50 penetration testing tools and not only:
1. Nmap 🌐
2. Metasploit 🛠️
3. Burp Suite 🐛
4. Wireshark 🖥️
5. OWASP ZAP (Zed Attack Proxy) 🛡️
6. Nikto 🕵️♂️
7. SQLMap 🗺️
8. Acunetix 🕷️
9. Nessus 🚀
10. OpenVAS 🚪
11. BeEF (Browser Exploitation Framework) 🐄
12. Shodan 🔍
13. Wfuzz 🌀
14. DirBuster 🚪
15. XSStrike 💥
16. Sublist3r 🎯
17. Hydra 🐍
18. Skipfish 🐟
19. Recon-ng 🕵️♂️
20. Masscan 🛰️
21. Gitrob 🕵️♂️
22. Gobuster 🔦
23. Joomscan 🕵️♂️
24. WPScan 🔍
25. EyeWitness 👀
26. Fiddler 🎻
27. sqlninja 🥷
28. Vega 🌟
29. Arachni 🕷️
30. DirSearch 🔍
31. httrack 🏃♂️
32. CMSmap 🗺️
33. DVWA (Damn Vulnerable Web Application) 😈
34. Docker Bench for Security 🐋
35. Amass 📈
36. Zed Attack Proxy 🛡️
37. SonarQube 🛡️
38. ClamAV 🦪
39. OSSEC 🔐
40. Tripwire 🛡️
41. AIDE (Advanced Intrusion Detection Environment) 🛡️
42. Fail2Ban 🚫
43. Lynis 🐧
44. Snort 🐽
45. Suricata 🦈
46. Security Onion 🧅
47. Maltego 🔄
48. Cobalt Strike 🌩️
49. BloodHound 🩸
50. Empire 🏰
1. Nmap 🌐
2. Metasploit 🛠️
3. Burp Suite 🐛
4. Wireshark 🖥️
5. OWASP ZAP (Zed Attack Proxy) 🛡️
6. Nikto 🕵️♂️
7. SQLMap 🗺️
8. Acunetix 🕷️
9. Nessus 🚀
10. OpenVAS 🚪
11. BeEF (Browser Exploitation Framework) 🐄
12. Shodan 🔍
13. Wfuzz 🌀
14. DirBuster 🚪
15. XSStrike 💥
16. Sublist3r 🎯
17. Hydra 🐍
18. Skipfish 🐟
19. Recon-ng 🕵️♂️
20. Masscan 🛰️
21. Gitrob 🕵️♂️
22. Gobuster 🔦
23. Joomscan 🕵️♂️
24. WPScan 🔍
25. EyeWitness 👀
26. Fiddler 🎻
27. sqlninja 🥷
28. Vega 🌟
29. Arachni 🕷️
30. DirSearch 🔍
31. httrack 🏃♂️
32. CMSmap 🗺️
33. DVWA (Damn Vulnerable Web Application) 😈
34. Docker Bench for Security 🐋
35. Amass 📈
36. Zed Attack Proxy 🛡️
37. SonarQube 🛡️
38. ClamAV 🦪
39. OSSEC 🔐
40. Tripwire 🛡️
41. AIDE (Advanced Intrusion Detection Environment) 🛡️
42. Fail2Ban 🚫
43. Lynis 🐧
44. Snort 🐽
45. Suricata 🦈
46. Security Onion 🧅
47. Maltego 🔄
48. Cobalt Strike 🌩️
49. BloodHound 🩸
50. Empire 🏰
Analyzing Forest Blizzard’s
Custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials... Forest Blizzard’s objective in deploying GooseEgg is to gain elevated access to target systems and steal credentials and information..:
- Read Full Article
Custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials... Forest Blizzard’s objective in deploying GooseEgg is to gain elevated access to target systems and steal credentials and information..:
- Read Full Article
Microsoft News
Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
Analysis of Forrest Blizzard's exploitation of the CVE-2022-38028 vulnerability in Windows Print Spooler that allows elevated permissions.
Cyber_Security_Incident_Response_Planning_1714232954.pdf
2.9 MB
Cyber Security Incident
Response Planning -
Practitioner Guidance
Response Planning -
Practitioner Guidance
Common-System-Hacking.pdf
9.9 MB
System Hacking: Common Windows, Linux & Web Server Hacking Techniques
Playing Possum: What's the Wpeeper Backdoor Up To?
https://blog.xlab.qianxin.com/playing-possum-whats-the-wpeeper-backdoor-up-to/
https://blog.xlab.qianxin.com/playing-possum-whats-the-wpeeper-backdoor-up-to/
奇安信 X 实验室
Playing Possum: What's the Wpeeper Backdoor Up To?
