Forwarded from Sys-Admin InfoSec
In first - Big Thanks to the DNS Blocklists project for their significant contribution to "Keep the internet clean" ideology
In this quarter of 2023, I've introduced various enhancements to the OpenBLD.net ecosystem.
🔻 Here's the scoop:
1️⃣ OpenBLD.net now incorporates the DNS Blocklists project into its own DNS filtering mechanisms, ensuring a cleaner internet experience.
2️⃣ Successfully resolved major Apple content delivery issues for Eastern Europe, enhancing DNS delivery experience.
3️⃣ Experience a boost in DNS response speed by approximately 5%. The General pool is now around ~
111ms, while Local pools are at ~70ms.4️⃣ According to Alternativeto, OpenBLD.net stands out as an alternative to Quad9, NextDNS, AdGuard DNS, AhaDNS, and BlahDNS.
✨ And most importantly, OpenBLD.net is your go-to solution for a clean Internet – free from Ads, Tracking, Metrics, Telemetry, Phishing, Malware and all that other "Crap.” without agent installations and add-ins in your browsers.
Embrace yourself and stay focused with the power of clean Internet with https://openbld.net DNS 😎
#OpenBLD #DNS #InternetCleanse #Innovation
Please open Telegram to view this post
VIEW IN TELEGRAM
LDAPWordlistHarvester
A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts:
https://github.com/p0dalirius/LDAPWordlistHarvester
A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts:
https://github.com/p0dalirius/LDAPWordlistHarvester
EDRaser
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual:
https://github.com/SafeBreach-Labs/EDRaser
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual:
https://github.com/SafeBreach-Labs/EDRaser
GitHub
GitHub - SafeBreach-Labs/EDRaser: EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases,…
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. - SafeBreach...
JA4+ Network Fingerprinting
The use-cases for these fingerprints include scanning for threat actors, malware detection, session hijacking prevention, compliance automation, location tracking, DDoS detection, grouping of threat actors, reverse shell detection, and many more..:
https://blog.foxio.io/ja4-network-fingerprinting-9376fe9ca637
The use-cases for these fingerprints include scanning for threat actors, malware detection, session hijacking prevention, compliance automation, location tracking, DDoS detection, grouping of threat actors, reverse shell detection, and many more..:
https://blog.foxio.io/ja4-network-fingerprinting-9376fe9ca637
FoxIO Blog
JA4+ Network Fingerprinting
TL;DR
Recon-Like-A-Boss.pdf
1.3 MB
Recon Like A Boss
Presentation. Agenda:
🔹 Increase Your Attack Area
🔹 Determine Technologies used by Website.
🔹 Amazon Web Service (AWS) Recon & Hacking
🔹 Github Recon
🔹 Content Discovery
Presentation. Agenda:
Please open Telegram to view this post
VIEW IN TELEGRAM
Дофаминовая яма. Как мы губим свой мозг
-- https://www.youtube.com/watch?v=zW1jpm7tJuA
(Dopamine hole. How we destroy our brain)
-- https://www.youtube.com/watch?v=zW1jpm7tJuA
(Dopamine hole. How we destroy our brain)
YouTube
Дофаминовая яма. Как мы губим свой мозг
Практические программы, разработанные на базе современных исследований и открытий в области нейронаук: academy.kurpatov.ru
Постройте счастливую, наполненную смыслом жизнь, достигайте большего в карьере и бизнесе!
_______________________________________…
Постройте счастливую, наполненную смыслом жизнь, достигайте большего в карьере и бизнесе!
_______________________________________…
GPU.zip: On the Side-Channel Implications ofHardware-Based Graphical Data Compression
https://www.hertzbleed.com/gpu.zip/GPU-zip.pdf
2023_Cybersecurity_Risk_Report_1696315619.pdf
789.4 KB
2023 CyberSec Risks Report from CISO
🚀 Как достигать своих целей с Live Driving (c)
Например: "Выспаться", "Выучить английский", "Запустить свой проект", "Быть счастливым" - все эти цели вполне осуществимы, я бы сказал, что они жизненно важны.
Тем не менее, руки не доходят до собственных проектов, а счастье кажется где-то в далеком "светлом" будущем, которое может и не наступить.
Оглядись вокруг - мы уже в нужном месте, в нужное время, прямо здесь и сейчас. Все уже случилось!
😎 Некоторое время назад я создал свою точку опоры для достижения целей, которую назвал Live Driving - посредник между человеком и окружающим миром на пути к достижению целей.
Мы встречались 29 октября в Алматы - было здорово, как и всегда на наших встречах. Также есть мысль о встрече в Астане.
🔻 Кто хочет получить позитив, добро пожаловать - заполните форму участия в Live Driving.
Например: "Выспаться", "Выучить английский", "Запустить свой проект", "Быть счастливым" - все эти цели вполне осуществимы, я бы сказал, что они жизненно важны.
Тем не менее, руки не доходят до собственных проектов, а счастье кажется где-то в далеком "светлом" будущем, которое может и не наступить.
Оглядись вокруг - мы уже в нужном месте, в нужное время, прямо здесь и сейчас. Все уже случилось!
