Wired: The Weird, Big-Money World of Cybercrime Writing Contests https://www.wired.com/story/hacking-contests-cybercriminals/ #Tech #wired #TechNews #IT #Technology via @morganeogerbc #Security/CyberattacksandHacks #Security/SecurityNews #cybersecurity #PenTesters #Security #phishing #malware #hacking #darkweb

Wired: The Weird, Big-Money World of Cybercrime Writing Contests https://www.wired.com/story/hacking-contests-cybercriminals/ #Security/CyberattacksandHacks #Security/SecurityNews #cybersecurity #PenTesters #Security #phishing #malware #hacking #darkweb

The Weird, Big-Money World of Cybercrime Writing Contests - The competitions, which are held on Russian-language cybercrime forums, offer prize money... - https://www.wired.com/story/hacking-contests-cybercriminals/ #security/cyberattacksandhacks #security/securitynews #pentesters #security

I actually did useful #InfoSec work today. Picked apart a “Free Security Scan!” report tossed at us by an irate client.

I really wish cheap-ass “#pentesters” would learn to recognize distro-maintained versions of major packages. I do not need a list of the scores of CVE’s for httpd that have been mitigated by ASF since RedHat bumped the nominal version of their custom-patched package. Scans like that just make people angry at their lazy sysadmins. Who are not in fact being lazy.

Amazon has banned the sale of the #Flipper Zero portable multi-tool for #pentesters as it no longer allows its sale on the platform after tagging it as a card-skimming device☝️👩‍💻

https://www.bleepingcomputer.com/news/technology/flipper-zero-banned-by-amazon-for-being-a-card-skimming-device-/?utm_content=bufferb132c&utm_medium=social&utm_source=bufferapp.com&utm_campaign=buffer

El lado del mal - "iBombShell: Revolution". Sólo para Pentesters! https://www.elladodelmal.com/2023/03/ibombshell-revolution-solo-para.html #pentest #pentesting #pentesters #hacking #metasploit #kali #powershell

Collection of Blue Team Codes & Tools which made by Offensive guys & Defensive guys
in this article i just want to share some very useful codes/tools which made by #Defenders also some of them made by #Pentesters & #Redteamers for #Blueteams , all these codes/tools are available in my list in github but in this article i just show you Blue team Tools/Codes but in the list you can see Offensive codes/tools too and ...
full list link : https://github.com/DamonMohammadbagher/Some_Pentesters_SecurityResearchers_RedTeamers

