#reversing
"Very Pwnable Network: Cisco AnyConnect Security Analysis", 2022.

When corporations build an internal network, they often stick to the same vendor for all components due to compat￾ibility reasons. A vendor should offer a variety of solutions meeting all the customer’s needs. Creating and maintaining such a product range is a huge effort, and, thus, the corporate network landscape is dominated by very few vendors. Cisco’s market share including VPNs and other enterprise network equipment is around 50 % [1]. Thus, users connecting to corporate VPNs will likely face a setup that requires them to install the Cisco AnyConnect client.

📚

#Malware_analysis
"The Emperor’s New Autofill Framework: A Security Analysis of Autofill on iOS and Android", 2021.

Understanding a Payload's Life (Featuring Meterpreter & other guests)
#payload
📚 t.iss.one/library_Sec

SANS SEC573: Automating Information Security with Python
More ...

#Sans
📚 t.iss.one/Library_Sec

Learn Penetration Testing.


• Perform entry-level penetration tests by learning various concepts and techniques;
• Understand both common and not-so-common vulnerabilities from an attacker’s perspective;
• Get familiar with intermediate attack methods that can be used in real-world scenarios;
• Understand how vulnerabilities are created by developers and how to fix some of them at source code level;
• Become well versed with basic tools for ethical hacking purposes;
• Exploit known vulnerable services with tools such as Metasploit.

#Metasploit #hack #Kali #Linux
📚

#Offensive_security
"Device Tracking via Linux’s New TCP Source Port Selection Algorithm", 2022.

Online browser-based device tracking is a widespread prac￾tice, employed by many Internet websites and advertisers. It allows identifying users across multiple sessions and websites on the Internet.
]-> Repo: https://github.com/0xkol/rfc6056-device-tracker

📚 t.iss.one/Library_Sec

#Research
"Trace Oddity: Methodologies for Data-Driven Traffic Analysis on Tor", 2022.

Traffic analysis attacks against encrypted web traffic are a persisting problem. However, there is a large gap between the scientific estimate of attack threats and the real-world situation. As traffic analysis attacks de￾pend on very specific metadata information, they are sensitive to artificial changes in the transmission char￾acteristics.

]-> Repo: https://github.com/DistriNet/DLTC

📚 t.iss.one/Library_Sec

#Offensive_security
"Virtual Machine Detection In The Browser"
]-> https://bannedit.github.io/Virtual-Machine-Detection-In-The-Browser.html

Virtual Machine (VM) detection is nothing new. Malware has been doing it for over a decade now. Over time the techniques have advanced as defenders learned new ways of avoiding VM detection.

📚 t.iss.one/Library_Sec

📚 t.iss.one/Library_Sec

#Whitepaper
"Modern obfuscation techniques", 2021.

When distributing proprietary software, the authors usually face the
challenge of providing its functionality to the users without disclosing
too many details about the implementation, while they also want to prevent any unauthorized attempts to modify their product. They want
to protect their intellectual property, forbid the users from illegally
distributing their products, and prevent the competition from stealing
their ideas, namely the algorithms.

#obfuscation #techniques
📚 t.iss.one/Library_Sec

#Whitepaper
"Security-Hardening Software Libraries with Ada and SPARK: A TCP Stack Use Case", 2021.

TCP is the most widely used network protocol to communicate on the Inter￾net. Thus, ensuring the TCP/IP stack’s safety is an essential step towards safer cyber-physical systems. Existing research deals with formally verify￾ing protocols of other TCP/IP stack levels. For example, the work in miTLS [3] formally verifies an SSL/TLS protocol implementation, and the work in [7] uses a technology called RecordFlux to safely parse data segments.

📚 t.iss.one/Library_Sec

#Research
#hardening
"SCFI: State Machine Control-Flow Hardening Against Fault Attacks", 2022.

Fault injection (FI) is a powerful attack methodology allowing an adversary to entirely break the security of a target device. As finite state machines (FSMs) are fundamental hardware building blocks responsible for controlling systems, inducing faults into these con trollers enables an adversary to hijack the execution of the inte grated circuit. A common defense strategy mitigating these attacks is to manually instantiate FSMs multiple times and detect faults using a majority voting logic.

📚

#Offensive_security
"Weaponizing Mapping Injection with Instrumentation Callback for stealthier process injection"


Process Injection is a technique to hide code behind benign and/or system processes. This technique is usually used by malwares to gain stealthiness while performing malicious operations on the system. AVs/EDR solutions are aware of this technique and create detection patterns to identify and kill this "class" of attacks.

📚

📚 t.iss.one/Library_Sec

Offensive Security Defense Analyst (OSDA) Notes Part1
#Blueteam #SOC #Purpleteam #OSDA

Mastering Malware Analysis.
Second Edition.

A malware analyst's practical guide to combating malicious software, APT, cybercrime, and IoT attacks.
Alexey Kleymenov, Amr Thabet

#Malware_Analysis
📚

🤖 ChatGPT for Cybersecurity

#AIOPS #DarkGPT