Making Cobalt Strike harder for threat actors to abuse
https://cloud.google.com/blog/products/identity-security/making-cobalt-strike-harder-for-threat-actors-to-abuse
https://cloud.google.com/blog/products/identity-security/making-cobalt-strike-harder-for-threat-actors-to-abuse
Google Cloud Blog
Making Cobalt Strike harder for threat actors to abuse | Google Cloud Blog
A new initiative from Google Cloud and Cobalt Strike’s vendor has made it easier to find and block cracked versions of the popular red team software.
A Journey into Fuzzing WebAssembly Virtual Machine
https://youtu.be/fnprmz2IBm0
https://youtu.be/fnprmz2IBm0
YouTube
A Journey into Fuzzing WebAssembly Virtual Machine [BHUSA 2022]
📥 Slides: https://fuzzinglabs.com/wp-content/uploads/2022/08/BHUSA22_fuzzing_webassembly_vm_patrick_ventuzelo.pdf
Since the MVP release in 2017, WebAssembly evolve gradually, bringing new adepts and new VM implementations over time. It’s now possible to…
Since the MVP release in 2017, WebAssembly evolve gradually, bringing new adepts and new VM implementations over time. It’s now possible to…
[OpenAI ChatGPT] ChatGPT for programming, infosec, fuzzing and day to day use - Part1
https://youtu.be/PKOtDJIwCjM
https://youtu.be/PKOtDJIwCjM
YouTube
[OpenAI ChatGPT] Mind blowing ChatGPT examples for programming, infosec, fuzzing and day to day use
00:00 Introduction
00:42 Chat GPT overview
02:20 Writing a song for hackers
04:00 Getting a rental agreement and name change application from ChatGPT
05:55 Programming
08:00 Security related things fuzzing, identifying vulnerabilities, writing a fuzzer etc.…
00:42 Chat GPT overview
02:20 Writing a song for hackers
04:00 Getting a rental agreement and name change application from ChatGPT
05:55 Programming
08:00 Security related things fuzzing, identifying vulnerabilities, writing a fuzzer etc.…
Novel Pipeline Vulnerability Discovered; Rust Found Vulnerable
https://www.legitsecurity.com/blog/artifact-poisoning-vulnerability-discovered-in-rust
https://www.legitsecurity.com/blog/artifact-poisoning-vulnerability-discovered-in-rust
Legitsecurity
Novel Pipeline Vulnerability Discovered; Rust Found Vulnerable
New software supply chain vulnerabilities use artifact poisoning and attack the software development pipelines on projects using GitHub Actions.
Hooking System Calls in Windows 11 22H2 like Avast Antivirus. Research, analysis and bypass
https://the-deniss.github.io/posts/2022/12/08/hooking-system-calls-in-windows-11-22h2-like-avast-antivirus.html
https://the-deniss.github.io/posts/2022/12/08/hooking-system-calls-in-windows-11-22h2-like-avast-antivirus.html
the-deniss.github.io
Hooking System Calls in Windows 11 22H2 like Avast Antivirus. Research, analysis and bypass
In this post I’ll show Avast self-defense bypass: how I discovered a new undocumented way to intercept all system calls without a hypervisor and PatchGuard triggered BSOD, and, finally, based on the knowledge gained, implemented a bypass
Passive OS detection based on SYN packets without Transmitting any Data
https://github.com/activecm/smudge
https://github.com/activecm/smudge
GitHub
GitHub - activecm/smudge: Passive OS detection based on SYN packets without Transmitting any Data
Passive OS detection based on SYN packets without Transmitting any Data - activecm/smudge
Exploring Prompt Injection Attacks
https://research.nccgroup.com/2022/12/05/exploring-prompt-injection-attacks/
https://research.nccgroup.com/2022/12/05/exploring-prompt-injection-attacks/
👍2
Technical Review: A Deep Analysis of the Dirty Pipe Vulnerability
https://blog.aquasec.com/deep-analysis-of-the-dirty-pipe-vulnerability
https://blog.aquasec.com/deep-analysis-of-the-dirty-pipe-vulnerability
Aqua
Technical Review: A Deep Analysis of the Dirty Pipe Vulnerability
Aqua discusses how Tracee monitors for the Dirty Pipe vulnerability and how in-kernel technology like eBPF monitors writes that result from it.
Understanding Fuzz Testing in Go
https://blog.jetbrains.com/go/2022/12/14/understanding-fuzz-testing-in-go/
https://blog.jetbrains.com/go/2022/12/14/understanding-fuzz-testing-in-go/
The JetBrains Blog
Understanding Fuzz Testing in Go | The GoLand Blog
Our latest blog post will teach you how to run fuzz tests in GoLand. You'll also learn about the advantages and disadvantages of fuzzing, and even some advanced fuzzing techniques.
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL). Mangle can remove known Indicators of Compromise (IoC) based strings and replace them with random characters, change the file by inflating the size to avoid EDRs, and can clone code-signing certs from legitimate files. In doing so, Mangle helps loaders evade on-disk and in-memory scanners.
https://github.com/optiv/Mangle
https://github.com/optiv/Mangle
GitHub
GitHub - optiv/Mangle: Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from…
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs - optiv/Mangle
Venom is a library that meant to perform evasive communication using stolen browser socket.
https://github.com/Idov31/Venom
https://github.com/Idov31/Venom
GitHub
GitHub - Idov31/Venom: Venom is a library that meant to perform evasive communication using stolen browser socket
Venom is a library that meant to perform evasive communication using stolen browser socket - Idov31/Venom
Gepetto is a Python script which uses OpenAI's davinci-003 model to provide meaning to functions decompiled by IDA Pro. At the moment, it can ask davinci-003 to explain what a function does, and to automatically rename its variables
https://github.com/JusticeRage/Gepetto
https://github.com/JusticeRage/Gepetto
GitHub
GitHub - JusticeRage/Gepetto: IDA plugin which queries language models to speed up reverse-engineering
IDA plugin which queries language models to speed up reverse-engineering - JusticeRage/Gepetto