GitHub - mrexodia/dumpulator: An easy-to-use library for emulating code in minidump files.
https://ift.tt/3p5fIf1
Submitted November 21, 2021 at 04:40AM by mrexodia
via reddit https://ift.tt/3oTa4wq
https://ift.tt/3p5fIf1
Submitted November 21, 2021 at 04:40AM by mrexodia
via reddit https://ift.tt/3oTa4wq
GitHub
GitHub - mrexodia/dumpulator: An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction…
An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing). - mrexodia/dumpulator
CVE-2021-41277 MetaBase Arbitrary File Read
https://ift.tt/3CA2vzd
Submitted November 21, 2021 at 06:44AM by 0x0021h
via reddit https://ift.tt/3DJXp5a
https://ift.tt/3CA2vzd
Submitted November 21, 2021 at 06:44AM by 0x0021h
via reddit https://ift.tt/3DJXp5a
Command/Code injection prevention for Python
https://ift.tt/30OBYRu
Submitted November 22, 2021 at 06:35AM by inkz1
via reddit https://ift.tt/3nD9X8u
https://ift.tt/30OBYRu
Submitted November 22, 2021 at 06:35AM by inkz1
via reddit https://ift.tt/3nD9X8u
semgrep.dev
Command injection prevention for Python | Semgrep
Command injection prevention cheat sheet for Python.
Picky PPID Spoofing
https://ift.tt/32h6bJP
Submitted November 22, 2021 at 09:41AM by CaptMeelo
via reddit https://ift.tt/2Zfyes8
https://ift.tt/32h6bJP
Submitted November 22, 2021 at 09:41AM by CaptMeelo
via reddit https://ift.tt/2Zfyes8
Hack.Learn.Share
Picky PPID Spoofing
Performing PPID Spoofing by targeting a parent process with a specific integrity level.
Quick WAF "paranoid" Doctor Evaluation (WAFPARAN01D3 Tool)
https://ift.tt/3DI6dZ1
Submitted November 22, 2021 at 02:55PM by alt3kx
via reddit https://ift.tt/30KYmvM
https://ift.tt/3DI6dZ1
Submitted November 22, 2021 at 02:55PM by alt3kx
via reddit https://ift.tt/30KYmvM
GitHub
GitHub - alt3kx/wafparan01d3: Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool
Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool - GitHub - alt3kx/wafparan01d3: Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool
Tor v2 Deprecation Shifts Darknet Landscape | DarkOwl
https://ift.tt/3cBw4pH
Submitted November 22, 2021 at 05:08PM by MiguelHzBz
via reddit https://ift.tt/3DL2Rob
https://ift.tt/3cBw4pH
Submitted November 22, 2021 at 05:08PM by MiguelHzBz
via reddit https://ift.tt/3DL2Rob
DarkOwl | Dark Web Search Engine
Tor v2 Deprecation Shifts Darknet Landscape | DarkOwl
Hear the latest from our engineers who have been tracking the progress of the Tor Project's v2 Onion Services deprecation timeline.
The UNIX malware landscape - Reviewing the goods at MALWAREbazaar
https://ift.tt/3oPhUXR
Submitted November 22, 2021 at 06:34PM by timb_machine
via reddit https://ift.tt/3cBYkbN
https://ift.tt/3oPhUXR
Submitted November 22, 2021 at 06:34PM by timb_machine
via reddit https://ift.tt/3cBYkbN
GitHub
presentations/The UNIX malware landscape - Reviewing the goods at MALWAREbazaar v5.pdf at master · CiscoCXSecurity/presentations
Presentations from the CX Security Labs team. Contribute to CiscoCXSecurity/presentations development by creating an account on GitHub.
Unlocking the Vault: Unauthenticated Remote Code Execution against CommVault Command Center
https://ift.tt/3HLxqN2
Submitted November 22, 2021 at 10:39PM by scopedsecurity
via reddit https://ift.tt/3xagB9E
https://ift.tt/3HLxqN2
Submitted November 22, 2021 at 10:39PM by scopedsecurity
via reddit https://ift.tt/3xagB9E
Godaddy hacked - including admin passwords for both WordPress sites hosted on the platform, as well as passwords for sFTPs, databases and SSL private keys.
https://ift.tt/3CCW3aN
Submitted November 22, 2021 at 10:11PM by digicat
via reddit https://ift.tt/30M8eFc
https://ift.tt/3CCW3aN
Submitted November 22, 2021 at 10:11PM by digicat
via reddit https://ift.tt/30M8eFc
reddit
Godaddy hacked - including admin passwords for both WordPress...
Posted in r/netsec by u/digicat • 2 points and 0 comments
Achieve RCE or lateral movement by abusing WSUS to perform NTLM relay attacks
https://ift.tt/3oJYGTm
Submitted November 23, 2021 at 07:56PM by obilodeau
via reddit https://ift.tt/3cDB3WU
https://ift.tt/3oJYGTm
Submitted November 23, 2021 at 07:56PM by obilodeau
via reddit https://ift.tt/3cDB3WU
GoSecure
GoSecure Investigates Abusing Windows Server Update Services (WSUS) to Enable NTLM Relaying Attacks - GoSecure
WSUS client automatically authenticates with NTLM as the current user or the machine account, allowing relay for remote code execution or lateral movement.
