Some New #codes / #researches for Some #Pentesters / #RedTemaers / #BlueTeamers and #securityresearchers Added to the list:
#cybersecurity #offensivesecurity #securityresearch #defensive #redteam #blueteam #pentest

Full List here => https://github.com/DamonMohammadbagher/Some_Pentesters_SecurityResearchers_RedTeamers

1. [offensive] @trickster012 , (Rust Weaponization for Red Team Engagements) => https://lnkd.in/eWsKKFY9

2. [offensive] @trickster012 , (roof of concept of bypassing(unhooking) the hook of potential EDRs) => https://lnkd.in/eQwQr4sY

3. [offensive] Deep Instinct , (A POC for the new injection technique, abusing windows fork API to evade EDRs) => https://lnkd.in/eGP2haTc

4. [offensive] @daem0nc0re , (investigation of Windows process execution techniques [C#]) => https://lnkd.in/eeyFi5Xz

5. [offensive] @D1rkMtr , (Bypass Userland EDR hooks by Loading Reflective Ntdll in memory) => https://lnkd.in/eVTy8WvP

6. [defensive] @ZeroMemoryEx , (malware analysts to extract Command and Control C2 traffic) => https://lnkd.in/eGWGKWgQ

7. [offensive] lem0nSec , (CreateRemoteThread: how to pass multiple parameters to the remote thread function without shellcode) => https://lnkd.in/eQ6ssfhK

8. [offensive] QAX A-Team , (A tool mainly to erase specified records from Windows event logs) => https://lnkd.in/eywTbFzr

9. [offensive] 3gstudent , (Remove individual lines from Windows XML Event Log (EVTX) files) => https://lnkd.in/ebn4AdaH

10. [offensive] @hlldz , (Windows Event Log Killer) => https://lnkd.in/es7V6xHt

11. [defensive] @foxit , (detect use of the DanderSpritz eventlogedit module [recover the removed event log entries]) => https://lnkd.in/evWYwRXQ

12. [offensive] @Ceramicskate0 , (C# Tool to interact with MS Exchange based on MS docs) => https://lnkd.in/ehiAcM6Z

13. [offensive] @reveng007 , (implant will exfiltrate data via smtp and will read commands from C2 [Gmail] via imap protocol) => https://lnkd.in/eBiXyEtR

14. [offensive] @cyberwarfarelab , (VectoredSyscall) => https://lnkd.in/eps_aJ6Z

15. [offensive] fosstodon.org/@mttaggart , (Notion as a platform for offensive operations) => https://lnkd.in/eXvKFTwP

16. [offensive] @t3l3machus , (A Windows reverse shell payload generator) => https://lnkd.in/e-Ce2zii

17. [offensive] @idov31 , (Sandman is a NTP based backdoor for red team engagements in hardened networks) => https://lnkd.in/eWzsBdXD

Full List here => https://github.com/DamonMohammadbagher/Some_Pentesters_SecurityResearchers_RedTeamers

#hack100days : day 16d : Looked at establishing #persistence w/via registry run and runonce and via Startup. Only the beginning, really. #blueteamers are you watching these keys and folders?:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
C:\Users\<USERNAME>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup (I was able to write here and use it in stock lab machine.)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup (Requires elevated privileges to save here.)

#redteam #windows #infosec

I am "you.com" fan ;D
simple trick to create your code via #AI NICE...

this platform is very useful for #SecurityResearchers , #Pentesters / #Redteamers / #blueteamers / #CyberSecurity / #instructors / #infosec guys/ #developers and...
#chatgpt #youdotcom #you #ai

simple trick to create your code via #AI NICE...

I am you.com fan ;D
this platform is very useful for #SecurityResearchers , #Pentesters / #Redteamers / #blueteamers / #CyberSecurity / #instructors / #infosec guys/ #developers and...
as cyber security researcher and pentester this you-chat and search help me too much, a lot people in the world now get this point which you.com is awesome and also is useful/helpful for their research etc, for me this was helpful/useful to research or make some great new codes or new technique based on AI search/chat result which made by you.com platform and for research and learning new things i just use "YOU.COM" more than Google.com, probably more than 80% of my work/research is on you.com platform and maybe 20% in google or ... , thank you guys in "you.com" and WELL DONE....
#chatgpt #youdotcom #you #ai

for learning how can use this platform watch their videos one-by-one they are awesome and really good explained => https://www.youtube.com/@yousearchengine

for "Developers": one of good example from you.com => https://www.youtube.com/watch?v=BO6E3UVmkmc

for "Developers": Turn PYTHON into JAVA? Code Translate on you.com => https://www.youtube.com/watch?v=JC_KvIjXDKk

