Preface

What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here: https://github.com/MrMarco74/security-geraffel



Tools

IDC script for decrypting strings in the GandCrab v5.1-5.3
–> gandcrab_string_decryptor - github <–

Ghidra Program Analysis Library
–> GhidraPAL - github <–

A proof-of-concept rule that shows how easy it actually is to detect red teamer and threat group tools and code
–> IDDQD_Godmode_Rule - github <–

Necrobrowser is browser instrumentation for necromantic session control
–> necrobrowser - github <–

Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities
–> muraena - github <–

Plugin for Ghidra to assist reversing Golang binaries
–> gotools - github <–



Talks & Knowledge

Analysis of an IRC based Botnet
–> Analysis of an IRC based Botnet - Stratosphere IPS <–

Carbanak source code leak: What’s next?
–> Carbanak source code leak - Kaspersky <–

Microsoft recommended block rules
–> block rules - Microsoft <–



Threats

BLIND SSRF in *.stripe.com due to Sentry Misconfiguration
–> Blind SSRF - Medium <–

Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond
–> Fxmsp Hack - BleepingComputer <–

Linux Kernel Flaw Allows Remote Code-Execution
–> CVE-2019-11815 - ThreatPost <–

Flaw Affecting Millions of Cisco Devices Let Attackers Implant Persistent Backdoor
–> CVE-2019-1649 / CVE-2019-1862 - The Hacker News <–