من کلیک نکردن (:
و همیشه از عقل خودتون استفاده کنین؛ حرف ها رو بشنوین و تصمیم بگیرین و اگر دنبال صفحه «چطوری زود/آسون/همگانی/زیاد پولدار بشیم» هستین؛ زودی منو آنفالو کنین (:
بازم ببخشید از نظر تند سریع.
و مهمتر از همه : اگر فکر می کنین یکی هست که همه چیز رو می دونه و باید پیداش کنین تا خوشبخت / پولدار / با سواد / شاد / آزاد /... بشین؛ خبر بدی براتون دارم: چنین آدمی نیست. فقط شمایین که باید بشنوین، بسنجین و تصمیم بگیرین.
بازم ببخشید (:
من گفته بودم اگر کسی پولی بذاره بخشیش به مخاطبین میرسه تا سرمایه گذار به پول بزرگتری برسه، الانم این اتفاق در جریانه.
معذرت میخوام از کسانی که به خاطر من کلیک نکردن (:
و همیشه از عقل خودتون استفاده کنین؛ حرف ها رو بشنوین و تصمیم بگیرین و اگر دنبال صفحه «چطوری زود/آسون/همگانی/زیاد پولدار بشیم» هستین؛ زودی منو آنفالو کنین (:
بازم ببخشید از نظر تند سریع.
و مهمتر از همه : اگر فکر می کنین یکی هست که همه چیز رو می دونه و باید پیداش کنین تا خوشبخت / پولدار / با سواد / شاد / آزاد /... بشین؛ خبر بدی براتون دارم: چنین آدمی نیست. فقط شمایین که باید بشنوین، بسنجین و تصمیم بگیرین.
بازم ببخشید (:
The xz package, starting from version 5.6.0 to 5.6.1, was found to contain a backdoor. The impact of this vulnerability affected Kali between March 26th to March 29th. If you updated your Kali installation on or after March 26th, it is crucial to apply the latest updates today.
https://www.helpnetsecurity.com/2024/03/29/cve-2024-3094-linux-backdoor/
@Engineer_Computer
https://www.helpnetsecurity.com/2024/03/29/cve-2024-3094-linux-backdoor/
@Engineer_Computer
Help Net Security
Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)
A vulnerability (CVE-2024-3094) in XZ Utils may enable a malicious actor to gain unauthorized access to Linux systems remotely.
first set of YARA rules to detect the backdoored XZ packages
report:
https://www.openwall.com/lists/oss-security/2024/03/29/4
rules:
https://github.com/Neo23x0/signature-base/blob/master/yara/bkdr_xz_util_cve_2024_3094.yar
@Engineer_Computer
report:
https://www.openwall.com/lists/oss-security/2024/03/29/4
rules:
https://github.com/Neo23x0/signature-base/blob/master/yara/bkdr_xz_util_cve_2024_3094.yar
@Engineer_Computer
GitHub
signature-base/yara/bkdr_xz_util_cve_2024_3094.yar at master · Neo23x0/signature-base
YARA signature and IOC database for my scanners and tools - Neo23x0/signature-base
https://attack.mitre.org/full-coverage.html
https://connections.swellgarfo.com/game/-NtwZSmJAjzng3eL9RH4
#foolApril's
@Engineer_Computer
https://connections.swellgarfo.com/game/-NtwZSmJAjzng3eL9RH4
#foolApril's
@Engineer_Computer
ATT&CK
100% MITRE Coverage
Can you get 100% MITRE Coverage? Test your skills and find out! Experience the matrix how it was never designed to be seen. Find out more here!
How APT groups operate in the Middle East
https://www.ptsecurity.com/ww-en/analytics/apt-groups-in-the-middle-east/
@Engineer_Computer
https://www.ptsecurity.com/ww-en/analytics/apt-groups-in-the-middle-east/
@Engineer_Computer
notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
https://github.com/amlweems/xzbot
@Engineer_Computer
https://github.com/amlweems/xzbot
@Engineer_Computer