Tech news from Canada · @TechNews
982 followers · 26605 posts · Server mastodon.roitsystems.ca
Mr.Trunk · @mrtrunk
10 followers · 17567 posts · Server dromedary.seedoubleyou.me
IT News · @itnewsbot
3686 followers · 271722 posts · Server schleuss.online

The Weird, Big-Money World of Cybercrime Writing Contests - The competitions, which are held on Russian-language cybercrime forums, offer prize money... - wired.com/story/hacking-contes /cyberattacksandhacks /securitynews

#pentesters #security

Last updated 1 year ago

I actually did useful work today. Picked apart a โ€œFree Security Scan!โ€ report tossed at us by an irate client.

I really wish cheap-ass โ€œโ€ would learn to recognize distro-maintained versions of major packages. I do not need a list of the scores of CVEโ€™s for httpd that have been mitigated by ASF since RedHat bumped the nominal version of their custom-patched package. Scans like that just make people angry at their lazy sysadmins. Who are not in fact being lazy.

#infosec #pentesters

Last updated 1 year ago

Manuel Bissey · @mbissey
6 followers · 235 posts · Server cyberplace.social

Amazon has banned the sale of the Zero portable multi-tool for as it no longer allows its sale on the platform after tagging it as a card-skimming deviceโ˜๏ธ๐Ÿ‘ฉโ€๐Ÿ’ป

bleepingcomputer.com/news/tech

#flipper #pentesters

Last updated 2 years ago

Chema Alonso :verified: · @chemaalonso
826 followers · 202 posts · Server ioc.exchange

Collection of Blue Team Codes & Tools which made by Offensive guys & Defensive guys
in this article i just want to share some very useful codes/tools which made by also some of them made by & for , all these codes/tools are available in my list in github but in this article i just show you Blue team Tools/Codes but in the list you can see Offensive codes/tools too and ...
full list link : github.com/DamonMohammadbagher


