2024-02-20 // Today, SiCat, a Python-based tool for exploit searching; SwaggerSpy, an OSINT tool for detecting sensitive data in SwaggerHub APIs; a detailed analysis of BackMyData ransomware; BinCAT, a static analysis tool for binary code; the WinRAR RCE vulnerability CVE-2023-38831 exploit method; defenses against the AsyncRAT trojan; Beelzebub, a low-code honeypot framework; basics of creating malicious software in Python; BruteCore, a brute-force tool; GitHub reconnaissance techniques; WonkaVision, for analyzing Kerberos tickets; and Fax Shell, an exploit using the Windows Fax service. These topics span from exploit identification, sensitive information detection, malware analysis, vulnerability exploitation, honeypot framework, to advanced security reconnaissance and protection methods. [more...]

2024-02-19 // Today, AzSubEnum is a Python tool for scanning Azure environments. A guide on configuring a Windows 10 VM in VMware for kernel debugging is available at cra0.net. MrHandler is a Linux tool for post-incident system data collection. InflativeLoading converts executable files into PIC shellcode. TwiceSafe Software Solutions Inc has released a Forensic OSINT Chrome Extension. An analysis using Google Maps location history to estimate encounters is detailed at habr.com. Two articles discuss enhancing Docker security with various tools and practices. A guide for cyber security enthusiasts on maintaining online anonymity and other topics can be found at start.me. Valid8Proxy automates the management of web proxies and is available on GitHub. Lastly, GPTScript offers a new scripting language for task automation. [more...]

2024-02-18 // The AWS cryptography guide from trailofbits.com emphasizes the importance of selecting the right cloud security tools for data encryption, key management, and handling sensitive information, highlighting AWS services like KMS, CloudHSM, and encryption SDKs. Ken Shirriff’s exploration at righto.com into the Bendix Central Air Data Computer reveals the intricate workings of military aircraft’s electromechanical components. A significant breakthrough is documented at smlx.dev, where a researcher successfully reverse-engineered GoodWe’s solar inverter protocol, identifying security vulnerabilities and developing a secure data gathering method. The HackTheBox guide on gitlab.io offers strategies for exploiting vulnerabilities such as IDOR, SQL injection, and buffer overflow. GitHub hosts the “Apanazar/camstalker” repository, a project aimed at searching random YouTube videos, and another repository offering strategies for cyber-attack analysis. Gitbook.io provides a list of FININT investigation tools, while soroush.me discusses the mitigation of risks associated with disabling ASP.NET ViewState MAC validation. Br0k3nlab.com introduces “Living off the False Positive,” a resource for identifying cybersecurity detection weaknesses, and github.com features the Email2WhatsApp OSINT tool, an exploitation tool for Confluence servers, and SecretPixel, a steganography tool. Further contributions include Netlas.io’s search strings for finding vulnerable devices, Snoop’s and HackBrowserData’s latest updates, TorBot for Tor network data analysis, MetaRadar for privacy-respecting Bluetooth scanning, Impacket for remote hash extraction, an analysis of ISFB malware, eHIDS for intrusion detection, AWS-SG-Analyzer for security group auditing, ZLUDA for running CUDA applications on AMD GPUs, Quickemu for creating virtual machines, Hiado for Azure DevOps permissions enumeration, a POC exploit for a libgcrypt vulnerability, a fuzzer integrating the Bochs emulator, a script for generating Active Directory change reports, and FullBypass for circumventing AMSI and PowerShell CLM restrictions. Each article contributes valuable insights into their respective fields, from security and encryption to software development and intrusion detection. [more...]

2024-02-17 // Recent cybersecurity developments include NullSection, a tool for nullifying ELF binary headers to hinder reverse engineering; a process for exploiting an RCE in Splunk Enterprise with a malicious XSL file for reverse shell execution; Burp Suite’s Sessionless extension for manipulating signed web tokens and simulating authorization attacks; guidelines for creating fake identities and secure work environments for OSINT; Echotrail’s identification of common Windows processes for app permissions; The ThreatHunting Project, a resource for cyber threat hunting techniques; The Vergilius Project’s insights into Windows kernel structures; vulnerabilities in TPMs for attestation and encryption; an exploit in Microsoft Outlook (CVE-2024-21413) for password hash theft; and the WEB-Wordlist-Generator for creating defense wordlists against cyber attacks. [more...]

2024-02-16 // Today, a PoC for an RCE vulnerability in Empire C2 framework versions before 5.9.3, the WEB-Wordlist-Generator tool for creating targeted cyber defense wordlists, ADExplorerSnapshot.py for parsing Active Directory snapshots into BloodHound for security analysis, an analysis of DJI Pilot app’s ART hijacking mechanism and unpacking method using DxFx, Python-Backdoor, a cross-platform tool for remote access with multiple features, Ubuntu’s command-not-found package potentially suggesting malicious snap packages, ICSrank for assessing security of industrial internet-connected devices, NipeJS for identifying JavaScript leaks, a study on deceptive language models in the sleeper-agents-paper, SploitScan for vulnerability identification and prioritization, DarkCool for penetration testing and forensic analysis, 0up for encrypted file-sharing, sdcampbell/nmapurls for parsing Nmap XML reports, and a PoC exposing a vulnerability in Xiaomi’s HyperOS bootloader unlock restrictions. [more...]