#blueteam #redteam #offensive #defensive #pentesters #codes #tools #blueteamtools
list last updated: 18 feb 2023
[defensive] @ZeroMemoryEx , (malware analysts to extract Command and Control C2 traffic) => https://github.com/ZeroMemoryEx/C2-Hunter
[defensive] foxit , (detect use of the DanderSpritz eventlogedit module [recover the removed event log entries]) => https://github.com/fox-it/danderspritz-evtx
[defensive] thefLinkk , (Hunt-Sleeping-Beacons. Aims to identify sleeping beacons) => https://github.com/thefLink/Hunt-Sleeping-Beacons
[defensive] LOLBAS-Project, (LOLBAS project is to document every binary, script & library that can be used for Living Off The Land techniques) => https://github.com/LOLBAS-Project/LOLBAS
[defensive] @winternl_t , (syscall-detect) => https://github.com/jackullrich/syscall-detect
[defensive] @slaeryan , (Detects Module Stomping as implemented by Cobalt Strike) => https://github.com/slaeryan/DetectCobaltStomp
[defensive] @_Apr4h , (CobaltStrikeScan, Scan files or process memory for CobaltStrike beacons) => https://github.com/Apr4h/CobaltStrikeScan
[defensive] Siemens Healthineers , ETWAnalyzer (Command line tool to analyze one/many ETW file/s with simple queries) => https://github.com/Siemens-Healthineers/ETWAnalyzer
[defensive] KANKOSHEV , (Detect-HiddenThread-via-KPRCB, Detect removed thread from PspCidTable) => https://github.com/KANKOSHEV/Detect-HiddenThread-via-KPRCB
[defensive] @Waldoirc , (Detect strange memory regions and DLLs ) => https://github.com/waldo-irc/MalMemDetect
[defensive] Rabobank Cyber Defence Centre , (Detect Tactics, Techniques & Combat Threats) => https://github.com/rabobank-cdc/DeTTECT
[defensive] @jordanklepser , (defender-detectionhistory-parser, A parser of Windows Defender's DetectionHistory forensic artifact) => https://github.com/jklepsercyber/defender-detectionhistory-parser
[defensive] @ScarredMonk , (SysmonSimulator, Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs) => https://github.com/ScarredMonk/SysmonSimulator
[defensive] Splunk , (Cmelting-cobalt, Cobalt Strike Scanner that retrieves detected Team Server beacons) => https://github.com/splunk/melting-cobalt
[defensive] Ali Davanian , (CnCHunter is a fork of RiotMan, and it allows exploiting malware for active probing) => https://github.com/adava/CnCHunter
[defensive] Airbus CERT , (Wireshark plugin to work with ETW) => https://github.com/airbus-cert/Winshark
[defensive] @_forrestorr , (Moneta, memory scanner) => https://github.com/forrest-orr/moneta
[defensive] @hasherezade , (Pe-Sieve, memory scanner) => https://github.com/hasherezade/pe-sieve
[defensive] @arch_rabbit , (Fibratus is a tool for exploration and tracing of the Windows kernel) => https://github.com/rabbitstack/fibratus
[defensive] Rajiv Kulkarni , (FalconEye, Real-time detection software for Windows process injections) => https://github.com/rajiv2790/FalconEye
[defensive] @standa_t , (tool to help malware analysts tell that the sample is injecting code to another process) => https://github.com/tandasat/RemoteWriteMonitor
[defensive] Microsoft , (MSFT, CPU/Memory performance-analysis,very useful ETW Codes & tools for Blue Teams/Defenders) => https://github.com/microsoft/perfview
[defensive] HoShiMin , (Avanguard, The Win32 Anti-Intrusion Library) => https://github.com/HoShiMin/Avanguard
[defensive] Lares , (Pushes Sysmon Configs) => https://github.com/LaresLLC/SysmonConfigPusher
[defensive] Improsec A/S , (Identify the attack paths in BloodHound breaking your AD tiering) => https://github.com/improsec/ImproHound
[defensive] @pathtofile , (Easy ETW Tracing for Security Research) => https://github.com/pathtofile/Sealighter
[defensive] @_lpvoid , (TiEtwAgent is ETW-based process injection detection) => https://github.com/xinbailu/TiEtwAgent
[defensive] ComodoSecurity , (OpenEDR is a free & open source platform EDR) => https://github.com/ComodoSecurity/openedr
[defensive] wazuh , (Wazuh is a free & open source platform EDR) => https://github.com/wazuh/wazuh
[defensive] @cyb3rops , (Raccine, A Simple Ransomware Protection) => https://github.com/Neo23x0/Raccine
[defensive] 3lp4tr0n , (BeaconHunter , Behavior based monitoring and hunting tool built in C# tool leveraging ETW tracing) => https://github.com/3lp4tr0n/BeaconHunter
[defensive] OpenCTI , (open source platform allowing organizations to manage their cyber threat intelligence knowledge) => https://github.com/OpenCTI-Platform/opencti
[defensive] ion-storm , (Sysmon EDR Active Response Features) => https://github.com/ion-storm/sysmon-edr
[defensive] @jtsmith282 , Blue teams monitor systems => https://github.com/ION28/BLUESPAWN
[defensive] @hasherezade , (hollows_hunter , memory scanner) => https://github.com/hasherezade/hollows_hunter
[off---def] Nomi Sec , (Hacker-Trends) => https://github.com/nomi-sec/Hacker-Trends
[off---def] @brsn76945860 , (Enumerating and removing kernel callbacks using signed vulnerable drivers) => https://github.com/br-sn/CheekyBlinder
[off---def] m0rv4i , (Syscalls-Extractor, extracting syscall numbers for an OS) => https://github.com/m0rv4i/Syscalls-Extractor
[off---def] @ale_sp_brazil , (dotnet malware threat, internals & reversing) => http://www.blackstormsecurity.com/docs/ALEXANDREBORGES_DEFCON_2019.pdf
[off---def] @0gtweet , (Simple solutions allowing you to dig a bit deeper than usual) => https://github.com/gtworek/PSBits
[off---def] Mr.Un1k0d3r , (EDRs Hooked APIs + some useful EDRs info for during red team exercise) => https://github.com/Mr-Un1k0d3r/EDRs
[off---def] Roberto Rodriguez @Cyb3rWard0g , (Education/Training: Threat Hunter Playbook) => https://threathunterplaybook.com/introduction.html
[off---def] @_EthicalChaos_ , (MiniHook, hooking native API calls ) => https://github.com/CCob/MinHook.NET
[off---def] Black Lantern Security, (writehat , Pentest reporting tool written in Python) => https://github.com/blacklanternsecurity/writehat
[off---def] mvelazc0 , (PurpleSharp) => https://github.com/mvelazc0/PurpleSharp
[off---def] boh , (C# Tools) => https://github.com/boh/RedCsharp
[off---def] redcanaryco , (Red-Teaming) => https://github.com/redcanaryco/atomic-red-team