list last updated: 18 feb 2023
[defensive] @ZeroMemoryEx , (malware analysts to extract Command and Control C2 traffic) => github.com/ZeroMemoryEx/C2-Hun
[defensive] foxit , (detect use of the DanderSpritz eventlogedit module [recover the removed event log entries]) => github.com/fox-it/danderspritz
[defensive] thefLinkk , (Hunt-Sleeping-Beacons. Aims to identify sleeping beacons) => github.com/thefLink/Hunt-Sleep
[defensive] LOLBAS-Project, (LOLBAS project is to document every binary, script & library that can be used for Living Off The Land techniques) => github.com/LOLBAS-Project/LOLB
[defensive] @winternl_t , (syscall-detect) => github.com/jackullrich/syscall
[defensive] @slaeryan , (Detects Module Stomping as implemented by Cobalt Strike) => github.com/slaeryan/DetectCoba
[defensive] @_Apr4h , (CobaltStrikeScan, Scan files or process memory for CobaltStrike beacons) => github.com/Apr4h/CobaltStrikeS
[defensive] Siemens Healthineers , ETWAnalyzer (Command line tool to analyze one/many ETW file/s with simple queries) => github.com/Siemens-Healthineer
[defensive] KANKOSHEV , (Detect-HiddenThread-via-KPRCB, Detect removed thread from PspCidTable) => github.com/KANKOSHEV/Detect-Hi
[defensive] @Waldoirc , (Detect strange memory regions and DLLs ) => github.com/waldo-irc/MalMemDet
[defensive] Rabobank Cyber Defence Centre , (Detect Tactics, Techniques & Combat Threats) => github.com/rabobank-cdc/DeTTEC
[defensive] @jordanklepser , (defender-detectionhistory-parser, A parser of Windows Defender's DetectionHistory forensic artifact) => github.com/jklepsercyber/defen
[defensive] @ScarredMonk , (SysmonSimulator, Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs) => github.com/ScarredMonk/SysmonS
[defensive] Splunk , (Cmelting-cobalt, Cobalt Strike Scanner that retrieves detected Team Server beacons) => github.com/splunk/melting-coba
[defensive] Ali Davanian , (CnCHunter is a fork of RiotMan, and it allows exploiting malware for active probing) => github.com/adava/CnCHunter
[defensive] Airbus CERT , (Wireshark plugin to work with ETW) => github.com/airbus-cert/Winshar
[defensive] @_forrestorr , (Moneta, memory scanner) => github.com/forrest-orr/moneta
[defensive] @hasherezade , (Pe-Sieve, memory scanner) => github.com/hasherezade/pe-siev
[defensive] @arch_rabbit , (Fibratus is a tool for exploration and tracing of the Windows kernel) => github.com/rabbitstack/fibratu
[defensive] Rajiv Kulkarni , (FalconEye, Real-time detection software for Windows process injections) => github.com/rajiv2790/FalconEye
[defensive] @standa_t , (tool to help malware analysts tell that the sample is injecting code to another process) => github.com/tandasat/RemoteWrit
[defensive] Microsoft , (MSFT, CPU/Memory performance-analysis,very useful ETW Codes & tools for Blue Teams/Defenders) => github.com/microsoft/perfview
[defensive] HoShiMin , (Avanguard, The Win32 Anti-Intrusion Library) => github.com/HoShiMin/Avanguard
[defensive] Lares , (Pushes Sysmon Configs) => github.com/LaresLLC/SysmonConf
[defensive] Improsec A/S , (Identify the attack paths in BloodHound breaking your AD tiering) => github.com/improsec/ImproHound
[defensive] @pathtofile , (Easy ETW Tracing for Security Research) => github.com/pathtofile/Sealight
[defensive] @_lpvoid , (TiEtwAgent is ETW-based process injection detection) => github.com/xinbailu/TiEtwAgent
[defensive] ComodoSecurity , (OpenEDR is a free & open source platform EDR) => github.com/ComodoSecurity/open
[defensive] wazuh , (Wazuh is a free & open source platform EDR) => github.com/wazuh/wazuh
[defensive] @cyb3rops , (Raccine, A Simple Ransomware Protection) => github.com/Neo23x0/Raccine
[defensive] 3lp4tr0n , (BeaconHunter , Behavior based monitoring and hunting tool built in C# tool leveraging ETW tracing) => github.com/3lp4tr0n/BeaconHunt
[defensive] OpenCTI , (open source platform allowing organizations to manage their cyber threat intelligence knowledge) => github.com/OpenCTI-Platform/op
[defensive] ion-storm , (Sysmon EDR Active Response Features) => github.com/ion-storm/sysmon-ed
[defensive] @jtsmith282 , Blue teams monitor systems => github.com/ION28/BLUESPAWN
[defensive] @hasherezade , (hollows_hunter , memory scanner) => github.com/hasherezade/hollows
[off---def] Nomi Sec , (Hacker-Trends) => github.com/nomi-sec/Hacker-Tre
[off---def] @brsn76945860 , (Enumerating and removing kernel callbacks using signed vulnerable drivers) => github.com/br-sn/CheekyBlinder
[off---def] m0rv4i , (Syscalls-Extractor, extracting syscall numbers for an OS) => github.com/m0rv4i/Syscalls-Ext
[off---def] @ale_sp_brazil , (dotnet malware threat, internals & reversing) => blackstormsecurity.com/docs/AL
[off---def] @0gtweet , (Simple solutions allowing you to dig a bit deeper than usual) => github.com/gtworek/PSBits
[off---def] Mr.Un1k0d3r , (EDRs Hooked APIs + some useful EDRs info for during red team exercise) => github.com/Mr-Un1k0d3r/EDRs
[off---def] Roberto Rodriguez @Cyb3rWard0g , (Education/Training: Threat Hunter Playbook) => threathunterplaybook.com/intro
[off---def] @_EthicalChaos_ , (MiniHook, hooking native API calls ) => github.com/CCob/MinHook.NET
[off---def] Black Lantern Security, (writehat , Pentest reporting tool written in Python) => github.com/blacklanternsecurit
[off---def] mvelazc0 , (PurpleSharp) => github.com/mvelazc0/PurpleShar
[off---def] boh , (C# Tools) => github.com/boh/RedCsharp
[off---def] redcanaryco , (Red-Teaming) => github.com/redcanaryco/atomic-

#defenders #pentesters #redteamers #blueteams #blueteam #redteam #offensive #defensive #codes #tools #blueteamtools

Last updated 2 years ago

Some New / for Some / / and Added to the list:

Full List here => github.com/DamonMohammadbagher

1. [offensive] @trickster012 , (Rust Weaponization for Red Team Engagements) => lnkd.in/eWsKKFY9

2. [offensive] @trickster012 , (roof of concept of bypassing(unhooking) the hook of potential EDRs) => lnkd.in/eQwQr4sY

3. [offensive] Deep Instinct , (A POC for the new injection technique, abusing windows fork API to evade EDRs) => lnkd.in/eGP2haTc

4. [offensive] @daem0nc0re , (investigation of Windows process execution techniques [C#]) => lnkd.in/eeyFi5Xz

5. [offensive] @D1rkMtr , (Bypass Userland EDR hooks by Loading Reflective Ntdll in memory) => lnkd.in/eVTy8WvP

