Siber Güvenlik Notları: Kali üzerinde Exploit Kodu Derleme: Ruby

27 Mart 2014 Perşembe

Kali üzerinde Exploit Kodu Derleme: Ruby

Kali üzerinde Exploit Kodu Derleme: Ruby

Önceki yazıda C ile hazırlanmış bir exploit kodu ile bir zafiyet istismar edilmişti. Bu yazıda ise, bir uygulama sunucusunda tespit edilen "SkyBlueCanvas CMS - Remote Code Execution" zafiyetinin exploit işlemi gerçekleştirilecektir.

Yazının devamı için bakınız:
http://www.siberportal.org/red-team/windows-operating-system-penetration-tests/obtaining-clear-text-password-from-lsass-dump-file-that-is-stolen-from-remote-windows-computers-command-line-using-mimikatz-tool/

Hiç yorum yok:

Yorum Gönder

Takip Listesi

The Register

Oracle scores big win with Fujitsu Japan for its Alloy partner cloud - But Big Red's $8 billion investment plan may not be all it seems Oracle has had a big win in Japan that could turn into something enormous, and also revea...
42 dakika önce
SANS - Blog

ISC Stormcast For Friday, April 19th, 2024 https://isc.sans.edu/podcastdetail/8946, (Fri, Apr 19th) -
3 saat önce
SANS - Internet Storm Center (ISC)

ISC Stormcast For Friday, April 19th, 2024 https://isc.sans.edu/podcastdetail/8946, (Fri, Apr 19th) -
3 saat önce
Hexacorn Ltd

Shall we say… Good bye, phishing queue? Part 2 - [this post is work in progress; it will be updated when the script finishes its processing] In my older piece I argued that we should stop caring about phi...
5 saat önce
Security Affairs

FIN7 targeted a large U.S. carmaker with phishing attacks - BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. carmaker with spear-phishing attacks. In late 2023...
10 saat önce
Olympos - Bilgi Güvenliği Rehberi

Snufkin: Melody of Moominvalley 🌲 Pirate Treasure Hunting -
12 saat önce
News & Packet Storm

Russia's Sandworm APT Linked To Attack On Texas Water Plant -
14 saat önce
The Hacker News

OfflRouter Malware Evades Detection in Ukraine for Almost a Decade - Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an anal...
15 saat önce
PortSwigger - Web Security Blog

Introducing DAST scanning in the Cloud, with Burp Suite Enterprise Edition - We’re excited to announce that Burp Suite Enterprise Edition is now available in PortSwigger’s secure cloud. You can now free up testing time with scalable...
15 saat önce
TechNewsWorld

Beatbot AquaSense Pro: Just in Time for Summer, the Ultimate Robot Pool Cleaner - [image: Beatbot AquaSensePro pool cleaner] Mark Vena reviews the Beatbot AquaSense Pro, detailing its advanced features and performance in automated pool cl...
16 saat önce
4sysops

Combining password policies for Active Directory and Entra ID (Azure AD) - Active Directory and Entra ID (formerly known as Azure AD) have their own password policies to prevent users from using weak and insecure passwords. While ...
16 saat önce
ÇözümPark

Cisco’dan Kritik Zafiyet Uyarısı! - Cisco, Integrated Management Controller (IMC)’da tespit edilen ve saldırganlara root yetkiler sağlayan kritik zafiyet için güncelleme yayınlandı. İşin en k...
17 saat önce
Bruce Schneier | Blog

Other Attempts to Take Over Open Source Projects - After the XZ Utils discovery, people have been examining other open-source projects. Surprising no one, the incident is not unique: The OpenJS Foundation...
18 saat önce
Schneier on Security

Other Attempts to Take Over Open Source Projects - After the XZ Utils discovery, people have been examining other open-source projects. Surprising no one, the incident is not unique: The OpenJS Foundation...
18 saat önce
Forensic Focus Blog

Alex Beddard, Investigator, Chainalysis - FF: Could you start by telling us a bit about your background in law enforcement and how you ended up as an Investigator at Chainalysis. I don’t remember...
19 saat önce
InfoWorld

How Microsoft’s Git fork scales for massive monorepos - Building applications at scale is nothing compared to building an operating system like Windows, especially when it comes to source code control. How do...
20 saat önce
Kaspersky - Blog

How to prevent surveillance through banner ads | Kaspersky official blog - Data collected by advertising firms can be used — often illegally — by various government agencies. How does this happen, and what to do to minimize survei...
1 gün önce
Kaspersky - Blog

How to prevent surveillance through banner ads | Kaspersky official blog - Data collected by advertising firms can be used — often illegally — by various government agencies. How does this happen, and what to do to minimize survei...
1 gün önce
HITB Sec News

A sneaky new steganography malware is exploiting Microsoft Word - A sneaky new steganography malware is exploiting Microsoft Word l33tdawg Wed, 04/17/2024 - 00:31
2 gün önce
Offensive Security

Cybersecurity Compliance: Understanding Regulatory Frameworks - Learn about the importance of cybersecurity compliance, most common cybersecurity compliance frameworks and how to navigate their complexities. The post...
2 gün önce
Privacy and Information Security Law Blog

UK ICO Launches Latest Installment in the AI Consultation Series - On April 12, 2024, the UK Information Commissioner's Office launched the third installment in its consultation series examining how data protection law a...
2 gün önce
Security Law Blog

UK ICO Launches Latest Installment in the AI Consultation Series - On April 12, 2024, the UK Information Commissioner's Office launched the third installment in its consultation series examining how data protection law a...
2 gün önce
Krebs on Security

Who Stole 3.6M Tax Records from South Carolina? - For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking in...
2 gün önce
Hakan Uzuner - Blog

ÇözümPark Azure Conf 2024 – 7 Mayıs Salı 2024 Saat 08:30 – Justwork Ümraniye - ÇözümPark Azure Conf 2024, sizlere yapay zeka ve bulut teknolojilerinin buluştuğu harika bir deneyim sunacaktır. Hem en güncel bulut teknolojileri hem de y...
3 gün önce
Webrazzi

Yapay zeka destekli yüz değiştirme uygulaması: Wefaceswap - Yapay zeka destekli yüz değiştirme uygulaması Wefaceswap, kullanıcıların yüklediği portreleri kolayca değiştirmesini sağlıyor. Fotoğraf, video ve GIF forma...
6 gün önce
Raj Chandel - Blog

A Detailed Guide on RustScan - In the realm of cybersecurity, network scanning tools play a vital role in reconnaissance and vulnerability assessment. Among the array of options availa...
1 hafta önce
Dancho Danchev | Blog

Dancho Danchev's Cybercrime Life Magazine - Issue 01 - April - 2024 - Dear blog readers, I just released my first issue of Dancho Danchev's Cybercrime Life monthly magazine which is entirety based on my recent research and ...
1 hafta önce
Penetration Testing Lab

Persistence – DLL Proxy Loading - DLL Proxy Loading is a technique which an arbitrary DLL exports the same functions as the legitimate DLL and forwards the calls to the legitimate… Continu...
2 hafta önce
Hacker Target

