İbrahim BALOĞLU - Siber Güvenlik Paylaşımları

#exploit 1. Docker Remote API Scanner and Exploit https://github.com/justakazh/DockerExploit 2. PoC of BITB w/out the use of iframes https://github.com/waelmas/frameless-bitb 3. CVE-2023-44313: Apache ServiceComb <2.1 - SSRF https://xz.aliyun.com/t/13548

#Blue_Team_Techniques 1. A repository of code signing certificates known to have been leaked/stolen, then abused by threat actors https://github.com/WithSecureLabs/lolcerts 2. Check for CVE-2024-22024 vulnerability in Ivanti Connect Secure https://github.com/0dteam/CVE-2024-22024

How to investigate a Malicious Alert for Threat Hunting in Elastic Security https://discuss.elastic.co/t/347618

Disable Windows Defender (+ UAC bypass, + Upgrade to SYSTEM) https://github.com/EvilGreys/Disable-Windows-Defender-

Exploiting a vulnerable Minifilter Driver to create a process killer https://antonioparata.blogspot.com/2024/02/exploiting-vulnerable-minifilter-driver.html ]-> https://github.com/enkomio/s4killer

bypass XSS Cloudflare WAF Encoded Payload "><track/onerror='confirm\%601\%60'> Clean Payload "><track/onerror='confirm`1`'> #CF #bypass

#WLAN_Security Spoofing 802.11 Wireless Beacon Management Frames with Manipulated Power Values Resulting in DoS for Wireless Clients https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/spoofing-802-11-wireless-beacon-management-frames-with-manipulated-power-values-resulting-in-denial-of-service-for-wireless-clients

SOAPHound This is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (#ADWS) protocol. Tool: https://github.com/FalconForceTeam/SOAPHound Research: https://falconforce.nl/soaphound-tool-to-collect-active-directory-data-via-adws/

Sizce grubun ismi değişmeli mi? Değişmeli diyorsanız isim öneriniz ne olur?

#redteam https://github.com/floesen/EventLogCrasher

Siber Olay Müdahale alanında uzmanlaşmak isteyenler için “Windows Forensics” Eğitimi https://www.ibrahimbaloglu.com/2020/09/sfrdan-uzmanlga-windows-adli-bilisim.html

Chista | Open Threat Intelligence Framework https://github.com/ChistaDev/Chista