2024-04-05 // In a recent post, Incinerator was introduced as a tool for reversing engineering Android malware and for security audits on apps. Discussions on r/netsec highlighted "Gram", a web application for threat modeling that works alongside system inventories. Chiasmodon came up as a CLI OSINT tool helping hackers gather info on domains and expanding with features like facial recognition. Readers also learned about alternatives to Netcat like Rlwrap, Rustcat, Pwncat, and Windows ConPty shell for secure connections in penetration testing. Lastly, Tunnelmole was mentioned for safely sharing local servers with the internet. [more...]

2024-04-04 // Techniques for stealing AD CS certificates include exporting and bypassing restrictions using tools like Mimikatz. DLL Proxy Loading is a method where an attacker substitutes a legitimate DLL with a fake one to execute malicious code. Secator is a tool that automates security assessments by integrating multiple security commands. ST Smart Things Sentinel is for IoT security, scanning for vulnerabilities and adding devices to a network for monitoring. Portr is an open-source tool for secure SSH tunneling. A privilege escalation bug in Microsoft Intune has been patched by Microsoft. Steganography is used to embed malicious shellcode into images to evade detection. TInjA scans for template injection vulnerabilities in web pages. Fast-recon automates the search for sensitive files online. Airgeddon tests wireless network security, pwnat establishes client communication behind NATs, Lazytainer automatically manages inactive Docker containers, and GitBook is a documentation platform for technical teams. A Python script for bypassing Cloudflare, zeropwn/intelx-maltego for OSINT visualization, a ZoomEye.hk search tool for querying applications, EVILRDP adds features to an RDP client, and a public API command checks ELF binary files for backdoors. [more...]

2024-04-03 // VolWeb helps investigators extract data from memory images, simplifies forensics. LDAP Watchdog monitor changes in LDAP entries, slacks alerts, skips some attributes. CVE-2024-3094, a cybersecurity flaw, learned to detect xz backdoor, updating systems to keep safe. NetScout is a tool for OSINT to dig into URL-related data. Sophisticated UNAPIMON malware evades detection, suggesting better security steps. Root access on macOS gain by filesystem mount tweak now patched. OCEANMAP backdoor used by APT28, allows remote manipulation. Generate Cobalt Strike beacons on Linux with CrossC2. Hakoriginfinder figures original hosts behind proxies. Evilginx 3.3 works with GoPhish, improves phishing campaigns. PowerShell DFIR scripts help in cyber defense on Kali Linux site. Use Gitrecon for info from GitHub/GitLab, and guard private data. Bishop Fox’s Cosmos gives penetration testing. Windows shortcuts and SSH can be phished, yet detectable. DOMPurify bypass found, corrected later. Linodas, Linux malware, hides well thus harder detecting. IceID malware leads to Nokoyawa ransomware in an attack. Dell server has a fixable privilege escalation. RouterOS DoS exploit works with malformed SMB packets. SQL-BOF library handles SQL interaction. "Rebound" VM on HackTheBox teaches cyberattacks-crack hashes, cycle RIDs. Nothing from a 404 error page. EDR systems’ anti-tampering disabled by communication interception. Vulnerability in EDR product by unprotected processes found. Jan gives an offline AI. Rust ransomware making demonstrated for learning, not misuse. Nidhogg rootkit performs stealth operations in Windows without detection. Malicious script in xz utility’s build could hijack functions, requires careful updates. Wireproxy is a userspace WireGuard, offering socks5/http proxy capabilities. [more...]

2024-04-02 // A security engineer found two methods to bypass DOMPurify’s protection by targeting how XML and HTML parsers work. The Drozer framework is used for testing Android app vulnerabilities, it’s user-friendly and can be set up using Docker. It’s important to check Active Directory admin groups to reduce risks. GitHub’s xz-vulnerable-honeypot shows how to set up a honeypot detecting SSH attacks. AssetViz draws subdomains as a mind map for penetration testers. ChaiLdr repository helps avoid antivirus using shellcode loader techniques. Misusing the DLL Search Order can allow malware on Windows, so defenses are needed. An Android 14 kernel exploit affects Pixel devices, can gain root access. ADPT simplifies DLL hijack and sideloading exploits automatically. Modpot uses Go and gin for a web app honeypot to catch cyberattacks. Arjun hunts for HTTP parameters effectively. ADCSCoercePotato can force ADCS to authenticate for elevated privileges. HuntKit compiles pentesting tools in Docker for performance. A Python script makes simulated web traffic for network training. Portr safely shares local web services. LLVM is a compiler framework supporting many languages. CS 6120 at Cornell teaches programming language implementation online. A security researcher, amlweems, created a honeypot for CVE-2024-3094. Sudistark/xss-writeups explains an XSS bug on figma.com. An online service checks XZ backdoor in ELF binaries. Microsoft’s ML-For-Beginners provides a 26-lesson course on machine learning. A blog post demonstrates executing a buffer overflow attack. Linux’s ‘wall’ command has a flaw, WallEscape (CVE-2024-28085), which can leak sensitive info. And Helix is a modern text editor offering features for coders. [more...]

2024-04-01 // The HEDnsExtractor tool helps cyber security folks by pulling out domains/IP networks that could be bad news. Sadly, there’s a nasty bug CVE-2024-0204 in GoAnywhere Admin that lets sneaky folks make high-privilege accounts they shouldn’t. For you tech heads, there’s a guide to writing 64-bit Linux shellcode so you can say "Hello World" with your CPU. R2Frida is a cool thing mixing radare2 with Frida to tweak live processes. Gynvael Coldwind busted a sneaky attack hiding in xz/liblzma that messes with data and sneaks in a backdoor. DroidLysis speeds up reverse engineering for Android apps while Subfinder and httpx are ace for finding digital weak spots. Certificate Transparency logs help spot tricky subdomains, helping in research and bounty hunting. FFUF finds hidden web content, and an SSH honeypot using CVE-2024-3094 waits for hackers. Cloudtopolis cracks passwords using Google’s cloud and the net. Sniff out leaked credentials with Chrome and Burp Suite. Compare different EDR products with EDR-Telemetry. Hijack Windows with CcmPwn, and level up your cybersecurity chops with a book covering all things low-level. Some smart cookies found a Linux kernel bug (CVE-2024-1086) and a Cisco Umbrella script that susses out weird DNS requests. There’s new malware-sniffing gear for .NET, and the latest tricks for nabbing manually mapped rootkits. Learn all about Windows UAC, poking around group policy bits for security testing, and make stuff safer with the Failsafe-go library. See OSINT trends with MetaOSINT, dig into Mastodon with Masto, and lurk on CashApp profile pics. Bag complex web data with One, track blockchain wallets with Wallet-Tracker CLI, learn malware analysis free from Arch Cloud Labs, and speed-scan websites with PIDRILA. There’s a list of tools for taking apart social media, a fancy Cobalt Strike code generator, smackdab in ya face. OffSec Reporting beautifies pentest reports and there’s more Telegram and Discord sleuthing gear, plus search savvy IRBIS for personal info digging.PHP library ’telegram-osint-lib’ focuses on Telegram for data scraping, and the OSINT Notebook by tjnull organizes your snooping. Gynvael Coldwind had another go at showing how attacks creep into xz/liblzma. Slide into a process on Windows with the NtSetInformationProcess function. CVE-2023-4863 made a boo-boo with WebP images, gotta patch those browsers! Then there’s a crafty exploit messing with Google’s sign-in, and finally, a treasure trove of cyber security resources for folks gearing up for the OSCP or just being security-smart. [more...]