Zeek Dashboard using Grafana - Combine the power of Zeek network analysis with Grafana visualisation to generate a dashboard of the traffic from any pcap. This weekend's project highli...
2 hafta önce
Anton Chuvakin - Blog

Recommended: AI-Powered SOC: it's the end of the Alert Fatigue as we know it? - I recommended AI-Powered SOC: it's the end of the Alert Fatigue as we know it? on TysonRhame. About me: http://www.chuvakin.org
2 hafta önce
ISR Bilgi Guvenliği - Blog

Linux XZ Araçlarındaki Kritik Arka Kapı - Red Hat, en son XZ Utils veri sıkıştırma araçları ve kütüphanelerinde bulunan bir arka kapı nedeniyle Fedora geliştirme ve deneysel sürümleri çalıştıran si...
2 hafta önce
ESET - Blog

RDP remains a security concern – Week in security with Tony Anscombe - Much has been written about the risks that poorly-secured RDP connections entail, but many organizations continue to leave themselves at risk and get hit b...
2 hafta önce
NetSPI | Blog

Elevating Privileges with Azure Site Recovery Services - Discover how NetSPI uncovered and reported a Microsoft-managed Azure Site Recovery service vulnerability and how the finding was remediated. The post Ele...
3 hafta önce
Nebula Bilisim

Beyaz Şapka 24 Siber Güvenlik Konferansımızda Yerinizi Alın - 5 yıl aradan sonra yeniden düzenlediğimiz Beyaz Şapka 24 Siber Güvenlik Konferansı için kayıtlarımızı almaya başladık. Bu sene konferansımızın tüm içerik...
3 hafta önce
Windows Incident Response

A Look At Threat Intel Through The Lens Of Kimsuky - Rapid7 recently shared a fascinating post regarding the Kimsuky threat actor group making changes in their playbooks, specifically in their apparent shif...
4 hafta önce
Trusted Signal -- blog

Overcoming our "bossypants" bias - This is the fifth post in a series of posts inspired by reading Sheryl Sandberg's book, Lean In: Women, Work, and the Will to Lead. We've previously loo...
5 hafta önce
Mert Sarica - Blog

Troll Hunting - Introduction In recent years, we have seen the increasing importance of cyber threat intelligence for organizations. As a result, the number of products ...
1 ay önce
Sketchymoose's Blog

I Made a Chrome Extension with ChatGPT... - Extension is available at the Chrome Store! 👀 So like many people out there-- I cook. I troll the internet for recipes. However, there are times I do no...
1 ay önce
Citrix - Blog

Save costs with new innovations in Autoscale - Citrix Autoscale was introduced in 2019, and ever since it has been one of our *most adopted features. *It’s easy to see why: with its ability to reduce ...
2 ay önce
Forensic 4 Cast

All Good Things… - I’ve been doing the Forensic 4:cast Awards for 15 years. Just to give you some context of how long I’ve been doing this… In 2009, when the awards started: ...
2 ay önce
SANS - Integriography

Printing labels for very small production runs of rapidly evolving hardware - We are developing a small hardware device that consists of ESP32 development boards (~$50), 3D printed cases (~$3?), padded electronics cubes from Amazon (...
3 ay önce
Lenny Zeltser | Blog

3 Opportunities for Cybersecurity Leaders Who Choose to Stay - Several years into your role as a security leader at a company, you’ll reach a point when you ask yourself, “What’s next for me?” This article discusses th...
3 ay önce
Mshowto

Black Box: State Transition - [image: 4900305] State Transition Testing (Durum Geçişi Testleri), bir yazılım uygulamasının farklı durumlar arasındaki geçişleri test etmek... The post B...
3 ay önce
Darknet - The Darkside

Best EDR Of The Market (BEOTM) – Endpoint Detection and Response Testing Tool - BestEDROfTheMarket is a naive user-mode EDR (Endpoint Detection and Response) tool designed to serve as a testing ground
3 ay önce
Ugur Cihan Koc - Blog

GraphQL DOS Cases - GraphQL Introspection Enabled Query GraphQL Introspection-based Circular DOS Query Query Creator for Introspection-based Circular: GraphQL Field Duplicatio...
4 ay önce
IT Audit Security

25 Hard-Hitting Lessons from 17 Years in Cybersecurity - Mike Pivette from returnonsecurity.com has posted 25 lessons about the cybersecurity industry from his 17 years in that field. It’s a great list, and I agr...
4 ay önce
RootShell - Blog

Hack.lu 2023 Wrap-Up - [Edit: Sorry for the “bullet-point” style, it was a lot of details to compile in this blog post] We were back at the Alvisse Parc Hotel after a break of ...
5 ay önce
IT Security Magazine

JOIN THE FIRST EVER LIVE WEBINAR BY PENTEST MAGAZINE - SEPTEMBER 30TH - We're extremely happy to invite you to the first ever webinar by PenTest Mag! Hosted by Timothy Hoffman, the talk …
6 ay önce
Naked Security - Sophos

Update on Naked Security - To consolidate all of our security intelligence and news in one location, we have migrated Naked Security to the Sophos News platform.
6 ay önce
Network Intelligence - Blog

India’s Digital Personal Data Protection Act Vs The EU’s GDPR - India’s much-anticipated data protection law, the Digital Personal Data Protection Act, 2023 (DPDP), took a significant stride toward formal implementati...
6 ay önce
Volatility Labs

Memory Forensics R&D Illustrated: Recovering Raw Sockets on Windows 10+ - As mentioned in a recent blog post, our team is once again offering in-person training, and we have substantially updated our course for this occasion. Our...
8 ay önce
Zone-H - News

Calling all Hackers - Update - &...
8 ay önce
Digital Forensics Blog

WinFE Course Review - Yesterday, I completed the WinFE course I mentioned in my last post. I wanted to do a review of the course because I found a lot of value in it. First, wha...
8 ay önce
Bilgisayar Temelleri

Java : Ve-Veya Operatörleri - *Ve Operatörü : * Ve operatörü "&"işareti ile gösterilir. Kodlama da ve operatörünü kullanmak istersek "&&" şeklinde 2 defa yazarak göstermek gerekir. V...
9 ay önce
TaoSecurity

My Last Email with W. Richard Stevens - In the fall of 1998 I joined the AFCERT. I became acquainted with the amazing book *TCP/IP Illustrated, Volume 1: The Protocols* by W. Richard Stevens...
9 ay önce
Hacking Exposed - Computer Forensics Blog

Demo AWS - I apologize for the difficulties you're experiencing. An exit code of 11 usually indicates a segmentation fault or invalid memory access error. This er...
10 ay önce
Room362

Simple PHP webshell with php filter chains - Recently found an LFI in a PHP application and one of the cool things I learned about recently was PHP filter chains. More info here: https://www.synacktiv...
1 yıl önce
TEAkolik - Blog

e-Arşiv Kullanım Alanları Nelerdir? - e-Arşiv programı, elektronik fatura kapsamında yer almayan müşterilere ürün ya da hizmet satışına dair belgenin gönderiminde kullanılır. Küçük ve orta öl...
1 yıl önce
Contagio Malware Dump - Blog