Summary
On April 18, 2024, XLab's threat hunting system detected an ELF file with zero detections on VirusTotal being distributed through two different domains. One of the domains was marked as malicious by three security firms, while the other was recently…
On April 18, 2024, XLab's threat hunting system detected an ELF file with zero detections on VirusTotal being distributed through two different domains. One of the domains was marked as malicious by three security firms, while the other was recently…
Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware
Introduction about the REMCOS threat and dive into the first half of its execution flow, from loading its configuration to cleaning the infected machine web browsers:
https://www.elastic.co/security-labs/dissecting-remcos-rat-part-two
Introduction about the REMCOS threat and dive into the first half of its execution flow, from loading its configuration to cleaning the infected machine web browsers:
https://www.elastic.co/security-labs/dissecting-remcos-rat-part-two
www.elastic.co
Dissecting REMCOS RAT: An in-depth analysis of a widespread 2024 malware, Part Two — Elastic Security Labs
In the previous article in this series on the REMCOS implant, we shared information about execution, persistence, and defense evasion mechanisms. Continuing this series we’ll cover the second half of its execution flow and you’ll learn more about REMCOS recording…
/ DNS traffic can leak outside the VPN tunnel on Android
https://mullvad.net/en/blog/dns-traffic-can-leak-outside-the-vpn-tunnel-on-android
https://mullvad.net/en/blog/dns-traffic-can-leak-outside-the-vpn-tunnel-on-android
Mullvad VPN
DNS traffic can leak outside the VPN tunnel on Android | Mullvad VPN
We were recently made aware of multiple potential DNS leaks on Android. They stem from bugs in Android itself, and only affect certain apps.
/ Android.Click.414.origin
Среди инфицированных приложений в магазине Google Play встречаются Love Spouse (для управления товарами для взрослых) и QRunning (трекер физической активности). Суммарное количество устройств, на которые установлены приложения, составляет 1,5 миллиона.:
https://vms.drweb.ru/virus/?i=28241868
Среди инфицированных приложений в магазине Google Play встречаются Love Spouse (для управления товарами для взрослых) и QRunning (трекер физической активности). Суммарное количество устройств, на которые установлены приложения, составляет 1,5 миллиона.:
https://vms.drweb.ru/virus/?i=28241868
Dr.Web
Android.Click.414.origin — Как быстро найти вирус в вирусной базе антивируса Dr.Web
Данный троян-кликер является модификацией Android.Click.410.origin, который был выявлен вирусными аналитиками «Доктор Веб» 28 апреля 2023 года. Описываемый троян встраивается в ...
Malware: Cuckoo Behaves Like Cross Between Infostealer and Spyware
..that can run on Intel or ARM-based Mac computers.
Technical analysys:
https://blog.kandji.io/malware-cuckoo-infostealer-spyware
..that can run on Intel or ARM-based Mac computers.
Technical analysys:
https://blog.kandji.io/malware-cuckoo-infostealer-spyware
The-Sequence
Malware: Cuckoo Behaves Like Cross Between Infostealer and Spyware
Kandji's threat research team has discovered a piece of malware that combines aspects of an infostealer and spyware. Here's how it works.
Detecting_Brute_Force_Attacks_1715178386.pdf
1.6 MB
Detecting Brute Force
Attacks
Attacks
CCTV - Close-Circuit Telegram Vision revolutionizes location tracking with its open-source design and Telegram API integration.
https://github.com/IvanGlinkin/CCTV?tab=readme-ov-file
https://github.com/IvanGlinkin/CCTV?tab=readme-ov-file
GitHub
GitHub - IvanGlinkin/CCTV: Close-Circuit Telegram Vision revolutionizes location tracking with its open-source design and Telegram…
Close-Circuit Telegram Vision revolutionizes location tracking with its open-source design and Telegram API integration. Offering precise tracking within 50-100 meters, users can monitor others in ...
VULNERABILITIES IN NEXT-GEN BIG-IP
https://eclypsium.com/blog/big-vulnerabilities-in-next-gen-big-ip/
https://eclypsium.com/blog/big-vulnerabilities-in-next-gen-big-ip/
Eclypsium | Supply Chain Security for the Modern Enterprise
Big Vulnerabilities in Next-Gen BIG-IP
Eclypsium Research discovered and reported severe remotely exploitable vulnerabilities in F5’s Next Central Manager that could grant attackers full administrative control, allowing them to create hidden accounts on any F5 assets it manages.
