ROP Emporium - ret2win Buffer Overflow Challenge
https://ift.tt/NtyTMaJ
Submitted April 01, 2024 at 09:29AM by Accomplished-Mud1210
via reddit https://ift.tt/sNnzfpu
https://ift.tt/NtyTMaJ
Submitted April 01, 2024 at 09:29AM by Accomplished-Mud1210
via reddit https://ift.tt/sNnzfpu
RingBuffer's Blog
ROP Challenge – Exploiting ret2win Binary – RingBuffer's Blog
A detail guide on how to capture the flag using return oriented programming buffer overflow challenge on ROP Emporium.
What is Deception Technology? - Fidelis Security
https://ift.tt/wrWvsx8
Submitted April 01, 2024 at 12:11PM by cybergeekus
via reddit https://ift.tt/4SGkec3
https://ift.tt/wrWvsx8
Submitted April 01, 2024 at 12:11PM by cybergeekus
via reddit https://ift.tt/4SGkec3
Fidelis Security
What is Cyber Deception and Why Does an Organization Need It?| Fidelis Security
Discover what cyber deception is, how it works, and why organizations need it to detect, mislead, and stop attackers effectively.
Fine-tuning Semgrep for Ruby Security: Pundit and SQL injection
https://ift.tt/MmJn6Th
Submitted April 01, 2024 at 12:39PM by s0rcy
via reddit https://ift.tt/QonF83g
https://ift.tt/MmJn6Th
Submitted April 01, 2024 at 12:39PM by s0rcy
via reddit https://ift.tt/QonF83g
sorted unsorted thoughts
Fine-tuning Semgrep for Ruby Security: Pundit and SQL injection
In this blog post, we’ll go over the construction and tuning of a few Semgrep rules I created while looking at a Ruby on Rails application. Semgrep is a powerful code analysis tool, and while there are a fair number of community rules, the default rules don’t…
From OneNote to RansomNote: An Ice Cold Intrusion
https://ift.tt/qgrNwiz
Submitted April 01, 2024 at 05:21PM by TheDFIRReport
via reddit https://ift.tt/eYnZ8ly
https://ift.tt/qgrNwiz
Submitted April 01, 2024 at 05:21PM by TheDFIRReport
via reddit https://ift.tt/eYnZ8ly
The DFIR Report
From OneNote to RansomNote: An Ice Cold Intrusion
Key Takeaways In late February 2023, threat actors rode a wave of initial access using Microsoft OneNote files. In this case, we observed a threat actor deliver IcedID using this method. After load…
Last part of Lord Of The Ring0
https://ift.tt/z3NJK9o
Submitted April 01, 2024 at 07:06PM by Idov31
via reddit https://ift.tt/8cnNaED
https://ift.tt/z3NJK9o
Submitted April 01, 2024 at 07:06PM by Idov31
via reddit https://ift.tt/8cnNaED
Bypassing DOMPurify with good old XML
https://ift.tt/AOl4h2d
Submitted April 01, 2024 at 08:33PM by toyojuni
via reddit https://ift.tt/ZmU0cBh
https://ift.tt/AOl4h2d
Submitted April 01, 2024 at 08:33PM by toyojuni
via reddit https://ift.tt/ZmU0cBh
flatt.tech
Bypassing DOMPurify with good old XML
How I could bypass DOMPurify with XML
BGGP4: PleaseMom, QUANTUM, Rat?
https://remyhax.xyz/posts/bggp4-quantum-rat/
Submitted April 01, 2024 at 07:48PM by netsecfriends
via reddit https://ift.tt/xtelr7A
https://remyhax.xyz/posts/bggp4-quantum-rat/
Submitted April 01, 2024 at 07:48PM by netsecfriends
via reddit https://ift.tt/xtelr7A
remyhax.xyz
BGGP4: PleaseMom, QUANTUM, Rat?
For this last years Binary Golf Grand Prix the goal was to:
Create the smallest self-replicating file.
