Web Application Firewall (WAF) Comparison Project
Repository contains testing datasets and tools to compare WAF efficacy in the two most important categories:
• Security Coverage (True Positive Rate) - measures the WAF's ability to correctly identify and block malicious requests:
- https://github.com/openappsec/waf-comparison-project
Repository contains testing datasets and tools to compare WAF efficacy in the two most important categories:
• Security Coverage (True Positive Rate) - measures the WAF's ability to correctly identify and block malicious requests:
- https://github.com/openappsec/waf-comparison-project
GitHub
GitHub - openappsec/waf-comparison-project: Testing datasets and tools to compare WAF efficacy
Testing datasets and tools to compare WAF efficacy - openappsec/waf-comparison-project
Penetration-List: A comprehensive resource for testers, covering all types of vulnerabilities and materials used in Penetration Testing. Includes payloads, dorks, fuzzing materials..:
https://github.com/AlbusSec/Penetration-List
https://github.com/AlbusSec/Penetration-List
GitHub
GitHub - AlbusSec/Penetration-List: Penetration-List: A comprehensive resource for testers, covering all types of vulnerabilities…
Penetration-List: A comprehensive resource for testers, covering all types of vulnerabilities and materials used in Penetration Testing. Includes payloads, dorks, fuzzing materials, and offers in-d...
CyberSec_For_Kids.pdf
1.5 MB
Cyber Security for Kids
- This document was made for parents, teachers, teenagers and children with basic computer skills or who want to learn more about cybersecurity
- Intended for children from 10 years of age
- This document was made for parents, teachers, teenagers and children with basic computer skills or who want to learn more about cybersecurity
- Intended for children from 10 years of age
Communicative Agents for Software Development
Goodby programmers, hello ChatDev?
https://arxiv.org/pdf/2307.07924v3.pdf
Goodby programmers, hello ChatDev?
https://arxiv.org/pdf/2307.07924v3.pdf
EventLogSilencer
EventLogSilencer is a PowerShell noscript designed for disable Windows Event Logging:
https://github.com/AmirHoseinTangsiriNET/EventLogSilencer
EventLogSilencer is a PowerShell noscript designed for disable Windows Event Logging:
https://github.com/AmirHoseinTangsiriNET/EventLogSilencer
GitHub
GitHub - AmirHoseinTangsiriNET/EventLogSilencer: EventLogSilencer is a PowerShell noscript designed for disable Windows Event Logging
EventLogSilencer is a PowerShell noscript designed for disable Windows Event Logging - AmirHoseinTangsiriNET/EventLogSilencer
Sonatype User Group Agenda.pdf
1.6 MB
План встречи Sonatype User Group в Алматы
Организаторы планируют встречу, где можно познакомиться с ключевыми лицами и экспертами Sonatype, других экспертов рынка Казахстана по AppSec & DevSecOps
• 2 ноября, 15:00-19:00
• г Алматы, SmArt.Point, зал Amphitheater
Форма регистрации: https://forms.gle/UVVAYhzup3hMTYH57
Организаторы планируют встречу, где можно познакомиться с ключевыми лицами и экспертами Sonatype, других экспертов рынка Казахстана по AppSec & DevSecOps
• 2 ноября, 15:00-19:00
• г Алматы, SmArt.Point, зал Amphitheater
Форма регистрации: https://forms.gle/UVVAYhzup3hMTYH57
LatLoader is a PoC module to demonstrate automated lateral movement with the Havoc C2 framework; Elastic EDR Rule Evasions.
https://github.com/icyguider/LatLoader
https://github.com/icyguider/LatLoader
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
🚀 Exciting October'23 Upgrades at OpenBLD.net!
We're thrilled to unveil the latest enhancements in our OpenBLD.net ecosystem. Here's what's new:
🔹 New Filtering Routine Server
Strengthening the core of OpenBLD.net with a brand new filtering routine server.
🔹 Enhanced Performance
Boosted RAM and CPU power on select servers for even smoother operation.
🔹 German Server Addition
Testing out a new server in Germany for ada.openbld.net frontend scoping.
🔹 Rule Tweaks
Updated blocking rules to better combat abused IPs and CIDRs.
🔹 Improved Resource Handling
Optimized performance for web resources like
🔹 New site: With GitHub collaboration opportunities: https://openbld.net
🚫 Reducing Threats: We've successfully blocked Kazakhstan-associated YoroTrooper attacks and the threat of spying on your iPhone. Plus, we've thwarted Keepass faked malware.
📢 Stay Connected:
- Join our official Telegram
- Follow us on LinkedIn
OpenBLD.net is your go-to service for a cleaner, distraction-free online experience.
Help us make the internet a better place for all! 💪
#OpenBLD #InternetSecurity #Upgrade2023
We're thrilled to unveil the latest enhancements in our OpenBLD.net ecosystem. Here's what's new:
Strengthening the core of OpenBLD.net with a brand new filtering routine server.
Boosted RAM and CPU power on select servers for even smoother operation.
Testing out a new server in Germany for ada.openbld.net frontend scoping.
Updated blocking rules to better combat abused IPs and CIDRs.
