Kubernetes Hardening Guidance
The NSA and CISA have published today a Kubernetes security-hardening guide
https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF
#kubernetes #hardening #security
The NSA and CISA have published today a Kubernetes security-hardening guide
https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF
#kubernetes #hardening #security
Malware Development Resources
A tale of EDR bypass methods
# https://s3cur3th1ssh1t.github.io/A-tale-of-EDR-bypass-methods/
Antivirus Artifacts
# https://github.com/D3VI5H4/Antivirus-Artifacts
Windows X86-64 System Call Table (XP/2003/Vista/2008/7/2012/8/10)
# https://j00ru.vexillium.org/syscalls/nt/64/
SysWhisoers
# https://github.com/jthuraisamy/SysWhispers
SysWhispers2
# https://github.com/jthuraisamy/SysWhispers2
SysWhispers2_x86
# https://github.com/mai1zhi2/SysWhispers2_x86
Dynamic Invocation in .NET to bypass hooks
# https://blog.nviso.eu/2020/11/20/dynamic-invocation-in-net-to-bypass-hooks/
Dynamic-Invoke
# https://thewover.github.io/Dynamic-Invoke/
Offensive P/Invoke: Leveraging the Win32 API from Managed Code
# https://posts.specterops.io/offensive-p-invoke-leveraging-the-win32-api-from-managed-code-7eef4fdef16d
Syscalls with D/Invoke
# https://offensivedefence.co.uk/posts/dinvoke-syscalls/
Shellycoat
# https://github.com/slaeryan/AQUARMOURY/tree/master/Shellycoat
Defeating Antivirus Real-time Protection From The Inside
# https://breakdev.org/defeating-antivirus-real-time-protection-from-the-inside/
Preventing 3rd Party DLLs from Injecting into your Malware
# https://www.ired.team/offensive-security/defense-evasion/preventing-3rd-party-dlls-from-injecting-into-your-processes
Lets Create An EDR… And Bypass It!
# https://ethicalchaos.dev/2020/05/27/lets-create-an-edr-and-bypass-it-part-1/
# https://ethicalchaos.dev/2020/06/14/lets-create-an-edr-and-bypass-it-part-2/
Bypassing Cylance and other AVs/EDRs by Unhooking Windows APIs
# https://www.ired.team/offensive-security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis
Red Team Tactics: Utilizing Syscalls in C#
# https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
# https://jhalon.github.io/utilizing-syscalls-in-csharp-2/
Art of Anti Detection
# https://pentest.blog/art-of-anti-detection-1-introduction-to-av-detection-techniques/
# https://pentest.blog/art-of-anti-detection-2-pe-backdoor-manufacturing/
# https://pentest.blog/art-of-anti-detection-3-shellcode-alchemy/
#edr #av #evasion #maldev
A tale of EDR bypass methods
# https://s3cur3th1ssh1t.github.io/A-tale-of-EDR-bypass-methods/
Antivirus Artifacts
# https://github.com/D3VI5H4/Antivirus-Artifacts
Windows X86-64 System Call Table (XP/2003/Vista/2008/7/2012/8/10)
# https://j00ru.vexillium.org/syscalls/nt/64/
SysWhisoers
# https://github.com/jthuraisamy/SysWhispers
SysWhispers2
# https://github.com/jthuraisamy/SysWhispers2
SysWhispers2_x86
# https://github.com/mai1zhi2/SysWhispers2_x86
Dynamic Invocation in .NET to bypass hooks
# https://blog.nviso.eu/2020/11/20/dynamic-invocation-in-net-to-bypass-hooks/
Dynamic-Invoke
# https://thewover.github.io/Dynamic-Invoke/
Offensive P/Invoke: Leveraging the Win32 API from Managed Code
# https://posts.specterops.io/offensive-p-invoke-leveraging-the-win32-api-from-managed-code-7eef4fdef16d
Syscalls with D/Invoke
# https://offensivedefence.co.uk/posts/dinvoke-syscalls/
Shellycoat
# https://github.com/slaeryan/AQUARMOURY/tree/master/Shellycoat
Defeating Antivirus Real-time Protection From The Inside
# https://breakdev.org/defeating-antivirus-real-time-protection-from-the-inside/
Preventing 3rd Party DLLs from Injecting into your Malware
# https://www.ired.team/offensive-security/defense-evasion/preventing-3rd-party-dlls-from-injecting-into-your-processes
Lets Create An EDR… And Bypass It!
