The Maginot Line: Attacking the Boundary of DNS Caching Protection
https://www.usenix.org/system/files/usenixsecurity23-li-xiang.pdf
https://www.usenix.org/system/files/usenixsecurity23-li-xiang.pdf
GPT based tool for understanding the tactics, techniques, and procedures (TTPs) used by threat actors
🔹 https://attackgen.streamlit.app/
Git - https://github.com/mrwadams/attackgen
Git - https://github.com/mrwadams/attackgen
Please open Telegram to view this post
VIEW IN TELEGRAM
Streamlit
AttackGen is a cybersecurity incident response testing tool that leverages the power of large lan...
Domain Audit - Wrapper around PowerView, Impacket, PowerUpSQL, BloodHound, Ldaprelayscan and Crackmapexec to automate the execution of enumeration and a lot of checks performed during a On-Prem Active Directory Penetrationtest
— https://github.com/0xJs/domain_audit
— https://github.com/0xJs/domain_audit
GitHub
GitHub - 0xJs/domain_audit: Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.
Audit tool for Active Directory. Automates a lot of checks from a pentester perspective. - 0xJs/domain_audit
XLoader’s Latest Trick | New macOS Variant Disguised as Signed OfficeNote App
https://www.sentinelone.com/blog/xloaders-latest-trick-new-macos-variant-disguised-as-signed-officenote-app/
https://www.sentinelone.com/blog/xloaders-latest-trick-new-macos-variant-disguised-as-signed-officenote-app/
SentinelOne
XLoader’s Latest Trick | New macOS Variant Disguised as Signed OfficeNote App
Notorious botnet and infostealer XLoader makes a return to macOS with a new dropper and malware payload.
Mitigation steps for Ivanti API Authentication Bypass on Sentry Administrator Interface - CVE-2023-38035
https://forums.ivanti.com/s/article/KB-API-Authentication-Bypass-on-Sentry-Administrator-Interface-CVE-2023-38035?language=en_US
— CVE-2023-38035 – API Authentication Bypass on Sentry Administrator Interface 😎
https://forums.ivanti.com/s/article/KB-API-Authentication-Bypass-on-Sentry-Administrator-Interface-CVE-2023-38035?language=en_US
— CVE-2023-38035 – API Authentication Bypass on Sentry Administrator Interface 😎
Ivanti
KB API Authentication Bypass on Sentry Administrator Interface - CVE-2023-38035
<span style="font-size: 11pt;"><span style="line-height: 107%;"><span style="font-family: Calibri,sans-serif;"><span style="font-family: "Arial",sans-serif;">A vulnerability has been discovered in Ivanti Sentry, formerly MobileIron Sentry. This vulnerability…
Forwarded from Sys-Admin InfoSec
What new we have in OpenBLD.net today:
What will updated:
bld.sys-adm.in will be converted to ada.openbld.net Please open Telegram to view this post
VIEW IN TELEGRAM
openbld.net
OpenBLD.net - fast, free DNS that blocks ads, trackers, malware — with DoH, DoT, GeoDNS | OpenBLD.net DNS - Block advertising,…
OpenBLD.net — ultra-fast DNS with ad blocking and proactive cybersecurity. Be yourself, be focused.
