Beyond the Code: Exposing in Disguise
In this article we will review the usage of such techniques as TLS (JA3) Fingerprinting, HTTP/2 Fingerprinting in a use case of malicious client detection.
https://blog.exploit.org/exposing-in-disguise/
In this article we will review the usage of such techniques as TLS (JA3) Fingerprinting, HTTP/2 Fingerprinting in a use case of malicious client detection.
https://blog.exploit.org/exposing-in-disguise/
👍7🔥3⚡2❤1
New version of Above v2.5 sniffer
+ The tool now handles all frames and packets in the air
+ New 5 protocols support: EAPOL, ARP, IGMP, DHCP, ICMPv6
+ New visual output of packets
+ Completely rewritten and simplified code, removed threads, removed dependency on pcap_analyzer
+ Fixed code for some protocols for error handling
https://github.com/casterbyte/Above/releases/tag/v2.5
+ The tool now handles all frames and packets in the air
+ New 5 protocols support: EAPOL, ARP, IGMP, DHCP, ICMPv6
+ New visual output of packets
+ Completely rewritten and simplified code, removed threads, removed dependency on pcap_analyzer
+ Fixed code for some protocols for error handling
https://github.com/casterbyte/Above/releases/tag/v2.5
GitHub
Release Above v2.5 (Codename: Ayrton Senna) · casterbyte/Above
The tool now handles all frames and packets in the air
New 5 protocols support: EAPOL, ARP, IGMP, DHCP, ICMPv6
New visual output of packets
Completely rewritten and simplified code, removed threads...
New 5 protocols support: EAPOL, ARP, IGMP, DHCP, ICMPv6
New visual output of packets
Completely rewritten and simplified code, removed threads...
👍6❤2🔥2⚡1
Pivoting against Windows is a fairly complex post-exploitation process. In this article I will demonstrate my new method of link layer pivoting using SoftEther and without a virtual machine
Caster — Witchhammer
https://blog.exploit.org/witchhammer
Caster — Witchhammer
https://blog.exploit.org/witchhammer
🔥8⚡1
Everything Lit: Ways to achieve UEFI persistence.
Just one view of "extreme" techniques. Imagination and knowledge is all you need!
https://blog.exploit.org/everything-lit/
Just one view of "extreme" techniques. Imagination and knowledge is all you need!
https://blog.exploit.org/everything-lit/
👍8🔥2⚡1
Hi to all of those with superior taste and knowledge of true mastery.
Today we are giving away 10 Telegram Premiums amongst our subscribers.
Enjoy and hope the stakes play in your favour, while we do our job😉
Today we are giving away 10 Telegram Premiums amongst our subscribers.
Enjoy and hope the stakes play in your favour, while we do our job
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥32👍10❤5🐳4🤮3
⚠️PuTTY CVE-2024-31497 ⚠️
📰Brief: attacker can gain access to private key with public key and some signed messages on hand via forged identification signature of legitimate user. Signed messages may be publicly visible due to storage in public Git.
🚩Possibilities: login into any servers key was used in, supply chain attacks software maintained git, etc.
📗Affected versions: 0.80 and prior.
📚Full denoscription: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html
📰Brief: attacker can gain access to private key with public key and some signed messages on hand via forged identification signature of legitimate user. Signed messages may be publicly visible due to storage in public Git.
🚩Possibilities: login into any servers key was used in, supply chain attacks software maintained git, etc.
📗Affected versions: 0.80 and prior.
📚Full denoscription: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html
😱17👍11🔥3😁2😈2
MikroTik equipment is widely distributed all over the world and its security is an acute issue. In this paper, Caster covered many aspects related to the network security of MikroTik equipment.
Caster - Lockdown
https://blog.exploit.org/caster-routeros-lockdown
Caster - Lockdown
https://blog.exploit.org/caster-routeros-lockdown
❤15🔥7👍4🌚4⚡1
Cisco equipment is widespread in production networks. In this article, Caster will demonstrate methods to protect Cisco IOS from network attacks.
Caster - Disciple
https://blog.exploit.org/caster-disciple
Caster - Disciple
https://blog.exploit.org/caster-disciple
❤16⚡3🔥3🤮2
Poisoning attacks against Windows machines have become well known among pentesters. In this article, Caster will demonstrate how to detect poisoning attacks using Suricata.
Caster - Neurotransmitter
https://blog.exploit.org/caster-neurotransmitter
Caster - Neurotransmitter
https://blog.exploit.org/caster-neurotransmitter
🔥8❤5⚡2🙏1👌1
Kerberos, while more secure than NTLM, also has some security nuances. In this article, researcher Caster will demonstrate techniques for detecting Kerberos attacks using Suricata.
Caster - Kerbhammer
https://blog.exploit.org/caster-kerbhammer
Caster - Kerbhammer
https://blog.exploit.org/caster-kerbhammer
❤7👍5🔥4⚡1
UPDATE: Telegram has fixed this bug.
🙂 Telegram started banning bots that send messages, where service number "
Some of popular bots (like@fabrika) got already banned.
If you own a bot, turn off sending messages whose content depends on user input (e.g. greeting with user's firstname, etc.).
P.S Telegram started slowly rollbacking the bans.
t.me/+42777" is included in its content as a link.Some of popular bots (like
If you own a bot, turn off sending messages whose content depends on user input (e.g. greeting with user's firstname, etc.).
P.S Telegram started slowly rollbacking the bans.
Please open Telegram to view this post
VIEW IN TELEGRAM
💩15👍6😁2🕊2⚡1
Active Directory is used in many networks and is often the target of attacks. In this article, Caster will demonstrate the capabilities of Suricata signatures to detect attacks against Active Directory.
