Wawa Security Links 345

Mardi 04 Octobre 2022


GoogleNCR / Twitter
Hacking tutos / Facebook


GitHub - bitdefender/swapgs-attack-poc: This repository contains the sources and documentation for the SWAPGS attack PoC (CVE-2019-1125)
Exploiting email address parsing with AWS SES - nathandavison.com
Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world – Global Cyber Security Company – Group-IB
etl2pcapng: Support For Process IDs | Didier Stevens
MDS Attacks: Microarchitectural Data Sampling
MSBuild without MSBuild | Pentest Laboratories
https://blog.confiant.com/fake-celebrity-endorsed-scam-abuses-ad-tech-to-net-1m-in-one-day-ffe330258e3c
DTrace on Windows – 20H1 updates - Microsoft Tech Community - 1127929
GitHub - saleemrashid/badecparams: Proof of Concept for CVE-2020-0601
waliedassar: Malformed PE Header Kernel Denial Of Service
Windows Defender Bypassing For Meterpreter
[Root Me : Hacking and Information Security learning platform]
GitHub - sailay1996/awesome_windows_logical_bugs: collect for learning cases
GitHub - kabachook/ecc: Some Elliptic Curve Cryptography stuff
New Obfuscation Techniques in Emotet Maldocs – Security Soup
https://www.alchemistowl.org/pocorgtfo/pocorgtfo20.pdf
Wireshark for Incident Response 101
Security Analysis of Devices That Support SCPI and VISA Protocols - TrendLabs Security Intelligence Blog
https://www.kali.org/releases/kali-linux-2020-1-release/
Blog article - OnSecurity

GitHub - ttmo-O/x86-manpages: x86 and amd64 instruction reference manual pages
GitHub - specterops/at-ps: Adversary Tactics - PowerShell Training
GitHub - atredispartners/flamingo: Flamingo captures credentials sprayed across the network by various IT and security products.
New xHunt campaign targeted a Kuwaiti organization to harvest credentials
Tool Release – Collaborator++ – NCC Group Research
https://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a
Errata Security: How to decrypt WhatsApp end-to-end media files
Open source tool for Linux simulates adversary behaviors
New Snake Ransomware Adds Itself to the Increasing Collection of Golang Crimeware - SentinelLabs
CoRIIN 2020 Wrap-Up | /dev/random
oss-security - LPE and RCE in OpenSMTPD (CVE-2020-7247)
https://medium.com/vmsp/blocking-your-adblocker-967d1c6e48f2
Google Groups
GitHub - davidprowe/BadBlood: BadBlood by Secframe fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
Predator the Thief - Check Point Research
https://medium.com/SkyscannerEng/kubernetes-security-monitoring-at-scale-with-sysdig-falco-a60cfdb0f67a
Improper Input Validation | Add Custom Text and URLs In SMS send by Snapchat | Bug Bounty POC - Security Breached Blog
Dumping Firmware With the CH341a Programmer - Black Hills Information Security
materials/An_Overhead_View_of_the_Royal_Road.pdf at master · nao-sec/materials · GitHub
GitHub - jokezone/Update-Sysmon: This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.

Scripting Macs With Malice | How Shlayer and Other Malware Installers Infect macOS | SentinelOne
https://webassembly-security.com/fuzzing-npm-nodejs-webassembly-parsing-library-with-jsfuzz/
Zoom-Zoom: We Are Watching You - Check Point Research
https://medium.com/bugbountywriteup/writing-a-bootloader-931da062f25b
High Severity CSRF to RCE Vulnerability Patched in Code Snippets Plugin
Project Zero: Part II: Returning to Adobe Reader symbols on macOS
exploits/php7-backtrace-bypass at master · mm0r1/exploits · GitHub
<span id="hs_cos_wrapper_name" class="hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_text" style="" data-hs-cos-general-type="meta_field" data-hs-cos-type="text" >Trickbot Trojan Leveraging a New Windows 10 UAC Bypass</span>
Intezer - New Iranian Campaign Tailored to US Companies Uses Updated Toolset
SSH Protocol with Wireshark
Remote Cloud Execution - Critical Vulnerabilities in Azure Cloud Infrastructure (Part I) - Check Point Research
Remote Cloud Execution - Critical Vulnerabilities in Azure Cloud Infrastructure (Part II) - Check Point Research
https://0xkasper.com/articles/rtcp-ctf-2020-write-up
https://www.shorebreaksecurity.com/blog/have-you-configured-nessus-to-betray-you/
OpenSK/README.md at master · google/OpenSK · GitHub
https://levelup.gitconnected.com/linux-kernel-tuning-for-high-performance-networking-5999a13b3fb4
Building a simple VPN with WireGuard with a Raspberry Pi as Server // Andreas Happe
Modernizing the internet with HTTP/3 and QUIC
GitHub - realoriginal/ppldump: BYOD (Bring Your Own Driver) Approach to Dumping PPL Procs (Shellcode Injection lol)
The Vault: Unwinding RTCore

https://www.matteomalvica.com/blog/2020/01/20/mimikatz-lsass-dump-windg-pykd/
Google Online Security Blog: Say hello to OpenSK: a fully open-source security key implementation
https://posts.specterops.io/detection-engineering-using-apples-endpoint-security-framework-affdbcb18b02
Linux kernel 0days without code auditing | xorl %eax, %eax
https://medium.com/ranakhalil101/hack-the-box-devoops-writeup-w-o-metasploit-afa7d5952117
Metasploit Wrap-Up
The return of the spoof part 1: Parent process ID spoofing – NVISO Labs
OK Google: bypass the authentication! | @Mediaservice.net Technical Blog
Samesite by Default and What It Means for Bug Bounty Hunters
https://astrix.co.uk/news/2020/1/31/how-to-set-up-secure-ldap-for-active-directory
Azure DevOps Build Agent analysis
Red Teaming with Covenant and Donut | NaijaSecForce
Winnti Group targeting universities in Hong Kong | WeLiveSecurity
NSA Codebreaker 2019, Overview – Jonathan Armer – Small blog about different CTFs completed or software I have worked on that I find interesting.
GitHub - djhohnstein/ScatterBrain: Suite of Shellcode Running Utilities
GitHub - 0xthirteen/MoveKit: Cobalt Strike kit for Lateral Movement
GitHub - TheCyberGeek/CVE-2020-5844
Invoke-APT29: Adversarial Threat Emulation | VMware Carbon Black
https://medium.com/shahjerry33/password-reset-token-leak-via-referrer-2e622500c2c1
https://medium.com/vbharad/account-takeover-through-password-reset-poisoning-72989a8bb8ea


Translate / Map
Wikipedia [ENG] / GIT

Metasploit / ExploitDB
Converter / Project 0

Hotmail / Gmail / ODA
eprint.iacr / Youtube