# Latest Podcast
# Description
Cybersecurity AI Pentest Muse offers creative solutions for professionals, helping analyze code and craft payloads. Alisa Esage shares JIT engine and VM escape exploits on GitHub. unKover, a PoC anti-rootkit, detects malicious drivers using specialized techniques. A new malware analysis toolkit features 98 tools for various tasks, plus updates. DroneXtract analyzes data from DJI drones, including file parsing and telemetry. bootfuzz tests MBR-based system BIOS, requesting more tests on physical hardware. Octopii by RedHunt Labs scans for personal identifiable information using OCR and NLP technologies. Osintracker provides a browser-based tool for OSINT investigators. OffSec-Reporting by Syslifters enables cybersecurity report generation. 'telegram-osint-lib' on GitHub provides a Telegram API for OSINT activities, and TJ-OSINT-Notebook includes tools and resources for OSINT work. GitOSINT Bot will return for professional use with paid APIs after being discontinued due to misuse. Various scripts scrape social media profiles, supporting Python. "HackingEnVivo/Doxing" is a Python tool for gathering personal info via doxing. A document offers resources and tools for OSINT. HINTS stores intelligence on targets and plans for secure user authentication and reporting. TELEKRAM-DOX hosts a Telegram flood bot. Social_X embeds RATs in files and warns against illegal use. SoulTaker packs multiple hacking features. LinkDox gathers info through different techniques. 'krishpranav/car-osint' helps gather vehicle associated data. DaProfiler collects digital identities to correct personal info leaks. Graver script exploits a vulnerability in Grav CMS. 'FattusRattus/Grandstream' scripts target Grandstream Phones vulnerabilities. CVE-2021-31630 PoC allows OpenPLC remote code execution. 'asploit' repository provides backdoors for multiple web servers. Exploit configurations for CVE-2021-44228 vulnerability and usage instructions are provided. f5_scanner identifies devices vulnerable to CVE-2020-5902. NoMoney is an information gathering tool that combines data from platforms. Learn low-level bit manipulation techniques for embedded systems. ComplianceAsCode project aids in maintaining security policies. MTProxy process for Telegram is outlined on GitHub. Akamai shares a privilege escalation technique detection in Active Directory. Neutron, an AI-driven assistant, joins Nebula Pro's free tier. A Python script checks for systems vulnerable to a new denial of service attack, CVE-2024–2169.
# Tradecraft
[#]
Pentest Muse is a new AI assistant designed to aid cybersecurity experts by generating ideas, crafting payloads, analyzing code, and supporting reconnaissance tasks, available both as a command-line interface and as a web application.
[#]
A Proof of Concept (PoC) anti-rootkit tool called unKover has been released, designed to detect malicious drivers in kernel memory using techniques like NMI Callbacks, APC StackWalks, and Driver Object analysis, with installation requiring test signing and kernel debugging to be enabled.
[#]
A toolkit for malware analysis and reverse engineering was released, containing 98 tools for various tasks, which includes automatic updates and expansion capabilities.
[#]
DroneXtract is a digital forensics tool used for analyzing and extracting data from DJI drones, featuring modules for file parsing, steganography, telemetry visualization, and flight integrity analysis.
[#]
A small fuzzer called bootfuzz has been created to test MBR-based motherboards or system BIOS via Port IO instructions and BIOS Service Timer, with notable crashes occurring in virtual environments like QEMU, VirtualBox, and VMWare Player, but seeks contributions for testing on physical hardware.
[#]
Octopii is an open-source software tool designed by RedHunt Labs to scan and identify personal identifiable information (PII) like government IDs and contact details within images, PDFs, and documents on the internet using OCR and NLP technologies.
[#]
Osintracker is a free, privacy-oriented tool for OSINT investigators to keep track of their online research, which requires local backups due to browser-based data storage.
[#]
Syslifters' OffSec-Reporting is a tool for generating cybersecurity reports that support various Offensive Security certifications, utilizing templates that convert markdown into PDFs and can be self-hosted or run on the cloud.
[#]
The GitHub repository 'telegram-osint-lib' provides a scenario-based Telegram API for OSINT tasks, enabling users to perform activities like searching for a user in groups, monitoring online status, downloading photos from channels, and tracking profile changes.
[#]
TJ-OSINT-Notebook is a resource providing tools, techniques, and resources for open source intelligence, including three case templates and a guide on using Joplin for organizing OSINT findings.
[#]
GitOSINT Bot, a Discord-based Open Source Intelligence tool, originally made for private use, has been discontinued due to misuse but will be re-released for professional OSINT analysts after 2024 with updates and paid APIs to prevent unethical use.
[#]
This text details a collection of scripts for scraping social media profiles from platforms like Twitter, Facebook, Instagram, Reddit, TikTok, Medium, Quora, Pinterest, and GitHub, which can be used with Python and appropriate web drivers.
[#]
The repository "HackingEnVivo/Doxing" contains a Python-based espionage and information gathering tool designed to automate the search for personal information utilizing doxing techniques; compatible with various operating systems, it requires installation via cloning from GitHub and is open for collaborations under an MIT license.