Black Friday Deals 2021 - Compiled from Github Repo
https://ift.tt/2Zh5crX
Submitted November 23, 2021 at 09:19PM by halencarjunior
via reddit https://ift.tt/30OX2aH
https://ift.tt/2Zh5crX
Submitted November 23, 2021 at 09:19PM by halencarjunior
via reddit https://ift.tt/30OX2aH
bt0’s Security Blog
Black Friday Infosec Deals
Black Friday Deals - 2021 Deals Repository
Web Fundamentals for Hackers YouTube Series release! With Hand Made Animations!
https://www.youtube.com/playlist?list=PLwnDE0CN30Q9x3JMsHrRMGoLhpF8vZ1ka
Submitted November 24, 2021 at 01:43AM by SecAura
via reddit https://ift.tt/3DOldEL
https://www.youtube.com/playlist?list=PLwnDE0CN30Q9x3JMsHrRMGoLhpF8vZ1ka
Submitted November 24, 2021 at 01:43AM by SecAura
via reddit https://ift.tt/3DOldEL
YouTube
Web Fundamentals for Cyber Security Series
A Web series dedicated to teaching Web fundamentals, for aspriring Web Hackers! In these series I hand produce animations and demos to teach real concepts th...
Full key extraction of NVIDIA™ TSEC
https://ift.tt/30QAEO2
Submitted November 24, 2021 at 06:26AM by Gallus
via reddit https://ift.tt/3nIQZ0s
https://ift.tt/30QAEO2
Submitted November 24, 2021 at 06:26AM by Gallus
via reddit https://ift.tt/3nIQZ0s
Reddit
r/netsec on Reddit: Full key extraction of NVIDIA™ TSEC
Posted by u/Gallus - 297 votes and 23 comments
OffensiveAutoIt - Offensive tooling notes and experiments in AutoIt v3
https://ift.tt/3CZcu1z
Submitted November 24, 2021 at 12:26PM by hanbei-undying
via reddit https://ift.tt/3cIviaE
https://ift.tt/3CZcu1z
Submitted November 24, 2021 at 12:26PM by hanbei-undying
via reddit https://ift.tt/3cIviaE
GitHub
GitHub - V1V1/OffensiveAutoIt: Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitnoscript.com/site/autoit/)
Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitnoscript.com/site/autoit/) - GitHub - V1V1/OffensiveAutoIt: Offensive tooling notes and experiments in AutoIt v3 (https://www.a...
Brida 0.5 released for Hack In Paris 2021
https://ift.tt/3xioREw
Submitted November 24, 2021 at 03:14PM by 0xdea
via reddit https://ift.tt/3cFyrIa
https://ift.tt/3xioREw
Submitted November 24, 2021 at 03:14PM by 0xdea
via reddit https://ift.tt/3cFyrIa
hn security
Brida 0.5 released for Hack In Paris 2021! - hn security
Hi! Last Friday my colleague Piergiovanni […]
Hunting for Persistence in Linux: Auditd, Sysmon, Osquery, and Webshells
https://ift.tt/3xghCwU
Submitted November 24, 2021 at 07:04PM by dashboard_monkey
via reddit https://ift.tt/3cHYfTV
https://ift.tt/3xghCwU
Submitted November 24, 2021 at 07:04PM by dashboard_monkey
via reddit https://ift.tt/3cHYfTV
pepe berba
Hunting for Persistence in Linux (Part 1): Auditd, Sysmon, Osquery (and Webshells)
An introduction to monitoring and logging in linux to look for persistence.
Voice recordings can reveal sensitive information based on a speaker’s voice and way of talking (geographical origin, health, personality, etc). Most people, including IT experts, are not aware of the detailed information that companies can infer from voice commands/messages/calls, new study warns.
https://ift.tt/3CJEPIO
Submitted November 24, 2021 at 07:59PM by alyss0122
via reddit https://ift.tt/3CQyOKx
https://ift.tt/3CJEPIO
Submitted November 24, 2021 at 07:59PM by alyss0122
via reddit https://ift.tt/3CQyOKx
Implementing SAML Authentication in Enterprise SaaS Applications
https://ift.tt/3r5N3Zz
Submitted November 24, 2021 at 07:53PM by bidrawrob
via reddit https://ift.tt/3nMEnp2
https://ift.tt/3r5N3Zz
Submitted November 24, 2021 at 07:53PM by bidrawrob
via reddit https://ift.tt/3nMEnp2
Frontegg
Implementing SAML Authentication in Enterprise SaaS Applications | Frontegg
Learn about the benefits of SAML, how SAML authentication works, SAML use cases, and how to implement SAML on the Cloud.
How to Detect Azure Active Directory Backdoors: Identity Federation
https://ift.tt/3oUFO4a
Submitted November 24, 2021 at 08:59PM by ksr_malware
via reddit https://ift.tt/3DOnEav
https://ift.tt/3oUFO4a
Submitted November 24, 2021 at 08:59PM by ksr_malware
via reddit https://ift.tt/3DOnEav
Inversecos
How to Detect Azure Active Directory Backdoors: Identity Federation
RT @sectalks: Join us. We all need one! #Sydney https://t.co/RtyXXo1o1i
https://ift.tt/3oYUejF
Submitted November 25, 2021 at 11:53AM by pi3ch
via reddit https://ift.tt/3HQpH04
https://ift.tt/3oYUejF
Submitted November 25, 2021 at 11:53AM by pi3ch
via reddit https://ift.tt/3HQpH04
Meetup
Login to Meetup | Meetup
Not a Meetup member yet? Log in and find groups that host online or in person events and meet people in your local community who share your interests.
Android APT spyware, targeting Middle East victims, enhances evasiveness
https://ift.tt/3HK9d9R
Submitted November 24, 2021 at 12:38AM by ksr_malware
via reddit https://ift.tt/3DR92at
https://ift.tt/3HK9d9R
Submitted November 24, 2021 at 12:38AM by ksr_malware
via reddit https://ift.tt/3DR92at
Sophos News
Android APT spyware, targeting Middle East victims, enhances evasiveness
The phone spyware has new features that confer resistance to takedowns or manual removal