# https://ethicalchaos.dev/2020/05/27/lets-create-an-edr-and-bypass-it-part-1/
# https://ethicalchaos.dev/2020/06/14/lets-create-an-edr-and-bypass-it-part-2/
Bypassing Cylance and other AVs/EDRs by Unhooking Windows APIs
# https://www.ired.team/offensive-security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis
Red Team Tactics: Utilizing Syscalls in C#
# https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
# https://jhalon.github.io/utilizing-syscalls-in-csharp-2/
Art of Anti Detection
# https://pentest.blog/art-of-anti-detection-1-introduction-to-av-detection-techniques/
# https://pentest.blog/art-of-anti-detection-2-pe-backdoor-manufacturing/
# https://pentest.blog/art-of-anti-detection-3-shellcode-alchemy/
#edr #av #evasion #maldev
👍1
Git-Secret
Go scripts for finding an API key / some keywords in a github repository
https://github.com/daffainfo/Git-Secret
#bugbounty #bugbountytips #pentest #api #infosec
Go scripts for finding an API key / some keywords in a github repository
https://github.com/daffainfo/Git-Secret
#bugbounty #bugbountytips #pentest #api #infosec
Search JS using Gau
#bugbounty #bugbountytips
gau -subs DOMAIN |grep -iE '\.js'|grep -iEv '(\.jsp|\.json)' >> js.txt#bugbounty #bugbountytips
Forget Password Vulns
https://www.xmind.net/m/nZwbdk/
#AppSec #hacking #bugbountytips #websecurity #xmind
https://www.xmind.net/m/nZwbdk/
#AppSec #hacking #bugbountytips #websecurity #xmind
Xmind
Common Vulnerabilities on Forget Password Functionality
A Mind Map about Common Vulnerabilities on Forget Password Functionality submitted by Harsh Bothra on Jul 23, 2021. Created with Xmind.
DEF CON 29 Main Stage Presentations:
1-Babak Javadi, Nick Draffen, Eric Bettse, Anze Jensterle - The PACS man Comes For Us All
https://www.youtube.com/watch?v=NARJrwX_KFY
2-Reza Soosahabi, Chuck McAuley - SPARROW: A Novel Covert Communication Scheme
https://www.youtube.com/watch?v=oaLIo9HwW-g
3-Tomer Bar, Eran Segal - 2021 Our Journey Back To The Future Of Windows Vulnerabilities
https://www.youtube.com/watch?v=VxNi5pVDZU0
4-Sick Codes - The Agricultural Data Arms Race Exploiting a Tractor Load of Vulns
https://www.youtube.com/watch?v=zpouLO-GXLo
5-Shir Tamari, Ami Luttwak - New class of DNS Vulns Affecting DNS-as-Service Platforms
https://www.youtube.com/watch?v=72uzIZPyVjI
6-Sheila A Berta - The Unbelievable Insecurity of the Big Data Stack
https://www.youtube.com/watch?v=vl9hk4fQdos
7-Roy Davis - No Key No PIN No Combo No Problem Pwning ATMs For Fun and Profit
https://www.youtube.com/watch?v=9cG-JL0LHYw
8-Rotem Bar - Abusing SAST tools When scanners do more than just scanning
https://www.youtube.com/watch?v=Jl-CU6G4Ofc
9-Richard Thieme AKA neuralcowboy - UFOs: Misinformation, Disinfo, and the Basic Truth
https://www.youtube.com/watch?v=mExktWB0qz4
10-Richard Henderson - Old MacDonald Had a Barcode, E I E I CAR
https://www.youtube.com/watch?v=cIcbAMO6sxo
11-Rex Guo, Junyuan Zeng - Phantom Attack: Evading System Call Monitoring
https://www.youtube.com/watch?v=yaAdM8pWKG8
12-Paz Hameiri - TEMPEST Radio Station
https://www.youtube.com/watch?v=m9WkEwshNKc
13-Patrick Wardle - Bundles of Joy: Breaking MacOS via Subverted Applications Bundles
https://www.youtube.com/watch?v=raSTgFqYaoc
14-PatH - Warping Reality: Creating and Countering the Next Generation of Linux Rootkits
https://www.youtube.com/watch?v=g6SKWT7sROQ
15-Orange Tsai - ProxyLogon Just Tip of the Iceberg, New Attack Surface on Exchange Server-@onhex_ir
https://www.youtube.com/watch?v=5mqid-7zp8k
16-Matthew Bryant - Hacking G Suite: The Power of Dark Apps Script Magic
https://www.youtube.com/watch?v=6AsVUS79gLw
17-Mars Cheng, Selmon Yang - Taking Apart and Taking Over ICS & SCADA Ecosystems