Malware Arsenal used by Ember Bear (aka UAC-0056,Saint Bear, UNC2589, Lorec53, TA471, Nodaria, Nascent Ursa, LorecBear, Bleeding Bear, and DEV-0586) in attacks targeting Ukraine (samples) - *2023-02-18* Ember Bear (aka UAC-0056,Saint Bear, UNC2589, Lorec53, TA471, Nodaria, Nascent Ursa, LorecBear, Bleeding Bear, and DEV-0586) is an Advance...
1 yıl önce
Onur Oktay - Blog

ABD askerlerine büyük saldırı! - Amerikan ordusuna sürü İHA saldırısı gerçekleştirildi. Gelen ilk haberlere göre sürü iha saldırısında çok sayıda Amerikan askeri öldü! Gelen ilk haberlere ...
1 yıl önce
Anders Bengtsson - Contoso

Show number of hours a computer has been sending heartbeats, per day - Today I needed a Kusto query to show number of heartbeat events per computer, per day, for the last week. The query also needed to estimate number of hours...
1 yıl önce
Umut Simsek - Blog

2023 Çok güzel bir yıl olacak - *Mevcut iktidar döneminde yıldızı parlayanliyakatsiz yönetici/girişimci modeli.*Memleketten ayrıldığımdan beri bloğa yazmamışım, buna rağmen eski yazılar...
1 yıl önce
PowerShell - Blog

Assign Arrays, not Array Elements - It has been touched before but it is happening so frequently that we decided to talk about it once more. If you use a loop, and if you’d like to calculat...
1 yıl önce
BTYON - Blog

- * ISO/IEC 27001:2022 ve ISO/IEC 27002:2022 İncelemesi* *Sinem Varol, ISO 27001 LA* Geçtiğimiz günlere kadar ISO/IEC 27001 standardının ulusal çapta geçer...
1 yıl önce
ICSA Labs

Q3 2022 Advanced Threat Defense (ATD) and ATD-Email Test Results Posted - How can organizations stop unknown threats, you ask? ICSA Labs performs quarterly security product/solution testing to see if/how well they protect endpoi...
1 yıl önce
Security Obscurity - Blog

Exfiltrating data from a restricted Windows environment using DNS - This post aims to show you how i was able to perfom an initial reconnaissance within the operating system without the need to rely on other tools such as...
1 yıl önce
My Digital Life

The Ultimate Guide To Online Dating - The app Hornet, which caters to the gay male community, has seen a 30-percent increase in social feed engagement since social distancing measures began i...
2 yıl önce
Tweaks

Remove Consumer Microsoft Teams from Windows 11 - Windows 11 introduces a brand new version of Microsoft Teams build for consumers. This can be quite annoying if you are a business customer of Microsoft a...
2 yıl önce
Dark Operator

Tracking WMI Activity with PSGumshoe - WMI (Windows Management Instrumentation) is the Microsoft implementation of the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM) s...
2 yıl önce
PaulDotCom

The Unique Challenges of Companies Born in the Cloud - There are stark differences between how to manage security policies for on-premises network environments and those that are 100% cloud-based. But many co...
2 yıl önce
Alper Basaran - Blog

MITRE ATT&CK Gerçek Hayatta Ne İşimize Yarar? - Rusya kaynaklı siber saldırılar webinarı sırasında üzerinde durduğum önemli bir çalışma vardı. MITRE ATT&CK matrisini ele alıp hangi saldırıları tespi...
2 yıl önce
Cheeky4n6Monkey

Monkey Attempts To Digest Some Google Takeout (DetectedActivitys) - *Careful What You Eat, Monkey!* One of Monkey's co-workers (*Troy*) was able to provide investigators with a location of interest by looking at the dev...
2 yıl önce
Security Pro News

PSA: Update Microsoft Teams on Android Now - WebProNews PSA: Update Microsoft Teams on Android Now If you’re running Microsoft Teams on Android, you should update immediately to avoid a bug that cri...
2 yıl önce
TrendLabs - Blog

Finest Free Torrenting VPNs - To find the best free torrenting VPN, merely type “best free VPN” into a popular search engine and press get into. You will be presented with several out...
2 yıl önce
Thoughts on Security

schadnfreude - You'll be happy when they can't spy on you. 🔒 🕵 👨‍👩‍👧‍👦 📞 🎥 📂 🖧 🛡 Schadnfreude is a new end-to-end encrypted, anonymous ID and IP-hiding, decent...
2 yıl önce
Trend Micro Turkiye - Blog

Erth Baku Dönüyor - APT Grubunun Yeni Siber Casusluk Operasyonunun Ardındaki Yükseltilmiş Araç Seti Ortaya Çıkıyor. Araştırmamız, Earth Baku’nün Hint-Pasifik bölgesindeki kuru...
2 yıl önce
eHacking News

Elastic Stack API Security Vulnerability Exposes Customer and System Data - The mis-implementation of Elastic Stack, a collection of open-source products that employ APIs for crucial data aggregation, search, and analytics capa...
2 yıl önce
SCADA StrangeLove

Grade Zero - Время рингтонов - Grade Zero - Время Рингтонов https://www.vk.com/GradeZero https://gradezero.band Сергей Гордейчик: музыка, текст, вокал Сергей Сметанников: гитара Владим...
2 yıl önce
Infosec Island

FireEye Launches XDR Platform to Help Security Operations Teams - FireEye has launched FireEye XDR, a unified platform designed to help security operations teams strengthen threat detection, accelerate response capabiliti...
2 yıl önce
SMTP Port 25

Shoviv Exchange Server Suite - Shoviv Exchange Server Suite Shoviv Exchange Server Suite is a bunch of key tools which Exchange server /Helpdesk admin must have handy. This suite can re...
2 yıl önce
Gentil Kiwi - Blog

GIDS Cards - GIDS Cards are wonderful gifts from Vincent Le Toux (@mysmartlogon), they can transform JavaCards (2.2.1 or +) into universal SmartCards for Windows (7/200...
2 yıl önce
Hot forSecurity

How to Keep Your Devices and Personal Data Safe on Summer Vacation - The ongoing vaccination campaigns and easing of travel restrictions have encouraged millions of people to prepare for a relaxing vacation after months of l...
2 yıl önce
harmj0y - Blog

Certified Pre-Owned - TL;DR Active Directory Certificate Services has a lot of attack potential! Check out our whitepaper “Certified Pre-Owned: Abusing Active Directory Certif...
2 yıl önce
Seyir Defteri

Windows 11 İlk İzlenimler - Dün elde ettiğimiz geliştirici sürümünü kurup sanal bilgisayarda testini yaptım. Gayet başarılı bir şekilde kurulum tamamlandı. Öncelikle Windows 10 lis...
2 yıl önce
HackThisSite

