Preface

What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here: https://github.com/MrMarco74/security-geraffel


Tools

A collective list of public JSON APIs for use in security
–> security-apis - github <–

Whitelisting Bypassing Using ( Windows installer Package MSI ) Remote display Mimikatz @gentilkiwi &- Powershell /c install-Package C:\test.msi &- msiexec /passive /i URLMSI
–> MSIScript - github <–

Post-exploitation tool for hiding processes from monitoring applications
–> ProcessHider - github <–

YARA malware query accelerator (web frontend)
–> mquery - github <–

Linux Binary Exploitation
–> BinExp - github <–

DSGVO Generator
–> DSGVO Generator - DSGVO Generator <–

The best tool to find and prove XSS flaws
–> knoxss - knoxss <–


Talks & Knowledge

Rendering Suspicious EML Files
–> Rendering Suspicious EML Files - /dev/random <–

Lateral Movement – WinRM
–> WinRM - Penetration Testing Lab <–

It’S Time to Terminate the Terminate
–> Terminate the Terminate - The Zero Day Initiative <–

Amazon AWS IP-Ranges
–> Amazon AWS IP-Ranges - Amazon AWS <–

A collection of awesome software, libraries, documents, books, resources and cools stuffs about security
–> awesome-security - github <–

Cryptocurrencies and Blockchains: Burn It With Fire!
–> Cryptocurrencies and Blockchains - Nicholas Weaver ICSI & UC Berkeley <–

Master the art of Cross Site Scripting
–> Brute XSS - Brute XSS <–


Threats

New Spectre (Variant 4) CPU Flaw Discovered—Intel, ARM, AMD Affected
–> SpectreNG - The Hacker News <–

Extracting SSH Private Keys from Windows 10 ssh-agent
–> Win10 ssh priv key issue - ropnop blog <–

New BIND Vulnerabilities Threaten DNS Availability
–> CVE-2018-5736 / CVE-2018-5737 - DarkReading <–

7 Tools for Stronger IoT Security, Visibility
–> Stronger IoT Sec - DarkReading <–

Nethammer—Exploiting DRAM Rowhammer Bug Through Network Requests
–> Nethammer - The Hacker News <–