OSINTk.o

OSINTk.o is a customized Kali Linux-based ISO image with pre-installed packages and scripts. The idea behind this project is to combine a portion of Kali Linux tools and some #OSINT scripts that are freely available on GitHub.

github.com/LinaYorda/OSIN…

#cybersecurity

Active Directory - Certificate Services - ADCS Cheatsheet
swisskyrepo.github.io/InternalAllThe…

CVE-2024-21378: Microsoft Outlook Remote Code Execution Vulnerability

PoC
gist.github.com/Homer28/7f3559…

A nice writeup on using Velociraptor's SSH accessor for ESXi forensics.

This picture also sums lots of other scripting workflow nowdays 😎synacktiv.com/publications/v…

#dfir Velociraptor

BOOM!!!! 😎 Just published the official Copilot for Security GitHub Community!!! LOOOOTS of prompting samples, guidelines, playbooks, plugins, workshops and much more 🔥 github.com/Azure/Copilot-… #GitHub #Cybersecurity #Copilot ForSecurity #Copilot #infosec

Malicious PowerShell script pushing malware looks AI-written - Ionut Ilascu
bleepingcomputer.com/news/security/…

bleepingcomputer.com/news/security/…

🔋 VolWeb

Ever wanted a GUI for memory collection and forensic analysis?

This tool wraps and visualizes Volatility 3

Includes automatic processing and extraction of artifacts

by k1nd0ne

#blueteam #cybersecurity

github.com/k1nd0ne/VolWeb

A Penetration Tester’s Best Friend – Multicast DNS (mDNS), Link-local Multicast Name Resolution (LLMNR), and NetBIOS-Name Services (NetBIOS-NS)

wolfandco.com/resources/blog…

Disable LLMNR and NetBIOS (via GPO)

petenetlive.com/kb/article/000…

Meet our speaker, Aleš Brelih, a Back End Developer at 3fs, who brings expertise in cybersecurity defense strategies, Linux systems, and Web application security.

Talk: 'Containers: A peek under the hood'
cfp.dragonsec.si/dctf24/talk/XM…

#DCTF24

BlueDucky automates exploitation of Bluetooth pairing vulnerability that leads to 0-click code execution

mobile-hacker.com/2024/03/26/blu…

wtf

Call for papers open! 0x7e8.bsidesljubljana.si/cfp < share with your #infosec peers! Thank you in advance! 🙏

#BSidesLjubljana Security BSides #cybersecurity #bsides #CallForPapers #cfp

⚠️⚠️ Over 94k+ exposed D-Link NAS devices have a backdoor account

🎯94K+ Results are found on the en.fofa.info nearly year.

FOFA Link🔗: en.fofa.info/result?qbase64…

FOFA Query: app='D_Link-DNS-ShareCenter'

Refer🔖: bleepingcomputer.com/news/security/…
Author:…

Pred četrt stoletja je v Sloveniji zaživel spletni produkt, ki je v le nekaj letih iz poskusnega projekta prerasel v fenomen. Email. si je uporabljalo več sto tisoč slovenskih uporabnikov. 📧

🔗n1info.si/magazin/digita…

🖊️ Piše Blaž Skok

Slides from our CYPHERCON AD CS talk tonight. Blog post with the videos and commands syntax coming soon! drive.google.com/file/d/1IfiFlB…

Windows session hijacking via SCCM cloud.google.com/blog/topics/th…

Updated the Persistence checklist. There are 4⃣0⃣ persistence techniques which are backed up with an article ⤵️ github.com/netbiosX/Check… #redteam

New HTTP/2 DoS attack can crash web servers with a single connection:
#ContinuationFlood
#DDoS

Impacted systems include: Red Hat, SUSE Linux, Arista Networks, the Apache HTTP Server Project, nghttp2, Node.js, AMPHP, and the Go Programming Language:
👇
bleepingcomputer.com/news/security/…

MISP - Elastic Stack - Docker

This lab explains how to connect MISP to the Elastic Stack in order to leverage IOCs from MISP and trigger alerts based on user defined rules.

misp-project.org/2024/04/05/ela…

Elastic

#elastic #misp #opensource #threatintel