Good Video about you.com:
You.com Vs. Chat GPT
https://www.youtube.com/watch?v=uLqmaICxe_g

ok , i want to share something for #Blueteamers about "#chatgpt " or "#Youdotcom" #ai websites how much is good/helpful for you and how you can use them to make your own #defensive tools (very fast) but always as #developer you will have your own #bugs so you need work hard on these things , i will create article about this but in this post i will show you with very basic steps you can make your own C# or C++ tools for [Remote thread injection Detection] as you can see in "you.com", my search for monitoring #sysmon event-log [#realtime ] via c# for two EID 8,25 (but you need process creation/network connection event ids too) and our search result have two codes which both have same result, so now with #csharp you can detect these event (king of real-time) also you need Memory scanner which my simple search result was something like this pic but i did not test that (for sure, is working or not) i had my own #memoryscanner tools and C# codes ;D , ...

note : sometimes these codes in these AI platforms which made by others is better than your own old codes so you can replace them (for example for memory scanner i will test this simple code which seems is better and faster than some of part of my own codes ;D but should test in my LAB for sure..)

and finally you can see my own Blue-teaming "SysPM2Mon2.7.exe" tools (which background of code was something like these steps in these pictures but my memory scanner is "Pe-sieve.exe" + my own C# code for Memory scanner, i had 2 memory scanners in this tool ;D)
so as you can see As #Pentester and #SecurityResearcher i made my own Blue-teaming tools (#opensource which is available in my github) so you can do same things with your own IDEA , but now with these #ai "Chatgpt" , "YOU.COM" , ... websites you can make them faster and much better...
i will create an article about this but i am working on my things and research about my new ebook also some codes for ebook, so i am very busy to make article now but i will create that ;)
#blueteam #redteam #pentesting #securityresearch #defensive #ai #chatgpt #youdotcom

To all my Blue Team peeps out here. Anyone with experience on operationalizing MITRE Caldera in an enterprise infrastructure?

https://caldera.mitre.org/

#caldera #mitre #blueteamers

those Cyber Security guys which called itself #pentester or #Redteamer or #SecurityResearcher "just because" they are in university (learning something As [basics ;D more often] or academic things or out-of-date things ;D) and they "did not have any Experience" in Cyber Security Fields (even 1 year) and some of them even did not have any good/unique/new Cyber Security Research or tools/codes (which shared before to public).
and yeah we call them beginner "geniuses" in cyber security lol

Vs

those Cyber Security Guys which they have at least 3-5 years experience of learning real/new/unique things in these fields like #penetrationtesting or #redteaming or #securityresearch .

believe me your academic things are "Bullshit" and your instructors did not have updated content , they even don't have good viewpoint for cyber security fields like Penetration test or ... ,more often they don't have any experience of working with Offensive tools like Modern C2 servers, they don't know how you can write Offensive Codes like Writing #C2 server/agent (and why should do that) or they don't know how you can writing Offensive codes for bypassing #avs or #EDRs or #bypassing other things ... you don't know about these things or a lot other things which you should learn them outside of university "by yourself".

you can learn these things from #infosec #communities (with read Articles or Learn Courses which shared Publicly or Privately by #SecurityResearchers and #Pentesters or #redteamers or #blueteamers) and you need at least 2-3 years experiences for learn these new things.

Some guys think if you know all tools in Kali linux then you can call yourself #Pentester or Red-teamer, which is not true "geniuses".
Penetration testing is not about Tools , its about background "concepts" of tools omfg "remember this". (its about logic behind tools)

#Hajime's #iot #botnet's #linux bot #malware IP data is updated (Apr 20,2020 = 5,500+ recent P2P node's activity).
Check @circl_lu's @MISPProject's updated event or direct contact for country base data. cc: @censysio @shodanhq @badpacket @onyphe +#blueteamers
Warning: big data.

#Hajime's #iot #botnet's #linux bot #malware IP data is updated (Apr 20,2020 = 5,500+ recent P2P node's activity).
Check @circl_lu's @MISPProject's updated event or direct contact for country base data. cc: @censysio @shodanhq @badpacket @onyphe +#blueteamers
Warning: big data.