When is a Perimeter not a Perimeter
Research paper:
— https://www.forescout.com/resources/l1-lateral-movement-report
Research paper:
— https://www.forescout.com/resources/l1-lateral-movement-report
A maintenance release Git v2.39.2, together with releases for older
maintenance tracks v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7,
v2.33.7, v2.32.6, v2.31.7, and v2.30.8, are now available at the
usual places.
These maintenance releases are to address two security issues
identified as CVE-2023-22490 and CVE-2023-23946. They both affect
ranges of existing versions and users are strongly encouraged to
upgrade.
https://lore.kernel.org/git/xmqqr0us5dio.fsf@gitster.g/T/
maintenance tracks v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7,
v2.33.7, v2.32.6, v2.31.7, and v2.30.8, are now available at the
usual places.
These maintenance releases are to address two security issues
identified as CVE-2023-22490 and CVE-2023-23946. They both affect
ranges of existing versions and users are strongly encouraged to
upgrade.
https://lore.kernel.org/git/xmqqr0us5dio.fsf@gitster.g/T/
Pre-Auth RCE in Aspera Faspex: Case Guide for Auditing Ruby on Rails
https://blog.assetnote.io/2023/02/02/pre-auth-rce-aspera-faspex/
https://blog.assetnote.io/2023/02/02/pre-auth-rce-aspera-faspex/
rdp-sec-check
rdp-sec-check is a Perl noscript to enumerate security settings of an RDP Service (AKA Terminal Services)
https://github.com/CiscoCXSecurity/rdp-sec-check
rdp-sec-check is a Perl noscript to enumerate security settings of an RDP Service (AKA Terminal Services)
https://github.com/CiscoCXSecurity/rdp-sec-check
GitHub
GitHub - CiscoCXSecurity/rdp-sec-check: rdp-sec-check is a Perl noscript to enumerate security settings of an RDP Service (AKA Terminal…
rdp-sec-check is a Perl noscript to enumerate security settings of an RDP Service (AKA Terminal Services) - CiscoCXSecurity/rdp-sec-check
SSH Remote Code Execution
https://github.com/SleepTheGod/SSH-Remote-Code-Execution
P.S. thx for the link dear subscriber ✌️
https://github.com/SleepTheGod/SSH-Remote-Code-Execution
P.S. thx for the link dear subscriber ✌️
GitHub
GitHub - SleepTheGod/SSH-Remote-Code-Execution: SSH Zero-Day Made By ClumsyLulz
SSH Zero-Day Made By ClumsyLulz. Contribute to SleepTheGod/SSH-Remote-Code-Execution development by creating an account on GitHub.
Fish Shell will get rewrite to Rust
https://github.com/fish-shell/fish-shell/pull/9512
Fish - It is my favourite shell, if you don’t know what is this, please try:
https://fishshell.com
https://github.com/fish-shell/fish-shell/pull/9512
Fish - It is my favourite shell, if you don’t know what is this, please try:
https://fishshell.com
GitHub
Rewrite it in Rust by ridiculousfish · Pull Request #9512 · fish-shell/fish-shell
(Editor's note - please read #9512 (comment) and #9512 (comment) before commenting if you are new to fish or not familiar with the context - @zanchey)
(Progress report November 2023)
(Sorry...
(Progress report November 2023)
(Sorry...
A story about tampering EDRs…
Anti-virus alone is no longer sufficient to enable organizations to prevent, understand and respond to more complex attacks. As a result, more and more organizations are turning to a combination of antivirus (AV) / endpoint protection (EPP) and endpoint detection and response (EDR) systems. As a result, it has become much more difficult in recent years for attackers, including red teamers, to operate undetected or as quietly as possible on the compromised endpoint. Attackers are constantly finding new ways to bypass EDRs, such as direct or indirect system calls, and EDR vendors are constantly making improvements. In short, it is a constant game of cat and mouse. In this article, however, we will not focus on EDR bypassing, but rather on EDR manipulation.