Caster - If You Hadn't
https://blog.exploit.org/caster-ifyouhadnt
Caster - If You Hadn't
https://blog.exploit.org/caster-ifyouhadnt
❤8🔥3⚡1
I think network traffic analysis in pentest scenarios is vastly underrated. In this article, I will demonstrate a technique to silently analyze the security of network equipment based on traffic analysis alone.
Caster - Funeral
https://blog.exploit.org/caster-funeral
Caster - Funeral
https://blog.exploit.org/caster-funeral
❤10🔥6👍5✍2⚡1
🚀 OWASP Netryx Release 🚀
https://github.com/OWASP/www-project-netryx
We have our official release of Netryx under OWASP Foundation - advanced Java security framework designed to protect your data and save you from cyber attacks. Here are the key features:
JA3, JA4+, and HTTP/2 Fingerprinting:
identification of users based on TLS and HTTP connection establishment, which helps to avoid bots and bad actors.
Intrusion Detection System (IDS):
Collect and analyze data to detect and block malicious activities.
HTTP/2 0day Protection:
Block attacks exploiting vulnerabilities in the HTTP/2 protocol, preventing you from RST Stream vulnerability
Path Traversal Protection:
Prevent unauthorized access to files outside the web root directory, ensuring your data remains secure.
Protection Against Various Injection Attacks:
HTML, JS, LDAP, and CMD encoders ensuring safety against different types of injection attacks.
Secure Memory Management:
Ensure sensitive information like keys and tokens are safely handled in memory, protecting from Data in Use attacks.
And much more! All these features are implemented in Java, making OWASP Netryx a big addition to your security toolkit.
Don't forget to star the repository😉
#OWASP #Netryx #CyberSecurity #Java #WebSecurity
https://github.com/OWASP/www-project-netryx
We have our official release of Netryx under OWASP Foundation - advanced Java security framework designed to protect your data and save you from cyber attacks. Here are the key features:
JA3, JA4+, and HTTP/2 Fingerprinting:
identification of users based on TLS and HTTP connection establishment, which helps to avoid bots and bad actors.
Intrusion Detection System (IDS):
Collect and analyze data to detect and block malicious activities.
HTTP/2 0day Protection:
Block attacks exploiting vulnerabilities in the HTTP/2 protocol, preventing you from RST Stream vulnerability
Path Traversal Protection:
Prevent unauthorized access to files outside the web root directory, ensuring your data remains secure.
Protection Against Various Injection Attacks:
HTML, JS, LDAP, and CMD encoders ensuring safety against different types of injection attacks.
Secure Memory Management:
Ensure sensitive information like keys and tokens are safely handled in memory, protecting from Data in Use attacks.
And much more! All these features are implemented in Java, making OWASP Netryx a big addition to your security toolkit.
Don't forget to star the repository
#OWASP #Netryx #CyberSecurity #Java #WebSecurity
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥14👍9❤6🤔2⚡1
Currently we are witnessing arrest of creator of main digital privacy respecting messenger Pavel Durov.
WHY THIS MATTERS:
With over 950 million users, Telegram is one of the last products with respect to digital privacy. Holding Durov accountable for content shared by users or for protecting user data from authorities sets a dangerous precedent moving on for everyone that wants to create a privacy first solutions. This is not just about one person. It’s about safeguarding the right to privacy for all of us as a collective.
This action is a serious threat to the fundamental right to privacy in the digital age. Telegram has been a vital tool for millions around the world, ensuring freedom of speech and protecting our personal data, as well as providing the outlet to freely share opinions and information from unwarranted intrusion.
WHAT CAN YOU DO:
We need to raise our voices and demand justice. Write to Amnesty International at contactus@amnesty.org and urge them to support Pavel Durov and advocate for his release. Amnesty has a powerful voice on global platform and has been instrumental in defending human rights across the world. If we unite and work together by sending our concerns to them with requests, we will get justice to work.
Let’s stand together for our fundamental digital rights and make sure this doesn’t go unnoticed. 🛡️
#Repost to other places and channels in order to reach broader masses and communities, so we can get more gravitas in order to protect human right to digital privacy
We as humans are stronger and louder in unity and mass.
Line for Enquiries: contactus@amnesty.org
Mail template: https://telegra.ph/Amnesty-Mail-Template-08-25
#FreeDurov #PrivacyMatters #DigitalRights #AmnestyInternational
WHY THIS MATTERS:
With over 950 million users, Telegram is one of the last products with respect to digital privacy. Holding Durov accountable for content shared by users or for protecting user data from authorities sets a dangerous precedent moving on for everyone that wants to create a privacy first solutions. This is not just about one person. It’s about safeguarding the right to privacy for all of us as a collective.
This action is a serious threat to the fundamental right to privacy in the digital age. Telegram has been a vital tool for millions around the world, ensuring freedom of speech and protecting our personal data, as well as providing the outlet to freely share opinions and information from unwarranted intrusion.
WHAT CAN YOU DO:
We need to raise our voices and demand justice. Write to Amnesty International at contactus@amnesty.org and urge them to support Pavel Durov and advocate for his release. Amnesty has a powerful voice on global platform and has been instrumental in defending human rights across the world. If we unite and work together by sending our concerns to them with requests, we will get justice to work.
Let’s stand together for our fundamental digital rights and make sure this doesn’t go unnoticed. 🛡️
#Repost to other places and channels in order to reach broader masses and communities, so we can get more gravitas in order to protect human right to digital privacy
We as humans are stronger and louder in unity and mass.
Line for Enquiries: contactus@amnesty.org
Mail template: https://telegra.ph/Amnesty-Mail-Template-08-25
#FreeDurov #PrivacyMatters #DigitalRights #AmnestyInternational
🕊22👍14❤13🔥12😁5