2024-02-10 // Explore Ligolo-Ng as an alternative for network pivoting without SOCKS, contrasting it with Chisel, and delve into its setup in a step-by-step guide. Understand Active Directory attributes and their exploitation, along with defense tactics for Windows security. Update Ivanti Connect Secure to patch a critical XXE vulnerability. Check out a demonstrated BYOVD attack using a Minifilter Driver to halt processes and access its code on GitHub. Decode Cobalt Strike payloads and extract C2 server details from a concise method posted on Reddit. Prevent command injection on NETGEAR WAN by adjusting SSL certificate checks and device time settings to avoid manipulated cron jobs. Consider JSON Smuggling to improve intrusion detection evasion techniques by encoding payloads cleverly. Utilize CloudMiner to run code on Azure Automation service cost-free, meant for responsible educational use. Assess the new Windows sudo command limits and security risks connected to its UAC privileges and RPC server. Protect C2 and phishing ventures with BounceBack, a reverse proxy with extensive filtering options. Unlock STM8-based device firmware using voltage glitches, timers, and scripts, avoiding pricey tools. Quickly apply patches to FortiOS SSL-VPN to close off a severe out-of-bounds write vulnerability. Evaluate honeypot strengths and weaknesses using Honeyscanner. Confirm secure setup of Microsoft 365 with ScubaGear, a tool from CISA. Experience MinDNS, a capable DNS server built in Rust, offering various services under an MIT license. Follow a comprehensive penetration testing guide based on OWASP with real-world examples. Reclaim lost cameras via stolencamerafinder using photo EXIF data. [more...]

2024-02-09 // Today, BadExclusions is a tool that makes sure antivirus systems don’t miss any dangerous files. Melissa Bruno warns about the risk of hackers accessing private data through web flaws, suggesting careful checks and using specific tools. A malware named Ov3r_Stealer is tricking people on Facebook to steal their information. Techniques like using Veeam Backup & Replication and Velociraptor help in analyzing cyber incidents, while a red team used an old Java Applet to find security holes. Other articles discuss hiding code from antivirus with WebAssembly and Rust, testing security on iPhones without jailbreaking, and creating a Metasploit exploit for a known vulnerability. Tools like TInjA and Stardust help find and exploit web page vulnerabilities or create stealthy attacks. Experts share insights on red team assessments, ClamAV patches critical vulnerabilities, and SwaggerSpy gathers sensitive online information. A vulnerability in runC allows attackers to break out of containers, iSniff GPS tracks location data from iOS devices, GoBuster finds hidden web paths, and Marcus Hutchins shares tips on evading detection by security systems. [more...]

2024-02-08 // In this article, we learn about Arachne, a tool that lets the good guys in cybersecurity send secret messages using web shells. It also shows how to catch RedLine Stealer, a computer bug, with pe-sieve and dnSpyEx. There’s a cool script called NTLM Relay Gat that makes breaking into systems easier if you’re a pro. For those who love playing with Android apps, apk.sh makes it super easy to see what’s inside them. Purple Teaming with CALDERA is all about mixing attack and defense skills to keep computers safe. APT-Hunter got better at finding threats, and there’s a big push for teamwork in fighting cyber bad guys with tools like CB-Threat-Hunting and Hunt Intelligence. [more...]

2024-02-07 // Today, a guide shows how to turn off Windows Defender in sneaky ways, manipulating privilege tokens and integrity levels. Proctools is a toolkit for managing Windows processes, including extracting information and dumping sensitive strings for cybersecurity operations. CVE-2024-20931 is a bug in Oracle WebLogic that allows bad actors to bypass a previous fix using a Java trick. Studies unravel code scrambles in the DJI Pilot app, aiding in understanding and repair. Google’s tool uses AI for quicker bug identification and resolution. Scapy, a Python tool, tests networks for vulnerabilities. CVE-2017-11176 exploitation in the Linux kernel is detailed, guiding from understanding to proof-of-concept. BrowserLeaks offers a privacy check for web browsing. Jael narrates their journey to becoming a cybersecurity expert with the OSCE3 certification. LaZagne extracts passwords from various applications across operating systems. CloakQuest3r reveals real IP addresses of websites behind Cloudflare. RustNet incorporates features like malware analysis and network sniffing. Infoooze performs online data gathering. Paybag simplifies Metasploit payload creation for Linux. Lists find hidden Dark Web sites and sensitive information. Findhunters fosters bug hunter collaboration. A Nuclei template detects a Jenkins vulnerability. TPM-Sniffing retrieves Bitlocker keys from TPMs using communication protocols. [more...]

2024-02-06 // Analyze SAP Router and DIAG connections for security parameters with the Sncscan tool. Detect ransomware in MySQL with MELEE, and enhance offensive security assessments with the Nemesis Kubernetes pipeline. Identify GitHub Actions vulnerabilities using the Argus static taint analysis tool, and check for Nginx alias traversal issues using Navgix. [more...]