Some New #codes / #researches for Some #Pentesters / #RedTemaers / #BlueTeamers and #securityresearchers Added to the list:
#cybersecurity #offensivesecurity #securityresearch #defensive #redteam #blueteam #pentest

Full List here => https://github.com/DamonMohammadbagher/Some_Pentesters_SecurityResearchers_RedTeamers

1. [offensive] @trickster012 , (Rust Weaponization for Red Team Engagements) => https://lnkd.in/eWsKKFY9

2. [offensive] @trickster012 , (roof of concept of bypassing(unhooking) the hook of potential EDRs) => https://lnkd.in/eQwQr4sY

3. [offensive] Deep Instinct , (A POC for the new injection technique, abusing windows fork API to evade EDRs) => https://lnkd.in/eGP2haTc

4. [offensive] @daem0nc0re , (investigation of Windows process execution techniques [C#]) => https://lnkd.in/eeyFi5Xz

5. [offensive] @D1rkMtr , (Bypass Userland EDR hooks by Loading Reflective Ntdll in memory) => https://lnkd.in/eVTy8WvP

6. [defensive] @ZeroMemoryEx , (malware analysts to extract Command and Control C2 traffic) => https://lnkd.in/eGWGKWgQ

7. [offensive] lem0nSec , (CreateRemoteThread: how to pass multiple parameters to the remote thread function without shellcode) => https://lnkd.in/eQ6ssfhK

8. [offensive] QAX A-Team , (A tool mainly to erase specified records from Windows event logs) => https://lnkd.in/eywTbFzr

9. [offensive] 3gstudent , (Remove individual lines from Windows XML Event Log (EVTX) files) => https://lnkd.in/ebn4AdaH

10. [offensive] @hlldz , (Windows Event Log Killer) => https://lnkd.in/es7V6xHt

11. [defensive] @foxit , (detect use of the DanderSpritz eventlogedit module [recover the removed event log entries]) => https://lnkd.in/evWYwRXQ

12. [offensive] @Ceramicskate0 , (C# Tool to interact with MS Exchange based on MS docs) => https://lnkd.in/ehiAcM6Z

13. [offensive] @reveng007 , (implant will exfiltrate data via smtp and will read commands from C2 [Gmail] via imap protocol) => https://lnkd.in/eBiXyEtR

14. [offensive] @cyberwarfarelab , (VectoredSyscall) => https://lnkd.in/eps_aJ6Z

15. [offensive] fosstodon.org/@mttaggart , (Notion as a platform for offensive operations) => https://lnkd.in/eXvKFTwP

16. [offensive] @t3l3machus , (A Windows reverse shell payload generator) => https://lnkd.in/e-Ce2zii

17. [offensive] @idov31 , (Sandman is a NTP based backdoor for red team engagements in hardened networks) => https://lnkd.in/eWzsBdXD

Full List here => https://github.com/DamonMohammadbagher/Some_Pentesters_SecurityResearchers_RedTeamers

Hey #pentesters and #redteamers

Is there any cyber conference worth attending in Europe?

We have open mid-level and senior pentest roles for the SensePost team in the UK, NL and ZA. You can apply here https://jobs.za.orangecyberdefense.com/jobs/2081206-security-analyst-pentester or just DM me.

We think it’s a nice place to work. A hacker culture. Research time for all analysts. Tons of internal learning. Deep care for everyone backed up by a low single digit hacker/manager ratio. Unheard of NPS scored from our customers (84 for 2022). Lots of training and conference opportunities.

#hiring #hackers #pentesters #uk #nl #za #sensepost

#Hacking is not just #oldschool tooling and techniques. Modern #mobile apps are a fun target for #reverse #engineers and #pentesters alike. A fundamental tool to properly hack mobile apps is #frida https://www.frida.re/

We conclude our tour of my @github projects with my humble contributions to this field https://github.com/0xdea/frida-scripts

For a well-maintained project by @apps3c that includes some of my Frida scripts, refer to https://github.com/federicodotta/Brida

✨ Cheatsheets for Pentesting

👉 A collection of snippets of codes and commands to make your life easier!

https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets

#infosec #pentesters #redteaming #redteamtips #networksecurity

🪲 Bypassing OGNL sandboxes for fun and charities

👉 OGNL injections led to some serious remote code execution (RCE) vulnerabilities

https://github.blog/2023-01-27-bypassing-ognl-sandboxes-for-fun-and-charities/

#infosec #bugbountytips #redteamtips #pentesters

CISO: How many windows do we have?

