manoj

progressing through the Hacksys Extreme Vulnerable Driver exploits here: https://h0mbre.github.io/ . huge thanks to the sourced authors, feels very silly to write my own blogs on the subject compared to their material/experience,but helps me learn. mb helpful for other noobs like me

Article: "Learning miasm: Part 1: Loading a PE"http://www.williballenthin.com/post/2020-01-09-miasm-part-1/ …

Blue Team fundamentals Part Two: Windows Processes. #infosec #blueteam #redteamhttps://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2 …

BlackBag Technologies, Inc. is looking for: Digital Forensic Examiner http://app.jobvite.com/m?31fjSkwg  #job

An attacker logged into the RDP Honeypot a few weeks ago and was able to dump credentials and move laterally in 36 minutes. They used Advanced Scanner + ProcDump + PsExec to move laterally to a Domain Controller. #rdphoneypotting #infosechttps://www.wilbursecurity.com/2019/12/from-zero-to-lateral-movement-in-36-minutes/ …

Open source RAT collection, and malicious RAT analysis reports.https://github.com/alphaSeclab/awesome-rat/blob/master/Readme_en.md …

Detection Lab Collection of Packer & Vagrant scripts that quickly bring a Windows AD online, complete with a collection of endpoint security tooling & logging best practices WriteUp https://medium.com/@clong/introducing-detection-lab-61db34bed6ae … Code https://github.com/clong/DetectionLab … #infosec #pentest #blueteam #redteam

Just posted Low-Hanging Apples: Hunting Credentials and Secrets in iOS Appshttps://spaceraccoon.dev/low-hanging-apples-hunting-credentials-and-secrets-in-ios-apps …

Write-up for 10 linux privilege escalation challenges I made for NuitDuHack2018.https://github.com/aas-n/ndh2018/blob/master/README.md …

PE Import Table hijacking as a way of achieving persistence/exploiting DLL side loading (Christmas blog post ): #windows #persistence #redteam #dll #sideloadinghttps://hackingiscool.pl/pe-import-table-hijacking-as-a-way-of-achieving-persistence-or-exploiting-dll-side-loading/ …

Ios forensics by @kamalpatel27 #iosforensics http://www.slideshare.net/kamalpatel27/ios-forensics … via @SlideShare at @GTUPGSchool

A few things sitting in iOS https://wp.me/p9T4PU-28  #iOSforensics #iPhoneforensics #DFIR

The authors of the #Empire framework have released a new version with enhanced windows evasion and #JA3/S randomisation to evaluate network based detection. It might be a busy holiday for #BlueTeam staff #DFIR #IncidentResponsehttps://www.bc-security.org/post/the-empire-3-0-strikes-back …

Empire 3.0 is officially here ...and just in time for Christmas! Blog: https://www.bc-security.org/post/the-empire-3-0-strikes-back … GitHub: https://github.com/BC-SECURITY/Empire … #Powershell #Cybersecurity #infosec