holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
https://github.com/megadose/holehe
https://github.com/megadose/holehe
GitHub
GitHub - megadose/holehe: holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve…
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function. - megadose/holehe
4 Free easy wins that make Red Teams harder
https://www.trustedsec.com/blog/4-free-easy-wins-that-make-red-teams-harder/
https://www.trustedsec.com/blog/4-free-easy-wins-that-make-red-teams-harder/
TrustedSec
4 Free Easy Wins That Make Red Teams Harder - TrustedSec
TrustedSec's blog is an expert source of information on information security trends and best practices for strategic risk management.
CVE-2020-17049: Kerberos Bronze Bit Attack - Overview
https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-overview/
https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-overview/
NetSPI
CVE-2020-17049: Kerberos Bronze Bit Attack - Overview
Read a helpful overview of the Bronze Bit attack (CVE-2020-17049) against Kerberos implementations in Windows Active Directory.
CVE-2020-9967 - Apple macOS XNU 6LowPan Kernel RCE Write-up https://alexplaskett.github.io/CVE-2020-9967/
Amit Merchant - Software Engineer
CVE-2020-9967 - Apple macOS 6LowPAN Vulnerability
Inspired by Kevin Backhouse’s great work on finding XNU remote vulnerabilities I decided to spend some time looking at CodeQL and performing some variant analysis. This lead to the discovery of a local root to kernel (although documented by Apple as remote)…
Гиперотладка. Разбираем отладку Microsoft Hyper-V с самого начала
https://xakep.ru/2020/12/25/hyperv-hyperdebug/
https://xakep.ru/2020/12/25/hyperv-hyperdebug/
xakep.ru
Гиперотладка. Разбираем отладку Microsoft Hyper-V с самого начала
Гипервизор производства корпорации Microsoft содержит определенное количество ошибок. Поиск этих ошибок — занятие не только увлекательное, но и полезное: во-первых, Microsoft располагает собственной программой Bug Bounty, а во-вторых, знания о недокументированных…
Visualize the virtual address space of a Windows process on a Hilbert curve.
https://github.com/0vercl0k/clairvoyance
https://github.com/0vercl0k/clairvoyance
GitHub
GitHub - 0vercl0k/clairvoyance: Visualize the virtual address space of a Windows process on a Hilbert curve.
Visualize the virtual address space of a Windows process on a Hilbert curve. - 0vercl0k/clairvoyance
Forwarded from r0 Crew (Channel)
A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation https://github.com/ant4g0nist/Vulnerable-Kext #exploitation #ios #macos #dukeBarman
GitHub
GitHub - ant4g0nist/Vulnerable-Kext: A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation
A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation - ant4g0nist/Vulnerable-Kext
[email protected]
12.3 MB
Asm2Vec: Boosting Static Representation Robustness for Binary Clone Search against Code Obfuscation and Compiler Optimization
Using Windows Disposable VMs for test and research
https://rolando.anton.sh/blog/2021/01/01/using-windows-disposable-vms-for-test-and-research/
https://rolando.anton.sh/blog/2021/01/01/using-windows-disposable-vms-for-test-and-research/
rolando.anton.sh
Using Windows Disposable VMs for test and research
Introduction To continue the idea of my previous posts, I want to share a project I have been improving in the last months; I can't imagine the number of times …
A 'Novel' Way to Bypass Executable Signature Checks with Electron
https://parsiya.net/blog/2021-01-08-a-novel-way-to-bypass-executable-signature-checks-with-electron/
https://parsiya.net/blog/2021-01-08-a-novel-way-to-bypass-executable-signature-checks-with-electron/
Operation ‘Kremlin’
The file contains an obfuscated URL to a remote template which contains malicious VBA, eventually leading to the execution of VBS on the infected machine. The attack’s purpose is to stealthily exfiltrate information without running any external executables on the system.
https://www.clearskysec.com/operation-kremlin/
The file contains an obfuscated URL to a remote template which contains malicious VBA, eventually leading to the execution of VBS on the infected machine. The attack’s purpose is to stealthily exfiltrate information without running any external executables on the system.
https://www.clearskysec.com/operation-kremlin/
Building an RDP Credential Catcher for Threat Intelligence
https://research.nccgroup.com/2021/01/10/building-an-rdp-credential-catcher-for-threat-intelligence/
https://research.nccgroup.com/2021/01/10/building-an-rdp-credential-catcher-for-threat-intelligence/
PROCESS HERPADERPING – WINDOWS DEFENDER EVASION
https://pentestlaboratories.com/2021/01/18/process-herpaderping-windows-defender-evasion/
https://pentestlaboratories.com/2021/01/18/process-herpaderping-windows-defender-evasion/
Pentest Laboratories
Process Herpaderping – Windows Defender Evasion
Windows Defender has improved significantly the security posture of Windows environments since it has better detection capabilities compare to other security products. When a process is created Win…
Security Advisory: MSRPC Printer Spooler Relay (CVE-2021-1678)
https://www.crowdstrike.com/blog/cve-2021-1678-printer-spooler-relay-security-advisory/
https://www.crowdstrike.com/blog/cve-2021-1678-printer-spooler-relay-security-advisory/
CrowdStrike.com
Security Advisory: MSRPC Printer Spooler Relay (CVE-2021-1678)
On Patch Tuesday, January 12, 2021, Microsoft released a patch for CVE-2021-1678, an important vulnerability discovered by CrowdStrike researchers.