Forwarded from Serhii Khariuk
Сначала ты ебанутый, потом интересуешься реверсом. Пока учишь ещё больше сходишь с ума, ибо сычуешь, через пару лет ты ебанутый на голову социопат который ломает денуву за пару часов, а потом идёшь пить кровь бомжей на жертвоприношении.
Новый мопэд господа. Опять же не мой, попросили разместить.
Malware analyst в новый проект.
Позиция в офисе (Киев) или Remote (нужно быть зарегистрированным в Украине официально). Оплата ~$4000
Сновные задачи и требования:
detecting and analyzing malicious code in document (PDF/Word/Excel/PPT)
create detection logic (static/dynamic pattern extraction, detection thresholds tuning, signatures)
infra for streamlined processing, automation (classification sandbox, de-obfuscation oth.)
experience with malicious code in documents (PDF/Word/Excel/PPT)
experience with obfuscators/loaders/packers (typical protection methods & bypass)
relevant prior employment: either antivirus company or 2+ year of reverse engineering
solid understanding of detection techniques: heuristics, signatures
automation skills: noscripting (Python), sandbox customization (OS monitors, detection logic), development (C, C++, C#) toolset: IDA, GDB, process/filesystem/network/registry monitors, debuggers/disassemblers/memdumpers, virtualization infra
P.S. В случае чего, я ни при делах
P.P.S. Контакт удалён по причине «денег не приносит»
Malware analyst в новый проект.
Позиция в офисе (Киев) или Remote (нужно быть зарегистрированным в Украине официально). Оплата ~$4000
Сновные задачи и требования:
detecting and analyzing malicious code in document (PDF/Word/Excel/PPT)
create detection logic (static/dynamic pattern extraction, detection thresholds tuning, signatures)
infra for streamlined processing, automation (classification sandbox, de-obfuscation oth.)
experience with malicious code in documents (PDF/Word/Excel/PPT)
experience with obfuscators/loaders/packers (typical protection methods & bypass)
relevant prior employment: either antivirus company or 2+ year of reverse engineering
solid understanding of detection techniques: heuristics, signatures
automation skills: noscripting (Python), sandbox customization (OS monitors, detection logic), development (C, C++, C#) toolset: IDA, GDB, process/filesystem/network/registry monitors, debuggers/disassemblers/memdumpers, virtualization infra
P.S. В случае чего, я ни при делах
P.P.S. Контакт удалён по причине «денег не приносит»
Forwarded from ruDALL-E Malevich (XL)
Фото сгенерировано моделью ruDALL-E от Сбера по запросу "Ximerus"
🛺🚨🛺
Всем доброго пятничного вечера, сегодня у нас целых три вакансии заточенные под скилы в реверсинге.
Буду постить по одной чтобы понимать на что человек откликнулся:
Base skills/attributes – all positions:
• Help create and maintain optimal workflows.
• Tailor and curate data into intelligence for specific industry sectors, knowledge areas and threat priorities.
• Identify gaps in intelligence sources.
• Have a general understanding of machine learning and natural learning techniques.
• Author easily consumable reports to senior management and to analysts and threat hunters which empower actionable and timely decisions making.
• Develop and sustain cybersecurity cultures.
• Understand risk.
• Ensure value is derived at the executive level of consumption.
Researcher (Methodical and reliable.)
Ideal background: Computer science and programming.
Main function: Perform detailed analysis on specific new and emerging threats. Author and contribute value to reports for other cyber threat intelligence team members and for executive level decisions makers.
• Identify new or existing threats and distill this information into concise finished intelligence to multiple internal partners, including executives.
• Perform intelligence research during incident response, supporting multiple teams and drive direction of investigations based on knowledge of attackers.
• Managing threat data and create intelligence assessments and output in support of our incident response, threat hunting, threat detection, and security engineering missions.
• Write noscripts and tools on the fly to help with analysis and build automation to aid the investigation or research the next time around.
