Инструмент для проведения фишинговых атак на пользователей office 365
https://github.com/mdsecactivebreach/o365-attack-toolkit
https://github.com/mdsecactivebreach/o365-attack-toolkit
GitHub
GitHub - mdsecactivebreach/o365-attack-toolkit: A toolkit to attack Office365
A toolkit to attack Office365. Contribute to mdsecactivebreach/o365-attack-toolkit development by creating an account on GitHub.
Стоимость атаки для деградации сети Tor оценивается в несколько тысяч долларов
https://www.zdnet.com/google-amp/article/degrading-tor-network-performance-only-costs-a-few-thousand-dollars-per-month/
https://www.zdnet.com/google-amp/article/degrading-tor-network-performance-only-costs-a-few-thousand-dollars-per-month/
ZDNet
Degrading Tor network performance only costs a few thousand dollars per month
Attackers can flood Tor's bridges with just $17k/month, Tor's load balancers for only $2.8k/month, academics say.
Анализ heap overflow в RDP
https://www.malwaretech.com/2019/08/dejablue-analyzing-a-rdp-heap-overflow.html
https://www.malwaretech.com/2019/08/dejablue-analyzing-a-rdp-heap-overflow.html
Malwaretech
DejaBlue: Analyzing a RDP Heap Overflow
In August 2019 Microsoft announced it had patched a collection of RDP bugs, two of which were wormable. The wormable bugs, CVE-2019-1181 & CVE-2019-1182 affect every OS from Windows 7 to Windows 10. There is some confusion about which CVE is which, though…
Подборка однострочников для проведения атак в Windows инфраструктуре
https://arno0x0x.wordpress.com/2017/11/20/windows-oneliners-to-download-remote-payload-and-execute-arbitrary-code/amp/
https://arno0x0x.wordpress.com/2017/11/20/windows-oneliners-to-download-remote-payload-and-execute-arbitrary-code/amp/
arno0x0x
Windows oneliners to download remote payload and execute arbitrary code
In the wake of the recent buzz and trend in using DDE for executing arbitrary command lines and eventually compromising a system, I asked myself « what are the coolest command lines an a…
Forwarded from Noise Security Bit (dukeBarman)
Автор capstone анонсировал новый проект Qiling https://github.com/qilingframework/qiling Это фреймворк на базе Unicorn для эмуляции в изолированной среде исполняемых файлов популярных форматов: PE, MachO, ELF. Помимо этого заявлена поддержка следующих архитектур: X86, X86_64, Arm, Arm64, Mips. В комплекте к фреймворку идет утилита qltool, которую можно использовать для эмуляции тех же шеллкодов.
GitHub
GitHub - qilingframework/qiling: A True Instrumentable Binary Emulation Framework
A True Instrumentable Binary Emulation Framework. Contribute to qilingframework/qiling development by creating an account on GitHub.
C++ библиотка с техниками внедрения кода в процессы для Windows 10 x64
https://github.com/SafeBreach-Labs/pinjectra
https://github.com/SafeBreach-Labs/pinjectra
GitHub
GitHub - SafeBreach-Labs/pinjectra: Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus…
Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit) - SafeBreach-Labs/pinjectra
Откртый инструмент для отслеживания изменений и новых образцов различных угроз. Для работы требуется описать протокол сетевого взаимодействия вредоноса.
https://github.com/intezer/MoP/
https://github.com/intezer/MoP/
GitHub
GitHub - intezer/MoP: MoP - "Master of Puppets" - Advanced malware tracking framework
MoP - "Master of Puppets" - Advanced malware tracking framework - GitHub - intezer/MoP: MoP - "Master of Puppets" - Advanced malware tracking framework
Forwarded from r0 Crew (Channel)
BinDiff wrapper script for multiple binary diffing https://github.com/TakahiroHaruyama/ida_haru/tree/master/bindiff #reverse #dukeBarman
GitHub
ida_haru/bindiff at master · TakahiroHaruyama/ida_haru
scripts/plugins for IDA Pro. Contribute to TakahiroHaruyama/ida_haru development by creating an account on GitHub.
Forwarded from r0 Crew (Channel)
lpe is a collection of verified Linux kernel exploits https://github.com/jollheef/lpe #exploit #dukeBarman
GitHub
GitHub - jollheef/lpe: collection of verified Linux kernel exploits
collection of verified Linux kernel exploits. Contribute to jollheef/lpe development by creating an account on GitHub.
Forwarded from r0 Crew (Channel)
DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables https://github.com/googleprojectzero/DrSancov #fuzzing #dukeBarman
GitHub
GitHub - googleprojectzero/DrSancov: DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables
DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables - googleprojectzero/DrSancov
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits
https://github.com/mwrlabs/c3
https://github.com/mwrlabs/c3
GitHub
GitHub - WithSecureLabs/C3: Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still…
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits. - WithSecureLabs/C3
Применение SMT решателей для аудита веб-приложений
https://alephsecurity.com/2019/09/02/Z3-for-webapp-security/
https://alephsecurity.com/2019/09/02/Z3-for-webapp-security/
Alephsecurity
Breaking Algorithms - SMT Solvers for WebApp Security