All posts by cK-bot

■■■□□ A curated list of Assembly Language / Reversing / Malware Analysis -resources. https://gist.github.com/muff-in/ff678b1fda17e6188aa0462a99626121 https://t.me/cKure/8334

■■■■■ CVE-2021-0507: Google fixes a critical Android RCE flaw in the System component. https://source.android.com/security/bulletin/2021-06-01 https://securityaffairs.co/wordpress/118761/security/android-rce.html https://t.me/cKure/8333

■■■■□ Windows AD hash extraction via ntds.dit https://blog.stealthbits.com/extracting-password-hashes-from-the-ntds-dit-file/ https://t.me/cKure/8332

■■■■□ AD recon (Windows – PowerShell) https://stealthbits.com/blog/performing-domain-reconnaissance-using-powershell/ https://t.me/cKure/8331

■■■■■ OpenAPI Security Scanner. ● Good piece of work. https://github.com/ngalongc/openapi_security_scanner https://t.me/cKure/8330

■■□□□ Google’s DARPA creates anti drone tech that uses physical projectiles to gun down. https://www.thedrive.com/the-war-zone/40982/darpas-interceptor-drone-shoots-stringy-streamers-to-drop-enemy-drones https://t.me/cKure/8329

https://github.com/RUB-NDS/alpaca-code/ https://t.me/cKure/8328

■■■■■ ALPACA Attack: Application Layer Protocol Confusion – Analyzing and mitigating Cracks in tls Authentication. The TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites. https://alpaca-attack.com/ https://thehackernews.com/2021/06/new-tls-attack-lets-attackers-launch.html https://t.me/cKure/8326

■■□□□ United States government launches first VDP for federal civilian agencies. https://portswigger.net/daily-swig/us-government-launches-first-vdp-for-federal-civilian-agencies https://t.me/cKure/8325

■■■■■ Bypassing bytenode and decompiling Node.js bytecode in Ghidra. https://swarm.ptsecurity.com/how-we-bypassed-bytenode-and-decompiled-node-js-bytecode-in-ghidra/ https://t.me/cKure/8324