Hacking the Oce Colorwave printer: when a quick security assessment determines the success of a Red Team exercise.
Back in September 2019, as Red Timmy Security group, we have been involved in a Red Team exercise. We had to simulate the scenario of a malicious insider plugging a Raspberry Pi device in to the network to potentially use as a C&C, and to check how much time the guys monitoring the environment would have spent to detect it. Furthermore, the place where to hide our device had to be tricky enough to spot, with the aim to pour a pinch of extra pepper on the challenge against the blue team.
https://www.redtimmy.com/tag/csrf/
Back in September 2019, as Red Timmy Security group, we have been involved in a Red Team exercise. We had to simulate the scenario of a malicious insider plugging a Raspberry Pi device in to the network to potentially use as a C&C, and to check how much time the guys monitoring the environment would have spent to detect it. Furthermore, the place where to hide our device had to be tricky enough to spot, with the aim to pour a pinch of extra pepper on the challenge against the blue team.
https://www.redtimmy.com/tag/csrf/
Red Timmy Security
CSRF Archives - Red Timmy Security
Forwarded from w0rk3r's Blue team Library (Jonhnathan Jonhnathan Jonhnathan)
Quickpost: Decrypting Cobalt Strike Traffic
https://blog.didierstevens.com/2021/04/26/quickpost-decrypting-cobalt-strike-traffic
@BlueTeamLibrary
https://blog.didierstevens.com/2021/04/26/quickpost-decrypting-cobalt-strike-traffic
@BlueTeamLibrary
Didier Stevens
Quickpost: Decrypting Cobalt Strike Traffic
I have been looking at several samples of Cobalt Strike beacons used in malware attacks. Although work is still ongoing, I already want to share my findings. Cobalt Strike beacons communicating ove…
Forwarded from DARKNET BR
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from DARKNET BR
Digital-Exhaust-Opt-Out-Guide-for-Law-Enforcement.pdf
15.1 MB
Forwarded from w0rk3r's Windows Hacking Library (Jonhnathan Jonhnathan Jonhnathan)
Test tool: https://github.com/SecuraBV/CVE-2020-1472
PoC: https://github.com/dirkjanm/CVE-2020-1472
@WindowsHackingLibrary
PoC: https://github.com/dirkjanm/CVE-2020-1472
@WindowsHackingLibrary
GitHub
GitHub - SecuraBV/CVE-2020-1472: Test tool for CVE-2020-1472
Test tool for CVE-2020-1472. Contribute to SecuraBV/CVE-2020-1472 development by creating an account on GitHub.
How to use ffuf - Hacker Toolbox
ffuf is quickly becoming a key tool for bug bounty hunters, but how do you use it? In this video I start at the basics showing some really neat features of ffuf and how you can use some simple one-liners to do rather complex fuzzing!
https://youtu.be/aN3Nayvd7FU
ffuf is quickly becoming a key tool for bug bounty hunters, but how do you use it? In this video I start at the basics showing some really neat features of ffuf and how you can use some simple one-liners to do rather complex fuzzing!
https://youtu.be/aN3Nayvd7FU
YouTube
How to use ffuf - Hacker Toolbox
ffuf is quickly becoming a key tool for bug bounty hunters, but how do you use it? In this video I start at the basics showing some really neat features of ffuf and how you can use some simple one-liners to do rather complex fuzzing!
Did you know this episode…
Did you know this episode…
Who, What, Where, When, Wordlist by @TomNomNom #NahamCon2020
00:25 what is a wordlist ? its a list of words, used for guessing things instead 01:04 WHY are they useful ? 02:21 WHERE, subdomain enumeration 02:41 path guessing, ffuf 02:49 authentication guessing, kind of the oldest use case username and passwords 02:57 API, RPC 03:17 headers 03:35 Pre-baked lists 04:49 what's the problem with those wordlists 06:25 custom wordlist 07:28 manually curated list 08:17 target-specific lists 09:36 Getting path data 12:08 google dorking 12:56 webpaste 15:28 i just show a little bit of the configuration of this webpaste extension 18:55 processing path data, unfurl 20:37 sed, extract all the parts 22:45 Using the list, ffuf is good, burp intruder, meg, concurl 24:50 finding words unique to a target 26:35 tokenizing
https://youtu.be/W4_QCSIujQ4
00:25 what is a wordlist ? its a list of words, used for guessing things instead 01:04 WHY are they useful ? 02:21 WHERE, subdomain enumeration 02:41 path guessing, ffuf 02:49 authentication guessing, kind of the oldest use case username and passwords 02:57 API, RPC 03:17 headers 03:35 Pre-baked lists 04:49 what's the problem with those wordlists 06:25 custom wordlist 07:28 manually curated list 08:17 target-specific lists 09:36 Getting path data 12:08 google dorking 12:56 webpaste 15:28 i just show a little bit of the configuration of this webpaste extension 18:55 processing path data, unfurl 20:37 sed, extract all the parts 22:45 Using the list, ffuf is good, burp intruder, meg, concurl 24:50 finding words unique to a target 26:35 tokenizing
https://youtu.be/W4_QCSIujQ4
YouTube
Who, What, Where, When, Wordlist by @TomNomNom #NahamCon2020
Live Every Tuesday, Saturday and Sunday on Twitch:
https://twitch.tv/nahamsec
Slides:
https://tomnomnom.com/talks/wwwww.pdf
Follow me on social media:
https://twitter.com/nahamsec
https://instagram.com/nahamsec
https://twitch.com/nahamsec
https://hacke…
https://twitch.tv/nahamsec
Slides:
https://tomnomnom.com/talks/wwwww.pdf
Follow me on social media:
https://twitter.com/nahamsec
https://instagram.com/nahamsec
https://twitch.com/nahamsec
https://hacke…