Mihari is a tool for OSINT based threat hunting

— https://github.com/ninoseki/mihari

APT Simulator

APT Simulator is a Windows Batch noscript that uses a set of tools and output files to make a system look as if it was compromised. In contrast to other adversary simulation tools, APT Simulator is designed to make the application as simple as possible..:

— https://github.com/NextronSystems/APTSimulator

#tool #review

/ Free Copilot analog from Amazon

https://aws.amazon.com/codewhisperer/

New side-channel attack to Intel CPU report

Abstract—The transient execution attack is a type of attack leveraging the vulnerability of modern CPU optimization technologies. New attacks surface rapidly. The side-channel is a key part of transient execution attacks to leak data

Kubernetes Goat

The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security:

— https://github.com/madhuakula/kubernetes-goat

Subdomain enumeration with Subxenum Python tool

— https://github.com/Adkali/Subxenum

Attack Campaign that Uses Fake Google Chrome Error to Distribute Malware from Compromised Websites

Research:

— https://insight-jp.nttsecurity.com/post/102icvb/attack-campaign-that-uses-fake-google-chrome-error-to-distribute-malware-from-com

GC2 (Google Command and Control) is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrates data using Google Drive:

— https://github.com/looCiprian/GC2-sheet

Linkedin - Can delete other user's post and company page post

disclosed report:

— https://hackerone.com/reports/337755

Тезисно о том, как можно получить Open Source - All Product Pack лицензию от JetBrains

Все просто - делай вклад в этот мир и тебе воздастся ;)

— https://youtu.be/9DMnXS0ifAA

Vimeo SSRF with code execution potential

— https://infosecwriteups.com/vimeo-ssrf-with-code-execution-potential-68c774ba7c1e

Postgres Guru | Базы данных - Админ PostgreSQL ведет свой канал

Записывает заметки, разные SQL полезности из личной практики:

-- https://news.1rj.ru/str/pg_guru

Big Collection for System Designers…

🔸 What are database isolation levels
🔸 What is IaaS/PaaS/SaaS
🔸 What is SSO (Single Sign-On)
🔸 How to store passwords safely in the database
🔸 How does HTTPS work
🔸 ..and more and more….

An Introduction into Sleep Obfuscation

The goal of this post is to break down this technique:

— https://dtsec.us/2023-04-24-Sleep/

Hiding in Plain Sight: Unlinking Malicious DLLs from the PEB

In this post, we take a look at an anti-forensics technique that malware can leverage to hide injected DLLs. We dive into specific details of the Windows Process Environment Block (PEB) and how to abuse it to hide a malicious loaded DLL:

— https://blog.christophetd.fr/dll-unlinking/

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection

https://github.com/LordNoteworthy/al-khaser

eBPF Observability Tools Are Not Security Tools

https://www.brendangregg.com/blog/2023-04-28/ebpf-security-issues.html

Ethical Hacking in 15 Hours - 2023 Edition - Learn to Hack (Parts 1, 2)

— https://youtu.be/3FNYvj2U0HM
— https://youtu.be/sH4JCwjybGs

Python noscript as Systemd

example:
— https://docs.rockylinux.org/gemstones/systemd_service_for_python_noscript/