— https://redops.at/en/blog/a-story-about-tampering-edrs
Anti-virus alone is no longer sufficient to enable organizations to prevent, understand and respond to more complex attacks. As a result, more and more organizations are turning to a combination of antivirus (AV) / endpoint protection (EPP) and endpoint detection and response (EDR) systems. As a result, it has become much more difficult in recent years for attackers, including red teamers, to operate undetected or as quietly as possible on the compromised endpoint. Attackers are constantly finding new ways to bypass EDRs, such as direct or indirect system calls, and EDR vendors are constantly making improvements. In short, it is a constant game of cat and mouse. In this article, however, we will not focus on EDR bypassing, but rather on EDR manipulation.
— https://redops.at/en/blog/a-story-about-tampering-edrs
Deep Dive Into a PoshC2
PoshC2 is an open-source C2 framework used by penetration testers and threat actors. It can
generate a Powershell-based implant, a C#.NET implant that we analyze in this paper, and a
Python3 implant..:
— https://resources.securityscorecard.com/research/poshc2-implant#page=1
PoshC2 is an open-source C2 framework used by penetration testers and threat actors. It can
generate a Powershell-based implant, a C#.NET implant that we analyze in this paper, and a
Python3 implant..:
— https://resources.securityscorecard.com/research/poshc2-implant#page=1
SecurityScorecard
Resources
Explore cybersecurity white papers, data sheets, webinars, videos, informative blogs, and more with SecurityScorecard.
YouTube as cloud storage for ANY files, not just video
https://github.com/DvorakDwarf/Infinite-Storage-Glitch
https://github.com/DvorakDwarf/Infinite-Storage-Glitch
NIST Cybersecurity Framework 2.0 Concept Paper: Potential Significant Updates to the Cybersecurity Framework
Jan 19, 2023
https://www.nist.gov/system/files/documents/2023/01/19/CSF_2.0_Concept_Paper_01-18-23.pdf
Jan 19, 2023
https://www.nist.gov/system/files/documents/2023/01/19/CSF_2.0_Concept_Paper_01-18-23.pdf
Spy Extension
Chrome extension will steal literally everything it can. User discretion advised.
— https://github.com/msfrisbie/spy-extension
Chrome extension will steal literally everything it can. User discretion advised.
— https://github.com/msfrisbie/spy-extension
GitHub
GitHub - classvsoftware/spy-extension: A Chrome extension that will steal literally everything it can
A Chrome extension that will steal literally everything it can - classvsoftware/spy-extension
WAF Bypass Tool
WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads:
— https://github.com/nemesida-waf/waf-bypass
WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads:
— https://github.com/nemesida-waf/waf-bypass
GitHub
GitHub - nemesida-waf/waf-bypass: Check your WAF before an attacker does
Check your WAF before an attacker does. Contribute to nemesida-waf/waf-bypass development by creating an account on GitHub.
Linux System Checker Script Tool
Linux System Checker Tool Script it is a bash noscript which can show system info, system load info, test disk speed I/O, show free space and more... System Checker can checks and shows Linux system info like as:
▫️ System Information
▫️ CPU and Memory Information
▫️ Boot Information
▫️ Mount and HDD IO Info
▫️ Top 5 memory and CPU usage processes
▫️ Speedtest
▫️ Defined Systemd Units Services State
▫️ Logged/Process users info
▫️ Listen ports
▫️ Running systemd units as list/tree
▫️ Unowned files
- [en]: Linux System Checker
- [ru]: Скрипт проверки Linux
Linux System Checker Tool Script it is a bash noscript which can show system info, system load info, test disk speed I/O, show free space and more... System Checker can checks and shows Linux system info like as:
▫️ System Information
▫️ CPU and Memory Information
▫️ Boot Information
▫️ Mount and HDD IO Info
▫️ Top 5 memory and CPU usage processes
▫️ Speedtest
▫️ Defined Systemd Units Services State
▫️ Logged/Process users info
▫️ Listen ports
▫️ Running systemd units as list/tree
▫️ Unowned files
- [en]: Linux System Checker
- [ru]: Скрипт проверки Linux
Azure AD Incident Response PowerShell Module
— https://github.com/AzureAD/Azure-AD-Incident-Response-PowerShell-Module
— https://github.com/AzureAD/Azure-AD-Incident-Response-PowerShell-Module
GitHub
GitHub - AzureAD/Azure-AD-Incident-Response-PowerShell-Module: The Azure Active Directory Incident Response PowerShell module provides…
The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Resp...