Uzmanların yaygın olarak kullandığı zararlı yazılım analiz gereçleri

If you're interested in #Linux Forensics #DFIR, then make sure to check this: linuxdfir.ashemery.com

#ASyncRAT #Malware Config Extraction now available on mwcfg.info 🥳🎉 📁 330493a1ba3c3903040c9542e6348fab 🌐 akconsult[.]linkpc[.]net:9872 Happy hunting! 🥳🎉 All code is open-source see links: github.com/c3rb3ru5d3d53c… github.com/c3rb3ru5d3d53c…

🎯SSL/TLS Encryption #simplified ✨ This is painful for beginners to understand how the #Encryption works in SSL/TLS. Hope this will give #beginners an insight into the above-mentioned topic 😃 #infosec #cybersecurity #SSL #simplifiedsecurity

Active Directory Cheat Sheet:- github.com/fuzz-security/…

Git is hard. Screwing up is easy. Documentation is a mess. Introducing: Oh Shit, Git!?! 😁 ohshitgit.com

tech tip today!!!!!!!!!!!!!!! throw away your comptrrer. just THRow it away. JUST do it already . its TIME has come

Linux version of REvil ransomware targets ESXi VM cyberdefensemagazine.com/linux-version/

Hayatı taksit yapmışım sallıyormuşum...

Don’t judge me!

MalwareHunterTeam Launching VPN services requires user to first log in to Facebook The app then steals Facebook credentials by injecting JavaScript into facebook[.]com that is displayed in WebView of the app. Reported to Google Play.

Here are a few tool resources for using WinRM w/o PowerShell winrs.exe: docs.microsoft.com/en-us/windows-… winrm.vbs: docs.microsoft.com/en-us/windows/… Evil-WinRM: github.com/Hackplayers/ev… CSharpWinRM: github.com/mez-0/CSharpWi… winrmdll: github.com/mez-0/winrmdll WSMan-WinRM: github.com/bohops/WSMan-W… 1/2

From Zero to Domain Admin ➡️Initial Access: Maldoc deploys Hancitor ➡️C2: #CobaltStrike & #Hancitor ➡️Discovery: net, nltest, check.exe, AD module, scan for backup systems ➡️Privilege Escalation: Zerologon CVE-2020-1472 thedfirreport.com/2021/11/01/fro…

Need to go under the radar downloading #mimikatz (and other suspect payloads)? Then newly discovered #lolbin "C:\Windows\System32\Cmdl32.exe" (signed by MS) is for you. It's like a new certutil.exe but absolutely unheard of by any antivirus software!

⚠ Detect Data ⚠ { "Threat Actor": "xainn", "Content": "Turkish customs data”, "Detection Date": “26 Jan 2022 12:11”, "Type": "#Dataleak" } #CyberSecurity #InfoSec 🔹Data Leak monitoring system🔹

🔥 We have reproduced the fresh CVE-2022-22954 Server-Side Template Injection in VMware Workspace ONE Access. Successful exploitation could lead to RCE from an unauthenticated user. Patch ASAP!

Medium’da sonra okurum diye kaydettiğim makaleleri okusaydım direkt tech lead olurdum heralde

CyberChef is AWESOME. Here is a pipeline that parses Google Authenticator export QR codes and generates TOTP with them