Remote Code Execution Vulnerability in Azure Pipelines
Link : https://www.legitsecurity.com/blog/remote-code-execution-vulnerability-in-azure-pipelines-can-lead-to-software-supply-chain-attack
@Engineer_Computer

Malicious Self-Extracting Archives
Link : https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads
@Engineer_Computer

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers

https://github.com/DFW1N/DFW1N-OSINT/

@Engineer_Computer

📡The E-Intelligence System
"Electronic Intelligence (ELINT), often known as E-Intelligence, is intelligence obtained through electronic sensors. Other than personal communications, ELINT intelligence is usually obtained. The goal is usually to determine a target's capabilities, such as radar placement. Active or passive sensors can be employed to collect data. A provided signal is analyzed and contrasted to collected data for recognized signal types.

The information may be stored if the signal type is detected; it can be classed as new if no match is found. ELINT collects and categorizes data. In a military setting (and others that have adopted the usage, such as a business), intelligence helps an organization make decisions that can provide them a strategic advantage over the competition. The term "intel" is frequently shortened. The two main subfields of signals intelligence (SIGINT) are ELINT and Communications Intel (COMINT)."

#Intelligence #SIGINT #ELINT #radar #signal #Electronic_Warfare #UAV #ESM

با Wazuh و Nmap اسکن کن و خروجی رو به ChatGPT بده
@Engineer_Computer
آزمایشگاه کامل در لینک زیر

https://wazuh.com/blog/nmap-and-chatgpt-security-auditing/

مروری بر تحلیل رجیستری

@Engineer_Computer

https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/windows-registry-analysis-tracking-everything-you-do-on-the-system/amp/

دیگر ابزار بررسی و واکاوی رجیستری
Regripper

@Engineer_Computer

https://www.sans.org/blog/regripper-ripping-registries-with-ease/

ابزاری برای آسان نمودن هک

WormGPT

توسط این ابزار ؛ هکر های تازه کار می‌توانند در سطح بالاتری اقدامات خرابکارانه را انجام دهند. 😱
@Engineer_Computer

https://www.scmagazine.com/news/threat-intelligence/crimeware-tool-wormgpt-ai-bec

🗒 Bypassing XSS Detection Mechanisms
@Engineer_Computer

#راهنمای نحوه استفاده از OKR ها جهت هدفگذاری و رسیدن بهش
@Engineer_Computer

اصول حکمرانی امنیت سایبری

@Engineer_Computer

جایی که باید دانست همیشه نمی‌توان دانست :
مایکروسافت هنوز نمی‌داند!⛳️
Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies.

@Engineer_Computer

https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/microsoft/microsoft-still-unsure-how-hackers-stole-azure-ad-signing-key/amp/

مروری بر هوش مصنوعی برای متخصصان حریم شخصی
@Engineer_Computer

https://playbooks.flexibleir.com
وب سایت playbook حملات
@Engineer_Computer

Splunk Admin (Real Time) - Day 18 - Phase 2

A Glimpse of the Roadmap Contents..!!
@Engineer_Computer

Analyzing an arm64 mach-O version of LockBit
Link : https://objective-see.org/blog/blog_0x75.html
@Engineer_Computer

Obfu[DE]scate: A De-obfuscation and Comparison tool for Android APKs
Repo : https://github.com/user1342/Obfu-DE-Scate
@Engineer_Computer

Collection of Awesome XSS resources
Repo : https://github.com/s0md3v/AwesomeXSS
@Engineer_Computer

Bypassing Windows Defender (10 Ways)
Link : https://www.fo-sec.com/articles/10-defender-bypass-methods
@Engineer_Computer

tools
Blue Team Techniques
1. Script to check for CVE-2023-36884 hardening
https://github.com/tarraschk/CVE-2023-36884-Checker

2. A python script tht searches for vulnerable version of PaperCut MF/NG (CVE-2023-27350)
https://github.com/MaanVader/CVE-2023-27350-POC

@Engineer_Computer