LightkeeperRM
LightkeeperRM (Remote Management) is a modular drop-in replacement for maintaining servers over SSH with shell commands. No additional daemons or other software is needed on servers:
https://github.com/kalaksi/lightkeeper
LightkeeperRM (Remote Management) is a modular drop-in replacement for maintaining servers over SSH with shell commands. No additional daemons or other software is needed on servers:
https://github.com/kalaksi/lightkeeper
Awesome SOC
A collection of sources of documentation, as well as field best practices, to build/run a SOC
https://github.com/cyb3rxp/awesome-soc
A collection of sources of documentation, as well as field best practices, to build/run a SOC
https://github.com/cyb3rxp/awesome-soc
GitHub
GitHub - cyb3rxp/awesome-soc: A collection of sources of documentation, as well as field best practices, to build/run a SOC
A collection of sources of documentation, as well as field best practices, to build/run a SOC - cyb3rxp/awesome-soc
ParaSiteSnatcher: How Malicious Chrome Extensions Target Brazil
https://www.trendmicro.com/en_us/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
https://www.trendmicro.com/en_us/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Trend Micro
ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil
We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.
Go mods Examples
Like as brute passwords in passwd or ssh, scan ports through nmap and etc..:
https://github.com/dreddsa5dies/goHackTools
Like as brute passwords in passwd or ssh, scan ports through nmap and etc..:
https://github.com/dreddsa5dies/goHackTools
GitHub
GitHub - dreddsa5dies/goHackTools: Hacker tools on Go (Golang)
Hacker tools on Go (Golang). Contribute to dreddsa5dies/goHackTools development by creating an account on GitHub.
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
Лайтовый экстеншн, дополняет сервис, блокируя часть рекламы вшитую в URL'ы корневых доменов.
Чистит ресурсы которые используют рекламные сети без явных принадлежностей к тем или иным поддоменам.
Не имеет внешних, или иных подключений, не собирает данные, идеально дополняет DoH/DoT OpenBLD.net сервис.
Видео, как в принципе помогает жить OpenBLD.net приложено там-же на странице.
Пробуем. Наслаждаемся. Фидбечим:
https://chromewebstore.google.com/detail/openbldnet-blocker/jjpjcmckhkcefefgbgghomdhcbfmklea
Please open Telegram to view this post
VIEW IN TELEGRAM
IceKube: Finding complex attack paths in Kubernetes clusters
https://labs.withsecure.com/tools/icekube--finding-complex-attack-paths-in-kubernetes-clusters
https://labs.withsecure.com/tools/icekube--finding-complex-attack-paths-in-kubernetes-clusters
Withsecure
IceKube: Finding complex attack paths in Kubernetes clusters
This blog post introduces IceKube, an open-source tool that enumerates a cluster and generates a graph database of resource configurations and the relationships between different resources. IceKube can then analyse these relationships and identify potential…
LogoFAIL - investigates vulnerable image parsing components across the entire UEFI firmware ecosystem and finds all major device manufacturers are impacted on both x86 and ARM-based
Research from the rirst person:
https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/
Research from the rirst person:
https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/
www.binarly.io
The Far-Reaching Consequences of LogoFAIL
LogoFAIL by BINARLY: Discover how vulnerable image parsing impacts device manufacturers in the UEFI firmware ecosystem. Learn about critical LogoFAIL consequences.
OpenGPT - open source effort to create a similar experience to OpenAI's GPTs and Assistants API
https://github.com/langchain-ai/opengpts
https://github.com/langchain-ai/opengpts
GitHub
GitHub - langchain-ai/opengpts
Contribute to langchain-ai/opengpts development by creating an account on GitHub.
PyPI: Incident Report: User Account Takeover
reflection: This is not the first time I’ve seen developer accounts taken over, but if you think about it, what will happen. What if they take over, for example, the account of the developer of uBlock..? Where will they go or what will happen with your web requests being called back in it?)) In this context, the manifest v3 reduces such threats to a minimum...
https://blog.pypi.org/posts/2023-12-04-account-takeover/
reflection: This is not the first time I’ve seen developer accounts taken over, but if you think about it, what will happen. What if they take over, for example, the account of the developer of uBlock..? Where will they go or what will happen with your web requests being called back in it?)) In this context, the manifest v3 reduces such threats to a minimum...