Мы встречались 29 октября в Алматы - было здорово, как и всегда на наших встречах. Также есть мысль о встрече в Астане.
Please open Telegram to view this post
VIEW IN TELEGRAM
.NET Assembly Obfuscation for Memory Scanner Evasion
-- https://www.r-tec.net/r-tec-blog-net-assembly-obfuscation-for-memory-scanner-evasion.html
-- https://www.r-tec.net/r-tec-blog-net-assembly-obfuscation-for-memory-scanner-evasion.html
www.r-tec.net
.NET Assembly Obfuscation for Memory Scanner Evasion
This blog post will give a short overview of how in-memory .NET assembly execution commonly works and what detection mechanisms exist.
Tools for CyberSec. Sorted by categories.
🔹 Exploitation:
- Burp Suite
- Cobalt Strike
- Core Impact
- ExploitDB
- Metasploit Framework
- SQL Map
- ZAP
🔹 Forensics:
- Autopsy
- Binwalk
- Foremost
- Guymager
- SluethKit
- Volatility
- Wireshark
🔹 Information Gathering:
- Amass
- Censys
- Gobuster
- Maltego
- Nmap
- OSINT Framework
- Recon-NG
- Shodan
- TheHarvester
🔹 Password Cracking:
- Cain & Abel
- Hashcat
- Hydra
- John The Ripper
- Medusa
- OPHCrack
- THC-Hydra
🔹 Software Engineering:
- Evilginx
- EvilURL
- GoPhish
- HiddenEye
- SET
- SocialFish
🔹 Vulnerability Scanning:
- Acunetix
- AppScan
- Invicti
- LYNIS
- Nessus
- Nexpose
- OpenVAS
- Retina
🔹 Web Application Assessment:
- App Spider
- Burp Suite
- Gobuster
- Nikto
- OWASP ZAP
- WPScan
- ZAP
🔹 Wireless Hacking:
- Aircrack-NG
- Airgeddon
- Airsnort
- Kismet
- Netstumbler
- Reaver
- TCPDump
- Wifite
#tools
- Burp Suite
- Cobalt Strike
- Core Impact
- ExploitDB
- Metasploit Framework
- SQL Map
- ZAP
- Autopsy
- Binwalk
- Foremost
- Guymager
- SluethKit
- Volatility
- Wireshark
- Amass
- Censys
- Gobuster
- Maltego
- Nmap
- OSINT Framework
- Recon-NG
- Shodan
- TheHarvester
- Cain & Abel
- Hashcat
- Hydra
- John The Ripper
- Medusa
- OPHCrack
- THC-Hydra
- Evilginx
- EvilURL
- GoPhish
- HiddenEye
- SET
- SocialFish
- Acunetix
- AppScan
- Invicti
- LYNIS
- Nessus
- Nexpose
- OpenVAS
- Retina
- App Spider
- Burp Suite
- Gobuster
- Nikto
- OWASP ZAP
- WPScan
- ZAP
- Aircrack-NG
- Airgeddon
- Airsnort
- Kismet
- Netstumbler
- Reaver
- TCPDump
- Wifite
#tools
Please open Telegram to view this post
VIEW IN TELEGRAM
Home Grown Red Team: LNK Phishing Revisited In 2023
-- https://assume-breach.medium.com/home-grown-red-team-lnk-phishing-revisited-in-2023-364daf70a06a
-- https://assume-breach.medium.com/home-grown-red-team-lnk-phishing-revisited-in-2023-364daf70a06a
Medium
Home Grown Red Team: LNK Phishing Revisited In 2023
All right so macros are out, ISOs, zips and password protected zips are all getting flagged. What’s an APT to do? Well, LNK files are still…
Extending NGINX with Rust (an Alternative to C)
-- https://www.nginx.com/blog/extending-nginx-with-rust-an-alternative-to-c/
-- https://www.nginx.com/blog/extending-nginx-with-rust-an-alternative-to-c/
F5, Inc.
Extending NGINX with Rust (an Alternative to C)
The popular programming language Rust can now be used to build and customize NGINX modules. Learn how to get started building Rust modules for NGINX.
AvosLocker Ransomware (Update)
updated report from FBI and CISO (mitigation, IoC, mitre):
https://www.cisa.gov/sites/default/files/2023-10/aa23-284a-joint-csa-stopransomware-avoslocker-ransomware-update.pdf
updated report from FBI and CISO (mitigation, IoC, mitre):
https://www.cisa.gov/sites/default/files/2023-10/aa23-284a-joint-csa-stopransomware-avoslocker-ransomware-update.pdf
xortigate-cve-2023-27997
Exploit for xortigate (CVE-2023-27997). It is not usable "as-is" and serves educational purposes:
https://github.com/lexfo/xortigate-cve-2023-27997
P.S. thx for the link @mehrrun
Exploit for xortigate (CVE-2023-27997). It is not usable "as-is" and serves educational purposes:
https://github.com/lexfo/xortigate-cve-2023-27997
P.S. thx for the link @mehrrun
GitHub
GitHub - lexfo/xortigate-cve-2023-27997: xortigate-cve-2023-27997
xortigate-cve-2023-27997. Contribute to lexfo/xortigate-cve-2023-27997 development by creating an account on GitHub.