https://www.youtube.com/watch?v=L0w_aE4jRFw
18-Laura Abbott, Rick Altherr -Breaking TrustZone M: Privilege Escalation on LPC55S69
https://www.youtube.com/watch?v=eKKgaGbcq4o
19-Justin Perdok - Hi Im DOMAIN Steve, Please Let Me Access VLAN2
https://www.youtube.com/watch?v=lDCoyxIhTN8
20-Jenko Hwong - New Phishing Attacks Exploiting OAuth Authentication Flows
https://www.youtube.com/watch?v=9slRYvpKHp4
21-Jeff Dileo - Instrument and Find Out: Parasitic Tracers for High Level Languages
https://www.youtube.com/watch?v=Iy1BNywebpY
22-James Kettle - HTTP2: The Sequel is Always Worse
https://www.youtube.com/watch?v=rHxVVeM9R-M
23-Jacob Baines - Bring Your Own Print Driver Vulnerability
https://www.youtube.com/watch?v=vdesswZYz-8
24-Ian Coldwater, Chad Rikansrud - Real Life Story of the 1st Mainframe Container Breakout
https://www.youtube.com/watch?v=7DXF7YDBf-g
25-hyp3ri0n aka Alejandro Caceres Jason Hopper - PunkSPIDER and IOStation: Making a Mess-@onhex_ir
https://www.youtube.com/watch?v=DlS_sl4hTWg
26-Hao Xing, Zekai Wu - How I use a JSON 0day to Steal Your Money on the Blockchain
https://www.youtube.com/watch?v=pUexrXOGCkE
27-David Dworken - Worming through IDEs
https://www.youtube.com/watch?v=pzqu_qaoNuY
28-Cory Doctorow - Privacy Without Monopoly
https://www.youtube.com/watch?v=deRRR5B1hwI
29-Christopher Wade - Breaking Secure Bootloaders
https://www.youtube.com/watch?v=z4gIxdFfJDg
30-Chad Seaman - UPnProxyPot: Fake the Funk, Become a Blackhat Proxy, MITM their TLS...
https://www.youtube.com/watch?v=mHCGNUsrTf0
31-Brian Hong - Sleight of ARM: Demystifying Intel Houdini
https://www.youtube.com/watch?v=9oQ5XjA1aq0
32-Bill Graydon - Defeating Physical Intrusion Detection Alarm Wires
https://www.youtube.com/watch?v=Liz9R_QxSgk
33-Ben Kurtz - Offensive Golang Bonanza: Writing Golang Malware
https://www.youtube.com/watch?v=3RQb05ITSyk
1-Babak Javadi, Nick Draffen, Eric Bettse, Anze Jensterle - The PACS man Comes For Us All
https://www.youtube.com/watch?v=NARJrwX_KFY
2-Reza Soosahabi, Chuck McAuley - SPARROW: A Novel Covert Communication Scheme
https://www.youtube.com/watch?v=oaLIo9HwW-g
3-Tomer Bar, Eran Segal - 2021 Our Journey Back To The Future Of Windows Vulnerabilities
https://www.youtube.com/watch?v=VxNi5pVDZU0
4-Sick Codes - The Agricultural Data Arms Race Exploiting a Tractor Load of Vulns
https://www.youtube.com/watch?v=zpouLO-GXLo
5-Shir Tamari, Ami Luttwak - New class of DNS Vulns Affecting DNS-as-Service Platforms
https://www.youtube.com/watch?v=72uzIZPyVjI
6-Sheila A Berta - The Unbelievable Insecurity of the Big Data Stack
https://www.youtube.com/watch?v=vl9hk4fQdos
7-Roy Davis - No Key No PIN No Combo No Problem Pwning ATMs For Fun and Profit
https://www.youtube.com/watch?v=9cG-JL0LHYw
8-Rotem Bar - Abusing SAST tools When scanners do more than just scanning
https://www.youtube.com/watch?v=Jl-CU6G4Ofc
9-Richard Thieme AKA neuralcowboy - UFOs: Misinformation, Disinfo, and the Basic Truth
https://www.youtube.com/watch?v=mExktWB0qz4
10-Richard Henderson - Old MacDonald Had a Barcode, E I E I CAR
https://www.youtube.com/watch?v=cIcbAMO6sxo
11-Rex Guo, Junyuan Zeng - Phantom Attack: Evading System Call Monitoring
https://www.youtube.com/watch?v=yaAdM8pWKG8
12-Paz Hameiri - TEMPEST Radio Station
https://www.youtube.com/watch?v=m9WkEwshNKc
13-Patrick Wardle - Bundles of Joy: Breaking MacOS via Subverted Applications Bundles
https://www.youtube.com/watch?v=raSTgFqYaoc
14-PatH - Warping Reality: Creating and Countering the Next Generation of Linux Rootkits
https://www.youtube.com/watch?v=g6SKWT7sROQ
15-Orange Tsai - ProxyLogon Just Tip of the Iceberg, New Attack Surface on Exchange Server-@onhex_ir
