Preface

What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here: https://github.com/MrMarco74/security-geraffel



Tools

testssl.sh has been updated
–> testssl.sh 2.9.5-5 - packet storm <–

CVE-2018-0886 PoC
–> credssp - github <–

Web Service Security Assessment Tool: WSSAT
–> WSSAT - n0where <–

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
–> pyt - github <–

This module analyzes malware droppers in Office documents, VB scripts or Javascript files
–> cutthecrap - github <–

Pure Python parser and analyzer for IDA Pro database files (.idb)
–> python-idb - github <–

Home of Brida - Advanced mobile penetration testing with Brida – Slides, Talk, HowTo, everything
–> Brida - MediaService <–

An open source toolchain for the Hexagon DSP based off LLVM and MCLinker
–> openhexagon - github <–

Multithreaded drupalgeddon2 scanner
–> Drupalgeddon2_scanner - github <–

Commandline tool for searching github
–> githubtool - github <–

A little toolbox to play with Microsoft Kerberos in C
–> kekeo - github <–

An IDA Pro script for creating a clearer idb for nymaim malware
–> easy_way_nymaim - github <–

This tool aim to provide a collaborative malware analysis framework
–> polichombr - github <–



Talks & Knowledge

Securing the Digital World: Intel Announces Silicon-Level Security Technologies, Industry Adoption at RSA 2018
–> Using GPU for malware scanning - Intel <–

RPZ - Response Policy Zones can turn your DNS into an additional firewall layer for your network security.
–> RPZ Response Policy Zones - CleanBrowsing <–

Where can I find sample packet captures?
–> Sample packet captures - CloudShark Blog <–

Building a simple Proxy Fuzzer for the MQTT protocol using the Polymorph framework
–> Building a Proxy Fuzzer for MQTT with Polymorph Framework - Exploit-DB <–

SDR (Software Defined Radio) » osmo-fl2k
–> osmo-fl2k - osmocom <–

Cybersecurity Buzz Phrase Bingo Hint Cyber Cyber Hint
–> CyberBingo - DarkReading <–

The “unpatchable” exploit that makes every current Nintendo Switch hackable
–> Nintendo Switch exploit - arsTECHNICA <–

Automatic Heap Layout Manipulation for Exploitation
–> Automatic Heap Layout Manipulation for Exploitation - arXiv.org <–

A bunch of Red Pills: VMware Escapes
–> VMware Escapes - Keen Security Lab Blog <–

ENERGETIC BEAR / CROUCHING YETI: ATTACKS ON SERVERS
–> Infrastructure of APT Group Crouching Yeti Uncovered - Kaspersky <–

Exploiting CVE-2018-1038 - Total Meltdown
–> Total Meltdown - xpnsec <–



Threats

New ‘Early Bird’ Code Injection Technique Helps APT33 Evade Detection
–> APT33 News - threat post <–

It’s Time to Take GitHub Threats Seriously
–> GitHub Threats - DarkReading <–

Trustjacking: iTunes’ Wi-Fi Sync Feature Vulnerable to Exploitation
–> Trustjacking - HackRead <–

Bypassing AV using decrypted source, compiling it in memory and later on, executing it from there
–> AV Bypassing using decrypt,make,run - Twitter/MalwareHunterTeam <–

New ransomware unable to restore files it encrypted
–> Trojan.Encoder.25129 - E Hacking News <–

Running system commands through Nvidia signed binaries
–> Running system commands through Nvidia signed binaries - Systems Engineering <–

Zero-day vulnerability in Internet Explorer discovered
–> 0-Day Vuln in IE - E Hacking News <–