‘Cloud Snooper’ Attack Bypasses Firewall Security Measures
https://news.sophos.com/en-us/2020/02/25/cloud-snooper-attack-bypasses-firewall-security-measures/
https://news.sophos.com/en-us/2020/02/25/cloud-snooper-attack-bypasses-firewall-security-measures/
PRACTICAL THREAT HUNTING: DEVELOPING AND RUNNING A
SUCCESSFUL THREAT HUNTING PROGRAM
https://www.slideshare.net/ArpanRaval2/cyber-threat-hunting-workshop-229493446
SUCCESSFUL THREAT HUNTING PROGRAM
https://www.slideshare.net/ArpanRaval2/cyber-threat-hunting-workshop-229493446
SlideShare
Cyber Threat hunting workshop
Cyber Threat hunting workshop - Download as a PDF or view online for free
Windows Privilege Escalation Guide
https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
Absolomb
Windows Privilege Escalation Guide
Privilege escalation always comes down to proper enumeration. But to accomplish proper enumeration you need to know what to check and look for. This takes familiarity with systems that normally comes along with experience. At first privilege escalation can…
Sysmon Threat Analysis Guide
https://www.varonis.com/blog/sysmon-and-threat-detection-exploring-the-sysmon-log/
https://www.varonis.com/blog/sysmon-and-threat-detection-exploring-the-sysmon-log/
Inside Out Security
Sysmon Threat Analysis Guide
In my various pentesting experiments, I'll pretend to be a blue team defender and try to work out the attack. If you have good security eyes, you can search for…
Extracting embedded payloads from malware
https://medium.com/@ryancor/extracting-embedded-payloads-from-malware-aaca8e9aa1a9
https://medium.com/@ryancor/extracting-embedded-payloads-from-malware-aaca8e9aa1a9
Medium
Extracting Embedded Payloads From Malware
One of my all time favorite subfields of reverse engineering is the dissection of viruses. In this article I will be exploring malware…
CVE-2020-2555: Deserialization bug in Oracle’s Weblogic server
https://www.thezdi.com/blog/2020/3/5/cve-2020-2555-rce-through-a-deserialization-bug-in-oracles-weblogic-server
https://www.thezdi.com/blog/2020/3/5/cve-2020-2555-rce-through-a-deserialization-bug-in-oracles-weblogic-server
Zero Day Initiative
Zero Day Initiative — CVE-2020-2555: RCE Through a Deserialization Bug in Oracle’s WebLogic Server
Insecure deserialization vulnerabilities have become a popular target for attackers/researchers against Java web applications. These vulnerabilities often lead to reliable remote code execution and are generally difficult to patch. In this blog post, we will…
Forwarded from r0 Crew (Channel)
Canadian Furious Beaver is a tool for hijacking IRPs handler in Windows drivers https://github.com/hugsy/CFB #exploitation #windows #dukeBarman
Exploiting an accidentally discovered V8 RCE
https://zon8.re/posts/exploiting-an-accidentally-discovered-v8-rce/
https://zon8.re/posts/exploiting-an-accidentally-discovered-v8-rce/
zon8.re
Exploiting an Accidentally Discovered V8 RCE
Please start opening your eyes, if you have something that crashes, don’t just ignore it, don’t just click away…
Take the time to look at what happened, if you surf to a page with your web browser and your web browser disappears, and you surf to the page…
Take the time to look at what happened, if you surf to a page with your web browser and your web browser disappears, and you surf to the page…
Callidus. C2 tool that uses O365 services as communication channels
https://3xpl01tc0d3r.blogspot.com/2020/03/introduction-to-callidus.html
https://3xpl01tc0d3r.blogspot.com/2020/03/introduction-to-callidus.html
Blogspot
Introduction to Callidus
Blogs related to information security.
Pass-the-Hash & Administrative Tier Model
https://windowssecurity.ca/2020/03/09/pass-the-hash-is-still-a-threat/
https://windowssecurity.ca/2020/03/09/pass-the-hash-is-still-a-threat/
Avast Antivirus JavaScript Interpreter
The main Avast antivirus process is called AvastSvc.exe, which runs as SYSTEM.
https://github.com/taviso/avscript
The main Avast antivirus process is called AvastSvc.exe, which runs as SYSTEM.
https://github.com/taviso/avscript
GitHub
GitHub - taviso/avscript: Avast JavaScript Interactive Shell
Avast JavaScript Interactive Shell . Contribute to taviso/avscript development by creating an account on GitHub.