Network Security Channel

Cloud Security Say Goodbye to Bad Passwords: How Azure Active Directory Password Protection can save the day https://improsec.com/tech-blog/say-goodbye-to-bad-passwords-how-azure-active-directory-password-protection-can-save-the-day -Cyber Security awareness- Up2date 4 Defence Today, Secure Tomorrow @CisoasaService 1402.03.06 @Engineer_Computer

tools Threat_Research Crawlector - threat hunting framework designed for scanning websites for malicious objects https://github.com/MFMokbel/Crawlector @Engineer_Computer

YARA YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. 🔗https://lnkd.in/dXm__xvA 🔗https://lnkd.in/dvZ5UbP9 ----------------------------------------- 2. LOKI LOKI is a free open-source IOC (Indicator of Compromise) scanner created/written by Florian Roth. 🔗https://lnkd.in/dvMEMKKu 🔗https://lnkd.in/duJNimDp ----------------------------------------- 3. THOR THOR Lite is Florian's newest multi-platform IOC AND YARA scanner. There are precompiled versions for Windows, Linux, and macOS. A nice feature with THOR Lite is its scan throttling to limit exhausting CPU resources. 🔗https://lnkd.in/d9yHH_ae ----------------------------------------- 4. FENRIR Fenrir is a simple IOC scanner bash script. It allows scanning Linux/Unix/OSX systems for the following Indicators of Compromise (IOCs): Hashes, File Names, Strings, C2 Server and Hot Time Frame 🔗https://lnkd.in/d2dPWiXK ----------------------------------------- 5. YAYA YAYA is a new open-source too @Engineer_Computer

⭕️Red team: Journey from RCE to have total control of Cloud Infrastructure ۱. ابتدا محقق با کشف یک RCE در وب اپ به docker container دسترسی گرفته ۲. سپس متوجه شده که در محیط restrict قرار داره و فقط microdnf نصب هست ۳. محقق متوجه میشه که به subnet های دیگه درون شبکه از طریق container دسترسی داره و از این طریق ip یه gitlab instance رو پیدا میکنه ۴. و بعد متوجه میشه که این instance به CVE-2021-22205 آسیب پذیر هست ۵. بعدش از طریق این CVE به Gitlab و دیتابیس اون دسترسی میگیره و بعد از طریق دسترسی admin استفاده میکنه تا یدونه ریپازیتوری و CI/CD pipeline بسازه برای pivot به Gitlab worker instance ۶. و در Gitlab worker node تونسته تعداد زیادی secret و API KEY و ... و همچنین kubeconfig فایل رو پیدا کنه برای جزيیات بیشتر مقاله زیر رو بخونید https://mr-r3bot.github.io/red/team/2023/05/22/From-RCE-to-owning-entire-cloud-infrastructure.html #RedTeam #RCE #Pivot #DevSecOps @Engineer_Computer

تو پروسه آموزش و یاددادن همیشه کلی چیز برای یادگیری هست✌️🏻 دارم یه اپ Vue آسیب پذیر آماده میکنم برای آموزش XSS in Vue.js بعد متوجه شدم این XSS ای که از طریق javascript scheme تو attribute href رخ میده زمانی که اتریبیوت target برابر blank_ باشه دیگ آسیب پذیر نیست مثالش تو عکس بالا #AppSec #XSS #web_security @Engineer_Computer

tools Offensive security 1. KeeFarce Reborn - standalone DLL that exports databases in cleartext once injected in the KeePass process https://github.com/d3lb3/KeeFarceReborn#make-keepass-inject-keefarce-reborn-as-a-plugin ]-> Extract Passphrase from Memory (CVE-2023-32784): https://ppn.snovvcrash.rocks/pentest/infrastructure/ad/credential-harvesting/keepass#abusing-the-keepass-plugin-cache 2. SSH-Harvester - Harvest passwords automatically from OpenSSH server https://github.com/jm33-m0/SSH-Harvester @Engineer_Computer

tools Malware analysis Dumpulator - library for emulating memory dumps (useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing)) @Engineer_Computer

tools Red Team Tactics Exploiting Windows’ vulnerabilities with HyperV: A hacker’s swiss army knife https://github.com/Xyrem/HyperDeceit @Engineer_Computer

Offensive security PEASS-ng - Privilege Escalation Awesome Scripts Suite https://github.com/carlospolop/PEASS-ng @Engineer_Computer

🚨 Attention KeePass users! A newly discovered security flaw (CVE-2023-32784) could expose your master password in cleartext! Read details here: https://thehackernews.com/2023/05/keepass-exploit-allows-attackers-to.html Upgrade to KeePass 2.54 once it's released. @Engineer_Computer

Intel Suggests Dropping Everything But 64-Bit From X86 With Its X86-S Proposal | Hackaday https://hackaday.com/2023/05/21/intel-suggests-dropping-everything-but-64-bit-from-x86-with-its-x86-s-proposal/ @Engineer_Computer

Top 5 Network Monitoring Tools Pre-requisites 📌 What is SNMP? https://lnkd.in/dQ_NbxDH 📌 Download VMware https://lnkd.in/d6gGFUYA 🟢 Nagios: A widely used network monitoring system that can monitor network services, hosts, and devices. 🔗 https://lnkd.in/dXmGUSkm 🟢 Zabbix: It supports agent-based and agentless monitoring, as well as SNMP and IPMI 🔗 https://lnkd.in/d8-qTMa5 🟢 Icinga: A fork of Nagios that aims to provide improved performance, scalability, and flexibility. 🔗 https://lnkd.in/dFrHrMSR 🟢 Cacti: A web-based network monitoring and graphing tool that can monitor a variety of network devices and services. 🔗 https://lnkd.in/dweisB-k 🟢 LibreNMS: It supports SNMP, Syslog, and SNMP Trap monitoring, and has a web-based interface for configuration and management. 🔗 https://lnkd.in/dQZucJar @Engineer_Computer