Free (9) short cources from GitLab
— GitLab 101. 1h - https://levelup.gitlab.com/courses/gitlab101
— GitLab 201. 1h - https://levelup.gitlab.com/courses/gitlab-201-certification
— GitLab CI/CD. 3h - https://levelup.gitlab.com/courses/continuous-integration-and-delivery-ci-cd-with-gitlab
— GitLab Security Essentials. 4 1/2h - https://levelup.gitlab.com/courses/security-essentials
— GitLab Technical Writing Fundamentals. 3h - https://levelup.gitlab.com/courses/gitlab-technical-writing-fundamentals
— GitLab with Git Essentials. 4h - https://levelup.gitlab.com/courses/gitlab-with-git-essentials
— GitLab Agile Project Management. 2 ½hours - https://levelup.gitlab.com/courses/gitlab-agile-project-management
— Remote Foundations Certification. 2h - https://levelup.gitlab.com/courses/remote-foundations
— TeamOps. 1-2h - https://levelup.gitlab.com/courses/teamops
— GitLab 101. 1h - https://levelup.gitlab.com/courses/gitlab101
— GitLab 201. 1h - https://levelup.gitlab.com/courses/gitlab-201-certification
— GitLab CI/CD. 3h - https://levelup.gitlab.com/courses/continuous-integration-and-delivery-ci-cd-with-gitlab
— GitLab Security Essentials. 4 1/2h - https://levelup.gitlab.com/courses/security-essentials
— GitLab Technical Writing Fundamentals. 3h - https://levelup.gitlab.com/courses/gitlab-technical-writing-fundamentals
— GitLab with Git Essentials. 4h - https://levelup.gitlab.com/courses/gitlab-with-git-essentials
— GitLab Agile Project Management. 2 ½hours - https://levelup.gitlab.com/courses/gitlab-agile-project-management
— Remote Foundations Certification. 2h - https://levelup.gitlab.com/courses/remote-foundations
— TeamOps. 1-2h - https://levelup.gitlab.com/courses/teamops
Edcast
Gitlab
LevelUp is GitLab's integrated talent enablement solution.
Cyber Security Glossary: Cyber Security Terms Listed From A To Z
https://www.allot.com/100-plus-cybersecurity-terms-definitions/
https://www.allot.com/100-plus-cybersecurity-terms-definitions/
Allot
100+ Cybersecurity Terms & Definitions You Should Know - Allot
Our cybersecurity glossary was compiled as a service to our customers to provide quick reference to over 100 important terms in the cybersecurity realm.
Forwarded from Sys-Admin InfoSec
В проекте OpenBLD.net DNS запущен режим OpenBLD+
Проект живет благодаря поддержке пользователей, сегодня есть возможность оформить подписку за 3$+, в замен получить:
• Персональную поддержку, помощь в расследовании Cybersecurity инцидентов
• Hardening, AppSec консультации, +консультации по SEO оптимизации Вашего сайта
• Улучшенная скорость доставки Вашего сайта/Домена пользователям OpenBLD.net DNS
• Лого компании или никнейм на сайте проекта со ссылкой на сайт или соц. профиль
• Unlimited доступ для выделенных IP
• Есть вопросы / предложения - welcome @sysadminkz
💪 Или просто закинь по братски на кофе ☕️
*en* - OpenBLD+ Benefits
*ru* - Что дает OpenBLD+
Проект живет благодаря поддержке пользователей, сегодня есть возможность оформить подписку за 3$+, в замен получить:
• Персональную поддержку, помощь в расследовании Cybersecurity инцидентов
• Hardening, AppSec консультации, +консультации по SEO оптимизации Вашего сайта
• Улучшенная скорость доставки Вашего сайта/Домена пользователям OpenBLD.net DNS
• Лого компании или никнейм на сайте проекта со ссылкой на сайт или соц. профиль
• Unlimited доступ для выделенных IP
• Есть вопросы / предложения - welcome @sysadminkz
💪 Или просто закинь по братски на кофе ☕️
*en* - OpenBLD+ Benefits
*ru* - Что дает OpenBLD+
Sys-Admin Up pinned «В проекте OpenBLD.net DNS запущен режим OpenBLD+ Проект живет благодаря поддержке пользователей, сегодня есть возможность оформить подписку за 3$+, в замен получить: • Персональную поддержку, помощь в расследовании Cybersecurity инцидентов • Hardening…»
BRUTEPRINT_Expose_Smartphone_Fingerprint_Authentication_to_Brute.pdf
3.4 MB
BRUTEPRINT: Expose Smartphone Fingerprint Authentication to Brute-force Attack
Technical paper
Technical paper
SecList
collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more
— https://github.com/danielmiessler/SecLists
collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more
— https://github.com/danielmiessler/SecLists
GitHub
GitHub - danielmiessler/SecLists: SecLists is the security tester's companion. It's a collection of multiple types of lists used…
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, pas...
Supply Chain Risk From Gigabyte App Center Backdoor
Recently, the Eclypsium platform began detecting suspected backdoor-like behavior within Gigabyte systems in the wild.
..analysis discovered that firmware in Gigabyte systems is dropping and executing a Windows native executable during the system startup process, and this executable then downloads and executes additional payloads insecurely. It uses the same techniques as other OEM backdoor-like features like Computrace backdoor (a.k.a. LoJack DoubleAgent)..:
https://eclypsium.com/blog/supply-chain-risk-from-gigabyte-app-center-backdoor/
Recently, the Eclypsium platform began detecting suspected backdoor-like behavior within Gigabyte systems in the wild.
