# Latest Podcast
Description
Today, deploy Afrog for vulnerability scans, master TorBot for anonymous investigations, and optimize password cracking with the latest hardware and software advice. Use tg-keyword-trends for Telegram data analysis, Phunter for phone number intelligence, and Route-Detect for securing web routes. Explore netstalking-osint for public data analysis, osintgpt for applying AI in OSINT, and certutil.exe for file manipulation. Conduct online searches with Gideon, exploit vulnerabilities using POC-bomber, decompile software with dnSpyEx, and enhance driver security with IOCTLance.
Tradecraft
[#]
Afrog is an open-source scanning tool designed for identifying vulnerabilities during bug bounties, penetration tests, and red teaming exercises, offering customizable proof-of-concept templates, detailed reports, and support for multiple severity levels.
[#]
The document is a technical walk-through detailing the process of exploiting various security weaknesses on the HackTheBox machine Clicker, eventually leading to gaining administrative (root) access to the system.
[#]
The article discusses optimizing a password cracker's efficiency by focusing on both hardware configuration, particularly avoiding the use of x1 risers that bottleneck throughput, and software techniques in the context of 2024's technology.
[#]
A Python script called tg-keyword-trends allows users to search Telegram channels for specific terms, visualize keyword frequency over time with graphs, and generate reports while cautioning users about operational security when using their list of followed groups.
[#]
Phunter is an open-source intelligence (OSINT) tool written in Python that is used to gather data associated with phone numbers, including details such as the service operator, potential locations, line type, reputation, various scraped information, and owner identity.
[#]
The netstalking-core/netstalking-osint repository on GitHub is a collection of open-source intelligence (OSINT) materials for netstalking, offering resources in both Russian and English, including articles, tools, and case studies for gathering and analyzing publicly available information.
[#]
The repository osintgpt provides a Python package for applying GPT models to open-source intelligence tasks such as text analysis, database management, and vector similarity searches with Qdrant engine integration for efficient data processing.
[#]
The certutil.exe utility in Windows can be used for downloading, encoding, and decoding files, including storing files in alternate data streams, which may be abused by attackers for malicious activities and can be detected using various security tools.
[#]
Gideon is a Python-based tool for conducting online searches, including phone numbers, vehicle registrations, user nicknames, and torrents associated with an IP address, available at a GitHub repository created by user malorento.
[#]
The POC-bomber is a Python-based vulnerability exploitation tool designed to quickly scan and exploit high-risk vulnerabilities in various web components to gain server access, featuring capabilities for fuzz-testing against assets and generating reports, suitable for penetration testers and red teams.
[#]
A user in the r/ReverseEngineering subreddit suggests using dnSpyEx, a fork of the now read-only dnSpy repository, for decompiling the Hyper-V Manager to rebuild it from source.
[#]
A tool called IOCTLance was presented at CODE BLUE 2023, designed to enhance the detection of vulnerabilities in Windows Driver Model (WDM) drivers by employing symbolic execution and taint analysis, and it identified 117 new vulnerabilities across 26 drivers.
News
[#]
Microsoft confirmed that the Cozy Bear group exploited a non-MFA protected test account in a password spray attack, leading to email theft from corporate accounts, and now aims to enforce MFA more rigorously to prevent such breaches.
[#]
FortiGuard Labs reports the rise of Albabat ransomware, which disguises itself as legitimate software to target a global audience, employs sophisticated encryption to avoid detection, and demands Bitcoin for file decryption yet has shown limited success in ransoming its victims.
[#]
Miracle Software Systems failed to secure a MongoDB database, resulting in over 11 million messages from corporate users being exposed, potentially affecting their entire infrastructure and enabling further ransomware attacks.
[#]
A GRUB2 security flaw identified by a CVE-2023-4001 allows bypassing password verification by exploiting the logic used to find a device with a matching UUID, which Red Hat addressed by adding a new argument to the search command to limit scanning to only the boot device's block devices.
[#]
Pro-Ukraine hackers reportedly deleted 2 petabytes of data from a Russian research center, which is expected to significantly disrupt the center's operations and incur financial losses of at least $10 million.
[#]
WiFi Map is an application providing a suite of connectivity services including access to millions of WiFi hotspots, eSIM data packages, offline maps, a VPN service, and a digital currency ($WIFI) for user rewards and transactions.
[#]
BlackBerry Research identified a spear-phishing campaign targeting Mexican financial firms with a modified AllaKore RAT malware aiming for financial fraud.
[#]
The TikTok video URL provided does not have an associated upload date, indicating the need for additional information to complete the request.
[#]
Microsoft's security team discovered and took action against a Russian state-sponsored cyber-espionage operation called Midnight Blizzard targeting governments, NGOs, and IT services through techniques like password spraying, malicious OAuth applications, and proxy networks.
