2024-04-07 // A cybersecurty hobbyist showed how to use vm2 JavaScript sandbox vulnerabilities to get into a Linux server, find a hash, and root access in a HackTheBox Codify challenge. Web cache issues, which can leak info, need careful monitoring; techniques like underscores in headers and fuzzing help prevent these attacks. The OSTE-Web-Log-Analyzer is a tool in Python for analyzing web logs to spot web attacks. C2 Cloud makes pentesting simpler with its web interface for handling backdoor sessions. To get Wi-Fi passwords from Windows after a breach, you need admin rights or the user’s context, and it’s suggested to not use WPA2 PSK for private networks.The Xen hypervisor got updated to fix handling of page table entries for superpages. Mahmoud Attia explains how to automate finding XSS vulnerabilities and avoid WAF detection using certain tools. A blog post explained how to create a backdoored Amazon Machine Image (AMI). Another post shows an exploit for BioTime software, allowing directory walking and code execution. A step-by-step method was given to analyze and get a malicious file from a site. MayflyHack has new cybersecurity resources like setting up a SCCM lab, network architecture, image creation, infrastructure deployment, and config management. The site itself provides tutorials for developing cyber security environments. Red Team Attack Lab uses real systems and vulnerabilities for offensive cybersecurity without cloud service costs. OpenGFW firewall is open-source, inspired by China’s firewall. Using Validin, 36 phishing domains linked to Latrodectus were found. Global Socket helps to securely communicate through firewalls using encrypted traffic. Japan EQ Locator helps visualize earthquake data, available on GitHub.QuickStego hides text in images, while QuickCrypto does the same with encryption. A Local Privilege Escalation (LPE) vulnerability in macOS filesystems was discovered and patched. Samuel Groß discussed finding vulnerabilities in image format parsers that impact Apple’s messenger apps. DroneXtract is softwre for analyzing DJI drone data. Articles explore Windows Containers creation and windows APIs. Web cache attacks can lead to site takeovers, but James Kettle suggests defenses like not caching error pages. FreeTube is a YouTube app for private viewing, and SearXNG is a private metasearch engine that doesn’t track users. [more...]

2024-04-06 // Today, AttackGen is a cybersecurity tool for creating scenarios to test incident responses. A blog recommends more secure Wi-Fi password practices. There’s a GitHub Ansible playbooks for fixing a vulnerability CVE-2024-3094. An article offers a comprehensive guide to phishing investigations using Microsoft tools. White Knight Labs’ GitHub focuses on cyber operations tools. Cofense specializes in cyber threat training and detection. Rundll32.exe exploitation is tackled by Cybereason’s AI platform per another article. Bsides Cymru 2023 introduced a method for process injection without traditional threads. OffSec EXP-401 course gives insight into exploit development. Windows HOSTS file management is explained for enhancing security. Monitoring Windows services is crucial for protecting against malicious activities. Payload-Generator simplifies Cobalt Strike payload building. Huntress analysts found ransomware misuse of data backup tools. A cloud penetration test showed a new technique for lateral movement exploiting PSRemoting. Taherio/redi on GitHub scripts the setup of CobaltStrike redirectors. A resource offers cybersecurity techniques for penetration testing. Tim Bandos emphasizes using MITRE’s ATT\u0026CK Framework for threat hunting. Vulnerability Management bootcamp helps start cybersecurity careers. A Cobalt Strike setup guide explains various red team operation techniques. **FortyNorth Security’s tool EDD is for domain data enumeration. A course teaches creating a detection playbook in Security Onion 2.3. HOPain OSINT Search Tools Version 2.0 gathers open-source intelligence. Fast-recon Python script automates sensitive file searches for domains. Web-traffic-generator simulates web traffic. Splunk Attack Range builds cyber attack simulations. Subdomain fuzzing nets a $35,000 bug bounty. Nemanja Mijailovic shares how to download Bandcamp albums not in a user’s collection. [more...]

2024-04-05 // In a recent post, Incinerator was introduced as a tool for reversing engineering Android malware and for security audits on apps. Discussions on r/netsec highlighted "Gram", a web application for threat modeling that works alongside system inventories. Chiasmodon came up as a CLI OSINT tool helping hackers gather info on domains and expanding with features like facial recognition. Readers also learned about alternatives to Netcat like Rlwrap, Rustcat, Pwncat, and Windows ConPty shell for secure connections in penetration testing. Lastly, Tunnelmole was mentioned for safely sharing local servers with the internet. [more...]

2024-04-04 // Techniques for stealing AD CS certificates include exporting and bypassing restrictions using tools like Mimikatz. DLL Proxy Loading is a method where an attacker substitutes a legitimate DLL with a fake one to execute malicious code. Secator is a tool that automates security assessments by integrating multiple security commands. ST Smart Things Sentinel is for IoT security, scanning for vulnerabilities and adding devices to a network for monitoring. Portr is an open-source tool for secure SSH tunneling. A privilege escalation bug in Microsoft Intune has been patched by Microsoft. Steganography is used to embed malicious shellcode into images to evade detection. TInjA scans for template injection vulnerabilities in web pages. Fast-recon automates the search for sensitive files online. Airgeddon tests wireless network security, pwnat establishes client communication behind NATs, Lazytainer automatically manages inactive Docker containers, and GitBook is a documentation platform for technical teams. A Python script for bypassing Cloudflare, zeropwn/intelx-maltego for OSINT visualization, a ZoomEye.hk search tool for querying applications, EVILRDP adds features to an RDP client, and a public API command checks ELF binary files for backdoors. [more...]

2024-04-03 // VolWeb helps investigators extract data from memory images, simplifies forensics. LDAP Watchdog monitor changes in LDAP entries, slacks alerts, skips some attributes. CVE-2024-3094, a cybersecurity flaw, learned to detect xz backdoor, updating systems to keep safe. NetScout is a tool for OSINT to dig into URL-related data. Sophisticated UNAPIMON malware evades detection, suggesting better security steps. Root access on macOS gain by filesystem mount tweak now patched. OCEANMAP backdoor used by APT28, allows remote manipulation. Generate Cobalt Strike beacons on Linux with CrossC2. Hakoriginfinder figures original hosts behind proxies. Evilginx 3.3 works with GoPhish, improves phishing campaigns. PowerShell DFIR scripts help in cyber defense on Kali Linux site. Use Gitrecon for info from GitHub/GitLab, and guard private data. Bishop Fox’s Cosmos gives penetration testing. Windows shortcuts and SSH can be phished, yet detectable. DOMPurify bypass found, corrected later. Linodas, Linux malware, hides well thus harder detecting. IceID malware leads to Nokoyawa ransomware in an attack. Dell server has a fixable privilege escalation. RouterOS DoS exploit works with malformed SMB packets. SQL-BOF library handles SQL interaction. "Rebound" VM on HackTheBox teaches cyberattacks-crack hashes, cycle RIDs. Nothing from a 404 error page. EDR systems’ anti-tampering disabled by communication interception. Vulnerability in EDR product by unprotected processes found. Jan gives an offline AI. Rust ransomware making demonstrated for learning, not misuse. Nidhogg rootkit performs stealth operations in Windows without detection. Malicious script in xz utility’s build could hijack functions, requires careful updates. Wireproxy is a userspace WireGuard, offering socks5/http proxy capabilities. [more...]