..analysis discovered that firmware in Gigabyte systems is dropping and executing a Windows native executable during the system startup process, and this executable then downloads and executes additional payloads insecurely. It uses the same techniques as other OEM backdoor-like features like Computrace backdoor (a.k.a. LoJack DoubleAgent)..:
https://eclypsium.com/blog/supply-chain-risk-from-gigabyte-app-center-backdoor/
Eclypsium | Supply Chain Security for the Modern Enterprise
Supply Chain Risk from Gigabyte App Center Backdoor
Eclypsium Research discovers that Gigabyte motherboards have an embedded backdoor in their firmware, which drops a Windows executable that can download and execute additional payloads insecurely. The backdoor affects gaming PCs and high-end computers.
/ Discovering the origin host to bypass web application firewalls
— https://labs.detectify.com/2022/05/09/discovering-the-origin-host-to-bypass-waf/
— https://labs.detectify.com/2022/05/09/discovering-the-origin-host-to-bypass-waf/
Labs Detectify
New tool release: Discovering the origin host to bypass web application firewalls - Labs Detectify
TL/DR: Crowdsource hacker Luke “hakluke” Stephens documents a tool for discovering the origin host behind a reverse proxy which is useful for bypassing WAFs and other ...
How to attack to DevOps. Defence. Checkilists
1. How to attack to DevOps. 2. How to defence 3. Service configs checklists.
1. How to attack to DevOps. 2. How to defence 3. Service configs checklists.
DevSecOps Guides
Threat Intelligence
Guides for DevSecOps
Cyclops Ransomware and Stealer Combo: Exploring a Dual Threat
..new ransomware-as-a-service (RaaS) provider. In addition to offering ransomware services.. which compatible three major platforms: Windows, Linux, and macOS. Technical deep dive research.
..new ransomware-as-a-service (RaaS) provider. In addition to offering ransomware services.. which compatible three major platforms: Windows, Linux, and macOS. Technical deep dive research.
Uptycs
Cyclops Ransomware and Stealer Combo: Exploring a Dual Threat
The Uptycs threat intelligence team identified the presence of a Cyclops ransomware/stealer that threatens all three platforms: Windows, Linux, and macOS.
Offensive Bookmarks
I don’t check it, it is quite possible that there may be contains some pure) .. who will check, let me know later plz
— https://github.com/kargisimos/offensive-bookmarks
I don’t check it, it is quite possible that there may be contains some pure) .. who will check, let me know later plz
— https://github.com/kargisimos/offensive-bookmarks
GitHub
GitHub - kargisimos/offensive-bookmarks: A collection of bookmarks for penetration testers, bug bounty hunters, malware developers…
A collection of bookmarks for penetration testers, bug bounty hunters, malware developers, reverse engineers and anyone who is just interested in infosec topics. - kargisimos/offensive-bookmarks
Bypassing Defender with ThreatCheck & Ghidra
— https://offensivedefence.co.uk/posts/threatcheck-ghidra/
— https://offensivedefence.co.uk/posts/threatcheck-ghidra/
offensivedefence.co.uk
Bypassing Defender with ThreatCheck & Ghidra
Intro It should come as no surprise when payloads generated in their default state get swallowed up by Defender, as Microsoft have both the means and motivation to proactively produce signatures for open and closed source/commericial tooling. One tactic to…
Forwarded from Sys-Admin InfoSec
/ When Hackers hack the Hackers - Malware Analysis for a group targeting Malware Developers
Detailed analysis revealed Command & Control (C2) connections using Discord for communication.
https://www.r-tec.net/r-tec-blog-when-hackers-hack-the-hackers.html
P.S. Malicious domains with Cobalt Strike C2, Remcos C2 already blocked in OpenBLD.net DNS
Detailed analysis revealed Command & Control (C2) connections using Discord for communication.
https://www.r-tec.net/r-tec-blog-when-hackers-hack-the-hackers.html
P.S. Malicious domains with Cobalt Strike C2, Remcos C2 already blocked in OpenBLD.net DNS
www.r-tec.net
When Hackers hack the Hackers
In this post, the malware analysis process, as well as attacker activities and Indicators of Compromise (IoCs) are presented.
/ Analysis of CVE-2023-29336 Win32k Privilege Escalation Vulnerability (with POC)
https://www.numencyber.com/cve-2023-29336-win32k-analysis/
https://www.numencyber.com/cve-2023-29336-win32k-analysis/
Numen
Analysis of CVE-2023-29336 Win32k Privilege Escalation
Analyzing CVE-2023-29336 Win32k vulnerability, its exploitation, and mitigation measures in the context of evolving security practices.
toxssin
An XSS exploitation command-line interface and payload generator:
https://github.com/t3l3machus/toxssin
An XSS exploitation command-line interface and payload generator:
https://github.com/t3l3machus/toxssin
GitHub
GitHub - t3l3machus/toxssin: An XSS exploitation command-line interface and payload generator.
An XSS exploitation command-line interface and payload generator. - t3l3machus/toxssin
/ Skuld: The Infostealer that Speaks Golang
This new malware strain tries to steal sensitive information from its victims..:
https://www.trellix.com/en-us/about/newsroom/stories/research/skuld-the-infostealer-that-speaks-golang.html
This new malware strain tries to steal sensitive information from its victims..:
https://www.trellix.com/en-us/about/newsroom/stories/research/skuld-the-infostealer-that-speaks-golang.html
Trellix
Skuld: The Infostealer that Speaks Golang
In May 2023, the Trellix Advanced Research Center discovered a new Golang stealer, known as Skuld, that compromised systems worldwide. The malware targets sensitive information stored in certain applications, such as Discord and web browsers, and the Windows…