Release of an article on the experimental vector of pivoting against Windows

Caster - Windows Nightmare

https://blog.exploit.org/windows-nightmare

Beyond the Code: Art of AppSec in Java: Part 1

Master your knowledge of application security, follow best practices and become stronger with us.

https://blog.exploit.org/java-appsec/

NetArmor v1.1 released

+ Fixed ClientHello packet detection in TLS Fingerprinting

+ Advanced HTTP/2 Fingerprinting according to Akamai's White Paper

+ JDK 11 and upper support

+ ALPN support in Reactor Netty Provider

Github

Beyond the Code: Exposing in Disguise

In this article we will review the usage of such techniques as TLS (JA3) Fingerprinting, HTTP/2 Fingerprinting in a use case of malicious client detection.

https://blog.exploit.org/exposing-in-disguise/

New version of Above v2.5 sniffer

+ The tool now handles all frames and packets in the air
+ New 5 protocols support: EAPOL, ARP, IGMP, DHCP, ICMPv6
+ New visual output of packets
+ Completely rewritten and simplified code, removed threads, removed dependency on pcap_analyzer
+ Fixed code for some protocols for error handling

https://github.com/casterbyte/Above/releases/tag/v2.5

Pivoting against Windows is a fairly complex post-exploitation process. In this article I will demonstrate my new method of link layer pivoting using SoftEther and without a virtual machine

Caster — Witchhammer

https://blog.exploit.org/witchhammer

Everything Lit: Ways to achieve UEFI persistence.

Just one view of "extreme" techniques. Imagination and knowledge is all you need!

https://blog.exploit.org/everything-lit/

Alert for iOS users
Trust Wallet has just alerted about zero-day exploit in iMessage.

To disable iMessage go to Settings > Messages and toggle iMessage button.

The days are getting harder and harder 🤷

⚠️PuTTY CVE-2024-31497 ⚠️

📰Brief: attacker can gain access to private key with public key and some signed messages on hand via forged identification signature of legitimate user. Signed messages may be publicly visible due to storage in public Git.

🚩Possibilities: login into any servers key was used in, supply chain attacks software maintained git, etc.

📗Affected versions: 0.80 and prior.

📚Full denoscription: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html

MikroTik equipment is widely distributed all over the world and its security is an acute issue. In this paper, Caster covered many aspects related to the network security of MikroTik equipment.

Caster - Lockdown

https://blog.exploit.org/caster-routeros-lockdown

Cisco equipment is widespread in production networks. In this article, Caster will demonstrate methods to protect Cisco IOS from network attacks.

Caster - Disciple

https://blog.exploit.org/caster-disciple

Poisoning attacks against Windows machines have become well known among pentesters. In this article, Caster will demonstrate how to detect poisoning attacks using Suricata.

Caster - Neurotransmitter

https://blog.exploit.org/caster-neurotransmitter

Kerberos, while more secure than NTLM, also has some security nuances. In this article, researcher Caster will demonstrate techniques for detecting Kerberos attacks using Suricata.

Caster - Kerbhammer

https://blog.exploit.org/caster-kerbhammer