Apple resources for download open source code for their operating systems and developer tools:
https://opensource.apple.com/releases/
https://opensource.apple.com/releases/
OWASP_SCP_Quick_Reference_Guide_v2.pdf
247.6 KB
OWASP Secure Coding Practices
Dragnmove
Dragnmove is a post-exploitaition tool that infects files shared between users in order to move from one system to another. Dragnmove can detect actions like dropping a file into the browser window or attaching a file to an email client. After Dragnmove detects the action, it hooks CreateFile API calls to modify handles:
https://github.com/OccamsXor/Dragnmove
Dragnmove is a post-exploitaition tool that infects files shared between users in order to move from one system to another. Dragnmove can detect actions like dropping a file into the browser window or attaching a file to an email client. After Dragnmove detects the action, it hooks CreateFile API calls to modify handles:
https://github.com/OccamsXor/Dragnmove
A New MacOS Persistence and Deception Technique: Default Application Hijacking
This bug allows for code execution and potentially allows an attacker to trick the user into granting TCC permissions to an attacker-controlled application..:
https://medium.com/@marcusthebrody/a-new-macos-persistence-and-deception-technique-default-application-hijacking-52de66955a16
This bug allows for code execution and potentially allows an attacker to trick the user into granting TCC permissions to an attacker-controlled application..:
https://medium.com/@marcusthebrody/a-new-macos-persistence-and-deception-technique-default-application-hijacking-52de66955a16
Medium
A New MacOS Persistence and Deception Technique: Default Application Hijacking
By Gordon Long (@ethicalhax)
OSV-Scanner
Use OSV-Scanner to find existing vulnerabilities affecting your project's dependencies..:
* https://github.com/google/osv-scanner
#tool #research
Use OSV-Scanner to find existing vulnerabilities affecting your project's dependencies..:
* https://github.com/google/osv-scanner
#tool #research
GitHub
GitHub - google/osv-scanner: Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Vulnerability scanner written in Go which uses the data provided by https://osv.dev - google/osv-scanner
100 000 000 морских свинок: Опасности в каждодневной еде, лекарствах и косметике - книга, написанная Артуром Каллетом и Ф.Дж. Шлинком и выпущенная в США в 1933 году "Вангард Пресс". Центральная идея книги - то, что население США используется в качестве морских свинок в гигантском эксперименте пищевых и медицинских корпораций:
https://fb2-epub.ru/load/jizn/zdorove/100_millionov_morskikh_svinok_artur_kallet_frederik_shlink/133-1-0-13384
https://fb2-epub.ru/load/jizn/zdorove/100_millionov_morskikh_svinok_artur_kallet_frederik_shlink/133-1-0-13384
Domain Name System (DNS) Parameters
Last Updated 2022-12-06
https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml
Last Updated 2022-12-06
https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml
Blindside is a technique for evading the monitoring of endpoint detection and response (EDR) and extended detection and response (XDR) platforms using hardware breakpoints to inject commands and perform unexpected, unwanted, or malicious operations. It involves creating a breakpoint handler, and setting a hardware breakpoint that will force the debugged process to load only ntdll to memory
— https://github.com/CymulateResearch/Blindside
— https://github.com/CymulateResearch/Blindside
Avoiding Detection with Shellcode Mutator
…Today we are releasing a new tool to help red teamers avoid detection. Shellcode is a small piece of code that is typically used as the payload in an exploit, and can often be detected by its “signature”, or unique pattern. Shellcode Mutator mutates exploit source code without affecting its functionality, changing its signature and making it harder to reliably detect as malicious..:
— https://labs.nettitude.com/blog/shellcode-source-mutations/
…Today we are releasing a new tool to help red teamers avoid detection. Shellcode is a small piece of code that is typically used as the payload in an exploit, and can often be detected by its “signature”, or unique pattern. Shellcode Mutator mutates exploit source code without affecting its functionality, changing its signature and making it harder to reliably detect as malicious..:
— https://labs.nettitude.com/blog/shellcode-source-mutations/
LRQA
Avoiding Detection with Shellcode Mutator
Today we are releasing a new tool to help red teamers avoid detection. Shellcode is a small piece of code that is typically used as the payload in an exploit, and can often be detected by its “signature”, or unique pattern
The FBI is warning the public that cyber criminals are using search engine advertisement services to impersonate brands and direct users to malicious sites that host ransomware and steal login credentials and other financial information:
https://www.ic3.gov/Media/Y2022/PSA221221
https://www.ic3.gov/Media/Y2022/PSA221221
Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689
https://github.com/zhuowei/WDBFontOverwrite
https://github.com/zhuowei/WDBFontOverwrite
GitHub
GitHub - ginsudev/WDBFontOverwrite: Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.
Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689. - ginsudev/WDBFontOverwrite
pdfcpu: a Go PDF processor
pdfcpu is a PDF processing library written in Go supporting encryption. It provides both an API and a CLI. Supported are all versions up to PDF 1.7 (ISO-32000).
— https://github.com/pdfcpu/pdfcpu
#tool
pdfcpu is a PDF processing library written in Go supporting encryption. It provides both an API and a CLI. Supported are all versions up to PDF 1.7 (ISO-32000).
— https://github.com/pdfcpu/pdfcpu
#tool
GitHub
GitHub - pdfcpu/pdfcpu: A PDF processor written in Go.
A PDF processor written in Go. Contribute to pdfcpu/pdfcpu development by creating an account on GitHub.
Reverse Prompt Engineering for Fun and (no) Profit
Pwning the source prompts of Notion AI, 7 techniques for Reverse Prompt Engineering... and why everyone is *wrong* about prompt injection
https://lspace.swyx.io/p/reverse-prompt-eng
Pwning the source prompts of Notion AI, 7 techniques for Reverse Prompt Engineering... and why everyone is *wrong* about prompt injection
https://lspace.swyx.io/p/reverse-prompt-eng
L-Space Diaries
Reverse Prompt Engineering for Fun and (no) Profit
Pwning the source prompts of Notion AI, 7 techniques for Reverse Prompt Engineering... and why everyone is *wrong* about prompt injection
dnstwist
This is a tool that will fetch potential typo-squatting or IDN domains which could be targeting your domain for spear phishing. Permutations will be fetched from https://dnstwist.it
— https://github.com/hazcod/dnstwist
This is a tool that will fetch potential typo-squatting or IDN domains which could be targeting your domain for spear phishing. Permutations will be fetched from https://dnstwist.it
— https://github.com/hazcod/dnstwist
dnstwist.it
dnstwist | phishing domain scanner
Find lookalike phishing domains that adversaries can use to attack you
GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal on *nix systems or through your browser
— https://github.com/allinurl/goaccess
#tool
P.S. thx for https://news.1rj.ru/str/sysadm_in/214083
— https://github.com/allinurl/goaccess
#tool
P.S. thx for https://news.1rj.ru/str/sysadm_in/214083
UserManualMegaCortexDecryptor.pdf
373.8 KB
MegaCortex RANSOMWARE DECRYPTION TOOL