• Conduct proactive research into environments of intelligence interest, to include hidden sites.
• Experience in human intelligence.
• Apply threat intelligence and its application towards operational/business goals/objectives.
• Reasonable level of proficiency in language/code assembly and disassembly.
• Background in advanced reverse engineering on file-based threats, exploits, and other attack techniques are desirable to be demonstrated at a moderate skill level.
• Familiarity with MITRE ATT&CK Framework
• Foreign language fluency is a bonus.
Всем доброго пятничного вечера, сегодня у нас целых три вакансии заточенные под скилы в реверсинге.
Буду постить по одной чтобы понимать на что человек откликнулся:
Base skills/attributes – all positions:
• Help create and maintain optimal workflows.
• Tailor and curate data into intelligence for specific industry sectors, knowledge areas and threat priorities.
• Identify gaps in intelligence sources.
• Have a general understanding of machine learning and natural learning techniques.
• Author easily consumable reports to senior management and to analysts and threat hunters which empower actionable and timely decisions making.
• Develop and sustain cybersecurity cultures.
• Understand risk.
• Ensure value is derived at the executive level of consumption.
Researcher (Methodical and reliable.)
Ideal background: Computer science and programming.
Main function: Perform detailed analysis on specific new and emerging threats. Author and contribute value to reports for other cyber threat intelligence team members and for executive level decisions makers.
• Identify new or existing threats and distill this information into concise finished intelligence to multiple internal partners, including executives.
• Perform intelligence research during incident response, supporting multiple teams and drive direction of investigations based on knowledge of attackers.
• Managing threat data and create intelligence assessments and output in support of our incident response, threat hunting, threat detection, and security engineering missions.
• Write noscripts and tools on the fly to help with analysis and build automation to aid the investigation or research the next time around.
• Conduct proactive research into environments of intelligence interest, to include hidden sites.
• Experience in human intelligence.
• Apply threat intelligence and its application towards operational/business goals/objectives.
• Reasonable level of proficiency in language/code assembly and disassembly.
• Background in advanced reverse engineering on file-based threats, exploits, and other attack techniques are desirable to be demonstrated at a moderate skill level.
• Familiarity with MITRE ATT&CK Framework
• Foreign language fluency is a bonus.
Base skills/attributes – all positions:
• Help create and maintain optimal workflows.
• Tailor and curate data into intelligence for specific industry sectors, knowledge areas and threat priorities.
• Identify gaps in intelligence sources.
• Have a general understanding of machine learning and natural learning techniques.
• Author easily consumable reports to senior management and to analysts and threat hunters which empower actionable and timely decisions making.
• Develop and sustain cybersecurity cultures.
• Understand risk.
• Ensure value is derived at the executive level of consumption.
Analyst (Detailed, very.)
Ideal background: Vulnerability discovery/pen testing, network, and system admin background with knowledge of noscripting.
Main function: Maintain indicators and artifacts in a manner that provides constant organizational cyber threat awareness. Author and contribute value to reports for other cyber threat intelligence team members and for executive level decisions makers.
• In-depth understanding of threat intelligence cycles and collection management.t
• In-depth understanding of IP network traffic.
• Experience in analyzing security vulnerabilities, various exploitation techniques, and malware behaviors (including communications protocols).
• Experience with host and network-based protection technologies.
• Strong understanding of threat protection/detection tooling/stacks used for endpoint, network, and cloud: SIEM, TIP, SOAR, Security Analytics.
• Participated in sharing threat intelligence through ISACs, Trust Groups, intelligence partnerships, or other open communities.
• Familiarity with MITRE ATT&CK Framework.
• Foreign language fluency is a bonus.
• Help create and maintain optimal workflows.
• Tailor and curate data into intelligence for specific industry sectors, knowledge areas and threat priorities.
• Identify gaps in intelligence sources.
• Have a general understanding of machine learning and natural learning techniques.
• Author easily consumable reports to senior management and to analysts and threat hunters which empower actionable and timely decisions making.
