BlueHound - pinpoint the security issues that actually matter - GitHub - zeronetworks/BlueHound: BlueHound - pinpoint the security issues that actually matter

Learn how to quickly inventory, attack, and remediate network shares configured with excessive permissions assigned to SMB shares in Active Directory environments.

What is Reconnaissance in 'Hacking Terms'?

Cryptominers are one of the main cloud threats today. Detecting crypto miners is a complex task, but machine learning could help to develop a robust detection algorithm.

AWSGoat : A Damn Vulnerable AWS Infrastructure. Contribute to ine-labs/AWSGoat development by creating an account on GitHub.

The recent rise of HTTP Request Smuggling has seen a flood of critical findings enabling near-complete compromise of numerous major websites. However, the threat has been confined to attacker-accessib

A deep dive into an in-the-wild Android exploit Guest Post by Xingyu Jin, Android Security Research This is part one of a two-part guest...

Update History
Aug. 10, 2022
Adding clarifying details on activity involving active directory.
Aug. 10, 2022
Update made to the Cisco Response and Recommendations section related to MFA.

One of the most relevant techniques during the reconnaissance phase of an engagement is subdomain enumeration. This post aims to enhance this phase by including a special DNS node (ENT) and the NOERROR response code that is often ignored.

After months of dedicated research we cover a wide range of concealed code execution techniques and investigate their mechanisms and how to detect them.

A recently uncovered malware sample dubbed ‘Saitama’ was uncovered by security firm Malwarebytes in a weaponized document, possibly targeted towards the Jordan government. This Saitama implant uses DNS as its sole Command and Control channel and utilizes…

 &  (Microsoft Threat Intelligence Center) With special thanks to .   Microsoft’s threat intelligence teams are observing increasing use of password sprays as an attack vector. As sign-in protections have improved, the “low and slow” variant, has become more…

Fully dockerized Linux kernel debugging environment - GitHub - 0xricksanchez/like-dbg: Fully dockerized Linux kernel debugging environment

Claire Tills, senior research engineer at Tenable, describes the methods of the hacking group Lapsus$ as bold, illogical and poorly thought out. The criminals attacked renowned companies such as Microsoft, Samsung, Nvidia, Vodafone, Ubisoft and Okta. They…

How Wiz Research uncovered multiple related vulnerabilities in PostgreSQL-as-a-Service offerings from GCP, Azure, and others.

CLI utilities to facilate system monitoring and malware analysis.

VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies.

Blackhat 2022, on its 25th anniversary, took place this week in Las Vegas, and also in its virtual format.

Research By: Slava Makkaveev Introduction Have you ever wondered if it is safe to make payments from a mobile device? Can a malicious app steal money from your digital wallet? According to the latest statistics, the Far East and China accounted for two-thirds…

Our security research led to the discovery of a flaw in a popular Apache2 authentication module. We come back on this case of parsing differential and how various languages behave when working with URLs.