Celebrating Pride - [center]*Wrong format*[/center] At HackThisSite, we have always tried to be a safe, welcoming place for people from every walk of life. This year we would ...
2 yıl önce
Yunus Emre Karabulut - Blog

En son kimin yanında oldunuz? - Bu yazıya bir iç dökme diyebilirim. Her yazı öyle değil midir? Neyse.. Dün gece saatlerinde bir seri Tweet attıktan sonra tweetlerin konusunu blog olarak y...
2 yıl önce
Anti-Forensics

Quickly Create False Profile Data (Python Faker) - How to Create Fake Data with Faker You can either Collect Data or Create your Own Data Read Full Article – Project Faker – Khuyen Tran Discuss on the Anti-...
2 yıl önce
Strategic Cyber - Blog

There’s a New Deputy in Town - It’s been less than a month since I joined the Cobalt Strike team. My first impressions of this team have been overwhelmingly positive. As Raphael transi...
2 yıl önce
SkullSecurity

BSidesSF CTF 2021 Author writeup: log-em-all, a Pokemon-style collection game [video] - This is a video walkthrough of Log 'em All, a difficult Hacking / Reverse Engineering challenge based on a classic bug in Pokemon Red. You can view the vid...
3 yıl önce
BTRisk - Blog

Pentest ve Siber Güvenlik Alanında Kariyer Webinar'ı [Tekirdağ Namık Kemal Üniversitesi IEEE Öğrenci Kolu] - Tekirdağ Namık Kemal Üniversitesi IEEE Öğrenci Kolu webinar'ına misafir olduk ve Pentest ve Siber Güvenlik Alanında Kariyer konularında bilgi paylaştık.
3 yıl önce
ToolWar

PatrowlHears (Vulnerability Intelligence Center) :: Tools - [image: PatrowlHears - Vulnerability Intelligence Center] PatrowlHears provides a unified source of vulnerability, exploit and threat Intelligence feed...
3 yıl önce
InfoSec Institute Resources

Easy Essay Tips – Getting Cheap Essays Done For Longer - Affordable essays are something which all people can love. Nonetheless, so as to acquire such essays performed in a good price, you have to take a few uniq...
3 yıl önce
Grand Stream Dreams

Still Here…Still Fighting the Good Fights - “Growing up, I always had a soldier mentality. As a kid I wanted to be a soldier, a fighter pilot, a covert agent, professions that require a great deal ...
3 yıl önce
Halil Ozturkci - Blog

Güvenli Online Toplantı ve Zoom Güvenliği - Bir çok sektörde olduğu gibi online video konferans platformları da pandemi sürecine hazırlıksız yakalandılar. Bir yandan çok hızlı bir şekilde ihtiyaç d...
3 yıl önce
Sharing in Security

Symantec Protection Engine (SPE) - ICAP bypass - Hello folks! A couple of weeks ago I found a security issue on Symantec Protection Engine which could lead to ICAP inspection bypass. Check it out here!
3 yıl önce
Trend Micro - Blog

This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs - Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, ...
3 yıl önce
Andrew Morgan - Blog

Creating a Virtual Channel in VMware Horizon with C# (Simply!) - Just a quick blog post, there was recently an ask from a partner on how do you create a virtual channel between the Horizon Client and Horizon Agent in ord...
3 yıl önce
Emrullah Akdemir - Blog

ZTE MF286R Modem Session Hijacking - Broken Authantication and Session Management (0-Day) - Selam, Hello All, While I was researching vulnerability on ZTE MF286R Mobile Modem on behalf of my customer, I have discovered a weaknesses on modem web ...
3 yıl önce
Bilişim Hukuku Günlüğü - Leyla Keser

- “Reason is the Soul of All Law” Thomas Hobbes Kağıt ve Kalemin ve Bu İkiliyle Yaratılan “Islak İmzanın” veya Kişisel Verileri Koruma Kurul Kararının Türk...
3 yıl önce
Malware Domain Blocklist

Ransomware on the Rise: The alarming trend and how to combat it. - An ominous splash screen, missing files and, naturally, a ransom note demanding payment: the calling card of a particularly vicious strain of cyberattack...
3 yıl önce
Hakki Inkaya - Blog

趣玩娱乐下载-三峡水库出现建库以来最大规模洪峰 - 中新社宜昌8月20日电 (郭晓莹董晓斌)三峡水库20日8时出现75000立方米每秒入库洪峰，刷新了2012年洪峰值(71200立方米每秒)，为三峡建库以来最大规模洪峰。截至当日12时，入库洪水流量仍...
3 yıl önce
Mark Gamache - Blog

Exploiting AD gpLink for Good or Evil - GPOwn
3 yıl önce
Kiddaland

Plaso 20200630 released - This is the last release announcement for Plaso posted on this blog. Future release announcements will be on https://osdfir.blogspot.com/ Plaso 20200630...
3 yıl önce
Oguzhan Topgul - Blog

Outlaw Botnet XMRIG Miner and Shellbot Campaign Technical Analysis - I saw a sample in the wild and decided to take a deep dive into it. It didn't take took long to realize that this is just a piece of a bigger campaign rela...
3 yıl önce
Active Directory Security

Attacking Active Directory Group Managed Service Accounts (GMSAs) - In May 2020, I presented some Active Directory security topics in a Trimarc Webcast called “Securing Active Directory: Resolving Common Issues” and include...
3 yıl önce
Carnal0wnage | Attack Research Blog

WeirdAAL update - get EC2 snapshots - I watched a good DEF CON video on abusing public AWS Snapshots https://www.youtube.com/watch?v=-LGR63yCTts I, of course, wanted to check this out. There a...
3 yıl önce
Another Forensics Blog

Detecting Lateral Movement with WinSCP - RDP is a common way for an attacker to move laterally within an environment. Forensically, when an attacker uses RDP we can use artifacts such as shellbag...
4 yıl önce
Computer Security News

QUIZ: Name These Midwestern Animals - Moose, deer, and bears, oh my!
4 yıl önce
Sherif Eldeeb - Blog

NSA Python Course COMP 3321 (reduced PDF) - Someone (Chris Swenson) was awesome enough to submit a FOIA request for NSA’s Python training course, and got their COMP 3321 course. He scanned them into ...
4 yıl önce
Msmvps - Blog

Sprint Customer Support Info leaked - Sprint Exposed Customer Support Site to Web “Fresh on the heels of a disclosure that Microsoft Corp. leaked internal customer support data to the Internet,...
4 yıl önce
Zscaler Research

Frenchy – Shellcode in the Wild - For the past few months, the Zscaler ThreatLabZ research team has seen a number of AutoIt and .NET samples from different malware families using what is be...
4 yıl önce
Active Directory - FAQ

Migrating a Physical Windows 2012 Domain Controller to a Virtual Windows 2012 Domain Controller - The information provided below is a good starting point when it comes to planning about P2V of Domain Controllers. Please go through the same thoroughly....
4 yıl önce
Anton Chuvakin | Gartner Blog

