konik_polanowy

Osobistość

937wpisy
104komentarzy

https://lubimyczytac.pl/profil/127443/joker

konik_polanowy

Osobistość

w Ciekawostki 2021-06-26T11:02:59+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.06.26.md
Pwning Home Router - Linksys WRT54G - https://elongl.github.io/exploitation/2021/05/30/pwning-home-router.html
Azure AD introduction for red teamers - https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html
Linux SBC featuring two wifi radios, masquerading as a USB charger - https://github.com/Machine-Hum/wifiwart
I’m putting a WiFi router into a wall charger (Part 1) - https://machinehum.medium.com/im-putting-a-wifi-router-into-a-wall-charger-part-1-882df714bbf3
Windows Event Log Killer - https://github.com/hlldz/Phant0m

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-06-24T22:00:45+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.06.24.md
Klingon RAT Holding on for Dear Life - https://www.intezer.com/blog/malware-analysis/klingon-rat-holding-on-for-dear-life/
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging - https://github.com/hasherezade/transacted_hollowing
Picture this: Malware Hides in Steam Profile Images - https://www.gdatasoftware.com/blog/steamhide-malware-in-profile-images
Advanced Windows exploit development resources - https://github.com/FULLSHADE/WindowsExploitationResources
A Blazing fast Security Auditing tool for Kubernetes - https://github.com/vchinnipilli/kubestriker
Bypassing 2FA using OpenID Misconfiguration - https://youst.in/posts/bypassing-2fa-using-openid-misconfiguration/

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-06-22T21:48:20+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.06.22.md
Inside a transistorized shift register box, built in 1965 for Apollo testing - https://www.righto.com/2021/06/inside-transistorized-shift-register.html
Bypassing Image Load Kernel Callbacks - https://www.mdsec.co.uk/2021/06/bypassing-image-load-kernel-callbacks/
Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol - https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/
All Resource Collection Projects - https://github.com/alphaSeclab/windows-security/blob/master/Readme_en.md
Collection of malware source code for a variety of platforms in an array of different programming languages - https://github.com/vxunderground/MalwareSourceCode

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

Zostań Patronem Hejto i odblokuj dodatkowe korzyści tylko dla Patronów

Włączona możliwość zarabiania na swoich treściach
Całkowity brak reklam na każdym urządzeniu
Oznaczenie w postaci rogala , który świadczy o Twoim wsparciu
Wcześniejszy dostęp, do wybranych funkcji na Hejto

konik_polanowy

Osobistość

w Ciekawostki 2021-06-20T12:55:50+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.06.20.md
Exploiting VLAN Double Tagging - https://notsosecure.com/exploiting-vlan-double-tagging/
burpa: Burp Automator - https://github.com/tristanlatr/burpa
Celebron - Userland API Unhooker Project - https://github.com/frkngksl/Celeborn
Co zawierają QR-kody w Unijnym Certyfikacie Covid i jak to sprawdzić? - https://informatykzakladowy.pl/co-zawieraja-qr-kody-w-unijnym-certyfikacie-covid-i-jak-to-sprawdzic/
Why do adversaries use DLL Search Order Hijacking? - https://redcanary.com/threat-detection-report/techniques/dll-search-order-hijacking/
Malware samples, analysis exercises and other interesting resources - https://github.com/jstrosch/malware-samples

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-06-18T12:01:59+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.06.18.md
All Your Macs Are Belong To Us - https://objective-see.com/blog/blog_0x64.html
(WIP) Runtime Application Instruments for iOS - https://github.com/chichou/grapefruit
Unit 42 Discovers First Known Malware Targeting Windows Containers - https://www.paloaltonetworks.com/blog/2021/06/siloscape-malware-windows-containers/
Microsoft ADCS – Abusing PKI in Active Directory Environment - https://www.riskinsight-wavestone.com/en/2021/06/microsoft-adcs-abusing-pki-in-active-directory-environment/
Ransomware Again…But We Changed the RDP Port!?!?! - https://thedfirreport.com/2020/07/13/ransomware-again-but-we-changed-the-rdp-port/

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-06-15T13:00:30+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.06.15.md
Announcing Wildland Client v0.1 - https://wildland.io/2021/06/11/introducing-client-v0.1.html
CVE-2021-31166: RCE in Microsoft HTTP.sys - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2021-31166-rce-in-microsoft-httpsys/
Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug - https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
Privacy analysis of FLoC - https://blog.mozilla.org/en/privacy-security/privacy-analysis-of-floc/
A Little More on the Task Scheduler's Service Account Usage - https://www.tiraniddo.dev/2021/06/a-little-more-on-task-schedulers.html
Red Team Tactics: Utilizing Syscalls in C# - Prerequisite Knowledge - https://jhalon.github.io/utilizing-syscalls-in-csharp-1/