Bypass Two-Factor Authentication of Facebook Accounts ($25,300)
In this writeup, author will explain how did he discover a Two-Factor Authentication bypass in Facebook during Meta bug bounty Researchers conference in Seoul, South Korea, 2023..:
— https://medium.com/@bazzounbassem/bypass-two-factor-authentication-of-facebook-accounts-25-300-7ae152d7836a
In this writeup, author will explain how did he discover a Two-Factor Authentication bypass in Facebook during Meta bug bounty Researchers conference in Seoul, South Korea, 2023..:
— https://medium.com/@bazzounbassem/bypass-two-factor-authentication-of-facebook-accounts-25-300-7ae152d7836a
Medium
Bypass Two-Factor Authentication of Facebook Accounts ($25,300)
In this writeup, I will explain how I discovered a Two-Factor Authentication bypass in Facebook during Meta bug bounty Researchers…
A POC of the ContainYourself research presented in DEF CON 31, which abuses the Windows containers framework to bypass EDRs
https://github.com/deepinstinct/ContainYourself
https://github.com/deepinstinct/ContainYourself
GitHub
GitHub - deepinstinct/ContainYourself: A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers…
A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs. - deepinstinct/ContainYourself
Visual recognize how data structures are used in our daily lives
🔹 list: keep your Twitter feeds
🔹 stack: support undo/redo of the word editor
🔹 queue: keep printer jobs, or send user actions in-game
🔹 heap: task scheduling
🔹 tree: keep the HTML document, or for AI decision
🔹 suffix tree: for searching string in a document
🔹 graph: for tracking friendship, or path finding
🔹 r-tree: for finding the nearest neighbor
🔹 vertex buffer: for sending data to GPU for rendering
Please open Telegram to view this post
VIEW IN TELEGRAM
NoFilter - Abusing Windows Filtering Platform for Privilege Escalation
https://www.deepinstinct.com/blog/nofilter-abusing-windows-filtering-platform-for-privilege-escalation
https://www.deepinstinct.com/blog/nofilter-abusing-windows-filtering-platform-for-privilege-escalation
Deep Instinct
#NoFilter - Abusing Windows Filtering Platform for Privilege Escalation | Deep Instinct
This blog is based on a session we presented at DEF CON 2023 on Sunday, August 13, 2023, in Las Vegas. Privilege escalation is a common attack vector in the Windows OS. There are multiple offensive tools in the wild that can execute code as “NT AUTHORITY\SYSTEM”…
Smoke Loader Drops Whiffy Recon Wi-fi Scanning And Geolocation Malware
— https://www.secureworks.com/blog/smoke-loader-drops-whiffy-recon-wi-fi-scanning-and-geolocation-malware
— https://www.secureworks.com/blog/smoke-loader-drops-whiffy-recon-wi-fi-scanning-and-geolocation-malware
Secureworks
Smoke Loader Drops Whiffy Recon Wi-Fi Scanning and Geolocation Malware
Learn how threat actors could use the geolocation data to track compromised systems.
FBI-CVE-2023-2868.pdf
1.1 MB
Suspected PRC Cyber ActorsContinue to Globally Exploit Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868)
As a part of the FBI investigation into the exploitation of CVE-2023-2868, a zero-day
vulnerability in Barracuda Network’s Email Security Gateway (ESG) appliances
As a part of the FBI investigation into the exploitation of CVE-2023-2868, a zero-day
vulnerability in Barracuda Network’s Email Security Gateway (ESG) appliances
Top-25-Penetration-Testing-Tools-(2023).pdf
203.3 KB
Penetration Testing Tools List with tool name and denoscriptions
PoC exploit for 0-day Windows Error Reporting Service bug (CVE-2023-36874) releases
https://securityonline.info/poc-exploit-for-0-day-windows-error-reporting-service-bug-cve-2023-36874-releases/
https://securityonline.info/poc-exploit-for-0-day-windows-error-reporting-service-bug-cve-2023-36874-releases/
Cybersecurity News
PoC exploit for 0-day Windows Error Reporting Service bug (CVE-2023-36874) releases
PoC exploit code will be released for a zero-day vulnerability (CVE-2023-36874) allowing privilege escalation in Microsoft Windows.
Splunk EASM Worker
he EASM Worker is a REST API wrapper around open-source recon tools..:
https://github.com/gf13579/splunk_easm_worker
he EASM Worker is a REST API wrapper around open-source recon tools..:
https://github.com/gf13579/splunk_easm_worker
GitHub
GitHub - gf13579/splunk_easm_worker
Contribute to gf13579/splunk_easm_worker development by creating an account on GitHub.
AttackSurfaceMapper
AttackSurfaceMapper (ASM) is a reconnaissance tool that uses a mixture of open source intelligence and active techniques to expand the attack surface of your target..:
🔸 https://github.com/superhedgy/AttackSurfaceMapper
AttackSurfaceMapper (ASM) is a reconnaissance tool that uses a mixture of open source intelligence and active techniques to expand the attack surface of your target..:
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - superhedgy/AttackSurfaceMapper: AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
AttackSurfaceMapper is a tool that aims to automate the reconnaissance process. - superhedgy/AttackSurfaceMapper