Running GHIDRA inside a Docker container with Hearthstone APK file loaded.

TL;DR – There are many Android SSL pinning bypass noscripts available for Frida. However, those don’t always work on obfuscated applications. If the application uses OkHttp, there’s…

Targeting the user with a rogue binary

Automate the creation of a lab environment complete with security tooling and logging best practices - clong/DetectionLab

The Web Security Academy is a free online training center for web application security, brought to you by PortSwigger. Create an account to get started.

Posted in r/netsec by u/QuirkySpiceBush • 9 points and 0 comments

Python3 noscript to parse txt files containing Mimikatz output - GitHub - xFreed0m/KatzKatz: Python3 noscript to parse txt files containing Mimikatz output

Quick Summary Hey guys this is my write-up about Devlife from Wizard Labs which is their second box to retire. Just like dummy it’s another easy box (Difficulty : 2/10) , It’s a linux box and its ip is 10.1.1.20 so let’s jump right in ! Nmap We will start…

The Cybereason team has identified a campaign that incorporates Emotet, TrickBot, and the Ryuk ransomware. This malware adapts Emotet to drop TrickBot, and adapts TrickBot to not only steal data but also download the Ryuk ransomware.

Version from the Arxiv paper https://arxiv.org/abs/1903.12519
Updates

Added DSL to specify complex objectives and complex training scheduling.
Added abstract layers for increasing precision in dee...

Sqreen has raised a Series A round of $14 million. Greylock Partners is leading the round, existing investors Y Combinator, Alven and Point Nine are also participating. The startup wants to improve security when it comes to web applications and cloud infrastructure.…

A Chinese woman carrying a thumb drive loaded with malware was detained at Mar-a-Lago Saturday after trying to gain access to events advertised on Chinese-language social media by Li “Cindy” Yang, the South Florida massage parlor entrepreneur who also ran…

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more. - GitHub - trimstray/the-book-of-secret-knowledge: A collection of inspiring lists, manuals,...

Examples of how the inotify API can be useful for the Red Team

Security experts are urging companies using the Magento ecommerce site to apply security updates without delay to avoid a disastrous hacking campaign

Koadic as a tool can be used in any of the last two stages, an added advantage to the user. It is a Windows post-exploitation rootkit.

Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process. - hlldz/APC-PPID