NEW BOT Телеграм, страница - 266053309

Sys-Admin Up

1.06K subscribers

132 photos

4 videos

127 files

2.23K links

InfoSec, Hacks, Perks, Tools, IT/IS Courses, CVE… Contains part of the news that was not included in the Sys-Admin & InfoSec Channel (@sysadm_in_channel)

Download Telegram

About

Blog

Apps

Platform

1.06K subscribers

Knocking on Hell's Gate - EDR Evasion Through Direct Syscalls

🔹

https://labs.en1gma.co/malwaredevelopment/evasion/security/2023/08/14/syscalls.html

Please open Telegram to view this post

VIEW IN TELEGRAM

302 viewsYevgeniy Goncharov, edited 01:55

CFP-комитет OFFZONE 2023 завершил отбор

На сайте конференции организаторы готовы рассказать, какие доклады будут на OFFZONE 2023.

Программа будет пополняться, обновление можно отследить на сайте

• https://offzone.moscow/program/

2.41K viewsYevgeniy Goncharov, 02:18

https://www.youtube.com/live/mTwvdt0GSaI?feature=share

WebApp Hacking Live!

285 viewsYevgeniy Goncharov, 05:19

https://tunnelcrack.mathyvanhoef.com/details.html

TunnelCrack: Widespread design flaws in VPN clients

We present two widespread design flaws in VPN client. These can be abused to make a victim leak traffic in plaintext outside the protected VPN tunnel.

288 viewsYevgeniy Goncharov, 08:40

Awareness about Awareness. Part 2

Several years ago I spoke on KHS 2018 about of Awareness with presentation named - Awareness about Awareness…

Now I see - classical awarenes model working not adequately… On KHS 2023 we will try to consider why it is so, what to do about it…

On this conference will many cooll speakers, cybersec/infosec subjects, people. Will meet on KHS 20223! ✊

Details on official KHS site:
🔹. https://kazhackstan.com

Please open Telegram to view this post

VIEW IN TELEGRAM

2.44K viewsYevgeniy Goncharov, 10:06

ProxyNation: The dark nexus between proxy apps and malware

https://cybersecurity.att.com/blogs/labs-research/proxynation-the-dark-nexus-between-proxy-apps-and-malware

ProxyNation: Malware-Driven Proxy Surge

LevelBlue Labs uncovers a vast malware campaign delivering hidden proxies. Explore the threat landscape

275 viewsYevgeniy Goncharov, 10:20

JCDC_RMM_Cyber_Defense_Plan.pdf

Cyber Defence RMM Plan from CISA

266 viewsYevgeniy Goncharov, edited 00:51

Amsi Bypass payload that works on Windwos 11

https://github.com/senzee1984/Amsi_Bypass_In_2023

GitHub - senzee1984/Amsi_Bypass_In_2023: Amsi Bypass payload that works on Windwos 11

Amsi Bypass payload that works on Windwos 11. Contribute to senzee1984/Amsi_Bypass_In_2023 development by creating an account on GitHub.

264 viewsYevgeniy Goncharov, 01:05

Unwanted Guests: Mitigating Remote Access Trojan Infection Risk

https://www.uptycs.com/blog/remote-access-trojan-qwixx-telegram

Remote Access Trojan: Mitigating Infection Risk of Unwanted Guests

Read about QwixxRAT, a new Remote Access Trojan infiltrating devices via Telegram & Discord: technical analysis & protective measures

2.41K viewsYevgeniy Goncharov, 11:03

📲

Mobile PenTest Tools…

Please open Telegram to view this post

VIEW IN TELEGRAM

303 viewsYevgeniy Goncharov, edited 11:45

Learn to Hack

Over 27 Hours of Free Hacking Material

https://academy.tcm-sec.com/p/learn-penetration-testing-free

Learn Penetration Testing for FREE

Check out our collection of FREE resources to learn penetration testing including YouTube videos, free courses, blogs, and community support.

286 viewsYevgeniy Goncharov, 12:45

https://radar.cloudflare.com/security-and-attacks/kz

294 viewsYevgeniy Goncharov, 12:57

ML in Apple apps through Core ML

https://developer.apple.com/documentation/coreml

Apple Developer Documentation

Core ML | Apple Developer Documentation

Integrate machine learning models into your app.