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-06-13T12:04:49+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.06.13.md
Wireshark Tutorial for Beginners - https://www.youtube.com/playlist?list=PLR0bgGon_WTK9PHDzrlje4bqEh3p0NxxX
What is old is new again: The Relay Attack - https://www.secureauth.com/blog/what-is-old-is-new-again-the-relay-attack/
Are Virtual Machines the New Gold for Cyber Criminals? - https://www.mcafee.com/blogs/other-blogs/mcafee-labs/are-virtual-machines-the-new-gold-for-cyber-criminals/
EDR Evasion: Unhooking DLL's With C# - https://makosecblog.com/malware-dev/dll-unhooking-csharp/
Phishing Frenzy: HTA PowerShell Attacks with BeEF - https://www.pentestgeek.com/phishing/phishing-frenzy-hta-powershell-attacks-with-beef

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-06-11T12:13:14+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.06.11.md
Finding 0day to hack Apple - https://github.com/httpvoid/writeups/blob/main/Apple-RCE.md
Binary Heaps: Part 1 - https://www.youtube.com/watch?v=rblQsMYs4Bg
Linux x64 Assembly - https://www.youtube.com/playlist?list=PLKK11Ligqiti8g3gWRtMjMgf1KoKDOvME
New Mac adware, leaked from a flashcards app - https://objective-see.com/blog/blog_0x65.html
Necro Python bot adds new exploits and Tezos mining to its bag of tricks - https://blog.talosintelligence.com/2021/06/necro-python-bot-adds-new-tricks.html
Smart Meter Hacking - Decoding GPS Coordinates - https://www.youtube.com/watch?v=Y_sh605Q7oA

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-06-11T11:38:49+02:00

Attacking Active Directory: 0 to 0.9 https://zer1t0.gitlab.io/posts/attacking_ad/
DLL Search Order Hijacking https://redcanary.com/threat-detection-report/techniques/dll-search-order-hijacking/
Reverse Engineering 101: CPU, memory, debugging and cheating in minesweeper https://www.youtube.com/watch?v=k8f7DXr0SgQ
XSS in the AWS Console https://frichetten.com/blog/xss_in_aws_console/
Zero Day Zen Garden: Windows Exploit Development - Part 4 [Overwriting SEH with Buffer Overflows] https://www.shogunlab.com/blog/2017/11/06/zdzg-windows-exploit-4.html
Reversing Microsoft’s Windows95 Product Key Check Mechanism https://infosecwriteups.com/reversing-microsofts-windows95-product-key-check-mechanism-ca7e825014b6?gi=beef7f55e435

Attacking Active Directory: 0 to 0.9 | zer1t0

$ dhcplayer discover -I eth2 -n OFFER received from 192.168.100.2 Offered IP: 192.168.100.3 Client MAC: 52:54:00:88:80:0c DHCP Server: 192.168.100.2 Options: [1] Subnet Mask: 255.255.255.0 [58] Renewal Time: 345600 [59] Rebinding Time: 604800 [51] IP Address Lease Time: 691200 [54] DHCP Server ID: 192.168.100.2 [3] Router: 192.168.100.2 [5] Name Server: 192.168.100.2 [6] Domain Server:...

zer1t0.gitlab.io

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-06-07T15:00:22+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.06.07.md
Hex-Rays, GetProcAddress, and Malware Analysis - https://www.msreverseengineering.com/blog/2021/6/1/hex-rays-getprocaddress-and-malware-analysis
Understanding Linux Cron Jobs - https://www.secjuice.com/linux-basics-cron-jobs/
awesome-threat-intelligence - https://github.com/hslatman/awesome-threat-intelligence
Awesome Cyber Security - https://github.com/fabionoth/awesome-cyber-security
Awesome Security - https://github.com/sbilly/awesome-security
Life of an HTTP request in a Go server - https://eli.thegreenplace.net/2021/life-of-an-http-request-in-a-go-server/
Windows Kernel Debugging & Exploitation Part 1 - Environment Setup - https://hacklido.com/blog/124-windows-kernel-debugging-exploitation-part-1-environment-setup
Python Cybersecurity For Beginners - Build a Port Scanner - https://www.youtube.com/watch?v=bH-3PuQC_n0

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-06-05T12:05:11+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.06.05.md
Dumping K360 wireless keyboard firmware with a GreatFET https://jamchamb.net/2021/05/29/dumping-k360-firmware.html
Analysis report of the Facefish rootkit https://blog.netlab.360.com/ssh_stealer_facefish_en/
Hardware Hacking : Getting UART Shells https://hacklido.com/blog/67-hardware-hacking-getting-uart-shells
DEF CON 24 - Marc Newlin - MouseJack: Injecting Keystrokes into Wireless Mice https://www.youtube.com/watch?v=00A36VABIA4
GNU BRE/ERE cheatsheet and differences between grep, sed and awk https://learnbyexample.github.io/gnu-bre-ere-cheatsheet/
Use Facial Detection & Recognition on an ESP32 Wi-Fi Camera [Tutorial] https://www.youtube.com/watch?v=LOqVIe9cnW8
Mentalist is a graphical tool for custom wordlist generation https://github.com/sc0tfree/mentalist

