Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
https://github.com/activecm/rita
#RITA #Threat
@securation
https://github.com/activecm/rita
#RITA #Threat
@securation
GitHub
GitHub - activecm/rita: Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication…
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis. - activecm/rita
⭕️ AttkFinder is a tool that performs static program analysis of PLC programs, and produce Data-oriented Attack vectors
https://gitlab.com/jhcastel/attkfinder
#SCADA_Security #ICS
@securation
https://gitlab.com/jhcastel/attkfinder
#SCADA_Security #ICS
@securation
GitLab
John Caste / attkfinder · GitLab
⭕️ https://malapi.io
MalAPI.io maps Windows APIs to common techniques used by malware.
#tools #api #cheatsheet #malware
@securation
MalAPI.io maps Windows APIs to common techniques used by malware.
#tools #api #cheatsheet #malware
@securation
⭕️ AMSI.fail generates obfuscated PowerShell snippets that break or disable AMSI for the current process
https://amsi.fail
#amsi #powershell #bypass
@securation
https://amsi.fail
#amsi #powershell #bypass
@securation
⭕️ Azure Service Authentication and Authorization table
A table for reviewing service authentication and authorization security in Azure, especially cross-service security.
https://github.com/jsa2/aad-auth-n-z
#azure #Authentication #Authorization
@securation
A table for reviewing service authentication and authorization security in Azure, especially cross-service security.
https://github.com/jsa2/aad-auth-n-z
#azure #Authentication #Authorization
@securation
GitHub
GitHub - jsa2/aad-auth-n-z
Contribute to jsa2/aad-auth-n-z development by creating an account on GitHub.
⭕️دوستانی که از IDA Pro استفاده میکنید مراقب باشید
https://twitter.com/ESETresearch/status/1458438155149922312?s=20
#backdoor #malware #eset
@securation
https://twitter.com/ESETresearch/status/1458438155149922312?s=20
#backdoor #malware #eset
@securation
Twitter
ESET research
#ESETresearch discovered a trojanized IDA Pro installer, distributed by the #Lazarus APT group. Attackers bundled the original IDA Pro 7.5 software developed by @HexRaysSA with two malicious components. @cherepanov74 1/5
⭕️ Mobile malware mimicking framework
https://maxkersten.nl/wp-content/uploads/2021/11/BHEU21_m3.pdf
#blackhat @securation
https://maxkersten.nl/wp-content/uploads/2021/11/BHEU21_m3.pdf
#blackhat @securation
⭕️ This tool will help you to generate Gopher payload for exploiting SSRF to gain RCE
https://github.com/tarunkant/Gopherus
#web #tools #pentest #bugbountytip
@securation
https://github.com/tarunkant/Gopherus
#web #tools #pentest #bugbountytip
@securation
⭕️ توی این بلاگ توضیحاتی داده درمورد بالا بردن سطح دسترسی در Active Directory.
اکثر این روش هایی که منجر به گرفتن دسترسی بالاتر توسط هکر میشه علتش کانفیگ نا امن و درحالت دیفالت نگه داشتن کانفیگ های Active Directory و بطور کلی بگیم انجام ندادن هاردنینگ توسط شخص مسئول در سازمان شما هست.
⭕️ اگر توی Red Team فعالیت دارید اسکریپت invoke ACLpwn در Powershell بصورت اتوماتیک کار شناسایی تنظیمات ناامن رو انجام میده و به شما توی بالا بردن سطح دسترسی کمک میکنه.
#Redteam #Pentest #AD #ACL #pwn
@securation
اکثر این روش هایی که منجر به گرفتن دسترسی بالاتر توسط هکر میشه علتش کانفیگ نا امن و درحالت دیفالت نگه داشتن کانفیگ های Active Directory و بطور کلی بگیم انجام ندادن هاردنینگ توسط شخص مسئول در سازمان شما هست.
⭕️ اگر توی Red Team فعالیت دارید اسکریپت invoke ACLpwn در Powershell بصورت اتوماتیک کار شناسایی تنظیمات ناامن رو انجام میده و به شما توی بالا بردن سطح دسترسی کمک میکنه.
#Redteam #Pentest #AD #ACL #pwn
@securation
⭕️ Tool designed to dump and parse LSASS using a single file
https://github.com/icyguider/DumpNParse
#lsass #dump
@securation
https://github.com/icyguider/DumpNParse
#lsass #dump
@securation
GitHub
GitHub - icyguider/DumpNParse: A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.
A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0. - icyguider/DumpNParse
⭕️ List privileged services that don't come with Windows 10
https://gist.github.com/wdormann/89ed779933fe205fb52ecf3eacf5ff40
#Red_Team #Powershell
@securation
https://gist.github.com/wdormann/89ed779933fe205fb52ecf3eacf5ff40
#Red_Team #Powershell
@securation
Gist
List privileged services that don't come with Windows 10
List privileged services that don't come with Windows 10 - privileged.ps1
⭕️ Reverse engineering and modifying Android apps with JADX & Frida
https://httptoolkit.tech/blog/android-reverse-engineering/
#reverse #re #android #jadx #frida
@securation
https://httptoolkit.tech/blog/android-reverse-engineering/
#reverse #re #android #jadx #frida
@securation
Httptoolkit
Reverse engineering & modifying Android apps with JADX & Frida
I get a lot of emails from users who want to know exactly what their favourite Android app is doing, and want to tweak and change how that works for...
⭕️ UAC Bypass using DLL Injection
https://github.com/shubham0d/UAC-bypass-using-dll-injection
#dll #uac #bypass
@securation
https://github.com/shubham0d/UAC-bypass-using-dll-injection
#dll #uac #bypass
@securation
GitHub
GitHub - shubham0d/UAC-bypass-using-dll-injection: A small project to bypass UAC in windows 10/8/7 using dll injection technique
A small project to bypass UAC in windows 10/8/7 using dll injection technique - shubham0d/UAC-bypass-using-dll-injection