Preface

What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here: https://github.com/MrMarco74/security-geraffel



Tools

GetAltName (or GAN) is a tool that can extract Subject Alternative Names found in SSL Certificates directly from HTTPS web sites which can provide you with DNS names (subdomains) or virtual servers.
–> getaltname - github <–

To block the malware domains of coin-hive systemwide.
–> coinhive-block - github <–

Block lists to prevent JavaScript miners
–> adblock-nocoin-list - github <–

XFLTReaT tunnelling framework
–> XFLTReaT - github <–

run AFL with pintool
–> afl-pin - github <–

Program synthesis based deobfuscation framework for the USENIX 2017 paper “Syntia: Synthesizing the Semantics of Obfuscated Code”
–> syntia - github <–

IDA Pro resources, scripts, and configurations
–> idawilli - github <–

[WIP] Collaborative Reverse Engineering plugin for IDA Pro & Hex-Rays
–> IDAConnect - github <–

Scans a given process, searching for the modules containing in-memory code modifications. When found, it dumps the modified PE.
–> pe-sieve - github <–



Talks & Knowledge

Teen Hacks Ledger Hardware Cryptocurrency Wallet
–> Teen hacks ledger hw cryptocurrency wallet - HackRead <–

Hackers leave ransom note after wiping out MongoDB in 13 seconds
–> MongoDB wiped in 13 secs - HackRead <–

New R2D2 Technique Protects Files Against Wiper Malware
–> R2D2 Tech Protects - Bleeping Computer <–

What ends with X and won’t sue security researchers?
–> Dropbox offers vulnerability research safe harbour - The Register <–

Unboxing your VirtualBoxes - A close look at a desktop hypervisor
–> Unboxing your VirtualBoxes - github <–

President signs overseas data access bill into law
–> US cloud act law - engadget <–

Flagging Homoglyph Attacks
–> Flagging Homoglyph Attacks - Medium <–

Cross Site Scripting ‘XSS’ in a Nutshell
–> XSS in a Nutshell - Exploit-DB <–

Open Analysis Live! We analyze Adwind / JRAT malware using x64dbg and Java ByteCode Viewer.
–> Analyzing Adwind / JRAT Java Malware - Youtube <–

Mozilla Tests DNS over HTTPS: Meets Some Privacy Pushback
–> DNS over HTTPS - threatpost <–

Linux Internals - The Art Of Symbol Resolution
–> Linux Internals - 0X00SEC <–

Hackers pwn Edge, Firefox, Safari, macOS, & VirtualBox at Pwn2Own 2018
–> Pwn2Own 2018 - HackRead <–

Investigating lateral movement paths with ATA
–> Investigating lateral movement - Microsoft Docs <–

Jwt == insecurity?
–> Jwt == insecurity? - SlideShare <–

Three Ways WAFs Fail
–> Three Ways WAFs Fail - Signal Sciences <–

This website lists configuration files, supernodes and modules of the Dridex v4 malware
–> list of config files, supernodes, etc. - github.io <–

Building a Remote SDR with the Pi 3 Model B+ and SDRplay RSP2
–> Pi 3 SDRplay RSP2 - DesignSpark <–

Google now blocks GApps on uncertified devices, but lets custom ROM users be whitelisted
–> GApps blocks uncertified devices - XDA Developers <–

TrueOS Community How-to Guides
–> TrueOS Community Guides - github <–



Threats

GitHub Security Alerts Lead to Fewer Vulnerable Code Libraries
–> GitHub Security Alert - Security Weeky <–

AMD Acknowledges Newly Disclosed Flaws In Its Processors — Patches Coming Soon
–> AMD vuln, patches soon - The Hacker News <–

Cortana Lets Hackers Infect Windows PC Even when it is Locked
–> Infecting a pc using Cortana - HackRead <–

Hackers can Send Fake Emergency Alerts by Exploiting 4G LTE Protocol Flaws
–> 4G LTE Protocol Flaws - HackRead <–

Stealthy Dopant-Level Hardware Trojans: Extended Version
–> HW Trojans - Ruhr-Universität Bochum <–

Sanny Malware Updates Delivery Method
–> Sanny Malware - threatpost <–