• Develop and sustain cybersecurity cultures.
• Understand risk.
• Ensure value is derived at the executive level of consumption.
Analyst (Detailed, very.)
Ideal background: Vulnerability discovery/pen testing, network, and system admin background with knowledge of noscripting.
Main function: Maintain indicators and artifacts in a manner that provides constant organizational cyber threat awareness. Author and contribute value to reports for other cyber threat intelligence team members and for executive level decisions makers.
• In-depth understanding of threat intelligence cycles and collection management.t
• In-depth understanding of IP network traffic.
• Experience in analyzing security vulnerabilities, various exploitation techniques, and malware behaviors (including communications protocols).
• Experience with host and network-based protection technologies.
• Strong understanding of threat protection/detection tooling/stacks used for endpoint, network, and cloud: SIEM, TIP, SOAR, Security Analytics.
• Participated in sharing threat intelligence through ISACs, Trust Groups, intelligence partnerships, or other open communities.
• Familiarity with MITRE ATT&CK Framework.
• Foreign language fluency is a bonus.
Base skills/attributes – all positions:
• Help create and maintain optimal workflows.
• Tailor and curate data into intelligence for specific industry sectors, knowledge areas and threat priorities.
• Identify gaps in intelligence sources.
• Have a general understanding of machine learning and natural learning techniques.
• Author easily consumable reports to senior management and to analysts and threat hunters which empower actionable and timely decisions making.
• Develop and sustain cybersecurity cultures.
• Understand risk.
• Ensure value is derived at the executive level of consumption.
Hunter - (Proactive and creative.)
Ideal background: Threat intelligence analyst or research background, as well as background in vulnerability discovery/pen testing, network, and system admin, with knowledge of noscripting and or programing.
Main function: Actively hunt for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) in all organizational domains of operation. Author and contribute value to reports for other cyber threat intelligence team members and for executive level decisions makers.
• Deep experience with analytics as a focus area within Information Security.
• Extensive knowledge of all domains within Information Security.
• Familiarity with offensive strategies and assessment methodology.
• Experience explaining analytics in simple terms and ability with communicating associated risk
• Ability to see the larger picture when dealing with competing requirements and needs from across the teams in the organization in order to build consensus and drive results.
• Ability to navigate and work effectively across a complex, geographically dispersed organization.
• Experience with more than one EDR, SIEM, and manual log analysis techniques Mission-oriented with an emphasis on making the team successful.
• Demonstrated ability to self-direct, with minimal supervision to achieve assigned goals.
• Understanding of basic Data Science and visualization concepts and processes.
• Deep experience working with industry-wide frameworks and standards like MITRE ATT&CK, STIX, TAXII, and SCAP.
• Help create and maintain optimal workflows.
• Tailor and curate data into intelligence for specific industry sectors, knowledge areas and threat priorities.
• Identify gaps in intelligence sources.
• Have a general understanding of machine learning and natural learning techniques.
• Author easily consumable reports to senior management and to analysts and threat hunters which empower actionable and timely decisions making.
• Develop and sustain cybersecurity cultures.
• Understand risk.
• Ensure value is derived at the executive level of consumption.
Hunter - (Proactive and creative.)
Ideal background: Threat intelligence analyst or research background, as well as background in vulnerability discovery/pen testing, network, and system admin, with knowledge of noscripting and or programing.
Main function: Actively hunt for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) in all organizational domains of operation. Author and contribute value to reports for other cyber threat intelligence team members and for executive level decisions makers.
• Deep experience with analytics as a focus area within Information Security.
• Extensive knowledge of all domains within Information Security.
• Familiarity with offensive strategies and assessment methodology.
• Experience explaining analytics in simple terms and ability with communicating associated risk
• Ability to see the larger picture when dealing with competing requirements and needs from across the teams in the organization in order to build consensus and drive results.
• Ability to navigate and work effectively across a complex, geographically dispersed organization.