The Last Blog Post! - It is with some sadness and much excitement that I write this final post for my Gartner blog. If you recall, I joined Gartner in 2011, so it has been nearl...
4 yıl önce
Cozumpark - Windows Server

Active Directory CA Üzerinden Otomatik Sertifika Yenileme ve IIS Otomatik Sertifika Rebind İşlemi - IIS üzerinde site ilk defa kurulurken CA üzerinden sertifika almak ve bunun bind edilmesi rutin bir işlem. Ancak sorun, bu sertifikaların expire olm...
5 yıl önce
Cozumpark - Guvenlik

MBSA ile Windows System Hardening - Makaleme öncelikle System Hardening (Sistem Sıkılaştırma) nedir ile başlamak istiyorum. Sistem sıkılaştırmanın amacı, mümkün olduğu kadar çok güvenli...
5 yıl önce
Cozumpark - Exchange Server

Exchange 2019 Preferred Architecture PA – Tercih Edilen Mimari - Exchange Server 2019 çıkışı ile beraber ignite öncesi, ignite ve sonrasındaki tecrübelerimi sizler ile paylaşmaya devam ediyorum. Pek çok konuda olduğu gib...
5 yıl önce
NetSecTr - Blog

Siber Saldırıların Tespiti ve Savunma Etkinliği - NETSEC İstanbul'18 - NETSEC Topluluğu *“Siber Saldırıların Tespiti ve Savunma Etkinliği”* 13 Ekim tarihinde Microsoft Türkiye İstanbul Ofisi’nde gerçekleştirilecek. Netsec, T...
5 yıl önce
Network Security Blog

Lucky Break - One of the things I do from time to time is throw out an open ended question on Twitter. Sometimes I’m making a point, sometimes I just want to amuse myse...
5 yıl önce
Jaap Brasser | Blog - Powershell.com

Arizona PowerShell User Group – From PowerShell Function to Serverless code with Azure Functions - Yesterday I was asked to speak at the Arizona PowerShell User Group, I picked the subject of moving your code into Azure Functions.
5 yıl önce
Rebootuser

Recent Changes… - It’s been a while since I wrote a personal post, but you may be aware that I recently co-founded a new company https://in.security with a good friend of mi...
5 yıl önce
j00ru//vx Tech - Blog

Exploiting a Windows 10 PagedPool off-by-one overflow (WCTF 2018) - During the weekend of 6-8th of July, our CTF team – Dragon Sector – played in an invite-only competition called WCTF, held in Beijing. The other participan...
5 yıl önce
CORE Security

What are the 3 Most Common Access Risks? - Identity and Access Management These days it seems like there are security solutions for almost everything except, the one thing you can never fully secure...
5 yıl önce
Zemana - Blog

Our Live Chat is ON! - Great news everyone! Starting from this week, you will have a chance to communicate with us live whenever you have any questions or concerns regarding pr...
5 yıl önce
Myexploit

myexploit2600_security_conference_talks - https://myexploit.wordpress.com/myexploit2600_security_conference_talks/ Advertisements
5 yıl önce
Security List Network

Gpredict is satellite tracking and prediction application. - Gpredict is a real time satellite tracking and orbit prediction program for the Linux desktop. It uses the SGP4/SDP4 propagation algorithms together with N...
5 yıl önce
Ridvan Erbas - Pentesttr - Blog

Etik Web Hacking Yöntemleri - https://www.udemy.com/uygulamali-etik-web-hacking-yontemleri/ Etik Web Hacking Yöntemleri, gerçek bir lab ortamında yapılan web hacking-penetrasyon iş...
5 yıl önce
Microsoft Turkiye - Blog

blog.microsoft.com.tr - .
6 yıl önce
Digital Bond - SCADA

Site Moved … Go To S4xevents.com for S4 info … Go To Dale-Peterson.com for Consulting and Speaking - We are no longer updating the digitalbond.com site. My articles, podcasts, consulting and speaking info is on dale-peterson.com. For information on S4x19, ...
6 yıl önce
Hak5

TekThing 161 – Bitcoin Sucks For Gaming PCs!!! Our Video Gear, Fingbox Home Network Security - —— Thank You Patrons! Without your support via patreon.com/tekthing, we wouldn’t be able to make the show for you every week! https://www.patreon.com/tekth...
6 yıl önce
Alltop RSS

Data scientist: Yes, you can get ‘the sexiest job of the 21st century’ - Data science is the position of choice for analysts and managers who wish to take their careers to the next level. Think becoming a data scientist is out...
6 yıl önce
Mehmet Ince - Blog

PCI/DSS ile Payment Gateway’ler Arasındaki HTTP Security Headers Tartışmaları - Son zamanlarda tüm payment gateway firmalarındaki tanıdığım/sevdiğim insanlardan aldığım telefon aramalarının ana konusu olan hususa dair bir takım doğru ş...
6 yıl önce
Forensic Methods

SANS Memory Forensics Cheat Sheet - Just in time for the holidays, we have a new update to the SANS Memory Forensics Cheatsheet! Plugins for the Volatility memory analysis project are organi...
6 yıl önce
Enpedi-Windows 7

Windows 7 Kurulum Medyasına USB 3.0 (xHCI) Sürücülerini Entegre Etmek - Çoğunuzun bildiği gibi *Windows 7* varsayılan olarak *USB 3.0 (xHCI) *desteğine sahip değil. Dolayısıyla *USB 3.0* desteği olan bir bilgisayara *USB* flash...
6 yıl önce
The Ethical Hacker Network

The Ethical Hacker Network Rises from the Ashes - [image: A phoenix depicted in a book of legendary creatures by FJ Bertuch (1747–1822)]This past summer while attending Black Hat and DEF CON, I was appro...
6 yıl önce
Security Watch - PCMag

You Can't Remember Good Passwords, So You Need a Password Manager - Memory tricks can help you remember one very strong password, but in the real world you need dozens of passwords. That's OK. You can use that one strong pa...
6 yıl önce
Jeff Wouters - Blog

Get-ADUser : Year, Month, and Day parameters describe an un-representable DateTime - Today I’ve been working together with my colleague Irwin at a customer. We needed to do a small inventory off the active directory, amongs that was a list ...
6 yıl önce
Command Line Kung Fu

Episode #181: Making Contact - Hal wanders back on stage Whew! Sure is dusty in here! Man, those were the days! It started with Ed jamming on Twitter and me heckling from the audience. T...
6 yıl önce
InfoSec Musings

Cloud Access Security Broker (CASB) - The purpose of a forward proxy - First of several short articles on the feature sets of a typical Cloud Access Security Broker (CASB) *The Forward Proxy:*In a Cloud Access Security Broker (...
6 yıl önce
ForensicKB

EnCase v8 EnScript - Check hash values for tagged files to VirusTotal - This is an update to the original (v6 & v7) EnScript to check the hash value(s) of tagged files to VirusTotal. Tag any file(s) you want to check with "Chec...
6 yıl önce
Rapid7 Community

