Introduction to Mythic C2
What is Mythic - Cross-platform, post-exploit, red teaming framework built with GoLang, docker, docker-compose, and a web browser UI. Article with using examples and etc:
— https://redsiege.com/blog/2023/06/introduction-to-mythic-c2/
What is Mythic - Cross-platform, post-exploit, red teaming framework built with GoLang, docker, docker-compose, and a web browser UI. Article with using examples and etc:
— https://redsiege.com/blog/2023/06/introduction-to-mythic-c2/
Increased Truebot Activity Infects U.S. and Canada Based Networks
Deploy from phishing and exloitation some CVE..
IOC domains sended to OpenBLD.net DNS:
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-187a
Deploy from phishing and exloitation some CVE..
IOC domains sended to OpenBLD.net DNS:
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-187a
DevOps_Q-and-A.pdf
1.3 MB
DevOps Interview Questions and Answers
Today info about of OpenBLD.net DNS added to AdGuard Wiki KnowledgeBaseDNS repo 🎉
StackRot (CVE-2023-3269): Linux kernel privilege escalation vulnerability
https://github.com/lrh2000/StackRot
https://github.com/lrh2000/StackRot
GitHub
GitHub - lrh2000/StackRot: CVE-2023-3269: Linux kernel privilege escalation vulnerability
CVE-2023-3269: Linux kernel privilege escalation vulnerability - lrh2000/StackRot
100 Methods for Container Attacks(RTC0010)
Container escape, tampering, insecure orchestration and etc.:
— https://redteamrecipe.com/100-Method-For-Container-Attacks/
Container escape, tampering, insecure orchestration and etc.:
— https://redteamrecipe.com/100-Method-For-Container-Attacks/
CVE-2023-36460: mastodon: Arbitrary file creation through media attachmentshttps://www.openwall.com/lists/oss-security/2023/07/06/4
Living Off The Land Applications: Sowing the seeds for application exploitation ease
https://lolapps-project.github.io/#
https://lolapps-project.github.io/#
A memory-based evasion technique which makes shellcode invisible from process start to end.
https://github.com/lem0nSec/ShellGhost
https://github.com/lem0nSec/ShellGhost
GitHub
GitHub - lem0nSec/ShellGhost: A memory-based evasion technique which makes shellcode invisible from process start to end.
A memory-based evasion technique which makes shellcode invisible from process start to end. - lem0nSec/ShellGhost
Exploring TA453's Foray into LNKs and Mac Malware
https://www.proofpoint.com/us/blog/threat-insight/welcome-new-york-exploring-ta453s-foray-lnks-and-mac-malware
https://www.proofpoint.com/us/blog/threat-insight/welcome-new-york-exploring-ta453s-foray-lnks-and-mac-malware
Proofpoint
Welcome to New York: Exploring TA453's Foray into LNKs and Mac Malware | Proofpoint US
Key Takeaways TA453 continues to adapt its malware arsenal, deploying novel file types and targeting new operating systems, specifically sending Mac malware to one of its recent targets.
Phemedrone stealer. New day, new threats
ToC:
— Discovery history
— Disassembling the internals
— Interesting facts
— Indicators of compromise
— Conclusion
— https://medium.com/@filexploit/phemedrone-stealer-new-day-new-threats-464fa6f9dbab
ToC:
— Discovery history
— Disassembling the internals
— Interesting facts
— Indicators of compromise
— Conclusion
— https://medium.com/@filexploit/phemedrone-stealer-new-day-new-threats-464fa6f9dbab
Medium
Phemedrone stealer. New day, new threats.
Every day there is more and more open source software in the world. On the one hand, it is a positive thing that moves the whole society…
Скоро в Алматы, 16 сентября, мы будем проводить пятую открытую конференцию Open SysConf.io
Где может каждый прийти и поделиться/послушать доклады, ресерчи или просто пообщаться, познакомиться со специалистами из разных ИТ областей:
https://news.1rj.ru/str/OpenSysConf/1679
Где может каждый прийти и поделиться/послушать доклады, ресерчи или просто пообщаться, познакомиться со специалистами из разных ИТ областей:
https://news.1rj.ru/str/OpenSysConf/1679
Telegram
lexrrr in Open SysConf
Всем привет!
⚡️Мы рады представить вам нашего инфо-партнера конференции KazHackStan - Sys-Admin InfoSec!
💥 Sys-Admin InfoSec - это уникальный паблик, в котором можно найти последние новости, статьи и информацию о системном администрировании, сетевых технологиях…
⚡️Мы рады представить вам нашего инфо-партнера конференции KazHackStan - Sys-Admin InfoSec!
💥 Sys-Admin InfoSec - это уникальный паблик, в котором можно найти последние новости, статьи и информацию о системном администрировании, сетевых технологиях…
osint_from_zero_to_hero.pdf
73.6 KB
Cert / Cource (free/paid) Links collection
GitLab Security Incident Response Guide
https://about.gitlab.com/handbook/security/security-operations/sirt/sec-incident-response.html
https://about.gitlab.com/handbook/security/security-operations/sirt/sec-incident-response.html
Forwarded from Sys-Admin InfoSec
⚠️ Reminding/Notice. bld.sys-adm.in will migrate to OpenBLD.net
Review and resetup all DoT, DoH, DNS setings to OpenBLD.net please.
Keep in mind - On this IP addresess will only remain DoT, DoH:
-
-
Review and resetup all DoT, DoH, DNS setings to OpenBLD.net please.
Keep in mind - On this IP addresess will only remain DoT, DoH:
-
49.12.234.130-
135.125.204.230Secrets Revealed in Container Images:
An Internet-wide Study on Occurrence and Impact
https://arxiv.org/pdf/2307.03958.pdf
An Internet-wide Study on Occurrence and Impact
https://arxiv.org/pdf/2307.03958.pdf
TTPs: BadStrings
In this writeup we discuss a mutli-step methodology for beating string detection by Mandiant's FLOSS string deobfuscator:
— https://steve-s.gitbook.io/0xtriboulet/ttps/ttps-badstrings
In this writeup we discuss a mutli-step methodology for beating string detection by Mandiant's FLOSS string deobfuscator:
— https://steve-s.gitbook.io/0xtriboulet/ttps/ttps-badstrings
steve-s.gitbook.io
TTPs: BadStrings | 0xTriboulet
In this writeup we discuss a mutli-step methodology for beating string detection by Mandiant's FLOSS string deobfuscator