• Experience with more than one EDR, SIEM, and manual log analysis techniques Mission-oriented with an emphasis on making the team successful.
• Demonstrated ability to self-direct, with minimal supervision to achieve assigned goals.
• Understanding of basic Data Science and visualization concepts and processes.
• Deep experience working with industry-wide frameworks and standards like MITRE ATT&CK, STIX, TAXII, and SCAP.
🌚🌚
Традиционные для #blackfriday распродажи для InfoSec продуктов.
“Налетай не ленись, покупай живопИсь” (с)
https://github.com/0x90n/InfoSec-Black-Friday
Традиционные для #blackfriday распродажи для InfoSec продуктов.
“Налетай не ленись, покупай живопИсь” (с)
https://github.com/0x90n/InfoSec-Black-Friday
GitHub
GitHub - 0x90n/InfoSec-Black-Friday: All the deals for InfoSec related software/tools this Black Friday
All the deals for InfoSec related software/tools this Black Friday - 0x90n/InfoSec-Black-Friday
Если вы давно хотели разобраться в чем разница между EPP, EDR, MDR и XDR, то вот вам ссылочка на статью довольно подробно описывающую за что каждый из типов продуктов отвечает и что умеет.
Скажу прямо я нифига не отстреливал настолько глубоко разницу, а теперь стало легче жить.
https://medium.com/technology-hits/epp-edr-mdr-xdr-whats-the-difference-f2d58db3985d
Скажу прямо я нифига не отстреливал настолько глубоко разницу, а теперь стало легче жить.
https://medium.com/technology-hits/epp-edr-mdr-xdr-whats-the-difference-f2d58db3985d
Вчера я побыл первый раз в жизни участником #BlueTeam CTF ну и поскольку там была куча форензики и #incidentresponse а я не люблю втыкать в консоли (ибо стар, зрение х*йовое, в боку колет, спина стреляет) то начал гуглить всякие хипста тулы.
По итогу была нагуглена тула под названием PcapXray которая умеет анализировать .pcap файлы и строить всякие графические визуализации, оно конечно кривовато работает на маке, но тем не менее #jumpstation (то есть компьютер на котором хэккэры по легенде закрепились) был обнаружен именно при помощи нее.
Ссылка внизу:
https://github.com/Srinivas11789/PcapXray
P.S. Итоги CTFa будут чутка позже.
По итогу была нагуглена тула под названием PcapXray которая умеет анализировать .pcap файлы и строить всякие графические визуализации, оно конечно кривовато работает на маке, но тем не менее #jumpstation (то есть компьютер на котором хэккэры по легенде закрепились) был обнаружен именно при помощи нее.
Ссылка внизу:
https://github.com/Srinivas11789/PcapXray
P.S. Итоги CTFa будут чутка позже.
GitHub
GitHub - Srinivas11789/PcapXray: :snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network…
:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction -...
Если я не провтычу и не засну. Мутить стрим на твич с решением тасок на дефенс?
P.S. Не факт что получится, это будет бета.
P.S. Не факт что получится, это будет бета.
Anonymous Poll
77%
Да, гоу
23%
Ну нах, я на пиво
🇺🇦x_Notes🇺🇦 🔜 pinned «Если я не провтычу и не засну. Мутить стрим на твич с решением тасок на дефенс?
P.S. Не факт что получится, это будет бета.»
P.S. Не факт что получится, это будет бета.»
Отчет о нашем походе на ICS CTF для Blue team
https://telegra.ph/Infected-mushrooms---Top-2-ICS-Blue-team-of-Ukraine-2021-12-06
https://telegra.ph/Infected-mushrooms---Top-2-ICS-Blue-team-of-Ukraine-2021-12-06
Telegraph
Infected mushrooms - Top 2 ICS Blue team of Ukraine 2021
На прошлой неделе в Киеве проходили соревнования #SANS #Grid #NetWars, соревнования для защищающих команд (#blueteam) в сфере информационной безопасности.