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-06-03T11:43:34+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.06.03.md
Attack Detection Fundamentals 2021: Windows - Lab #1 - https://labs.f-secure.com/blog/attack-detection-fundamentals-2021-windows-lab-1/
Awesome Alternatives in Rust - https://github.com/TaKO8Ki/awesome-alternatives-in-rust
SCAMP is alive - https://incoherency.co.uk/blog/stories/scamp-lives.html
SCAMP homebrew CPU executing code for the first time - https://www.youtube.com/watch?v=1WwF2P9zLtY
View and control terminals from your browser with end-to-end encryptio - https://github.com/cs01/termpair
Abusing LNK "Features" for Initial Access and Persistence - https://v3ded.github.io/redteam/abusing-lnk-features-for-initial-access-and-persistence

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-06-01T13:20:06+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.06.01.md
Secure coding and more - https://antonioparata.blogspot.com/2021/05/alan-post-exploitation-framework.html
Remote Recording Stream -mhttps://egahlin.github.io/2021/05/17/remote-recording-stream.html
How to Analyze Malware with x64dbg - https://www.varonis.com/blog/how-to-use-x64dbg-malware-analysis/
Network Study Infographics - https://github.com/DelfinoRT/Networking-Study-Stuff
A Sysmon configuration repository for everybody to customise - https://github.com/olafhartong/sysmon-modular
Awesome Software Architecture - https://github.com/mehdihadeli/awesome-software-architecture
Windows Kernel Debugging & Exploitation Part 1 - Environment Setup - https://hacklido.com/blog/124-windows-kernel-debugging-exploitation-part-1-environment-setup
Patch Gapping a Safari Type Confusion - https://blog.theori.io/research/webkit-type-confusion/

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-05-30T13:12:51+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.05.30.md
Hacker's guide to deep-learning side-channel attacks: the theory - https://elie.net/blog/security/hacker-guide-to-deep-learning-side-channel-attacks-the-theory/
Decompiling Node.js in Ghidra - https://swarm.ptsecurity.com/decompiling-node-js-in-ghidra/
Reverse Engineering & Exploiting Dell CVE-2021-21551 - https://voidsec.com/reverse-engineering-and-exploiting-dell-cve-2021-21551/
Introducing Half-Double: New hammering technique for DRAM Rowhammer bug - https://security.googleblog.com/2021/05/introducing-half-double-new-hammering.html
Half-Double: Next-Row-Over Assisted Rowhammer - https://github.com/google/hammer-kit/blob/main/20210525_half_double.pdf
Mobisec - Slides & Recordings - https://mobisec.reyammer.io/slides
Finally understanding PNG - https://compress-or-die.com/Understanding-PNG

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-05-28T11:19:04+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.05.28.md
The Full Story of the Stunning RSA Hack Can Finally Be Told - https://www.wired.com/story/the-full-story-of-the-stunning-rsa-hack-can-finally-be-told/
Reverse Engineering Bare Metal Kernel Images with QEMU- Part 1 - https://medium.com/codex/reverse-engineering-bare-metal-low-level-kernel-images-with-qemu-getting-started-c705b7b14d35
Reverse Engineering Bare Metal Firmware Images — Part 2 - https://ragnarsecurity.medium.com/reverse-engineering-bare-metal-kernel-images-part-2-6a52a4afa3ef
A skidalicious cheat sheet of webapp exploitation techniques - https://blog.oxagast.org/posts/skidalicious-webapp-exploit-cheat-sheet/
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks - https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/
Unveiling DNSStager: A tool to hide your payload in DNS - https://shells.systems/unveiling-dnsstager-a-tool-to-hide-your-payload-in-dns/
Attacking Kubernetes Clusters Through Your Network Plumbing: Part 2 - https://www.cyberark.com/resources/threat-research-blog/attacking-kubernetes-clusters-through-your-network-plumbing-part-2

