Preface

What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here: https://github.com/MrMarco74/security-geraffel



Tools

Wireshark GeoIP resolution setup V2.0 and CMD Line Tool mmdbresolve
–> Wireshark 2.6 - Packet-Foo.com <–

Pop shells like a master
–> ShellPop - github <–

Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods
–> XXEinjector - github <–

Drupal enumeration & exploitation tool
–> drupwn - github <–



Talks & Knowledge

There’s a Hole in Your Umbrella
–> Evaluating threat-blocking DNS provider coverage - Medium.com <–

Trimarc Research: Detecting Password Spraying with Security Event Auditing
–> Trimarc Research: Detecting Password Spraying - TRIMARC <–



Threats

NTLM Credentials Theft via PDF Files
–> NTLM Credentials Theft via PDF Files - Checkpoint <–

Microsoft Adds Support for JavaScript Functions in Excel
–> JavaScript in Excel - BleepingComputer <–

Lenovo patches arbitrary code execution flaw
–> CVE-2017-3775 / CVE-2018-9063 - ThreatPost <–

Equifax reveals full horror of that monstrous cyber-heist of its servers
–> Equifax cyber-heist details - TheRegister <–

First-Ever Ransomware Found Using ‘Process Doppelgänging’ Attack to Evade Detection
–> Ransomware Found Using ‘Process Doppelgänging’ - The Hacker News <–