LATEST ARTICLES

Process Injection Techniques – For Advanced Adversary Emulation

0

Usman Sikander (a.k.a Offensive-Panda) is a seasoned security professional specializing in adversary emulation, malware development, malware analysis, and red teaming. I am passionate to identifying and researching advanced evasion techniques, as well as analyzing real-world samples to extract TTPs for validating security postures through APT emulations. With a proven track record in developing exploits aligned with MITRE ATT&CK tactics...

Hill Saturday Malware Analysis : Open Dir -> Obfuscated Python -> DONUT Launcher -> XWorm

0

Just some quick malware analysis on a free Saturday. I was just chilling in the morning, reading twitter, and this post from Justin Elze caught my eye: It was perfect because I was indeed bored ;) It was an opendir with a few interesting files: pdf.bat ...

MyMSIAnalyzer – A Comprehensive Tool For Detecting MSI File Vulnerabilities And Privilege Escalation

0

MyMSIAnalyzer is a tool that allows you to detect vulnerabilities inside MSI files. It is able to: Check for credential leaks Detect vulnerable Custom Actions Check MSI files signature (useful for MST Backdoor) Check if Custom Actions can be overwritten In addition, there is a GuiFinder project in the repository. It can be used to detect MSI files that have a graphical interface and...

Artemis – A Modular Vulnerability Scanner For Enhanced Website Security

0

Artemis is a modular vulnerability scanner. It's the tool that powers CERT PL scanning activities by checking various aspects of website security and building easy-to-read messages ready to be sent to the scanned organizations. Quick Start 🔨 | Docs 📚 If you want to use additional modules that weren't included here due to non-BSD-compatible licenses, browse to the Artemis-modules-extra repository. If you...

MSI Analyzer – Analyzing Windows Installer Files For Vulnerabilities

0

This Python script for Linux can analyze Microsoft Windows *.msi Installer files and point out potential vulnerabilites. It was developed by Michael Baer (@derbaer0) in the SEC Consult Vulnerability Lab. Currently, it is mostly suited for a local privilege escalation also described in our blog post. The script can also be used to get an overview of an installer and identify...

BEAR-C2 : Simulated Command And Control Framework For APT Attack Research

0

Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine. This C2 is for simulation only and is still under development. Installation This project requires some...

Bearer – A Quick Guide To Scanning And Securing Your Application

0

Discover your application security risks and vulnerabilities in only a few minutes. In this guide you will install Bearer CLI, run the SAST scanner on a local project, and view the results of a security report. Let's get started! Installation The quickest way to install Bearer CLI is with the install script. It will auto-select the best build for your architecture....

Waymore – A Comprehensive URL Retrieval And Archival Tool For Advanced Reconnaissance

0

The idea behind waymore is to find even more links from the Wayback Machine than other existing tools. The biggest difference between waymore and other tools is that it can also download the archived responses for URLs on wayback machine so that you can then search these for even more links, developer comments, extra parameters, etc. etc. 👉 Also, other...

Pycript – A Versatile Burp Suite Extension For Encryption And Decryption

0

The Pycript extension for Burp Suite is a valuable tool for penetration testing and security professionals. It enables easy encryption and decryption of requests during testing, which can help evade detection and bypass security measures. The extension also offers the ability to customize the encryption and decryption process by writing custom logic using JavaScript and Node.js, making it a...

DependencyTrack 4.10.0 – Release Overview And Security Hashes

0

For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.If additional details are required, consult the closed issues for this release milestone. # SHA1 c308b1f6a2d73fc2bba9da2cc33bf7e3ec49e851 dependency-track-apiserver.jar b94fb9cbaa91c4e332bcec266e10a0f325f12e22 dependency-track-bundled.jar # SHA256 d06f4550e16451ccb7843c36534172744934a7dc69e1d48e970a6eec24e49dc3 dependency-track-apiserver.jar cf27db44e637b4bc551c16e659e81890f4c5d4f3b4ea9893ebf1717bff98b999 dependency-track-bundled.jar # SHA512 4f190398de8084b1d481dc2e6ca3bb80afc675c96bba3dda1eaf1dc4faf8382c7a22f8be5953ed170dfc6765bd8a2efd67aa7d98826ce72c88e35cd16821f0f0 dependency-track-apiserver.jar 292f8af307adb3f52197ff1722e9565590f75a06a541fab2a54256dd2880a4abbf021cafdc43a112e7bf11364461bc5a26f90597b97d0190daf7365fcfd4efc5 dependency-track-bundled.jar