[#]
The document outlines a comprehensive set of online resources and tools for gathering Open Source Intelligence (OSINT), which can assist in identifying, researching, and analyzing targets across various platforms and data types, ranging from social media and real estate information to security footage and large datasets.
[#]
HINTS is a tool that organizes open-source intelligence on high-value targets using a React frontend and Strapi backend, featuring a knowledge base, CRUD tasks, and aims to include secure user authentication and report generation in its roadmap.
[#]
The TELEKRAM-DOX repository on GitHub contains a Telegram flood bot which can send multiple messages to a group or chat using a bot, and requires a token that is obtainable from Telegram's @BotFather.
[#]
SoulTaker is an open-source multitool that includes features such as phone spoofing, IP lookup, doxing, and various hacking utilities packaged in a .rar file with a separate password for decryption.
[#]
A GitHub user named SerLink04 has created a program called LinkDox which offers five features designed to gather information from usernames, IP addresses, names, and provides options to find passwords for email accounts as well as a history of Minecraft nicknames.
[#]
DaProfiler is an OSINT tool that collects digital identity data like emails, phone numbers, and social media accounts to help individuals rectify personal information exposures online.
[#]
A new script named Graver has been released to exploit a known server-side template injection and remote code execution vulnerability in Grav CMS, requiring valid editor credentials to operate.
[#]
The GitHub repository FattusRattus/Grandstream contains scripts that target vulnerabilities in Grandstream Phones, specifically the GXV3240 model.
[#]
A Proof of Concept exploit for CVE-2021-31630 enables remote code execution on OpenPLC on the WifineticTwo box, using provided IP address and credentials.
[#]
The 'asploit' GitHub repository offers command and control backdoors that can be added to Classic ASP, Flask, NodeJS, and PHP servers using a single line of code, with options for customization and multiple server management.
[#]
The information pertains to a collection of exploit configurations for the CVE-2021-44228 vulnerability, detailing how to use a Python script and additional files to target various systems.
[#]
The document describes f5_scanner, a Python tool for automated scanning of IP addresses with 30 threads to identify devices vulnerable to CVE-2020-5902, including setup and usage instructions.
[#]
NoMoney is a free, integrated information gathering tool that combines data from several platforms, using both web crawling and APIs with certain usage limitations, and includes features for updating cookies and formatting output reports.
[#]
Learn essential low-level bit manipulation techniques, ranging from checking parity to toggling specific bits, to optimize programming with integers in embedded systems.
[#]
The ComplianceAsCode project provides a collection of security automation content in formats such as SCAP, Bash, and Ansible, to help maintain and enforce security policies on various platforms and products.
[#]
The MTProxy page on GitHub details the process to set up a secure MT-Proto proxy for Telegram, including building the proxy, obtaining necessary files, generating a user secret, configuring the system, and registering with Telegram's MTProxybot.
[#]
Akamai researchers have identified a privilege escalation technique in Active Directory that exploits the DHCP Administrators group to potentially gain domain admin privileges, and they provide steps for mitigation and detection.
[#]
Neutron is an AI-driven assistant for Linux-based ethical hackers, offering features like autonomous mode and AI suggestions, and is now part of Nebula Pro's free tier.
[#]
A Python script has been released that scans for systems vulnerable to a new denial of service attack exploiting CVE-2024–2169, for use in secure testing environments.
# News
[#]
A critical vulnerability in Varnish Cache (CVE-2024-30156), which could enable denial-of-service attacks on websites, requires administrators to either update to a newer, secure version or temporarily disable HTTP/2 as a mitigation measure.
[#]
VF Corporation informed 35.5 million customers of a data breach that exposed names, emails, addresses, phone numbers, and purchase histories, while confirming no financial details or passwords were taken.
[#]
North Korean hacking group Kimsuky is now using Compiled HTML Help files within various archive file types to install malware and steal sensitive information, with their tactics evolving and showing active use of AI for phishing.
[#]
German police have shut down the Nemesis Market on the darknet, confiscated over $100,000 in crypto, and are investigating its users and sellers worldwide, but have not yet made any arrests.
[#]
China-linked hackers are intensifying their cyber attacks, particularly on Operational Technology in critical sectors, with recommended actions including enhanced OT security measures and international collaborative efforts to counter the threat.
[#]
The file for Matthias Caretta Crichlow's thesis on Blue Team operational security failures at the University of Twente is missing, but the work examines the mistakes made in defensive cybersecurity practice that can be remedied by improved procedures and awareness.
[#]
Open-source intelligence (OSINT) has evolved with the digital age, allowing people to gather vast amounts of data legally from public online sources, and is now a key focus of development within the U.S. intelligence community.
[#]
Open Source Intelligence (OSINT) is highlighted as a cost-effective method for businesses of all sizes to comply with Know Your Customer (KYC) regulations by collecting publicly available data to assess risks and verify identities, with Golden Owl offering services in multiple languages.
[#]
The Bundesamt für Sicherheit in der Informationstechnik (BSI) website provides guidance on various cybersecurity topics, ranging from securing online shopping and social media accounts to critical infrastructure and reporting IT security incidents.
[#]
Ken Shirriff details the inner workings of the Intel 8088 processor's instruction prefetch system, explaining how its design for efficient memory operation influenced computer performance and the development of the IBM PC.