https://blog.pypi.org/posts/2023-12-04-account-takeover/
Kali Linux 2023.4 Release
With new tools and Cloud ARM64, Vagrant Hyper-V, Raspberry Pi 5 supporting:
https://www.kali.org/blog/kali-linux-2023-4-release/
With new tools and Cloud ARM64, Vagrant Hyper-V, Raspberry Pi 5 supporting:
https://www.kali.org/blog/kali-linux-2023-4-release/
Kali Linux
Kali Linux 2023.4 Release (Cloud ARM64, Vagrant Hyper-V & Raspberry Pi 5) | Kali Linux Blog
With 2023 coming to an end and before the holiday season starts, we thought today would be a good time to release Kali 2023.4. Whilst this release may not have the most end-user features in it again, there are a number of new platform offerings and there…
Hunting Malicious Infrastructure-Headers and Hardcoded/Static Strings
https://michaelkoczwara.medium.com/hunting-malicious-infrastructure-headers-and-hardcoded-static-strings-2d7bb4e46d64
https://michaelkoczwara.medium.com/hunting-malicious-infrastructure-headers-and-hardcoded-static-strings-2d7bb4e46d64
The penetration testing execution standard consists of seven (7) main sections...
These cover everything related to a penetration test - from the initial communication and reasoning behind a pentest, through the intelligence gathering and threat modeling phases where testers are working behind the scenes in order to get a better understanding of the tested organization, through vulnerability research, exploitation and post exploitation, where the technical security expertise of the testers come to play and combine with the business understanding of the engagement, and finally to the reporting, which captures the entire process, in a manner that makes sense to the customer and provides the most value to it..:
http://www.pentest-standard.org/index.php/Main_Page
These cover everything related to a penetration test - from the initial communication and reasoning behind a pentest, through the intelligence gathering and threat modeling phases where testers are working behind the scenes in order to get a better understanding of the tested organization, through vulnerability research, exploitation and post exploitation, where the technical security expertise of the testers come to play and combine with the business understanding of the engagement, and finally to the reporting, which captures the entire process, in a manner that makes sense to the customer and provides the most value to it..:
http://www.pentest-standard.org/index.php/Main_Page
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
Наконец-то запилил службу, которая возвращает внешний IP по curl или в браузере.
Возможности:
- Может возвращать реальный IP даже если клиент ходит через Cloudflare
- Быстрый. написан на Go
- IP можно смотреть через браузер или curl или wget
Curl:
curl https://getmyip.sys-adm.inWget:
wget -qO- https://getmyip.sys-adm.inPlease open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
Last week, last month, this year... I've been meeting and talking to different people, and they all echoed the same sentiment - IPv6 is needed
A few days ago, I got acquainted with VEESP.com, a company that generously provided OpenBLD.net with an incredibly fast server featuring a high-speed Ethernet connection
Abstract: Usually, I spend some time testing servers, then assign them a secondary role before introducing them to the production environment. However, this time was different...
I was so impressed
I believe this is a great opportunity to start exploring the IPv6 space. In this month or early 2024, I hope we can begin experimenting with IPv6!
If you're ready to participate in the preliminary testing, please let me know through this OpenBLD.net Pre-Release Testing Form. I will reach out to you directly when the time comes, and together we can strive to make this world even better
P.S. Thanks to veesp.com and everyone who gives incentive to take a step forward
Please open Telegram to view this post
VIEW IN TELEGRAM
FBI Guidance to Victims of Cyber Incidents
- https://www.fbi.gov/investigate/cyber/fbi-guidance-to-victims-of-cyber-incidents-on-sec-reporting-requirements-fbi-policy-notice-summary
- https://www.fbi.gov/investigate/cyber/fbi-guidance-to-victims-of-cyber-incidents-on-sec-reporting-requirements-fbi-policy-notice-summary
Federal Bureau of Investigation
FBI Guidance to Victims of Cyber Incidents on SEC Reporting Requirements: FBI Policy Notice Summary | Federal Bureau of Investigation
This page contains a summary of the FBI’s Policy Notice regarding cyber victim requests to delay SEC-mandated public disclosures.
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
In OpenBLD.net scoping activities, I created lite Go app - Awesome Servers Inventory Web App, which is a simple web app to manage your servers inventory. Ideal solution for small projects and infrastructures or IT ecosystems.
Features:
- Add new server
- Edit existing server
- Delete existing server
- Copy server IP details to clipboard
- Yaml config file
- Portable sqLite database
- One binary file to run the app
- https://github.com/m0zgen/serversAwesome
Please open Telegram to view this post
VIEW IN TELEGRAM
PoC. Apache Struts Remote Code Execution Vulnerability ( S2-066 CVE-2023-50164)
https://trganda.github.io/notes/security/vulnerabilities/apache-struts/Apache-Struts-Remote-Code-Execution-Vulnerability-(-S2-066-CVE-2023-50164)
https://trganda.github.io/notes/security/vulnerabilities/apache-struts/Apache-Struts-Remote-Code-Execution-Vulnerability-(-S2-066-CVE-2023-50164)
trganda.github.io
Apache Struts Remote Code Execution Vulnerability ( S2-066 CVE-2023-50164)
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.