2024-03-03 // Today, CozyHosting box uses session hijacking, addressing Apache DolphinScheduler’s vulnerabilities, and introducing tools like Sebel for blocking malicious SSL/TLS certificates. It discusses Android management with Moukthar, data protection via MultiDump and Excel-Anonymizer, and secure file sharing with QR codes. The guide highlights software like AdGuardHome for ad blocking, TikTok Uploader, and Fossify Messages for SMS automation. It also touches on network security with Onionpipe, social media analysis with Hunt Intelligence, and updates on APT-HUNTER, cURL fuzzing, and IoT exploits. Additionally, it explores SQL injection detection, command and control with Havoc C2, and access to the vulnerability database with CVEMAP. [more...]

2024-03-02 // The LogSnare project is a web application aimed at educational purposes, demonstrating common security flaws like IDOR and broken access control. RKS automates keystrokes for post-exploitation activities in remote desktop environments. VMP-Imports-Deobfuscator rebuilds the IAT in VMProtect-protected applications. Techniques to harden Windows systems against various cyber threats involve modifying Registry and service settings. Telegram users can locate others via the ‘People Nearby’ feature; however, this can be countered by disabling location settings. The smtpEmailChecker is a Python tool for validating email addresses over SMTP. The article outlines the creation and concealment of a keylogger payload for stealthy data exfiltration. A tool for searching Malware Bazaar enhances the ability to find Cobalt Strike LNK loaders. The gitdoorcheck tool uses OpenAI’s LLM APIs for code analysis to detect backdoors in Git repositories. The Mysterious Werewolf threat group is exploiting a WinRAR vulnerability to deliver the RingSpy backdoor to military-industrial targets. Elastic Security Labs shared a technique to capture ransomware encryption keys using canary files. An Android vulnerability in APEX package signature verification allows for malicious code execution. BOFHound is an offline tool that generates BloodHound-compatible JSON for Active Directory analysis. An exploit for a Linux kernel vulnerability in the Traffic Control subsystem enables kernel access via a Use-After-Free condition. Lastly, the cybersecurity-roadmap GitHub repository provides a comprehensive guide for career progression in the cybersecurity field. [more...]

2024-03-01 // Today, BestEDROfTheMarket is a lab for bypassing Endpoint Detection and Response systems, offering dynamic analysis tools. Vulnerabilities in Plixer Scrutinizer allow unauthorized access, highlighted on Atredis Partners’ GitHub. The Mail-in-the-Middle tool poses spear-phishing risks by intercepting emails. A C# PDF-exploit builder targets Foxit Reader and Adobe Acrobat vulnerabilities. A Python and Go script, URL Regex Match Counter, analyzes URL content. Apache Solr’s RCE vulnerability is demonstrated with a POC. Shelter, a Rust-based security tool, obfuscates payloads. Plate Recognizer offers ALPR solutions for vehicle management. ZeroPointSecurity/PInvoke supports projects with P/Invoke signatures. EnumSSN aids in syscall scripting by identifying System Service Numbers. [more...]

2024-02-29 // The Peaky-XD/webshell repository is a hub for webshell scripts in various languages including PHP and ASP, open to contributions under the MIT License. BALIMO LENA and PETLIBRO IoT Pet Feeders have been found to have security issues allowing for firmware extraction and unauthorized control, risking pet overfeeding through UART interface exploitation. The CanaryTokenScanner Python script aids in detecting Canary Tokens in documents and zip files to enhance cyber defense. A guide to removing Android.Waps adware from the Kirikiroid2 app using tools such as Apktool is detailed. An online tool enables the creation of fake Telegram chats for entertainment. Zeoob offers tools for simulating social media content for educational purposes. A categorized list of Telegram bots is provided for PII research and SOINT applications, emphasizing good OPSEC practices. Risks associated with unauthorized Terraform provider deployment due to exposed state files are discussed, with mitigation advice such as enabling state locking. RetinaFace, a Python library, offers features for facial detection and recognition, installable via ‘pip’ or ‘conda’. Bouncer is a bookmarklet for extracting user IDs from social media profiles. The Tosint OSINT tool extracts data from Telegram bots. jsleak is a tool for finding secrets in JavaScript files. Security measures for Nginx servers and strategies from the "BypassAV" GitHub repository for evading anti-virus and EDR systems are shared. Recommendations for enhanced system security include patch management and user education. Advanced cybersecurity techniques to attack Microsoft 365 and the open-source bpftop tool from Netflix for viewing eBPF program statistics are also mentioned. [more...]

2024-02-28 // Today, GuardioLabs offers tools for domain security and DNS improvement, while Reeder uses ChatGPT for document analysis. The “WhatsApp-Spam” repository provides educational scripts for spamming awareness. Phone lookup tools are crucial for fraud prevention and KYC compliance. Tips for phone scam protection include using instincts and research tools. The r1cksec repository and Google’s Magika address cybersecurity and file detection. CVE-MAKER aids in CVE searches. Recent cybersecurity incidents include vulnerabilities in Torrentpier and Jenkins, DLL injection threats, and the rise of Lumma Stealer malware, emphasizing the need for safe software practices and advanced security measures. [more...]