Metasploit Wrapup - Slowloris: SMB edition Taking a page from the Slowloris HTTP DoS attack, the aptly named SMBLoris DoS attack exploits a vuln contained in *many* Windows re...
6 yıl önce
Canberk Bolat - Blog

Silently Fixed Unauthorized Command Injection in WAGO PLC Ethernet - It's been almost 4 years I didn't blogged anything on anywhere (shame). Anyway, recently found Unauthorized Command Injection vulnerability in WAGO PLC's ...
6 yıl önce
Lifehacker

10 Online Clothing Retailers With Awesome Return Policies - Buying clothes in a store—once the *only* way to shop—now seems almost antiquated. Why limit yourself to merely one designer, or even all the options ava...
6 yıl önce
Daren Matthews

EEM Script to check log messages and trigger email - Here’s a tip to become alerted when an interface is down (in this case a VPN tunnel). The script can be adapted to look for any pattern in the syslog and s...
6 yıl önce
Window Security

V2V Communications security considerations - The future of vehicles, road infrastructure and driving are changing. We are progressing with vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) ...
6 yıl önce
Exchange Server Articles

Configure a Mobile Device Mailbox Policy for Exchange Server - This article explains how to use mobile device mailbox policies to force mobile devices to comply with your organization’s security standards.
6 yıl önce
Ethical Hacking Tutorials

How to Install SugarCRM on CentOS 7 in Simple Steps - Our tutorial for today is How to Install SugarCRM on Centos 7 in Simple Steps. SugarCRM Community Edition is a free and open source web-based customer re...
6 yıl önce
Ethical Hacking | Blog

How to Install SugarCRM on CentOS 7 in Simple Steps - Our tutorial for today is How to Install SugarCRM on Centos 7 in Simple Steps. SugarCRM Community Edition is a free and open source web-based customer re...
6 yıl önce
New Delhi PowerShell User Group.

PowerShell Basics : Find commands by using Get-Command cmdlet. - Sometimes, the more we do advance things, the more we keep forgetting the basics. Today while working on some script, I forget the command which I ...
7 yıl önce
Pentest - Blog

Simple Bypass for PowerShell Constrained Language Mode - We all know that Microsoft has added some nice features to PowerShell v5 to help out the Blue teams, Constrained Language Mode, Deep Scriptblock logging, s...
7 yıl önce
Still Passing the Hash

Blocking the Lan Turtle / Poison Tap / Bash Bunny and other cruft - I've been doing this for a long time. So I've researched, discovered, implemented, and forgotten a ton of stuff. I should probably start up a blog just f...
7 yıl önce
Syslogs - Cagri Ersen - Blog

Creating Docker Swarm Cluster From Scratch - The new version of Docker (1.13) has many new features and for a container orchestration platform some of the essential features like secrets, stack deploy...
7 yıl önce
Christopher Truncer - Blog

Shellcode Generation, Manipulation, and Injection in Python 3 - It’s no secret that I’ve been working on updating Veil and will soon be releasing Veil 3.0. In the process, I’ve learned quite a bit about Python 2 and 3...
7 yıl önce
Luiz Firmino - Blog

Cyberattack Techniques Matrix - PersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementExecutionCollectionExfiltrationCommand and Control Accessibility...
7 yıl önce
Journey Into Incident Response

Changing Perspectives - In the Fall I was staring out my back window seeing my yard covered in orange leaves. This sight is one I see each year and I have always viewed as my year...
7 yıl önce
Petros Andreou - Blog

Yahoo Flaw Allowed Hackers to Read Anyone's Emails - Yahoo has patched a critical security vulnerability in its Mail service that could have allowed an attacker to spy on any Yahoo user's inbox. Jouko Pynnö...
7 yıl önce
Memory Forensics

Bringing together the DFIR Industry and Academia at DFRWS 2017 - I am happy to announce that I have joined the 2017 DFRWS organizing committee. My role for this conference is to bring industry researchers and practitione...
7 yıl önce
Liatsis Fotis | Blog

Undetectable Metasploit WAR - A possible attack path during a penetration test is having access to the administrative console of a JAVA Application Server (like WAS, JBOSS and Tomcat) ...
7 yıl önce
Ugur Demir - Blog

Nerede Kalmıştık..! - Merhaba, İlk webcastimi 2014 yılında Exchange üzerine vermiştim. 2015 yılında ise ilk sunumumu gerçekleştirmiştim. Bu sene iş yoğumluğum nedeniyle etkinli...
7 yıl önce
Hackings.Org

Sitedeki sorunlar bilmem ne - JavaScriptlerden biri bumladigi icin gorsellik biraz kaymis. Temanin dosyalari external disklerden birisinde vardi fakat scripti upload edebilecegim gayri ...
7 yıl önce
MSDN - Blog

Somasegar's blog - Site Home - MSDN Blogs - Search all blogs. Search this blog. Sign in. Somasegar's blog Somasegar's blog Most Recent Most Comments. Team Foundation Server 2015 Now Available. Today,...
7 yıl önce
Deb Shinder - Blog

Ransomware just keeps on coming - Dominates malware samples in 2016 Q2
7 yıl önce
Network Pentest - Firat Celal Erdik

Rootkit Geliştirmenin Temelleri-II - Windows işletim sisteminde hem kullanıcı seviyesinde(user level) hem de çekirdek seviyesinde(kernel level) hook işlemi yapılabilir. Hook işlemi sistemin ve...
7 yıl önce
George Chetcuti - Blog

LepideAuditor Suite 16.3 – now with File Server Current Permission Reporting - Lepide launched version 16.3 of the popular LepideAuditor Suite. The updated version now features File Server Current Permission Report for the Shared fold...
7 yıl önce
Bilgi Güvenliği Akademisi | BGA

Siber Güvenlik Dünyasına AR-GE Desteği - Bilgi Güvenliği AKADEMİSİ olarak ana hedeflerimizden biri içinde yer aldığımız siber güvenlik sektörünün yetişmiş eleman sayısının artmasına destek olmak...
7 yıl önce
Onur Alanbel - Blog

Siber Güvenlik Etkinliklerine Başvuru Tecrübelerim - Yaklaşık bir sene önce yaptığım özgün çalışmalarla Türkiye’deki siber güvenlik etkinliklerine istisnasız sunum önerisi gönderme kararı aldım. Bu kararı ald...
8 yıl önce
Bekir Yalcinkaya - Blog

How Can I Replace the Certificate of RDP (Remote Desktop)? - Uzak Masaüstü (RDP) bağlatınlarında özel bir sertifika makamında üretilen veya ticari olarak satın alınan bir sertifikayı kullanabilmek için aşağıdaki adım...
8 yıl önce
Offensive Security Blog V2.0

CheatSheet: Powershell -
8 yıl önce
Threat Thoughts

Cash Payment Machine - Agency Bill – Correcting A Cash Payment.wmv Reds slip in the only league the owners truly care about but riches await – unitedrant.co.uk Unitedrant.co.uk...
8 yıl önce
Hüseyin Sevin - Blog

