PSMDATP – PowerShell Module For Managing Microsoft Defender Advanced Threat Protection
Welcome to the Microsoft Defender Advanced Threat Protection PowerShell module! This module is a collection of easy-to-use cmdlets and functions...
OSINT
SitRep – Extensible, Configurable Host Triage
SitRep is intended to provide a lightweight, extensible host triage alternative. Checks are loaded dynamically at runtime from stand-alone files....
Phishers spoof reliable cybersecurity training company to garner clicks
“It happens to the best of us.” And, indeed, no adage is better suited to a phishing campaign that recently...
A major Ukrainian IT company has revealed details of the hacker attack
Ukrainian IT company SoftServe has issued an official statement about the recent hacker attack, in which it gave details of...
White House To Update U.S’s Approach To Its Maritime Cybersecurity Strategy In Coming Months
With hopes to upgrade the U.S. government's approach to deal with its maritime cybersecurity strategy in the coming months, the...
Looking for sophisticated malware in IoT devices
One of the motivations for this post is to encourage other researchers who are interested in this topic to join...
Enum4Linux – A Linux Alternative To Enum.Exe For Enumerating Data From Windows And Samba Hosts
A Linux alternative to enum.exe for enumerating data from Windows and Samba hosts. Enum4linux is a tool for enumerating information...
Dnxfirewall – A Pure Python Next Generation Firewall Built On Top Of Linux Kernel/Netfilter
DNX Firewall is an optimized/high performance collection of applications or services to convert a standard linux system into a zone...
This One Time on a Pen Test: Ain’t No Fence High Enough
Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part...
Microsoft Suffered A Rare Cyber-Security Lapse When One of Bing’s Backend Servers Were Exposed Online
Microsoft endured a rather rare cyber-security lapse just this month when the company's IT staff incidentally left one of Bing's...
Experts listed most frequent cyber threats in the first half of the year
In the first half of 2020, phishing emails gained popularity among cyber fraudsters. Such conclusions were made by analysts of...
FLUFFI (Fully Localized Utility For Fuzzing Instantaneously) – A Distributed Evolutionary Binary Fuzzer For Pentesters
FLUFFI - A distributed evolutionary binary fuzzer for pentesters. About the project High level overview Getting started Usage HOWTOs Technical...
GRAT2 – Command And Control (C2) Project For Learning Purpose
GRAT2 is a Command and Control (C2) tool written in python3 and the client in .NET 4.0. The main idea...
Rapid7 Releases Q2 2020 Quarterly Threat Report
It’s hard to believe it’s already the end of September, and with it comes Rapid7’s Q2 2020 Quarterly Threat Report....
Google’s osconfig agent – local privilege escalation
Posted by Imre Rad on Sep 22Osconfig is a beta service by Google, a poll based "desired state configuration" solution:...
[CVE-2020-25203] Frame Preview “com.framer.viewer.FramerViewActivity” Arbitrary URL Loading
Posted by Julien Ahrens (RCE Security) on Sep 22RCE Security Advisoryhttps://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Framer Preview Vendor URL:...
Visitor Management System in PHP 1.0 – Unauthenticated Stored XSS
Posted by Ava Tester One on Sep 22# Title: Visitor Management System in PHP 1.0 - Unauthenticated Stored XSS #...
Visitor Management System in PHP 1.0 – Authenticated SQL Injection
Posted by Ava Tester One on Sep 22# Title: Visitor Management System in PHP 1.0 - Authenticated SQL Injection #...
Seat Reservation System 1.0 Unauthenticated SQL Injection (CVE-2020-25762)
Posted by Ava Tester One on Sep 22# Title: Seat Reservation System 1.0 - Unauthenticated SQL Injection # Exploit Author:...
Amid Iranian hacker crackdown, CISOs should prep for retaliation
The United States ran a full-court press against Iranian hackers last week, including indictments from the Department of Justice, the...
A week in security (September 14 – 20)
Last week on Malwarebytes Labs, we looked at Fintech industry developments, specifically the differences between Europe and the US, and we...
VMPDump – A Dynamic VMP Dumper And Import Fixer
A dynamic VMP dumper and import fixer, powered by VTIL. Works for VMProtect 3.X x64. Before vs After UsageVMPDump.exe <Target PID>...
Moriarty-Project – This Tool Gives Information About The Phone Number That You Entered
What IS Moriarty?Advanced Information Gathering And Osint Tool Moriarty is a tool that tries to find good information about the...
Define What to Parse From Logs with the Custom Parsing Tool in InsightIDR
Data is essential to any SIEM. Generally, this data is collected from logs, endpoints, and networks. All of this data...