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-05-26T23:08:32+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.05.26.md
IRC Botnet Reverse Engineering Part 1 - Preparing Binary for Analysis in IDA PRO - https://www.youtube.com/watch?v=JPvcLLYR0tE
VMProtect 2 - Detailed Analysis of the Virtual Machine Architecture - https://back.engineering/17/05/2021/
The Solution of the Zodiac Killer’s 340-Character Cipher - https://blog.wolfram.com/2021/03/24/the-solution-of-the-zodiac-killers-340-character-cipher/
Beginner Reverse Engineering | Part 2: Compiling and Decompiling (Ghidra + IDA) - https://www.youtube.com/watch?v=Bv-7SszPuvI
Changing Service Mesh - https://nais.io/blog/posts/2021/05/changing-service-mesh.html
Dumping Stored Credentials with SeTrustedCredmanAccessPrivilege - https://www.tiraniddo.dev/2021/05/dumping-stored-credentials-with.html

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-05-24T18:12:37+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.05.24.md
Wireshark Tutorial: Decrypting HTTPS Traffic - https://unit42.paloaltonetworks.com/wireshark-tutorial-decrypting-https-traffic/
A Clockwork Orange - Remotely Compromising Orange Belgium Cable Modems - https://quentinkaiser.be/security/2021/04/25/orange/
Evil Logitech - erm I ment USB cable - https://luemmelsec.github.io/Building-An-Evil-USB-Cable/
An Introduction to Hardware Hacking - https://securityboulevard.com/2020/09/an-introduction-to-hardware-hacking/
Hyper-V debugging for beginners. 2nd edition. https://hvinternals.blogspot.com/2021/01/hyper-v-debugging-for-beginners-2nd.html
How to bypass Defender in a few easy steps - https://arty-hlr.com/blog/2021/05/06/how-to-bypass-defender/

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-05-22T14:13:47+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.05.22.md
Exploiting VLAN Double Tagging - https://notsosecure.com/exploiting-vlan-double-tagging/
Ghidra Plugin Development for Vulnerability Research - Part-1 - https://www.somersetrecon.com/blog/2019/ghidra-plugin-development-for-vulnerability-research-part-1
Linux Internals: How /proc/self/mem writes to unwritable memory - https://offlinemark.com/2021/05/12/an-obscure-quirk-of-proc/
Hacking the Furbo Dog Camera: Part I - https://www.somersetrecon.com/blog/2021/hacking-the-furbo-part-1
A modern tool for the Windows kernel exploration and tracing - https://github.com/rabbitstack/fibratus
Dissecting the Apple M1 GPU, part IV - https://rosenzweig.io/blog/asahi-gpu-part-4.html
Disclaimer - https://github.com/chip-red-pill/uCodeDisasm
Guy's 30 Reverse Engineering Tips & Tricks - https://blog.whtaguy.com/2020/04/guys-30-reverse-engineering-tips-tricks.html

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-05-20T22:39:51+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.05.20.md
Remote Potato – From Domain User to Enterprise Admin - https://pentestlab.blog/2021/05/04/remote-potato-from-domain-user-to-enterprise-admin/
How I Got My Data Back from the Microsoft Band and Hello Sense - https://jeffhuang.com/extracting_data_from_tracking_devices/
Identify a Facebook user by his phone number despite privacy settings set - https://ysamm.com/?p=691
Counter-Strike Global Offsets: reliable remote code execution - https://secret.club/2021/05/13/source-engine-rce-join.html
Evil Logitech - erm I ment USB cable - https://luemmelsec.github.io/Building-An-Evil-USB-Cable/
ListingLover – Add pseudo-code to Ghidra disassembly - https://security.humanativaspa.it/listinglover-add-pseudocode-to-ghidra-disassembly/
Open source retro ISA video card - https://github.com/schlae/graphics-gremlin
A physical graffiti of LSASS: getting credentials from physical memory for fun and learning - https://adepts.of0x.cc/physical-graffiti-lsass/

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Zaloguj się aby komentować

konik_polanowy

Osobistość

w Ciekawostki 2021-05-18T22:25:07+02:00

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2021.05.18.md
Reverse Engineering an Unknown Microcontroller - https://dmitry.gr/?r=05.Projects&proj=30.%20Reverse%20Engineering%20an%20Unknown%20Microcontroller
No Joking Around with JOKER - https://labs.k7computing.com/?p=22199
Weird Ways to Run Unmanaged Code in .NET - https://blog.xpnsec.com/weird-ways-to-execute-dotnet/
PowerShell Script Obfuscator - https://github.com/klezVirus/chameleon
Write Your Own 64-bit Operating System Kernel #1 - Boot code and multiboot header - https://www.youtube.com/watch?v=FkrpUaGThTQ
How we bypassed bytenode and decompiled Node.js bytecode in Ghidra - https://swarm.ptsecurity.com/how-we-bypassed-bytenode-and-decompiled-node-js-bytecode-in-ghidra/

Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHub

Havelock_Vetinari 2021-05-18T22:49:34+02:00

Dzięki za kolejne linki!

Zaloguj się aby komentować

Poprzednia strona

43 44 45

Następna strona