2024-03-21 // At SpecterOps, they found that Microsoft Exchange Server might lead to domain control attacks due to permission setups in Active Directory, unless mitigated by splitting permissions or restricting Exchange’s rights. MultiDump is a new tool avoiding Windows LSASS memory dump detection with encryption and requires updated parsing tools. Another article showcases how to exploit Android Jetpack Navigation to access any app fragment. Guillaume Caillé describes bypassing ‘Loader Lock’ by DLL side-loading differently. Microsoft’s PyRIT helps identify risks in generative AI, while OWASP OFFAT tests APIs for vulnerabilities. Tutorials and tools are discussed for IP search engines and Extractify extracts data for cyber analysis. Stuart McClure and another professional provide insights into cyber threats. WorldviewAI’s site brings global info, including cyber warfare. Advangle helps create advanced web searches, and Profile Discover finds social media profiles fast. Iván Santos Malpica shares web security bypass methods, and another security pro shows that manual SQL injection can outperform tools like sqlmap. Rishi introduces Nuclei templates to detect phishing, and a Python Flask app has template injection vulnerabilities. A GitHub repo displays an exploit for an aiohttp server (CVE-2024-23334). Lastly, a Linux Bash script uses Google dorking for info gathering. [more...]

2024-03-20 // Techniques for discreetly loading DLLs using Windows Thread Pool API’s and exploiting Windows kernel vulnerabilities through ROP chains are explained. Clément Amic focuses on exploiting Java deserialization flaws, and the GAP-Burp-Extension helps with fuzzing web apps. Learn a Direct Pointer execution method for shellcode, and check out RustRedOps, a Rust-based repository for Red Team tools. GitAlerts aids in monitoring sensitive files on GitHub, while an exploit, CVE-2023-6241, is out for bypassing memory protections on Pixel 8. Tips for preventing secrets leaks in Docker images, detecting yellow tracking dots with Dotspotter, and exploiting facial recognition systems are discussed. Emora emerges as a tool for searching social network usernames, while various tools for finding JavaScript vulnerabilities are listed. An "Awesome ChatGPT Prompts" repository offers creative prompts, and techniques to exploit identity providers are covered. GTPDOOR Scan helps detect malware-infected hosts, and a list of satellite OSINT tools is compiled. Learn about Ralph Merkle’s cryptographic work, and discover Kiddy, a tool for obscuring Linux kernel information. [more...]

2024-03-19 // Today, Trail of Bits releasing weAudit, which helps with code auditing in VSCode. There’s a tool called Instagram User ID Finder for users to find Instagram IDs without logging in. The site Kontragenta.net offers a database for verifying information about legal subjects and others. Various OSINT tools are listed for cyber intelligence like search engines, and domain info. A text talks about a free phone number search tool for investigating numbers. An expert released a kernel exploit analysis for Android 14 on Google Pixel devices. Geowifi helps find WiFi networks by BSSID/SSID. ShodanX is a cybersecurity tool for using Shodan for free. Firefox’s security is improved through JSIPC and tooling for identifying sandbox vulnerabilities. NoArgs hides Windows process arguments for privacy. The xai-org/grok-1 repository has a huge Grok-1 model requiring a strong GPU. Shodan is a search engine for finding exposed internet devices. There’s a discussion on military tech showing a pivot to drones over traditional aircraft. Techniques like Return Oriented Programming for buffer overflow exploits and a new method called JSON Smuggling are explained. [more...]

2024-03-18 // Today, MapXplore is a tool that improts data from sqlmap to PostgreSQL or SQLite, makin it easer for searching and managing information. linWinPwn is a bash script for auditing and penetration testing Active Directory on Linux systems. There’s a new set of proof-of-concept modules for Windows OS kernel-mode rootkit techniques, focusing on various methods and compatible with 64-bit Windows 10 post the 2004 update. luijait created DarkGPT, an AI-based Open Source Intelligence tool that uses GPT-4-200K to spot compromised databases, needing Python 3.8. DNS-Tunnel-Keylogger is for sending keystrokes via DNS tunneling from a compromised system to an attacker server. Warp brings a Rust-built terminal for Linux with AI and tools for better productivity, like editing, command generation, and workflows. [more...]

2024-03-17 // In a recent hacking challenge, participants aim to gain unauthorized administrative access on a Windows domain using various cyber-attack methods. Dorkish is a Chrome extension aiding in OSINT for better reconnaissance with custom search queries. An article explains advanced malware development techniques for executing malicious code stealthily by exploiting Windows features. LLM4Decompile is a new tool using language models for decompiling binary code for improved cybersecurity analysis. Shelter technique conceals payloads in memory using ROP-based obfuscation and encryption. AttackGen assists organizations in testing incident response via customizable scenarios. DirDar finds restricted web directories, and Backup-Finder for Burp Suite reveals potentially sensitive files on webservers. [more...]