This blog will be a technical deep-dive into CyberArk credential files and how the credentials stored in these files are encrypted and decrypted. I discovered it was possible to reverse engineer the encryption and key generation algorithms and decrypt the…

Posted in r/netsec by u/antfigunio • 163 points and 6 comments

Background This weekend I was doing some HTB machines to prepare for the OSWE certification. One of the recommended machines was Writeup. This machine is vulnerable to CVE-2019-9053 which has a corresponding exploit on Exploit-DB.

First in a four part primer on Static Application Security Testing (SAST). This edition talks about what SAST is and why it's needed.

Posted by Titokhan - 164 votes and 0 comments

Scan installed EDRs and AVs on Windows. Contribute to FourCoreLabs/EDRHunt development by creating an account on GitHub.

keypair implements a lot of cryptographic primitives on its own or by borrowing from other libraries where possible, including node-forge. An issue was discovered where this library was generating identical RSA keys used in SSH. This would mean that the library…

The Mosque-Cathedral of Córdoba is a chronicle of

Keyboard Warrior, Breaking software is just finding unintended features, right?

Oh relational databases, that tired old relic of another age. Codd and friends were great in their time, but serious software engineers need to move on. People building Web Scale™ software You’ve probably heard a similar sentiment at some point. That relational…

Posted in r/netsec by u/ksr_malware • 33 points and 0 comments

In this tutorial, I will show you how to install MITMf in Kali Linux 2021 using a simple noscript I made to automate the whole installation process as well as

Not using GitHub Actions? You’re also vulnerable.

As mentioned in our previous post , Part II is a continuation of our research sparked by changes found in the revised Furbo 2.5T devices. This post specifically covers a command injection vulnerability (CVE-2021-32452) discovered in the HTTP server running…

How to deploy & configure Prometheus securely, including authentication and encryption capabilities. Real-world exposures discovered by the JFrog Security Research team

Posted in r/netsec by u/0xdea • 31 points and 2 comments

This article serves as a guide to building an osquery performance dashboard with Elasticsearch and Kibana. In an existing osquery deployment, you may already have some mechanism for shipping logs to…

Ready to use prioritized Threat Modeling requirements, to: Lead architecture design reviews with development and product management to incorporate

The Biden administration is requiring agencies to provide visibility into their endpoint detection and response efforts as part of the cybersecurity executive order.

Today, Google announced the Google Cybersecurity Action Team. Made up of experts from across the company, the Google Cybersecurity Action Team will be the world's premier security advisory team...