⭕️دوستانی که از IDA Pro استفاده میکنید مراقب باشید
https://twitter.com/ESETresearch/status/1458438155149922312?s=20
#backdoor #malware #eset
@securation
https://twitter.com/ESETresearch/status/1458438155149922312?s=20
#backdoor #malware #eset
@securation
Twitter
ESET research
#ESETresearch discovered a trojanized IDA Pro installer, distributed by the #Lazarus APT group. Attackers bundled the original IDA Pro 7.5 software developed by @HexRaysSA with two malicious components. @cherepanov74 1/5
⭕️ Mobile malware mimicking framework
https://maxkersten.nl/wp-content/uploads/2021/11/BHEU21_m3.pdf
#blackhat @securation
https://maxkersten.nl/wp-content/uploads/2021/11/BHEU21_m3.pdf
#blackhat @securation
⭕️ This tool will help you to generate Gopher payload for exploiting SSRF to gain RCE
https://github.com/tarunkant/Gopherus
#web #tools #pentest #bugbountytip
@securation
https://github.com/tarunkant/Gopherus
#web #tools #pentest #bugbountytip
@securation
⭕️ توی این بلاگ توضیحاتی داده درمورد بالا بردن سطح دسترسی در Active Directory.
اکثر این روش هایی که منجر به گرفتن دسترسی بالاتر توسط هکر میشه علتش کانفیگ نا امن و درحالت دیفالت نگه داشتن کانفیگ های Active Directory و بطور کلی بگیم انجام ندادن هاردنینگ توسط شخص مسئول در سازمان شما هست.
⭕️ اگر توی Red Team فعالیت دارید اسکریپت invoke ACLpwn در Powershell بصورت اتوماتیک کار شناسایی تنظیمات ناامن رو انجام میده و به شما توی بالا بردن سطح دسترسی کمک میکنه.
#Redteam #Pentest #AD #ACL #pwn
@securation
اکثر این روش هایی که منجر به گرفتن دسترسی بالاتر توسط هکر میشه علتش کانفیگ نا امن و درحالت دیفالت نگه داشتن کانفیگ های Active Directory و بطور کلی بگیم انجام ندادن هاردنینگ توسط شخص مسئول در سازمان شما هست.
⭕️ اگر توی Red Team فعالیت دارید اسکریپت invoke ACLpwn در Powershell بصورت اتوماتیک کار شناسایی تنظیمات ناامن رو انجام میده و به شما توی بالا بردن سطح دسترسی کمک میکنه.
#Redteam #Pentest #AD #ACL #pwn
@securation
⭕️ Tool designed to dump and parse LSASS using a single file
https://github.com/icyguider/DumpNParse
#lsass #dump
@securation
https://github.com/icyguider/DumpNParse
#lsass #dump
@securation
GitHub
GitHub - icyguider/DumpNParse: A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.
A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0. - icyguider/DumpNParse
⭕️ List privileged services that don't come with Windows 10
https://gist.github.com/wdormann/89ed779933fe205fb52ecf3eacf5ff40
#Red_Team #Powershell
@securation
https://gist.github.com/wdormann/89ed779933fe205fb52ecf3eacf5ff40
#Red_Team #Powershell
@securation
Gist
List privileged services that don't come with Windows 10
List privileged services that don't come with Windows 10 - privileged.ps1
⭕️ Reverse engineering and modifying Android apps with JADX & Frida
https://httptoolkit.tech/blog/android-reverse-engineering/
#reverse #re #android #jadx #frida
@securation
https://httptoolkit.tech/blog/android-reverse-engineering/
#reverse #re #android #jadx #frida
@securation
Httptoolkit
Reverse engineering & modifying Android apps with JADX & Frida
I get a lot of emails from users who want to know exactly what their favourite Android app is doing, and want to tweak and change how that works for...
⭕️ UAC Bypass using DLL Injection
https://github.com/shubham0d/UAC-bypass-using-dll-injection
#dll #uac #bypass
@securation
https://github.com/shubham0d/UAC-bypass-using-dll-injection
#dll #uac #bypass
@securation
GitHub
GitHub - shubham0d/UAC-bypass-using-dll-injection: A small project to bypass UAC in windows 10/8/7 using dll injection technique
A small project to bypass UAC in windows 10/8/7 using dll injection technique - shubham0d/UAC-bypass-using-dll-injection
⭕️ Investigates Abusing Windows Server Update Services (WSUS) to Enable NTLM Relaying Attacks
https://www.gosecure.net/blog/2021/11/22/gosecure-investigates-abusing-windows-server-update-services-wsus-to-enable-ntlm-relaying-attacks/
#wsus #windows #relay
@securation
https://www.gosecure.net/blog/2021/11/22/gosecure-investigates-abusing-windows-server-update-services-wsus-to-enable-ntlm-relaying-attacks/
#wsus #windows #relay
@securation
GoSecure
GoSecure Investigates Abusing Windows Server Update Services (WSUS) to Enable NTLM Relaying Attacks
WSUS client automatically authenticates with NTLM as the current user or the machine account, allowing relay for remote code execution or lateral movement.
⭕️ Security Testing and Enumeration of WebSockets
https://github.com/PalindromeLabs/STEWS
#websockets #web
@securation
https://github.com/PalindromeLabs/STEWS
#websockets #web
@securation
GitHub
GitHub - PalindromeLabs/STEWS: A Security Tool for Enumerating WebSockets
A Security Tool for Enumerating WebSockets. Contribute to PalindromeLabs/STEWS development by creating an account on GitHub.
⭕️ Wireless Penetration Testing Articles
https://github.com/Ignitetechnologies/Wireless-Penetration-Testing
#Wireless
@securation
https://github.com/Ignitetechnologies/Wireless-Penetration-Testing
#Wireless
@securation
⭕️ IDApython Scripts for Analyzing Golang Binaries
https://github.com/SentineLabs/AlphaGolang
#reverse #binaries #python #Go
@securation
https://github.com/SentineLabs/AlphaGolang
#reverse #binaries #python #Go
@securation