AV Guy: 7864
Desktop Management: 6321
EDR Team: 6722
CMDB Team: 4848
SIEM Team: 9342

🐞"Redteam: it is over 9999"⛑️

Credit: @jimiDFIR

#redteaming #pentesters #infosec #redteam #DFIR #blueteam

Thanks to @Laza @tychotithonus

🪲 GraphQL exploitation – All you need to know

https://cybervelia.com/?p=736

🌎 A Damn Vulnerable GraphQL Web Application:

https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application

#redteamtips #redteaming #pentesters #bugbountytips #BugBounty #appsec #graphql #infosec

Would be really cool to hear what #secops #security #pentesters think of this hilarious HN thread on how to tell if your own workstation is compromised or not — https://news.ycombinator.com/item?id=34388866

Question for professional #pentesters, #hackers, #kali users, or anyone who outputs #penetrationtesting reports for a salary.

How long do you keep your pentesting VMs (i.e. Kali, #ParrotOS) before replacing them with a new install?

Do you cycle them each engagement and re-deploy? Do you keep them around and dump them annually? Are you wildly inconsistent about it?

I'm speaking from the standpoint of an internal pentester and as someone about to take the OSCP yet again and is customizing a fresh install right now. Obviously, I imagine more stringent requirements for forensic and law enforcement purposes are required.

i saw some article and post which some red-teamers and pentesters talked about what they know and what they can do via C++ and why they think they are better than others ;D (too much arrogant) just because they know little thing to do something via C++ and they think with other language you CAN NOT DO that (just because they don't know nothing about other languages) and they talk about other languages like Java or C# or ... and said hey Java is awful or C# even is not Programming language (these guys make me fun ;D, and its clear they really don't know what they say about others and other programming languages ;p) etc
to me (or probably to all of us) this is not important who are you and what you did or how many years you have experience in #redteaming #pentesting #blueteaming
but the thing is really important to me "be #humble as [adult guy]" and believe me mocking others just show us which you know nothing about that thing which you talked about that (like other #programming #languages )

I saw a lot Pentester/Redteamers which even some of them are younger than me which have/had lower than me experience of pentesting/redteaming or ... but they have very nice & powerful skills in programming to bypassing AVs/EDRs "better than me" and i learned a lot things from them, some of them are C# developers C++ Java Python/Rust etc, believe this or not even some C++ Developer or C# Developer which are not in my cyber security field was my best instructors and i learned from them a lot things,but because they are Developers i did not ignore them for learning new things from them etc
also
i saw some #Redteamers or #Pentesters which never write C2 server/client code by-itself (always work with #C2 tools which made/wrote by others) talked about other Redteamers/ #Securityresearchers which made C2 server by-itself with any languages like C++/C#/java... and mocking them for their works or their codes, and again that because they are not real/good Programmer and they "can not do" that more often thats why they talk about others like that ;), believe me Programming is not Easy in these Fields like Pentesting/Redteaming and C2 programming really IS NOT EASY to do that especially if you want to write C2 server by-itself so you guys really don't know any thing about programming and still talk about that ;D

i know C++ but i never ever talking about C++ like that which you can't do that in C++ and only in C# you can do it, instead i said you can do this in C# simply which probably you can not do this in C++ SIMPLY"
that means just because "i am not C++ Pro Programmer" i can not say you CAN NOT DO THAT IN C++...(because i know you can do that probably in any languages but how).

does not matter how are you and where you live, or work for who, important thing is "be humble" and "be good learner" without "arrogant, childish things"

finally to those make code by itself let others learn from you and don't listen to these type of
guys (make your own chik chik)

I am "you.com" fan ;D
simple trick to create your code via #AI NICE...

this platform is very useful for #SecurityResearchers , #Pentesters / #Redteamers / #blueteamers / #CyberSecurity / #instructors / #infosec guys/ #developers and...
#chatgpt #youdotcom #you #ai

simple trick to create your code via #AI NICE...

I am you.com fan ;D
this platform is very useful for #SecurityResearchers , #Pentesters / #Redteamers / #blueteamers / #CyberSecurity / #instructors / #infosec guys/ #developers and...
as cyber security researcher and pentester this you-chat and search help me too much, a lot people in the world now get this point which you.com is awesome and also is useful/helpful for their research etc, for me this was helpful/useful to research or make some great new codes or new technique based on AI search/chat result which made by you.com platform and for research and learning new things i just use "YOU.COM" more than Google.com, probably more than 80% of my work/research is on you.com platform and maybe 20% in google or ... , thank you guys in "you.com" and WELL DONE....
#chatgpt #youdotcom #you #ai

for learning how can use this platform watch their videos one-by-one they are awesome and really good explained => https://www.youtube.com/@yousearchengine

for "Developers": one of good example from you.com => https://www.youtube.com/watch?v=BO6E3UVmkmc

for "Developers": Turn PYTHON into JAVA? Code Translate on you.com => https://www.youtube.com/watch?v=JC_KvIjXDKk

Good Video about you.com:
You.com Vs. Chat GPT
https://www.youtube.com/watch?v=uLqmaICxe_g