IIS Sunucularda http isteğini https e Force Etme - Bu makalemizde web sunucumuza gelen http isteklerini https’e nasıl force edeceğimize değineceğiz. Uygulamalarımız ve web sitemiz için bu işlem aslında son ...
8 yıl önce
Ryan Ries - Blog

Now on AskDS! - It is my sincere honor to inform you that you may now also find me waxing poetic on the AskDS blog, Microsoft's official enterprise support blog for AD D...
8 yıl önce
My Other PC is a cloud

Now on AskDS! - It is my sincere honor to inform you that you may now also find me waxing poetic on the AskDS blog, Microsoft's official enterprise support blog for AD D...
8 yıl önce
Forensic Artifacts

Mac OS X User Preference Settings - Author Name Pasquale Stirparo, @pstirparo Submission Title Mac OS X User Preference Settings Artifact Description Num. 1 is the directory containing user p...
8 yıl önce
Yakup Korkmaz - Blog

Installing Numpy on Windows 7 / 8 with Python 2.7 (Unable to find vcvarsall.bat) - Installing Numpy is as easy as running the command below: pip install numpy However, If you don’t have a C/C++ compiler installed, you can get the followin...
8 yıl önce
Lifeoverip - Blog

Siber Güvenlik Yaz Kampı ’15 24-29 Ağustos 2015 / Ankara - Cisco firmasının 2014 yılı güvenlik raporuna göre önümüzdeki 5 yıl için dünya genelinde 1 milyon siber güvenlik uzmanına ihtiyaç vardır. Türkiye için siber...
8 yıl önce
Merve Cevizci | Blog

Oracle Data Pump ile ASM’e export/import - Merhabalar, Bu yazımda ASM diskleri üzerinde export/import işlemlerini nasıl gerçekleştireceğimizi anlatacağım. Aslında klasik file system üzerinde yaptığı...
8 yıl önce
Michael's meanderings

Clustersize, Blocksize, and Allocation Unit Size - Depending on where you see the terms used in Windows, you may see different names for the same thing. The clustersize of a volume, the blocksize of a vol...
8 yıl önce
Cozumpark - Windows 8

Windows 8 Aile Koruması - Dünya var olduğu günden bu yana iyilik ve kötülük savaş halinde. İnternet gibi muhteşem bir mecrayı bulan ve insanlığın hizmetine sunan iyi insanlar, muh...
8 yıl önce
Certified Ethical Hacker | TR

Cypsec’15 Uluslar Arası Siber Güvenlik Konferansı - Bu yıl 15-16-17/04/2015 tarihlerinde Cypsec Uluslar Arası Siber Güvenlik Konferansı, bir çok değerli teknik uzman ve siber güvenlik sektörünün ürün gelişt...
9 yıl önce
Unmask Parasites - Blog

“Fancybox for WordPress Has Expired” Infection - Today I began to notice quite a massive and very unusual attack that leverages vulnerabilities in older versions of the FancyBox for WordPress plugin. As y...
9 yıl önce
The Invisible Things Lab's Blog

Migrating my blog out of Blogger... - I've migrated this blog to a new "platform". The new blog is now hosted here. This post (via new blogging platform) explains the reasons of migration and ...
9 yıl önce
SpiderLabs - Blog

TrustKeeper Scan Engine Update – February 4, 2015 - The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerabi...
9 yıl önce
In pursuit of happiness - Blog

Easy Tricks for JPA, Spring and Hibernate - Java frameworks have evolved, making us write less code and ship faster! Here, I will discuss some neat tricks to address common concerns in Hibernate an...
9 yıl önce
SecuriTeam - Blog

Developing an IR Process and Team - In our world today, we have an abundance of many things, among which are –unexpected events. Falling meteorites, terrorist attacks, hacktivist demonstratio...
9 yıl önce
SecurityLearn - Blog

Get Practical mobile forensics book for just $5 now! - Packt Publishing will be celebrating the holiday season with $5 offer. From Thursday 18th December, every eBook and video will be available on the publi...
9 yıl önce
Catch in Security - Blog

Taking out the Eurotrash - Regular listeners are probably already aware by now, that the Eurotrash is no more! As with all good things, there had to be an end, and with the last Chri...
9 yıl önce
Cagatay Isikci - Blog

Belirli Bir Portta Çalışan Uygulamayı Bulmak - Microsoft ve Unix tabanlı sunucularda, uygulamalar ilgili portlar üzerinden çalışırlar. Bu gönderide, belirli bir portta hangi uygulamanın çalıştığını bulm...
9 yıl önce
Pentest Geek

Phishing Frenzy: SSL Support on Rails 4 with Syntax Highlighting - It’s been a little over a year since I started phishing full time with Phishing Frenzy and there is no looking back now. The project has really come a lo...
9 yıl önce
SignalSEC

Bir APT & Siber İstihbarat Saldırısının Anatomisi - APT (Advanced Persistent Threat) tanımı şüphesiz son günlerde siber güvenlik dünyasının en popüler ve önemli Read More
9 yıl önce
Open Security Research

A Brief Overview of the Google Authenticator - By Deepak Choudhary. Many application providers are considering implementing a more robust login mechanism to their applications as single layer authentica...
9 yıl önce
Just Ask Weg

Workarounds to Workarounds (and some hints & reminders) - Every now and then, I get email from readers who have difficulties, and some areas come up more often. I also learn a few things as time goes by, and
9 yıl önce
The Digital Standard

One Step Ahead Part 3 - One Step Ahead Part 3 is out on the Nuix blog, Unstructured!
9 yıl önce
knox - Manoj Kumar - Blog

Bash-Bug Penetration Testing - Anatomy of Shelllock - A new security vulnerability known as the Bash or Shellshock bug could spell disaster for major digital companies, small-scale Web hosts and even Internet...
9 yıl önce
Forensicaliente

It's a Groovy Kind of Risk - This year at the SANS DFIR Summit in Austin, TX I had the distinct honor and pleasure of presenting a talk entitled *To Silo, or Not to Silo: That is the...
9 yıl önce
Dav Nads - Blog

4n6time v.06 - minor update - I posted a new version of 4n6time for Windows only. Download link here: https://googledrive.com/host/0B30H7z4S52FleW5vUHBnblJfcjg/4n6time/ Not many signifi...
9 yıl önce
clymb3r - Blog

Cracking Open PowerShell’s Constrained Runspace - Recently at the PowerShell Summit, Lee Holmes and I did a talk on PowerShell security. One of the demonstrations we did showed how to find and exploit a co...
9 yıl önce
Obscuresec - Blog

Modifying MAC properties with PowerShell - Laziness is the demise of Red Team engagements. Whether it is writing PsExec to a user's desktop or writing other arbitrary binaries to disk, not being car...
9 yıl önce
Metcorp Consulting

Blog Move - I have accepted a position with another company, so this blog is moving. The new blog location is: ADSecurity.org Comments posted on this blog may not be a...
9 yıl önce
Hidden Illusion