Requirements:
Create the smallest self-replicating file.
Requirements:
xz/liblzma Backdoor: Open Source Nuke? Maybe Not That Bad!
https://ift.tt/SbeW2Vw
Submitted April 01, 2024 at 11:03AM by hardenedvault
via reddit https://ift.tt/VILkAoa
https://ift.tt/SbeW2Vw
Submitted April 01, 2024 at 11:03AM by hardenedvault
via reddit https://ift.tt/VILkAoa
hardenedvault.net
xz/liblzma Backdoor: Open Source Nuke? Maybe Not That Bad!
xz/liblzma Backdoor: Open Source Nuke? Maybe Not That Bad! Story Background On March 29, 2024, a report exposing a backdoor in the upstream source code of the controversial open-source project, the xz software package, was made public on the oss-security…
How Complex Systems Fail
https://ift.tt/EeCyXij
Submitted April 01, 2024 at 07:39PM by Alexander_Selkirk
via reddit https://ift.tt/t8MJm9C
https://ift.tt/EeCyXij
Submitted April 01, 2024 at 07:39PM by Alexander_Selkirk
via reddit https://ift.tt/t8MJm9C
Xzbot: exploit demo for the xz backdoor (CVE-2024-3094)
https://ift.tt/wAJp7qK
Submitted April 01, 2024 at 10:21PM by netsec_burn
via reddit https://ift.tt/bQHZmpl
https://ift.tt/wAJp7qK
Submitted April 01, 2024 at 10:21PM by netsec_burn
via reddit https://ift.tt/bQHZmpl
GitHub
GitHub - amlweems/xzbot: notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) - amlweems/xzbot
NetScout - An OSINT tool I've been working on that finds domains, subdomains, directories and files based on a given URL
https://ift.tt/6QeYELO
Submitted April 02, 2024 at 12:38AM by lost_my_tech_account
via reddit https://ift.tt/uVPp4q0
https://ift.tt/6QeYELO
Submitted April 02, 2024 at 12:38AM by lost_my_tech_account
via reddit https://ift.tt/uVPp4q0
GitHub
GitHub - caio-ishikawa/netscout: OSINT tool that finds domains, subdomains, directories, endpoints and files for a given seed URL.
OSINT tool that finds domains, subdomains, directories, endpoints and files for a given seed URL. - caio-ishikawa/netscout
IBIS hotel check-in terminal keypad-code leakage
https://ift.tt/i5CwTtl
Submitted April 02, 2024 at 02:57PM by aunga
via reddit https://ift.tt/1wXH8gx
https://ift.tt/i5CwTtl
Submitted April 02, 2024 at 02:57PM by aunga
via reddit https://ift.tt/1wXH8gx
Pentagrid AG
IBIS hotel check-in terminal keypad-code leakage
An IBIS hotel check-in terminal leaked room door key codes of almost half of the rooms.
XZ-actly What You Need (CVE 2024-3094): Detecting Exploitation with Oligo
https://ift.tt/jazlEHs
Submitted April 02, 2024 at 11:21PM by cov_id19
via reddit https://ift.tt/wUBOgRn
https://ift.tt/jazlEHs
Submitted April 02, 2024 at 11:21PM by cov_id19
via reddit https://ift.tt/wUBOgRn
www.oligo.security
XZ-actly What You Need (CVE 2024-3094): Detecting Exploitation with Oligo | Oligo Security
See how Oligo ADR Detects Exploitation of CVE-2024-3094 (XZ backdoor in liblzma).