6. [defensive] @ZeroMemoryEx , (malware analysts to extract Command and Control C2 traffic) => lnkd.in/eGWGKWgQ

7. [offensive] lem0nSec , (CreateRemoteThread: how to pass multiple parameters to the remote thread function without shellcode) => lnkd.in/eQ6ssfhK

8. [offensive] QAX A-Team , (A tool mainly to erase specified records from Windows event logs) => lnkd.in/eywTbFzr

9. [offensive] 3gstudent , (Remove individual lines from Windows XML Event Log (EVTX) files) => lnkd.in/ebn4AdaH

10. [offensive] @hlldz , (Windows Event Log Killer) => lnkd.in/es7V6xHt

11. [defensive] @foxit , (detect use of the DanderSpritz eventlogedit module [recover the removed event log entries]) => lnkd.in/evWYwRXQ

12. [offensive] @Ceramicskate0 , (C# Tool to interact with MS Exchange based on MS docs) => lnkd.in/ehiAcM6Z

13. [offensive] @reveng007 , (implant will exfiltrate data via smtp and will read commands from C2 [Gmail] via imap protocol) => lnkd.in/eBiXyEtR

14. [offensive] @cyberwarfarelab , (VectoredSyscall) => lnkd.in/eps_aJ6Z

15. [offensive] fosstodon.org/@mttaggart , (Notion as a platform for offensive operations) => lnkd.in/eXvKFTwP

16. [offensive] @t3l3machus , (A Windows reverse shell payload generator) => lnkd.in/e-Ce2zii

17. [offensive] @idov31 , (Sandman is a NTP based backdoor for red team engagements in hardened networks) => lnkd.in/eWzsBdXD

Full List here => github.com/DamonMohammadbagher

#codes #researches #pentesters #redtemaers #blueteamers #securityresearchers #cybersecurity #offensivesecurity #securityresearch #defensive #redteam #blueteam #pentest

Last updated 2 years ago

Carlos Mogas da Silva · @r3pek
296 followers · 1306 posts · Server mastodon.r3pek.org

Hey and

Is there any cyber conference worth attending in Europe?

#pentesters #redteamers

Last updated 2 years ago

SensePost · @sensepost
295 followers · 20 posts · Server infosec.exchange

We have open mid-level and senior pentest roles for the SensePost team in the UK, NL and ZA. You can apply here jobs.za.orangecyberdefense.com or just DM me.

We think itโ€™s a nice place to work. A hacker culture. Research time for all analysts. Tons of internal learning. Deep care for everyone backed up by a low single digit hacker/manager ratio. Unheard of NPS scored from our customers (84 for 2022). Lots of training and conference opportunities.

#hiring #hackers #pentesters #uk #nl #za #sensepost

Last updated 2 years ago

Marco Ivaldi · @raptor
1668 followers · 873 posts · Server infosec.exchange

is not just tooling and techniques. Modern apps are a fun target for and alike. A fundamental tool to properly hack mobile apps is frida.re/

We conclude our tour of my @github projects with my humble contributions to this field github.com/0xdea/frida-scripts

For a well-maintained project by @apps3c that includes some of my Frida scripts, refer to github.com/federicodotta/Brida

#hacking #oldschool #mobile #reverse #engineers #pentesters #frida

Last updated 2 years ago

Astra Kernel :verified: · @AstraKernel
895 followers · 942 posts · Server infosec.exchange

โœจ Cheatsheets for Pentesting

๐Ÿ‘‰ A collection of snippets of codes and commands to make your life easier!

github.com/Kitsun3Sec/Pentest-

#infosec #pentesters #redteaming #redteamtips #networksecurity

Last updated 2 years ago

Astra Kernel :verified: · @AstraKernel
866 followers · 912 posts · Server infosec.exchange

๐Ÿชฒ Bypassing OGNL sandboxes for fun and charities

๐Ÿ‘‰ OGNL injections led to some serious remote code execution (RCE) vulnerabilities

github.blog/2023-01-27-bypassi

#infosec #bugbountytips #redteamtips #pentesters

Last updated 2 years ago

Astra Kernel :verified: · @AstraKernel
827 followers · 864 posts · Server infosec.exchange

CISO: How many windows do we have?

AV Guy: 7864
Desktop Management: 6321
EDR Team: 6722
CMDB Team: 4848
SIEM Team: 9342

๐Ÿž"Redteam: it is over 9999"โ›‘๏ธ

Credit: @jimiDFIR

Thanks to @Laza @tychotithonus

#redteaming #pentesters #infosec #redteam #dfir #blueteam

Last updated 2 years ago

Astra Kernel :verified: · @AstraKernel
825 followers · 857 posts · Server infosec.exchange
gigatexal (he/him) · @gigatexal
158 followers · 799 posts · Server mastodon.social

Would be really cool to hear what think of this hilarious HN thread on how to tell if your own workstation is compromised or not โ€” news.ycombinator.com/item?id=3

#secops #security #pentesters

Last updated 2 years ago

Question for professional , , users, or anyone who outputs reports for a salary.

