547
Here is my podium where I share my interests, experiences and notes about software engineering and security.
https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
Operation Triangulation: What You Get When Attack iPhones of Researchers
This presentation was also the first time we had publicly disclosed the details of all exploits and vulnerabilities that were used in the attack. We discover and analyze new exploits and attacks using these on a daily basis, and we have discovered and reported more than thirty in-the-wild zero-days in Adobe, Apple, Google, and Microsoft products, but this is definitely the most sophisticated attack chain we have ever seen.
😱
#exploit #ios #hack
https://github.com/halpz/re3
In this repository you'll find the fully reversed source code for GTA III (master branch) and GTA VC (miami branch)
#fun #opensource
One of the reasons you should not share pictures of keys to your new house on social media.
KeyDecoder is a mobile app created for pentesters and security enthusiasts. From the picture of a key, one can measure its bitting easily.
https://github.com/MaximeBeasse/KeyDecoder
#opensource #security #privacy
https://mojtaba.me/75d182f48b24
Hamster, Swiss army knife backup solution.
When I joined DGAB as a solution architect, there were several products and infrastructure services, but they didn’t have any solution for data backup. There wasn’t any protocols in place for the backup process.
In the first two weeks, there was an incident in one of the most important infrastructure services and it took three days to restore the data and make the system work as expected.
Not having the backup strategy and solutions for incidents like this cost them a lot.
#article #devops #infrastructure #backup
https://www.youtube.com/watch?v=dT9y-KQbqi4
How I hacked a hardware crypto wallet and recovered $2 million
I was contacted to hack a Trezor One hardware wallet and recover $2 million worth of cryptocurrency (in the form of THETA). Knowing that existing research was already out there for this device, it seemed like it would be a slam dunk. Little did I realize the project would turn into a roller coaster ride with over three months of experimentation, failures, successes, and heart-stopping moments. It reminded me that hacking is always unpredictable, exciting, and educational, no matter how long you've been doing it. In this case, the stakes were higher than normal: I only had one chance to get it right.
#video #fun #hack #hardware #crypto
https://securelist.com/moonbounce-the-dark-side-of-uefi-firmware/105468/
MoonBounce: the dark side of UEFI firmware
At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner, which has been integrated into Kaspersky products since the beginning of 2019. Further analysis has shown that a single component within the inspected firmware’s image was modified by attackers in a way that allowed them to intercept the original execution flow of the machine’s boot sequence and introduce a sophisticated infection chain.
#article #attack #firmware #uefi #rootkit #malware
https://github.com/ScarredMonk/SysmonSimulator#
SysmonSimulator is an Open source Windows event simulation utility created in C language, that can be used to simulate most of the attacks using WINAPIs. This can be used by Blue teams for testing the EDR detections and correlation rules. I have created it to generate attack data for the relevant Sysmon Event IDs.
#tools #opensource #windows #sysmon #attack
Did you know that you can mass upgrade a lot of Windows 10/11 3rd party software with a free tool from Microsoft? It's like Linux's "apt" or "yum" ...
https://twitter.com/lkarlslund/status/1479809034836402183
#windows #winget
https://thehackernews.com/2022/01/detecting-evasive-malware-on-iot.html
Detecting Evasive Malware on IoT Devices Using Electromagnetic Emanations
Cybersecurity researchers have proposed a novel approach that leverages electromagnetic field emanations from the Internet of Things (IoT) devices as a side-channel to glean precise knowledge about the different kinds of malware targeting the embedded systems, even in scenarios where obfuscation techniques have been applied to hinder analysis.
#research #malware #iot
Happy New Year! 🥳
May all your wildest dreams manifest in 2022.
https://github.com/mvt-project/mvt
Mobile Verification Toolkit
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices.
#tools #opensource #forensics #Pegasus #NSOGroup
https://malapi.io
MalAPI.io maps Windows APIs to common techniques used by malware.
#tools #cheatsheet #malware
https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/
Super Duper Secure Mode
The VR team is experimenting with a new feature that challenges some conventional assumptions held by many in the browser community. Our hope is to build something that changes the modern exploit landscape and significantly raises the cost of exploitation for attackers. Mitigations have a long history of being bypassed, so we are seeking feedback from the community to build something of lasting value.
#article #windows #edge #browser #exploit #mitigation #sdsm
'Pegasus' Android Version
😉 Old but gold!
❗️ Use at your own risk.
#pegasus
https://dfirtnt.wordpress.com/2020/11/25/detecting-ransomware-precursors/
Detecting Ransomware Precursors
The business model for Ransomware has evolved to include multi-level and multi-stage services and tool kits. Initial access is often accomplished by 1st stage compromise, followed by 2nd stage download/drop of tools like Emotet, Trickbot, and Qakbot. This 2nd stage allows adversaries to lurk in your network, profiling normal use and/or searching for targets of maximum impact. At this point the attack often looks like any other infiltration. However, several techniques are often observed just prior to ransomware execution. In this post I’ll provide examples of these detectable behaviors which you can use to build SIEM alerts, custom EDR prevention/response rules, and threat hunting logic.
