# Latest Podcast
# Description
Today, AzSubEnum is a Python tool for scanning Azure environments. A guide on configuring a Windows 10 VM in VMware for kernel debugging is available at cra0.net. MrHandler is a Linux tool for post-incident system data collection. InflativeLoading converts executable files into PIC shellcode. TwiceSafe Software Solutions Inc has released a Forensic OSINT Chrome Extension. An analysis using Google Maps location history to estimate encounters is detailed at habr.com. Two articles discuss enhancing Docker security with various tools and practices. A guide for cyber security enthusiasts on maintaining online anonymity and other topics can be found at start.me. Valid8Proxy automates the management of web proxies and is available on GitHub. Lastly, GPTScript offers a new scripting language for task automation.
# Tradecraft
[#]
The article provides a step-by-step guide on configuring a Windows 10 virtual machine in VMware for kernel debugging with WinDbg, detailing setup of a virtual serial port, guest OS, and debugger settings, with a note on the limitations of serial port debugging and an upcoming focus on KDNET in part two.
[#]
MrHandler is a Linux incident response tool that automates the collection of system data via SSH to aid security analysts in assessing system states post-incident, ultimately generating a detailed HTML report.
[#]
InflativeLoading is a tool that allows for dynamic conversion of executable files into position-independent code (PIC) shellcode, simplifying the use of security tools like Mimikatz by generating a shellcode stub that patches specific data regions without needing additional memory space on the target machine.
[#]
TwiceSafe Software Solutions Inc offers a version 2.1 Forensic OSINT Chrome Extension for enhanced online investigations, which is available for download and includes a video walkthrough for signup, a workaround for a login bug for MAC users, and encourages user feedback for continuous improvement.
[#]
A data analyst describes their methodology and R code steps for assessing how often they and their partner, prior to meeting, crossed paths using Google Maps location history, ultimately extrapolating the data to estimate potential encounters.
[#]
The article outlines a step-by-step approach to enhancing Docker security by configuring secure parameters, utilizing tools like Lynis and Docker Bench for Security, leveraging Docker Content Trust, and implementing user restrictions and resource limits with AppArmor and Seccomp policies.
[#]
Valid8Proxy is a program available on GitHub that automates the harvesting, checking, and recording of operational web proxies, presented through a clear, straightforward interface with functionality for both sourcing new proxies and assessing pre-existing lists.
[#]
The article outlines a step-by-step approach to enhancing Docker security by configuring secure parameters, utilizing tools like Lynis and Docker Bench for Security, leveraging Docker Content Trust, and implementing user restrictions and resource limits with AppArmor and Seccomp policies.
[#]
GPTScript is a scripting language that enables automation of tasks using natural language prompts alongside traditional coding, with built-in and customizable tools to interact with AI, local systems, and external services.
# News
[#]
Cybersecurity firm ESET has issued patches for a high-severity local privilege escalation vulnerability, identified as CVE-2024-0353, affecting various Windows security products, advising immediate updating to prevent potential system privilege abuse by attackers.
[#]
The ZTE F660 Routers have a critical security flaw allowing an authentication bypass for remote code execution on models made between 2008 and 2013, addressed by restricting access to vulnerable ports and updating firmware.
[#]
Darktrace observes a surge in cyber attacks exploiting vulnerabilities in Ivanti Connect Secure appliances, leveraging Darktrace DETECT™ and RESPOND™ to autonomously contain threats and alert security teams.