Optimized performance for web resources like
Krisha, IvI, and Yandex Maps.🚫 Reducing Threats: We've successfully blocked Kazakhstan-associated YoroTrooper attacks and the threat of spying on your iPhone. Plus, we've thwarted Keepass faked malware.
- Join our official Telegram
- Follow us on LinkedIn
OpenBLD.net is your go-to service for a cleaner, distraction-free online experience.
Help us make the internet a better place for all! 💪
#OpenBLD #InternetSecurity #Upgrade2023
Please open Telegram to view this post
VIEW IN TELEGRAM
openbld.net
OpenBLD.net - fast, free DNS that blocks ads, trackers, malware — with DoH, DoT, GeoDNS | OpenBLD.net DNS - Block advertising,…
OpenBLD.net — ultra-fast DNS with ad blocking and proactive cybersecurity. Be yourself, be focused.
Investigation of Session Hijacking via Citrix NetScaler ADC and Gateway Vulnerability (CVE-2023-4966)
MITRE ATT&CK Techniques included:
https://www.mandiant.com/resources/blog/session-hijacking-citrix-cve-2023-4966
MITRE ATT&CK Techniques included:
https://www.mandiant.com/resources/blog/session-hijacking-citrix-cve-2023-4966
Mandiant
Investigation of Session Hijacking via Citrix NetScaler ADC and Gateway Vulnerability (CVE-2023-4966) | Mandiant
Prolific Puma: Shadowy Link Shortening Service Enables Cybercrime
https://blogs.infoblox.com/cyber-threat-intelligence/prolific-puma-shadowy-link-shortening-service-enables-cybercrime/
https://blogs.infoblox.com/cyber-threat-intelligence/prolific-puma-shadowy-link-shortening-service-enables-cybercrime/
Infoblox Blog
To Aid and Abet: Prolific Puma Helps Cybercriminals Evade Detection | Infoblox
Learn how a link shortening service that supports cybercrime remained undetected for years and was discovered via Domain Name Service (DNS) analytics.
ATT&CK v14 Unleashes Detection Enhancements, ICS Assets, and Mobile Structured Detections
https://medium.com/mitre-attack/attack-v14-fa473603f86b
https://medium.com/mitre-attack/attack-v14-fa473603f86b
Medium
ATT&CK v14 Unleashes Detection Enhancements, ICS Assets, and Mobile Structured Detections
ATT&CK has been brewing up something eerie for this Halloween — ATT&CK v14
iLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices
https://ileakage.com
https://ileakage.com
/ FIRST has officially published the latest version of the Common Vulnerability Scoring System (CVSS v4.0)
https://www.first.org/newsroom/releases/20231101
https://www.first.org/newsroom/releases/20231101
FIRST — Forum of Incident Response and Security Teams
FIRST has officially published the latest version of the Common Vulnerability Scoring System (CVSS v4.0)
In June 2023, attendees at the 35th Annual FIRST Conference, in Montréal, Canada got a first-look preview of the new version of the Common Vulnerability Scoring System (CVSS), version 4.0. After two month of public comment followed by two months of addressing…
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
Троянизированный мессенджер ворует данные и пишет голос:
https://securelist.ru/spyware-whatsapp-mod/108323/
Please open Telegram to view this post
VIEW IN TELEGRAM
securelist.ru
Анализ шпионского модуля в модификации WhatsApp
Модификация WhatsApp со шпионским модулем распространяется через Telegram-каналы на арабском и азербайджанском языках с августа 2023 года.
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
Время идет, количество пользователей растет, мощности серверов растут, это требует большего количества серверов и денег, бюджет которых уже расписан и распределен.
Так как сервис еще является защитой от вредоносов, то и авторы вредоносов пытаются активно
В виду вышесказанного планируется внести некоторые изменения в архитектуру OpenBLD.net:
DNS 53DoT, DoHКто может внести вклад в проект OpenBLD.net не стесняйтесь. Как это можно сделать и какой бенефит Вас может ждать от этого. можно посмотреть здесь - https://openbld.net/docs/donation/
🤝 Спасибо всем кто помогал и помогает. Благ вам по жизни!
Всем Peace ✌️
Please open Telegram to view this post
VIEW IN TELEGRAM
openbld.net
Donation and Contribution | OpenBLD.net DNS - Block advertising, tracking, telemetry, malicious domains and more for free
You can support the OpenBLD DNS Project through various activities:
☁️ AWS Community Day Central Asia пройдет 17-18 ноября
Ивент будет полезен:
- Software Engineers
- Solution Architects
- Data Engineers
- AI/ML
- DevOps
- Security Engineers
и всем, кому интересны современные IT технологии. Проходить будет в г.Алматы, КБТУ.
P.S.: Есть возможность приобрести билеты со скидкой 50% ЛС: @Tussem4
Ивент будет полезен:
- Software Engineers
- Solution Architects
- Data Engineers
- AI/ML
- DevOps
- Security Engineers
и всем, кому интересны современные IT технологии. Проходить будет в г.Алматы, КБТУ.
P.S.: Есть возможность приобрести билеты со скидкой 50% ЛС: @Tussem4