Show more

Blog post by ACM: MITRE ATT&CK Matrix – Custom C2 Protocol - activecountermeasures.com/mitr
Reading: 5 min
Published: 09/08/2019

Blog post: Building a Pwnagotchi - Pwning wifi with AI - webyeti.ninja/blog/building-a-
Reading: 5 min
Published: 10/07/2019

Blog post: Threat Hunting with ETW events and HELK — Part 2: Shipping ETW events to HELK - medium.com/threat-hunters-forg
Reading: 9 min
Published: 10/07/2019

Blog post: Running a .NET Assembly in Memory with Meterpreter - praetorian.com/blog/running-a-
Reading: 5 min
Published: 04/09/2019

Blog post: Open Document format creates twist in maldoc landscape - blog.talosintelligence.com/201
Reading: 7 min
Published: 09/30/2019

Blog post by BHIS: Getting Started With AppLocker - blackhillsinfosec.com/getting-
Reading: 5 min
Published: 09/230/2019

Blog post: Web Application Pentest Lab setup Using Docker - hackingarticles.in/web-applica
Reading: 5 min
Published: 09/29/2019

Tools: SharpDoor - alternative RDPWrap written in C# to allowed multiple RDP sessions by patching termsrv.dll file - github.com/infosecn1nja/SharpD

Blog post: Remote Code Execution in Firefox beyond memory corruptions - frederik-braun.com/firefox-ui-
Reading: 9 min
Published: 09/29/2019

Tools: Pypykatz_wasm - Pypykats in your browser Python3 interpreter running in webassembly.
Webassembly in a nutshell allows your c/c++/go/... code to be compiled to a binary file which the JS engine in your browser can execute - github.com/skelsec/pypykatz_wa

Blog post: Smoke and Mirrors | Red Teaming with Physical Penetration Testing and Social Engineering - threat.tevora.com/smoke-and-mi
Reading: 18 min
Published: 09/13/2019

Blog post: Bypassing the Microsoft-Windows-Threat-Intelligence Kernel APC Injection Sensor - medium.com/@philiptsukerman/by
Reading: 5 min
Published: 09/23/2019

Webcast by BHIS: In-Depth SILENTTRINITY Demo, Explanation & Walkthrough!
Tues, Oct 1, 2019 3:00pm EDT
Register: register.gotowebinar.com/regis

Tools: sRDI
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode - github.com/monoxgas/sRDI

Tools: Ipwndfu - Open-source jailbreaking tool for many iOS devices - github.com/axi0mX/ipwndfu

Blog post: Exim Off-by-one RCE: Exploiting CVE-2018-6789 with Fully Mitigations Bypassing - devco.re/blog/2018/03/06/exim-
Reading: 6 min
Published: 03/16/2018

Blog post: Clobbering the clobbered — Advanced DOM Clobbering - medium.com/@terjanq/dom-clobbe
Reading: 9 min
Published: 09/26/2019

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.