https://www.youtube.com/watch?v=5mqid-7zp8k
16-Matthew Bryant - Hacking G Suite: The Power of Dark Apps Script Magic
https://www.youtube.com/watch?v=6AsVUS79gLw
17-Mars Cheng, Selmon Yang - Taking Apart and Taking Over ICS & SCADA Ecosystems
https://www.youtube.com/watch?v=L0w_aE4jRFw
18-Laura Abbott, Rick Altherr -Breaking TrustZone M: Privilege Escalation on LPC55S69
https://www.youtube.com/watch?v=eKKgaGbcq4o
19-Justin Perdok - Hi Im DOMAIN Steve, Please Let Me Access VLAN2
https://www.youtube.com/watch?v=lDCoyxIhTN8
20-Jenko Hwong - New Phishing Attacks Exploiting OAuth Authentication Flows
https://www.youtube.com/watch?v=9slRYvpKHp4
21-Jeff Dileo - Instrument and Find Out: Parasitic Tracers for High Level Languages
https://www.youtube.com/watch?v=Iy1BNywebpY
22-James Kettle - HTTP2: The Sequel is Always Worse
https://www.youtube.com/watch?v=rHxVVeM9R-M
23-Jacob Baines - Bring Your Own Print Driver Vulnerability
https://www.youtube.com/watch?v=vdesswZYz-8
24-Ian Coldwater, Chad Rikansrud - Real Life Story of the 1st Mainframe Container Breakout
https://www.youtube.com/watch?v=7DXF7YDBf-g
25-hyp3ri0n aka Alejandro Caceres Jason Hopper - PunkSPIDER and IOStation: Making a Mess-@onhex_ir
https://www.youtube.com/watch?v=DlS_sl4hTWg
26-Hao Xing, Zekai Wu - How I use a JSON 0day to Steal Your Money on the Blockchain
https://www.youtube.com/watch?v=pUexrXOGCkE
27-David Dworken - Worming through IDEs
https://www.youtube.com/watch?v=pzqu_qaoNuY
28-Cory Doctorow - Privacy Without Monopoly
https://www.youtube.com/watch?v=deRRR5B1hwI
29-Christopher Wade - Breaking Secure Bootloaders
https://www.youtube.com/watch?v=z4gIxdFfJDg
30-Chad Seaman - UPnProxyPot: Fake the Funk, Become a Blackhat Proxy, MITM their TLS...
https://www.youtube.com/watch?v=mHCGNUsrTf0
31-Brian Hong - Sleight of ARM: Demystifying Intel Houdini
https://www.youtube.com/watch?v=9oQ5XjA1aq0
32-Bill Graydon - Defeating Physical Intrusion Detection Alarm Wires
https://www.youtube.com/watch?v=Liz9R_QxSgk
33-Ben Kurtz - Offensive Golang Bonanza: Writing Golang Malware
https://www.youtube.com/watch?v=3RQb05ITSyk
YouTube
DEF CON 29 - Babak Javadi, Nick Draffen, Eric Bettse, Anze Jensterle - The PACS man Comes For Us All
It's 2021. You’re still here! You’re vaccinated! You should be happy and carefree! And yet…the PACS-man still haunts us all. Why should this be? Don’t we have newer, better tech with more bits of encryption and fewer wires? Haven’t the professional sentinels…
Resolve domains into IP address:
while read l; do ip=$(dig +short $l | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b"|head -1);echo "[+] '$l' => $ip";echo $ip >> ips.txt;done < domains.txt
#cybersecuritytips #bugbounty
while read l; do ip=$(dig +short $l | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b"|head -1);echo "[+] '$l' => $ip";echo $ip >> ips.txt;done < domains.txt
#cybersecuritytips #bugbounty
PowerShell cmdlets for ProxyShell
Here is a list of PowerShell cmdlets you can use with ProxyShell.
Don't focus exclusively on "New-ManagementRoleAssignment" or "New-MailExportRequest".
https://gist.github.com/dmaasland/38bb8fbd05c764bab1baa441b4416317
#proxyshell #cmdlets
Here is a list of PowerShell cmdlets you can use with ProxyShell.
Don't focus exclusively on "New-ManagementRoleAssignment" or "New-MailExportRequest".
https://gist.github.com/dmaasland/38bb8fbd05c764bab1baa441b4416317
#proxyshell #cmdlets
Gist
proxyshell-cmdlets
GitHub Gist: instantly share code, notes, and snippets.
Search Subdomains using Jldc
#bugbounty #bugbountytips
curl -s "jldc.me/anubis/subdomains/example.com" | grep -Po '(?<=")[\w*.-]*(?=")'
#bugbounty #bugbountytips