Необычные методы заражения. Часть 2.
Методы заражения, используемые червем RapperBot на базе Mirai, стилером Rhadamantys и загрузчиком CUEMiner: умный подбор паролей, вредоносная реклама и распространение через BitTorrent и OneDrive.
#Отчет
Методы заражения, используемые червем RapperBot на базе Mirai, стилером Rhadamantys и загрузчиком CUEMiner: умный подбор паролей, вредоносная реклама и распространение через BitTorrent и OneDrive.
#Отчет
securelist.ru
Отчет «Лаборатории Касперского» о киберугрозах: необычные методы заражения
Методы заражения, используемые червем RapperBot на базе Mirai, стилером Rhadamantys и загрузчиком CUEMiner: умный подбор паролей, вредоносная реклама и распространение через BitTorrent и OneDrive.
A curated list of bugbounty writeups (Bug type wise)
https://github.com/devanshbatham/Awesome-Bugbounty-Writeups#cross-site-scripting-xss
https://github.com/devanshbatham/Awesome-Bugbounty-Writeups#cross-site-scripting-xss
GitHub
GitHub - devanshbatham/Awesome-Bugbounty-Writeups: A curated list of bugbounty writeups (Bug type wise) , inspired from https:…
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference - devanshbatham/Awesome-Bugbounty-Writeups
offsec.tools• A vast collection of security tools for bug bounty, pentest and red teaming
• https://offsec.tools
#infosec
offsec.tools
offsec.tools - A vast collection of security tools
A vast collection of security tools for bug bounty, pentest and red teaming
NetAtlas C2 Server Search.
• C2 Search Netlas is a Java utility designed to detect Command and Control (C2) servers using the Netlas API. It provides a straightforward and user-friendly CLI interface for searching C2 servers, leveraging the Netlas API to gather data and process it locally.
• https://github.com/michael2to3/c2-search-netlas
#infosec
• C2 Search Netlas is a Java utility designed to detect Command and Control (C2) servers using the Netlas API. It provides a straightforward and user-friendly CLI interface for searching C2 servers, leveraging the Netlas API to gather data and process it locally.
• https://github.com/michael2to3/c2-search-netlas
#infosec
GitHub
GitHub - michael2to3/c2-search-netlas: Search for c2 servers based on netlas
Search for c2 servers based on netlas. Contribute to michael2to3/c2-search-netlas development by creating an account on GitHub.
Kerberos для специалиста по тестированию на проникновение.
• Теория;
• Классические атаки;
• Неограниченное делегирование;
• Ограниченное делегирование;
• Делегирование, ограниченное на основе ресурсов;
• PKINIT.
#Kerberos #Пентест
• Теория;
• Классические атаки;
• Неограниченное делегирование;
• Ограниченное делегирование;
• Делегирование, ограниченное на основе ресурсов;
• PKINIT.
#Kerberos #Пентест
• Security Study Plan.
• A Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on with free/paid resources, tools and concepts to excel.
• Common Skills for Security Study Plan;
• AWS Security Study Plan;
• GCP Security Study Plan;
• Azure Security Study Plan;
• DevSecOps Study Plan;
• Docker Security Study Plan;
• Kubernetes Security Study Plan;
• Web Penetration Testing Study Plan;
• Application Security Testing Plan;
• API Security Study Plan;
• Network Security Study Plan.
• https://github.com/jassics/security-study-plan
#AppSec #Security #DevSecOps #Cloud
• A Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on with free/paid resources, tools and concepts to excel.
• Common Skills for Security Study Plan;
• AWS Security Study Plan;
• GCP Security Study Plan;
• Azure Security Study Plan;
• DevSecOps Study Plan;
• Docker Security Study Plan;
• Kubernetes Security Study Plan;
• Web Penetration Testing Study Plan;
• Application Security Testing Plan;
• API Security Study Plan;
• Network Security Study Plan.
• https://github.com/jassics/security-study-plan
#AppSec #Security #DevSecOps #Cloud
• Exploring Your Attack Surface with Maltego: A Practical Guide.
• https://www.maltego.com/blog/exploring-your-attack-surface-with-maltego-a-practical-guide/
#Maltego
• https://www.maltego.com/blog/exploring-your-attack-surface-with-maltego-a-practical-guide/
#Maltego
• CEH-Exam-Questions.
• Planning To Take Certified Ethical Hacker (CEH)? Here are github repo with 125 questions and answers to help you prep for the test.
• https://github.com/ryh04x/CEH-Exam-Questions
#CEH
• Planning To Take Certified Ethical Hacker (CEH)? Here are github repo with 125 questions and answers to help you prep for the test.
• https://github.com/ryh04x/CEH-Exam-Questions
#CEH
GitHub
GitHub - ryh04x/CEH-Exam-Questions: Planning To Take Certified Ethical Hacker (CEH)? Here are github repo with 125 questions and…
Planning To Take Certified Ethical Hacker (CEH)? Here are github repo with 125 questions and answers to help you prep for the test - ryh04x/CEH-Exam-Questions
Forwarded from Cybershit
Неплохие площадки для экспериментов с docker и kubernetes, если лень разворачивать лабы и разбираться с админской частью.
https://labs.play-with-docker.com/
https://labs.play-with-k8s.com/
Есть и песочницы и отдельные таски, где можно подтянуть темы, которые вы давно откладывали, например как работают linux capabilities или seccomp профили
https://labs.play-with-docker.com/
https://labs.play-with-k8s.com/
Есть и песочницы и отдельные таски, где можно подтянуть темы, которые вы давно откладывали, например как работают linux capabilities или seccomp профили