Using MITM to bypass FIDO2 phishing-resistant protection
What is FIDO2 - is a modern authentication group term for passwordless authentication. The Fast Identity Online (FIDO) Alliance developed it to replace the use of legacy known passwords and provide a secure method to authenticate using a physical or embedded key...
https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
What is FIDO2 - is a modern authentication group term for passwordless authentication. The Fast Identity Online (FIDO) Alliance developed it to replace the use of legacy known passwords and provide a secure method to authenticate using a physical or embedded key...
https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Silverfort
Using MITM to bypass FIDO2 phishing-resistant protection
In this article, Senior Security Researcher Dor Segal will take you through his research uncovering how to use MITM attacks to bypass FIDO2.
Unmasking Tycoon 2FA: A Stealthy Phishing Kit Used to Bypass Microsoft 365 and Google MFA
Tycoon 2FA is a phishing-as-a-service (PhaaS) platform that was first seen in August 2023. Like many phish kits, it bypasses multifactor authentication (MFA) protections and poses a significant threat to users. Lately, Tycoon 2FA has been grabbing headlines because of its role in ongoing campaigns designed to target Microsoft 365 and Gmail accounts.
This blog post is a rundown of how these attacks work, how they’re evolving, what they look like in the real world..:
https://www.proofpoint.com/us/blog/email-and-cloud-threats/tycoon-2fa-phishing-kit-mfa-bypass
Tycoon 2FA is a phishing-as-a-service (PhaaS) platform that was first seen in August 2023. Like many phish kits, it bypasses multifactor authentication (MFA) protections and poses a significant threat to users. Lately, Tycoon 2FA has been grabbing headlines because of its role in ongoing campaigns designed to target Microsoft 365 and Gmail accounts.
This blog post is a rundown of how these attacks work, how they’re evolving, what they look like in the real world..:
https://www.proofpoint.com/us/blog/email-and-cloud-threats/tycoon-2fa-phishing-kit-mfa-bypass
Proofpoint
Tycoon 2FA: Phishing Kit Being Used to Bypass MFA | Proofpoint US
Explore Tycoon 2FA, a sophisticated phishing kit used to bypass MFA. Learn how it works, what an attack looks like, detection techniques and more.
Mastering S.O.L.I.D Principles: Easy Examples (on React) and Best Practices
https://dev.to/drruvari/mastering-solid-principles-in-react-easy-examples-and-best-practices-142b
https://dev.to/drruvari/mastering-solid-principles-in-react-easy-examples-and-best-practices-142b
DEV Community
Mastering S.O.L.I.D Principles in React: Easy Examples and Best Practices
Single Responsibility Principle (SRP) A component should have only one reason to change,...
1. Be vigilant:
* Don't trust public Wi-Fi networks.
* Verify the network name.
* Disable automatic network connection.
* Avoid using public Wi-Fi for sensitive matters.
2. Use additional security measures:
* Turn on a VPN (if exists).
* Update your software.
* Use two-factor authentication.
3. Be careful what you do:
* Do not download files from unknown websites.
* Do not open suspicious links.
* Do not use cracked software
4. Use mobile internet:
* If possible, use mobile internet instead of Wi-Fi.
5. Additional tips:
* Use HTTPS websites.
* Use secure DoH services, like Cloudflare, OpenBLD.net etc.
Remember:
- Following these simple tips will help you protect your data and devices when using public Wi-Fi.
Do you use public WiFi away from home?)
Please open Telegram to view this post
VIEW IN TELEGRAM
Gemini will get even better at understanding context to assist you in getting things done
Legitimate spying in Android:
https://blog.google/products/android/google-ai-android-update-io-2024/
Legitimate spying in Android:
https://blog.google/products/android/google-ai-android-update-io-2024/
Google
Experience Google AI in even more ways on Android
Here’s more ways you can experience Google AI on Android. Learn how on-device AI is changing what your phone can do.
GitCaught: Threat Actor Leverages GitHub Repository for Malicious Infrastructure
https://go.recordedfuture.com/hubfs/reports/cta-2024-0514.pdf
https://go.recordedfuture.com/hubfs/reports/cta-2024-0514.pdf
HTTP/2 Continuation Flood (and POC)
The
https://blog.kybervandals.com/http-2-continuation-flood-and-poc/
The
CONTINUATION Flood is a class of vulnerabilities within numerous HTTP/2 protocol implementations. In many cases, it poses a more severe threat compared to the Rapid Reset: a single machine (and in certain instances, a mere single TCP connection or a handful of frames) has the potential to disrupt server availability, with consequences ranging from server crashes to substantial performance degradation. Remarkably, requests that constitute an attack are not visible in HTTP access logs.https://blog.kybervandals.com/http-2-continuation-flood-and-poc/