Alaid TechThread
@offensive_thread
677 subscribers
6 photos
1 video
83 files
1.31K links
Vulnerability discovery, threat intelligence, reverse engineering, AppSec
Download Telegram
About
Blog
Apps
Platform
Join
Alaid TechThread
677 subscribers
Alaid TechThread
https://github.com/saaramar/35C3_Modern_Windows_Userspace_Exploitation
GitHub
GitHub - saaramar/35C3_Modern_Windows_Userspace_Exploitation
Contribute to saaramar/35C3_Modern_Windows_Userspace_Exploitation development by creating an account on GitHub.
44 views
Alaid TechThread
https://www.politico.com/story/2019/01/09/russia-kaspersky-lab-nsa-cybersecurity-1089131
POLITICO
Exclusive: How a Russian firm helped catch an alleged NSA data thief
The U.S. has accused Kaspersky Lab of working with Russian spies. But sources say the company exposed a massive breach that U.S. authorities missed.
43 views
Alaid TechThread
Интересная уязвимость в Microsoft Visual Studio C++ Compiler https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0546
48 views
Alaid TechThread
https://0x00sec.org/t/bypassing-crowdstrike-falcon-detection-from-phishing-email-to-reverse-shell/10802
0x00sec - The Home of the Hacker
Bypassing Crowdstrike Falcon detection, from phishing email to reverse shell
Update 2019/01/14: Crowdstrike asked me to share an official statement: “We appreciate you reporting this detection miss to us and allowing us to rapidly address this gap on January 11th. We do have a bug bounty program www.hackerone.com/crowdstrike or via…
46 views
Alaid TechThread
https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
40 views
Alaid TechThread
https://twitter.com/pythonarsenal/status/1085077789919842304?s=21
Twitter
PythonArsenal
Virtuailor - IDAPython tool for creating automatic C++ virtual tables in IDA Pro. https://t.co/3XgMMWRdtQ
44 views
Alaid TechThread
Avoid AV with DLL Side-Loading for fun and advantage with Cobaltstrike
https://medium.com/@viniciuskmax/burlando-antivirus-com-dll-side-loading-por-diversão-e-vantagem-parte-2-ko-d0b40629d810
Medium
Burlando antivirus com DLL Side-Loading por diversão e vantagem — parte 2: KO
Alguns meses atrás, escrevi sobre o ataque de DLL Side-Loading, mostrando um exemplo real envolvendo um binário legítimo e digitalmente…
51 views
Alaid TechThread
https://github.com/m1ghtym0/browser-pwn
GitHub
GitHub - m1ghtym0/browser-pwn: An updated collection of resources targeting browser-exploitation.
An updated collection of resources targeting browser-exploitation. - m1ghtym0/browser-pwn
41 views
Alaid TechThread
https://github.com/Ullaakut/camerattack
GitHub
GitHub - Ullaakut/camerattack: An attack tool designed to remotely disable CCTV camera streams (like in spy movies)
An attack tool designed to remotely disable CCTV camera streams (like in spy movies) - Ullaakut/camerattack
36 views
Alaid TechThread
https://github.com/dirkjanm/PrivExchange
GitHub
GitHub - dirkjanm/PrivExchange: Exchange your privileges for Domain Admin privs by abusing Exchange
Exchange your privileges for Domain Admin privs by abusing Exchange - dirkjanm/PrivExchange
50 views
Alaid TechThread
https://github.com/HarmJ0y/DAMP
GitHub
GitHub - HarmJ0y/DAMP: The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification - HarmJ0y/DAMP
45 views
Alaid TechThread
https://github.com/itm4n/VBA-RunPE
GitHub
GitHub - itm4n/VBA-RunPE: A VBA implementation of the RunPE technique or how to bypass application whitelisting.
A VBA implementation of the RunPE technique or how to bypass application whitelisting. - itm4n/VBA-RunPE
54 views
Alaid TechThread
https://www.omscs.gatech.edu/cs-6262-network-security - курс CS 6262 доступен на Udacity: https://classroom.udacity.com/courses/ud199
59 views
Alaid TechThread
https://blog.xpnsec.com/how-to-argue-like-cobalt-strike/
XPN InfoSec Blog
@_xpn_ - How to Argue like Cobalt Strike
In Cobalt Strike 3.13, the argue command was introduced as a way of taking advantage of argument spoofing. I was first made aware of the concept while watching Will Burgess's awesome talk RedTeaming in the EDR Age, with Will crediting Casey Smith who presented…
55 views
Alaid TechThread
https://github.com/google/fuzzer-test-suite/blob/master/tutorial/structure-aware-fuzzing.md
GitHub
fuzzer-test-suite/structure-aware-fuzzing.md at master · google/fuzzer-test-suite
Set of tests for fuzzing engines. Contribute to google/fuzzer-test-suite development by creating an account on GitHub.
54 views
Alaid TechThread
https://acru3l.github.io/2019/02/02/exploiting-mb-anti-exploit/
40 views
Alaid TechThread
Forwarded from r0 Crew (Channel)
https://github.com/sensepost/objection #frida #mobile #security #darw1n
GitHub
GitHub - sensepost/objection: 📱 objection - runtime mobile exploration
📱 objection - runtime mobile exploration. Contribute to sensepost/objection development by creating an account on GitHub.
8 views
Alaid TechThread
Forwarded from r0 Crew (Channel)
https://github.com/nccgroup/house #frida #mobile #security #darw1n
GitHub
GitHub - nccgroup/house: A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python. - nccgroup/house
7 views
Alaid TechThread
Python and Machine Learning: How to use algorithms to create yara rules with a malware zoo for hunting https://2018.pass-the-salt.org/files/talks/14-python-and-ml.pdf
36 viewsedited  
Alaid TechThread
We have seen machine learning is not magic, a work of featuring must be done including the of the dataset.
Here, our dataset is very heterogeneous with a big cluster of EquationGroup, and others clusters with few malwares
The machine learning is useful to make a first filter to clusterize a big dataset because the algorithms have been thought to be scalable contrary to algorithms which compare signatures. (ssdeep,impfuzzy,machoc...)
39 views