Here is a blog post showing some example uses of the tool I recently wrote, JTB Investigator. I added a lot of functionality since I posted the tool on here thanks to help from the awesome community. Check it out!
https://ift.tt/2Sb3Qqs

Submitted October 23, 2018 at 10:05AM by jbob133
via reddit https://ift.tt/2PeOUc8

RCE Cornucopia - AppSec USA 2018 CTF Writeup and Challenge Download
https://ift.tt/2NYLBRM

Submitted October 23, 2018 at 09:09AM by Dejanz
via reddit https://ift.tt/2OG5QZv

Step by step guide to integrate opensource container security scanner (Anchore engine) with Jenkins
https://ift.tt/2PLRNOM

Submitted October 23, 2018 at 02:16PM by tahmed11
via reddit https://ift.tt/2PNviJ5

I wrote a few short blog posts about T-pot, a multi-honeypot platform and the data i got from three honeypots in different parts of the world.
https://ift.tt/2NXpo6t

Submitted October 23, 2018 at 03:22PM by nexxic
via reddit https://ift.tt/2ApRsfr

The MSRD3X40 patch debacle
https://ift.tt/2Pqfo7b

Submitted October 23, 2018 at 05:10PM by yuhong
via reddit https://ift.tt/2S93v7L

A Loophole in the Firewall
https://ift.tt/2R7rwul

Submitted October 23, 2018 at 08:13PM by cyberpunkych
via reddit https://ift.tt/2PoKZtz

Amazon S3: How an ISP Exposed Administrative System Credentials
https://ift.tt/2CxVEuY

Submitted October 24, 2018 at 01:05AM by 33c3wegwerf
via reddit https://ift.tt/2yqYb7i

DEFCON 26 Talk Recordings are now up!
https://www.youtube.com/playlist?list=PL9fPq3eQfaaD0cf5c7wkzMoj2kifzGO4U

Submitted October 23, 2018 at 08:10PM by thel3l
via reddit https://ift.tt/2PPapND

OSINT WITH RECON-NG
https://ift.tt/2JgK5d2

Submitted October 24, 2018 at 01:34AM by ka1nsha
via reddit https://ift.tt/2D0iFHU

jQuery-File-Upload <= 9.x Remote Code Execution (ImageMagick/Ghostnoscript)
https://ift.tt/2D05W85

Submitted October 24, 2018 at 11:17AM by Ambulong
via reddit https://ift.tt/2PhlcTS

Embedding Meterpreter in Android APK
https://ift.tt/2ykIxKR

Submitted October 24, 2018 at 01:10PM by CyberBullets
via reddit https://ift.tt/2R66LPI

FreeRTOS TCP/IP Stack Vulnerabilities Put A Wide Range of Devices at Risk of Compromise
https://ift.tt/2yNlpnB

Submitted October 24, 2018 at 02:44PM by IamNullByte
via reddit https://ift.tt/2OJPQWG

Multiple 0days used by Magecart
https://ift.tt/2q6EnS5

Submitted October 24, 2018 at 03:01PM by dtdn
via reddit https://ift.tt/2EECzty

Command and Control via DNS over HTTPS (DoH) for Cobalt Strike
https://ift.tt/2EEbIhm

Submitted October 24, 2018 at 06:59PM by ratfmuser
via reddit https://ift.tt/2EF2Urq

HoneyProcs: Going beyond honeyfiles for Deception on Endpoints
Deploying detection solutions on an endpoint host comes with constraints - limited availability of CPU, memory, disk and other resources, stability constraints, policy adherence and restrictions, the need to be non-intrusive to the user, the host OS and other applications on the host.In response to this, we present HoneyProcs, a new deception methodology (patent pending) and an all user space method that extends existing deception honeypot technology on endpoint hosts. HoneyProcs complements existing deception technology by using forged, controlled decoy processes to catch info stealers, Banking Trojans, rootkits and other generic malware, and it does so by exploiting a common trait exhibited by these malwares - code injection.By limiting its inspection footprint to only these decoy processes, HoneyProcs effectively addresses efficacy and performance concerns that otherwise constrain endpoint deployments.  Throughout this article, we further explain how the reduced and targeted inspection footprint can be leveraged to turn HoneyProcs into an intelligence gathering toolkit that can be used to write automated signatures for other antivirus and detection solutions to remediate infections on the system.​https://forums.juniper.net/t5/Threat-Research/HoneyProcs-Going-Beyond-Honeyfiles-for-Deception-on-Endpoints/ba-p/385830

Submitted October 24, 2018 at 03:28PM by anoopsaldanha
via reddit https://ift.tt/2yZ0A8U

PhishAPI Tool - Rapid Deployment of Fake Sites and Maldocs with Notifications!
https://ift.tt/2ECXddE

Submitted October 24, 2018 at 11:49AM by IndySecMan
via reddit https://ift.tt/2ScoyWS

Reverse Engineering ESP8266 Firmware (Part 1)
https://ift.tt/2PgAnNa

Submitted October 24, 2018 at 05:22PM by BoredPentester
via reddit https://ift.tt/2SconLc

HoneyProcs : Going Beyond Honeyfiles for Deception on Endpoints
https://ift.tt/2R7uAGX

Submitted October 24, 2018 at 09:31PM by anoopsaldanha
via reddit https://ift.tt/2OLVw2p

WebExec - an authenticated RCE vulnerability in Cisco WebEx client
Hey all,During a pentest a couple months back, me and my coworker (/u/jeffmcjunkin) stumbled upon an 0-day in Cisco WebEx. It's neat because it's a remote code execution vulnerability in a client-side app due to bad ACLs.We wrote a high level doc about it, and also a deep dive into why it works.You can also find Nmap noscripts to check for it (already pushed to svn) as well as Metasploit modules to exploit it (in a metasploit fork) linked from there.I thought you guys would be interested! Please patch!

Submitted October 24, 2018 at 09:56PM by iagox86
via reddit https://ift.tt/2O2m0HJ

Nessus 8.0 released
https://ift.tt/2yvtgqj

Submitted October 24, 2018 at 11:14PM by Neo-Bubba
via reddit https://ift.tt/2D0gRP6

Mac malware intercepts encrypted web traffic for ad injection
https://ift.tt/2EHmNhz

Submitted October 25, 2018 at 01:43AM by EvanConover
via reddit https://ift.tt/2AqgTgM