Forwarded from Rayanfam (Sina)
Blog post about anti-anti-vm techniques 😊
https://rayanfam.com/topics/defeating-malware-anti-vm-techniques-cpuid-based-instructions/
https://rayanfam.com/topics/defeating-malware-anti-vm-techniques-cpuid-based-instructions/
Rayanfam Blog
Defeating malware’s Anti-VM techniques (CPUID-Based Instructions)
We write about Windows Internals, Hypervisors, Linux, and Networks.
New 'Lazy FP State Restore' Vulnerability Found in All Modern Intel CPUs
https://thehackernews.com/2018/06/intel-processor-vulnerability.html
https://thehackernews.com/2018/06/intel-processor-vulnerability.html
The Hacker News
New 'Lazy FP State Restore' Vulnerability Found in All Modern Intel CPUs
New 'Lazy FP State Restore' vulnerability (CVE-2018-3665) has been discovered in Sandy Bridge and newer Intel processors
Proposed Security Patch: Replacement of use of SHA-1 in the SRP Client Proof with SHA-256
http://tracker.firebirdsql.org/browse/CORE-5788
http://tracker.firebirdsql.org/browse/CORE-5788
Network Firewalls acts as a fortification to keep the internal corporate network secure. Many people often think as it is protecting a device from incoming traffic. Most outbound connections are insecure without egress traffic filtering. If Egress Traffic Filtering failed then attackers bypass firewall to command and control the external network Egress filter out traffic […]
The post EgressBuster – Compromise Victim via Command & Control using Firewall (https://gbhackers.com/bypass-firewall-command-control/) appeared first on GBHackers On Security (https://gbhackers.com/).
The post EgressBuster – Compromise Victim via Command & Control using Firewall (https://gbhackers.com/bypass-firewall-command-control/) appeared first on GBHackers On Security (https://gbhackers.com/).
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Bypass Firewall and permits command and control to the external network
Attackers can use these techniques to bypass Firewall collect and forward sensitive information from your network or to attack or spam other networks.
SleuthQL - Burp History Parsing Tool To Discover Potential SQL Injection Points
https://github.com/RhinoSecurityLabs/SleuthQL
https://github.com/RhinoSecurityLabs/SleuthQL
GitHub
GitHub - RhinoSecurityLabs/SleuthQL: Python3 Burp History parsing tool to discover potential SQL injection points. To be used in…
Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap. - RhinoSecurityLabs/SleuthQL
Forwarded from Mir Saman Tajbakhsh
OpSecX
Security Books
At OpSecX, we understand the importance of security education. We believe that books are great resources that provide detailed and in-depth knowledge on a topic and serves as a great reference material. If you are into books, then we recommend the following…
Ever had trouble searching for particular malware samples? This project is an analyst-friendly web GUI to look through your digital warehouse.
mquery can be used to search through terabytes of malware in a blink of an eye
https://github.com/CERT-Polska/mquery
mquery can be used to search through terabytes of malware in a blink of an eye
https://github.com/CERT-Polska/mquery
GitHub
GitHub - CERT-Polska/mquery: YARA malware query accelerator (web frontend)
YARA malware query accelerator (web frontend). Contribute to CERT-Polska/mquery development by creating an account on GitHub.