Chaos-Rootkit
Is a x64 kernel-mode rootkit that can hide processes or elevate their privileges, work on the latest Windows versions:
— https://github.com/ZeroMemoryEx/Chaos-Rootkit
Is a x64 kernel-mode rootkit that can hide processes or elevate their privileges, work on the latest Windows versions:
— https://github.com/ZeroMemoryEx/Chaos-Rootkit
GitHub
GitHub - ZeroMemoryEx/Chaos-Rootkit: Now You See Me, Now You Don't
Now You See Me, Now You Don't . Contribute to ZeroMemoryEx/Chaos-Rootkit development by creating an account on GitHub.
MacStealer: New macOS-based Stealer Malware Identified
https://www.uptycs.com/blog/macstealer-command-and-control-c2-malware
https://www.uptycs.com/blog/macstealer-command-and-control-c2-malware
Uptycs
MacStealer: New MacOS-based Stealer Malware Identified
Protect your Mac from the new MacStealer malware identified by Uptycs. Learn how it extracts sensitive information and spreads via Telegram.
Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example.
This post is the result of research on try to evasion AV engines via encrypting payload with another function: GSM A5/1 algorithm:
— https://cocomelonc.github.io/malware/2023/03/24/malware-av-evasion-14.html
This post is the result of research on try to evasion AV engines via encrypting payload with another function: GSM A5/1 algorithm:
— https://cocomelonc.github.io/malware/2023/03/24/malware-av-evasion-14.html
usenix2023-wifi.pdf
190.2 KB
Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues
teamcity_whitepaper_cloud_cost.pdf
468.4 KB
15 Ways to Optimize Your Cloud CI/CD Costs
Malwoverview
… threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest:
— https://github.com/alexandreborges/malwoverview
… threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest:
— https://github.com/alexandreborges/malwoverview
Efficient SIEM and Detection Engineering in 10 steps
— https://maciejszymczyk.medium.com/efficient-siem-and-detection-engineering-in-10-steps-c82402a70dbd
— https://maciejszymczyk.medium.com/efficient-siem-and-detection-engineering-in-10-steps-c82402a70dbd
Medium
Efficient SIEM and Detection Engineering in 10 steps
SIEM systems and detection engineering are not just about data and detection rules. Planning and processes are becoming increasingly…
Container Security Checklist: From the image to the workload
— https://github.com/krol3/container-security-checklist
— https://github.com/krol3/container-security-checklist
GitHub
GitHub - krol3/container-security-checklist: Checklist for container security - devsecops practices
Checklist for container security - devsecops practices - krol3/container-security-checklist
A cross-platform, collaborative, Command & Control framework written in C#, designed for red teaming and ease of use
— https://github.com/DragoQCC/HardHatC2
— https://github.com/DragoQCC/HardHatC2
GitHub
GitHub - DragoQCC/CrucibleC2: A C# Command & Control framework
A C# Command & Control framework . Contribute to DragoQCC/CrucibleC2 development by creating an account on GitHub.
Dissecting AlienFox | The Cloud Spammer’s Swiss Army Knife
https://www.sentinelone.com/labs/dissecting-alienfox-the-cloud-spammers-swiss-army-knife/
https://www.sentinelone.com/labs/dissecting-alienfox-the-cloud-spammers-swiss-army-knife/
SentinelOne
Dissecting AlienFox | The Cloud Spammer’s Swiss Army Knife
A sophisticated new toolset is being used to harvest credentials from multiple cloud service providers, including AWS SES and Microsoft Office 365.
Solidity audits and secure development material
This repo contains most of the practical examples and exercises that I use during my lectures about Solidity security and auditing:
— https://github.com/jcsec-security/solidity-security-teaching-resources/
This repo contains most of the practical examples and exercises that I use during my lectures about Solidity security and auditing:
— https://github.com/jcsec-security/solidity-security-teaching-resources/
GitHub
GitHub - jcsec-security/solidity-security-course-resources: Course material about common vulnerabilities, security and audits of…
Course material about common vulnerabilities, security and audits of Solidity smart contracts that I use during my lectures - jcsec-security/solidity-security-course-resources
ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access
— https://www.mandiant.com/resources/blog/alphv-ransomware-backup
— https://www.mandiant.com/resources/blog/alphv-ransomware-backup
Google Cloud Blog
ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access | Mandiant | Google Cloud Blog
Microsoft Azure AD Assessment
PoweShell module noscript:
— https://github.com/AzureAD/AzureADAssessment
PoweShell module noscript:
— https://github.com/AzureAD/AzureADAssessment
GitHub
GitHub - AzureAD/AzureADAssessment: Tooling for assessing an Azure AD tenant state and configuration
Tooling for assessing an Azure AD tenant state and configuration - AzureAD/AzureADAssessment
PoC CVE-2023-27532 (Veeam Backup & Replication)
Proof of Concept code to exploit CVE-2023-27532 and either leak plaintext credentials or perform remote command execution:
— https://github.com/sfewer-r7/CVE-2023-27532
Proof of Concept code to exploit CVE-2023-27532 and either leak plaintext credentials or perform remote command execution:
— https://github.com/sfewer-r7/CVE-2023-27532