Rewriting/anonymizing artifacts - This has been ported over to my GitHub site and is not longer being maintained here. For any issues, comments or updates head here.Situation Have you ever ...
10 yıl önce
Turgay Sahtiyan - Blog

SQL Server Latch Contention - *Latch Contention nedir?* Latch’ler, in-memory structure’daki data, index page ya da B-Tree’nin leaf level’indaki page’ler gibi internal objelerdeki tuta...
10 yıl önce
Security-Shell

WAVSEP 2014 Web Application Scanner Benchmark - The *2014* WAVSEP web application scanner benchmark has been published Currently includes new products that were tested for the first time (ScanToSecure, ...
10 yıl önce
Mike Kline - Blog

Complete Windows 2012 & 2012 R2 Documentation - I generally don't write posts that link to docs but this one is really good and I haven't seen a lot of traffic on it. Microsoft has released the entire co...
10 yıl önce
The Digital4rensics Blog

New Endeavors Ahead - This weekend, I had a fleeting thought about how long it had been since I posted here, but I suppose I didn’t realize it had been quite that long. Long sto...
10 yıl önce
Dig4n6

VDI-in-a-Box Analysis Results - Despite the fact that my capstone thesis was complete over three months ago, it’s been a struggle to make this post. That being said, hopefully this blo...
10 yıl önce
MNIN Security Blog

How to DoS Authenticode Signature Verification and Spoil Live Forensics with Echo - A while back I was looking into some internals of Microsoft's Authenticode and found a way to prevent signature verification by creating a specially named ...
10 yıl önce
Sistem Yönetimi ve Bilgi Güvenliği - Blog

Active Directory Yonetim Proseduru - Active Directory yonetim proseduru, AD ortamındaki kullanıcı hesapları, gruplar ve diğer AD nesnelerinin nasıl oluşturulacağını, yönetileceğini ve bu nesne...
11 yıl önce
Sploited

SANS Forensic Artifact 7: Last Visited MRU - Welcome to 2013. I was fortunate to have some free time towards the end of last year which allowed me to catch up on some of my side projects such as the M...
11 yıl önce
Hot Security News

- Symantec Corp. today announced the findings of its 2012 Information Retention and eDiscovery Survey which examined how enterprises manage their ever-growin...
11 yıl önce
Mahmet Esat - Blog

Hakkimda Sayfasini Guncelledim :) - Merhaba, Uzun suredir birseyler yazmaya firsat bulamiyorum. Gerek sanal gerekse reel yogunluktan dolayi konu anlatimi ve video gibi icraatlerden uzak kaldi...
11 yıl önce
Cloud Security

Happy New Year from the Cloud Security blog - [image: Wishing you Happy Cloud Fiddling in 2013] Hello again and Happy New Year! I’ve just updated my About page ready for 2013. After a break from blo...
11 yıl önce
Ismail Saygili - Blog

Kadınlar Dünyadaki En Güçlü Firewall’lardır - Kabul ediyorum bu yazının devamı çok ilginç olacak ve tepkilere de hazırım :) Ancak yabancı bir sitede gördüğüm bu benzetmeyi paylaşmadan geçemeyeceğim. Ko...
11 yıl önce
Dr. Fu's Security Blog

Malware Analysis Tutorial 34: Evaluation of Automated Malware Analysis Tools CWSandBox, PeID, and Other Unpacking Tools - *Learning Goals*: 1. Understand Design Principles of Automated Malware Analysis Systems 2. Hands-on Experiences with CWSandBox and Packer Identificat...
11 yıl önce
Ağ Güvenliği Akademisi - Blog

Siber Ordular Dosyası - Büyük Takip 22.06.2012 Trt Haber - Televizyonda ağ güvenliği konusunda ayrıntılı bir program bulmak pek mümkün değil. Büyük Takip adlı haber programında Hüseyin Yüce, Hüzeyfe Önal gibi tanı...
11 yıl önce
Bernardo Damele - Blog

Data retrieval over DNS in SQL injection attacks - We have recently implemented *data retrieval over DNS* in sqlmap. This data exfiltration technique adds up to the six existing techniques already implement...
11 yıl önce
Pentester - Sudhir

Basic Information Gathering of Analysis on Malware (Part 1) - *Basic Information Gathering of Analysis on Malware* (*Part 1*) -------------------------------------------------------------------- Malware (spyware,Rootk...
11 yıl önce
Exploit Monday

Stealth Alternate Data Streams and Other ADS Weirdness - I was reading an article on MSDN regarding the naming of files, paths, and namespaces[1] and I discovered some interesting peculiarities regarding the nami...
12 yıl önce
Bilisim ve Sistem Guvenligi - Blog

Şifresiz Bilgisayarlar: Anahtar Kapının Üzerinde Ben Evde Yokum - Teknolojinin giderek yaygınlaşmasıyla birlikte artan bilişim suçlarına karşı uzmanlar vatandaşları uyardı. Bireylerin cep telefonları ve bilgisayarlarında ...
13 yıl önce
Dark Reading

-
Windows - All Computers

-
BackTrack Linux

-
Ulusal Bilgi Güvenliği Kapısı

-
Network Security Podcast

-
Point2Security

-
Hackinsight.org

-
Coresec

-
Necati Demir - Blog

-
Onur Yuksektepeli - Blog

-
TurkSec - Blog

-
VoIP/UC Security Blog

-
System Forensics

-
Raihan Al-Beruni - Microsoft Guru

-
Caner Koroglu - Blog

-
Brian McCann - Blog

-
Eyup Celik - Blog

-
Securelist - Blog

-
Erdem Cilingiroglu - Blog

-
Not So Secure

-
Techorganic

-
Tuts 4 You

-
Malware Analysis Blog

-
A Fistful of Dongles

-
Aman Dhally - Blog

-
Harvard | Cyber Security

-
Blog - Haider M. al-Khateeb

-
The H Security

-
Commtouch Café

-
AlienVault Labs - Blog

-
The Penetration Testing Execution Standard

-
BT Yonetimi 2.0 - Blog

-
Güvenli Yazılım Reçeteleri

-
1337day

-
Programming For Us - Security

-
Religion Hacking - Blog

-
Mustafa Yilmaz - Blog

-
FishNet - 6Labs | Blog

-
V.P.Prabhakaran - Blog

-
Siber Güç

-
Cyber News

-
Ertan Erbek

-
Biznet Bilisim Bilgi Guvenliği Notlari

-
Microsoft Windows - Blog

-
TrustedSec- Blog

-
Yesu Chelva - Blog

-
Lostar Bilgi Guvenligi

-
Technet | Blog

-
IOC: Forensic Artifacts

-
Bluebox - Blog

-
Erdem Alparslan | Blog

-
TechRepublic - Blog

-
Ag Guvenligi - SGE

-
Mandiant - Blog

-
W. Mark Brooks | Blog

-
Windows IT Pro

-
Dave Harris - Blog

-
HackTalk

-
Barkin Kilic - Blog

-
John Policelli - Blog

-
Security Weekly

-