How long do you keep your pentesting VMs (i.e. Kali, ) before replacing them with a new install?

Do you cycle them each engagement and re-deploy? Do you keep them around and dump them annually? Are you wildly inconsistent about it?

I'm speaking from the standpoint of an internal pentester and as someone about to take the OSCP yet again and is customizing a fresh install right now. Obviously, I imagine more stringent requirements for forensic and law enforcement purposes are required.

#parrotos #penetrationtesting #kali #hackers #pentesters

Last updated 2 years ago

i saw some article and post which some red-teamers and pentesters talked about what they know and what they can do via C++ and why they think they are better than others ;D (too much arrogant) just because they know little thing to do something via C++ and they think with other language you CAN NOT DO that (just because they don't know nothing about other languages) and they talk about other languages like Java or C# or ... and said hey Java is awful or C# even is not Programming language (these guys make me fun ;D, and its clear they really don't know what they say about others and other programming languages ;p) etc
to me (or probably to all of us) this is not important who are you and what you did or how many years you have experience in
but the thing is really important to me "be as [adult guy]" and believe me mocking others just show us which you know nothing about that thing which you talked about that (like other )

I saw a lot Pentester/Redteamers which even some of them are younger than me which have/had lower than me experience of pentesting/redteaming or ... but they have very nice & powerful skills in programming to bypassing AVs/EDRs "better than me" and i learned a lot things from them, some of them are C# developers C++ Java Python/Rust etc, believe this or not even some C++ Developer or C# Developer which are not in my cyber security field was my best instructors and i learned from them a lot things,but because they are Developers i did not ignore them for learning new things from them etc
also
i saw some or which never write C2 server/client code by-itself (always work with tools which made/wrote by others) talked about other Redteamers/ which made C2 server by-itself with any languages like C++/C#/java... and mocking them for their works or their codes, and again that because they are not real/good Programmer and they "can not do" that more often thats why they talk about others like that ;), believe me Programming is not Easy in these Fields like Pentesting/Redteaming and C2 programming really IS NOT EASY to do that especially if you want to write C2 server by-itself so you guys really don't know any thing about programming and still talk about that ;D

i know C++ but i never ever talking about C++ like that which you can't do that in C++ and only in C# you can do it, instead i said you can do this in C# simply which probably you can not do this in C++ SIMPLY"
that means just because "i am not C++ Pro Programmer" i can not say you CAN NOT DO THAT IN C++...(because i know you can do that probably in any languages but how).

does not matter how are you and where you live, or work for who, important thing is "be humble" and "be good learner" without "arrogant, childish things"

finally to those make code by itself let others learn from you and don't listen to these type of
guys (make your own chik chik)

#redteaming #pentesting #blueteaming #humble #programming #languages #redteamers #pentesters #c2 #securityresearchers

Last updated 2 years ago

I am "you.com" fan ;D
simple trick to create your code via NICE...

this platform is very useful for , / / / / / guys/ and...

simple trick to create your code via NICE...

#ai #securityresearchers #pentesters #redteamers #blueteamers #cybersecurity #instructors #infosec #developers #chatgpt #youdotcom #you

Last updated 2 years ago

I am you.com fan ;D
this platform is very useful for , / / / / / guys/ and...
as cyber security researcher and pentester this you-chat and search help me too much, a lot people in the world now get this point which you.com is awesome and also is useful/helpful for their research etc, for me this was helpful/useful to research or make some great new codes or new technique based on AI search/chat result which made by you.com platform and for research and learning new things i just use "YOU.COM" more than Google.com, probably more than 80% of my work/research is on you.com platform and maybe 20% in google or ... , thank you guys in "you.com" and WELL DONE....

for learning how can use this platform watch their videos one-by-one they are awesome and really good explained => youtube.com/@yousearchengine

for "Developers": one of good example from you.com => youtube.com/watch?v=BO6E3UVmkm

for "Developers": Turn PYTHON into JAVA? Code Translate on you.com => youtube.com/watch?v=JC_KvIjXDK

Good Video about you.com:
You.com Vs. Chat GPT
youtube.com/watch?v=uLqmaICxe_

#securityresearchers #pentesters #redteamers #blueteamers #cybersecurity #instructors #infosec #developers #chatgpt #youdotcom #you #ai

Last updated 2 years ago