266 viewsYevgeniy Goncharov, 10:40

The Maginot Line: Attacking the Boundary of DNS Caching Protection

https://www.usenix.org/system/files/usenixsecurity23-li-xiang.pdf

269 viewsYevgeniy Goncharov, 10:43

GPT based tool for understanding the tactics, techniques, and procedures (TTPs) used by threat actors

🔹

https://attackgen.streamlit.app/

Git - https://github.com/mrwadams/attackgen

Please open Telegram to view this post

VIEW IN TELEGRAM

AttackGen is a cybersecurity incident response testing tool that leverages the power of large lan...

296 viewsYevgeniy Goncharov, 03:23

Domain Audit - Wrapper around PowerView, Impacket, PowerUpSQL, BloodHound, Ldaprelayscan and Crackmapexec to automate the execution of enumeration and a lot of checks performed during a On-Prem Active Directory Penetrationtest

— https://github.com/0xJs/domain_audit

GitHub - 0xJs/domain_audit: Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.

Audit tool for Active Directory. Automates a lot of checks from a pentester perspective. - 0xJs/domain_audit

295 viewsYevgeniy Goncharov, 05:38

XLoader’s Latest Trick | New macOS Variant Disguised as Signed OfficeNote App

https://www.sentinelone.com/blog/xloaders-latest-trick-new-macos-variant-disguised-as-signed-officenote-app/

XLoader’s Latest Trick | New macOS Variant Disguised as Signed OfficeNote App

Notorious botnet and infostealer XLoader makes a return to macOS with a new dropper and malware payload.

2.34K viewsYevgeniy Goncharov, 09:52

Smart Bulbs can be Hacked to Hack into your Household

https://arxiv.org/pdf/2308.09019.pdf

247 viewsYevgeniy Goncharov, edited 15:38

Mitigation steps for Ivanti API Authentication Bypass on Sentry Administrator Interface - CVE-2023-38035

https://forums.ivanti.com/s/article/KB-API-Authentication-Bypass-on-Sentry-Administrator-Interface-CVE-2023-38035?language=en_US

— CVE-2023-38035 – API Authentication Bypass on Sentry Administrator Interface 😎

KB API Authentication Bypass on Sentry Administrator Interface - CVE-2023-38035

<span style="font-size: 11pt;"><span style="line-height: 107%;"><span style="font-family: Calibri,sans-serif;"><span style="font-family: "Arial",sans-serif;">A vulnerability has been discovered in Ivanti Sentry, formerly MobileIron Sentry. This vulnerability…

247 viewsYevgeniy Goncharov, edited 10:05

Forwarded from Sys-Admin InfoSec

📢

OpenBLD.net DNS

🤬

H1 2023 Updates & News

What new we have in OpenBLD.net today:
🔹 New optimized DNS Fronted / Backend engines
🔹 Updated Geo Localized ecosystem
🔹 New integrated centralize Cactusd service
🔹 Optimized works with free video services (rezka, seasonwar), social networks and etc.
🔹 Integrated new Free SSL feature from ClouDNS
🔹 Testing Netdata (ML) Powered Anomaly Detection 🔩

What will updated:

🟡

🔴 On this month bld.sys-adm.in will be converted to ada.openbld.net
😎 Re-setup your browsers, devies and etc from *.sys-adm.in to ada.openbld.net

😎

Be yourself - be focused with OpenBLD.net DNS - https://lab.sys-adm.in

✌️

Please open Telegram to view this post

VIEW IN TELEGRAM

OpenBLD.net - fast, free DNS that blocks ads, trackers, malware — with DoH, DoT, GeoDNS | OpenBLD.net DNS - Block advertising,…

OpenBLD.net — ultra-fast DNS with ad blocking and proactive cybersecurity. Be yourself, be focused.

212 viewsYevgeniy Goncharov, 11:18

Bypass Two-Factor Authentication of Facebook Accounts ($25,300)

In this writeup, author will explain how did he discover a Two-Factor Authentication bypass in Facebook during Meta bug bounty Researchers conference in Seoul, South Korea, 2023..:

— https://medium.com/@bazzounbassem/bypass-two-factor-authentication-of-facebook-accounts-25-300-7ae152d7836a

Bypass Two-Factor Authentication of Facebook Accounts ($25,300)

In this writeup, I will explain how I discovered a Two-Factor Authentication bypass in Facebook during Meta bug bounty Researchers…

270 viewsYevgeniy Goncharov, edited 14:39