#article #windows #ransomware
https://chat.openai.com/g/g-VgbIr9TQQ-ask-ida-c
GPT, ask_ida/c++, to help you with Hex-Rays' IDA Pro SDK development in C/C++
#ai #chatgpt #ida #security #cpp
dotMemory – Rider’s built-in memory profiler plugin – is finally available on macOS and Linux inside Rider 2022.3.
https://blog.jetbrains.com/dotnet/2022/07/18/how-to-profile-net-code-using-the-dotmemory-plugin-in-rider/
#article #dotnet #programming
https://github.com/taviso/loadlibrary
Porting Windows Dynamic Link Libraries to Linux
This repository contains a library that allows native Linux programs to load and call functions from a Windows DLL.
How does it work?
The peloader directory contains a custom PE/COFF loader derived from ndiswrapper. The library will process the relocations and imports, then provide a dlopen-like API. The code supports debugging with gdb (including symbols), basic block coverage collection, and runtime hooking and patching.
#tools #windows #opensource #linux #fuzzing
https://render.com/blog/git-organized-a-better-git-flow
Git Organized: A Better Git Flow
Imagine this: you’ve been paged to investigate a production incident, and after some digging, you identify the commit with the breaking code. You decide to revert the change.
Unfortunately, in doing so, a new bug is introduced! As it turns out, hidden in that old “broken” commit was some code that another part of the app depended upon, and when you reverted those lines, it left the site once again in a broken state.
#article #dev #git
https://github.com/lab52io/StopDefender
StopDefender
Stop Windows Defender programmatically using Steal token from TrustedInstaller and winlogon processes.
#tools #opensource #windows #antivirus
https://krebsonsecurity.com/2022/01/500m-avira-antivirus-users-introduced-to-cryptomining/
500M Avira Antivirus Users Introduced to Cryptomining
😂 What the fuck is going on in this industry ?!
#av #news #fun
https://www.youtube.com/channel/UCI8zwug_Lv4_-KPT62oeDUA
Josh Stroschein Youtube channel.
Good content about malware analysis, reverse engineering and threat hunting.
#learning #secuirty #malware #reverse #malware #hunting
https://v3ded.github.io/redteam/abusing-lnk-features-for-initial-access-and-persistence
Abusing LNK "Features" for Initial Access and Persistence
As per Microsoft, an LNK file is a shortcut or a “link” used by Windows as a reference to an original file, folder, or application. In the eyes of a standard user these files have a meaningful purpose as they allow for file organization and decluttering of working space. From the attacker’s point of view however, LNK files look different. They’ve been misused in numerous documented attacks by Advanced Persistent Threat (APTs) groups and from what I know, are still a viable option for phishing.
#windows #persistence #malware #trick
https://bellis1000.medium.com/a-memory-visualiser-tool-for-ios-security-research-bd8bb8c334c6
A Memory Visualiser Tool for iOS Security Research
In this post I want to share a recent project of mine — a memory visualiser tool for iOS security researchers.
- Live Memory Monitoring
- Visual Block Creation
- Contextual Typing
#ios #memory #security
https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-for-windows-is-getting-a-massive-overhaul/
Microsoft Defender for Windows is getting a massive overhaul
Microsoft Defender for Windows is getting a massive overhaul allowing home network admins to deploy Android, iOS, and Mac clients to monitor antivirus, phishing, compromised passwords, and identity theft alerts from a single security dashboard.
#news #security #microsoft #defender #av
https://posts.specterops.io/life-is-pane-persistence-via-preview-handlers-3c0216c5ef9e
Life is Pane: Persistence via Preview Handlers
#article #windows #persistence #redteam
https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network
From Stolen Laptop to Inside the Company Network
What can you do with a stolen laptop? Can you get access to our internal network? That was the question a client wanted answered recently. Spoiler alert: Yes, yes you can. This post will walk you through how we took a “stolen” corporate laptop and chained several exploits together to get inside the client’s corporate network.
#article #hack #blackbox #hardware #bitlocker #tpm
https://arkadiyt.com/2021/07/25/scanning-your-iphone-for-nso-group-pegasus-malware
Scanning your iPhone for Pegasus, NSO Group's malware
In collaboration with more than a dozen other news organizations The Guardian recently published an exposé about Pegasus, a toolkit for infecting mobile phones that is sold to governments around the world by NSO Group. It’s used to target political leaders and their families, human rights activists, political dissidents, journalists, and so on, and surreptitiously download their messages/photos/location data, record their microphone, and otherwise spy on them.
#tools #exploit #pegasus #ios
johncantrell97/how-i-checked-over-1-trillion-mnemonics-in-30-hours-to-win-a-bitcoin-635fe051a752" rel="nofollow">https://medium.com/@johncantrell97/how-i-checked-over-1-trillion-mnemonics-in-30-hours-to-win-a-bitcoin-635fe051a752
👌How I checked over 1 trillion mnemonics in 30 hours to win a bitcoin
#article #idea #btc #crypto