/r/netsec's Q2 2024 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted April 03, 2024 at 12:23AM by netsec_burn
via reddit https://ift.tt/ykG2YMK
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted April 03, 2024 at 12:23AM by netsec_burn
via reddit https://ift.tt/ykG2YMK
Adventures in Stegoland - Adventures with a stego shellcode loader
https://ift.tt/Pknq0wg
Submitted April 03, 2024 at 06:56AM by clod81
via reddit https://ift.tt/NoyVLiB
https://ift.tt/Pknq0wg
Submitted April 03, 2024 at 06:56AM by clod81
via reddit https://ift.tt/NoyVLiB
Tier Zero Security
Information Security Services. Offensive Security, Penetration Testing, Mobile and Application, Purple Team, Red Team
Attacking Active Directory Certificate Service Part 3
https://ift.tt/gcxSZEK
Submitted April 03, 2024 at 11:45AM by Accomplished-Mud1210
via reddit https://ift.tt/RpLvV1w
https://ift.tt/gcxSZEK
Submitted April 03, 2024 at 11:45AM by Accomplished-Mud1210
via reddit https://ift.tt/RpLvV1w
RingBuffer's Blog
Attacking AD Certificate Services – Part 3 – RingBuffer's Blog
Attacking Active Directory Certificate Service (ADCS) Part 3 focusing on performing the privilege escalation using vulnerable AD CS service in Windows Domain.
Attacking Active Directory Certificate Service Part 2
https://ift.tt/Hl6M9dO
Submitted April 03, 2024 at 11:45AM by Accomplished-Mud1210
via reddit https://ift.tt/Hz6xMgP
https://ift.tt/Hl6M9dO
Submitted April 03, 2024 at 11:45AM by Accomplished-Mud1210
via reddit https://ift.tt/Hz6xMgP
RingBuffer's Blog
Attacking AD Certificate Services – Part 2 – RingBuffer's Blog
Attacking Active Directory Certificate Service (ADCS) Part 2 - Focusing on uncovering some critical assets using certify and leveraging Windows Data Protection API
Attacking Active Directory Certificate Service Part 1
https://ift.tt/tSbHXjN
Submitted April 03, 2024 at 11:44AM by Accomplished-Mud1210
via reddit https://ift.tt/LKzg4mw
https://ift.tt/tSbHXjN
Submitted April 03, 2024 at 11:44AM by Accomplished-Mud1210
via reddit https://ift.tt/LKzg4mw
RingBuffer's Blog
Attacking AD Certificate Services – Part 1 – RingBuffer's Blog
This blog covers Enumerating the AD services and attacking AD CS in windows environment.
Persistence - DLL Proxy Loading
https://ift.tt/TcqohQz
Submitted April 03, 2024 at 01:23PM by netbiosX
via reddit https://ift.tt/5y8Fl9t
https://ift.tt/TcqohQz
Submitted April 03, 2024 at 01:23PM by netbiosX
via reddit https://ift.tt/5y8Fl9t
Penetration Testing Lab
Persistence – DLL Proxy Loading
DLL Proxy Loading is a technique which an arbitrary DLL exports the same functions as the legitimate DLL and forwards the calls to the legitimate DLL in an attempt to not disrupt the execution flow…
Kobold letters – Why HTML emails are a risk to your organization
https://ift.tt/SreE8O9
Submitted April 03, 2024 at 09:06PM by lutrasecurity
via reddit https://ift.tt/cP9BuMY
https://ift.tt/SreE8O9
Submitted April 03, 2024 at 09:06PM by lutrasecurity
via reddit https://ift.tt/cP9BuMY
Lutrasecurity
Kobold letters – Lutra Security
Anyone who has had to deal with HTML emails on a technical level has probably reached the point where they wanted to quit their job or just set fire to all the mail clients due to their inconsistent implementations. But HTML emails are not just a source of…
Showcasing Incinerator a Powerful Android Malware Reversing Tool
https://ift.tt/Nzu5tQK
Submitted April 03, 2024 at 09:44PM by WiseTuna
via reddit https://ift.tt/KkbGBeE
https://ift.tt/Nzu5tQK
Submitted April 03, 2024 at 09:44PM by WiseTuna
via reddit https://ift.tt/KkbGBeE
Boschko Security Blog
Incinerator: The Ultimate Android Malware Reversing Tool
Master Android malware reversal with ease using Incinerator, your trusted ally in the fight against threat actors for experts and novices alike.