Automated Tactics Techniques & Procedures. Re-running complex sequences manually for regression tests, product evaluations, generate data for researchers & so on can be tedious
https://github.com/jymcheong/AutoTTP/blob/master/README.md
https://github.com/jymcheong/AutoTTP/blob/master/README.md
GitHub
jymcheong/AutoTTP
Automated Tactics Techniques & Procedures. Contribute to jymcheong/AutoTTP development by creating an account on GitHub.
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
Blogspot
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
Posted by Samuel Groß, Project Zero Introduction This is the first blog post in a three-part series that will detail how a vulnerability...
Игровые античит движки начали внедрять техники определения работы под гипервизором на основе временных лагов
https://vmcall.blog/battleye-hypervisor-detection/
https://vmcall.blog/battleye-hypervisor-detection/
Reviving MuddyC3 Used by MuddyWater (IRAN) APT
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
https://shells.systems/reviving-leaked-muddyc3-used-by-muddywater-apt/
Shells.Systems
Reviving MuddyC3 Used by MuddyWater (IRAN) APT - Shells.Systems
Estimated Reading Time: 10 minutes Note : This article contain two parts one for Blue Teams and the other for red teams. go to the part you interested in or read both if you are purple team guy 😀 . MuddyWater is a well-known threat actor group founded by…
Forwarded from Noise Security Bit (Alex)
Интересная статья "R.I.P ROP: CET Internals in Windows 20H1" о внутреннем устройстве Control-flow Enforcement Technology.
https://windows-internals.com/cet-on-windows/
https://windows-internals.com/cet-on-windows/
RDP to RCE: When Fragmentation Goes Wrong
https://www.kryptoslogic.com/blog/2020/01/rdp-to-rce-when-fragmentation-goes-wrong/
https://www.kryptoslogic.com/blog/2020/01/rdp-to-rce-when-fragmentation-goes-wrong/
Kryptoslogic
RDP to RCE: When Fragmentation Goes Wrong
Remote Desktop Gateway (RDG), previously known as Terminal Services Gateway, is a Windows Server component that provides routing for Remote Desktop (RDP). Rather then users connecting directly to an RDP Server, users instead connect and authenticate to the…
Утилита для автоматической генерации ROP-цепочек https://github.com/d4em0n/exrop
GitHub
GitHub - d4em0n/exrop: Automatic ROPChain Generation
Automatic ROPChain Generation. Contribute to d4em0n/exrop development by creating an account on GitHub.
Using RDP without GUI for lateral movement
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3
Medium
Revisiting Remote Desktop Lateral Movement
It’s no secret that attackers are looking for new techniques to execute lateral movement. However, there are only a handful of publicly…
Forwarded from r0 Crew (Channel)
VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor https://github.com/changeofpace/VivienneVMM #exploitation #dukeBarman
GitHub
GitHub - changeofpace/VivienneVMM: VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.
VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor. - changeofpace/VivienneVMM
Using .NET with Aggressor scripting for automating of lateral movement & persistence
https://posts.specterops.io/move-faster-stay-longer-6b4efab9c644
https://posts.specterops.io/move-faster-stay-longer-6b4efab9c644
Medium
Move faster, Stay longer
Offensive operators typically have their set of “go to” post-exploitation tools and methodologies. Among these, is Cobalt Strike — a very…