A Post-Compromise granular, fully reflective, simple and convenient .NET library to embed persistency to persistency by abusing Security Descriptors of remote machines. The techniques incorporated are not novel but I've yet to come across any documented approach of modifying SCM/Service's SDDL by directly modifying registry keys. Modification of SD for WMI and Remote registry was also added in as an after thought but this means there's a lot more to explore and add for the curious minds.

submitted by /u/cybersectroll
[link] [comments]

/r/netsec - Information Security News & Discussion

TrollPersist

By: ／u／cybersectroll — May 13^th 2024 at 17:03

A Post-Compromise granular, fully reflective, simple and convenient .NET library to embed persistency to persistency by abusing Security Descriptors of remote machines. The techniques incorporated are not novel but I've yet to come across any documented approach of modifying SCM/Service's SDDL by directly modifying registry keys. Modification of SD for WMI and Remote registry was also added in as an after thought but this means there's a lot more to explore and add for the curious minds.

submitted by /u/cybersectroll
[link] [comments]

/r/netsec - Information Security News & Discussion

[KIS-2024-04] Cacti <= 1.2.26 Remote Code Execution Vulnerability

By: ／u／eg1x — May 13^th 2024 at 09:03

submitted by /u/eg1x
[link] [comments]

/r/netsec - Information Security News & Discussion

Fuzz just about anything (network, GUI, editors, compilers, etc.) with Program Environment Fuzzing

By: ／u／zoomT — May 13^th 2024 at 03:41

submitted by /u/zoomT
[link] [comments]

/r/netsec - Information Security News & Discussion

16 years of CVE-2008-0166 - Debian OpenSSL Bug - breaking DKIM and BIMI in 2024

By: ／u／hannob — May 12^th 2024 at 11:29

submitted by /u/hannob
[link] [comments]

/r/netsec - Information Security News & Discussion

Lumma Stealer Malware Analysis

By: ／u／AdvancedFinish6896 — May 11^th 2024 at 20:33

submitted by /u/AdvancedFinish6896
[link] [comments]

/r/netsec - Information Security News & Discussion

Parallel-Committees": A Novelle Secure and High-Performance Distributed Database Architecture

By: ／u／SS41BR — May 10^th 2024 at 20:35

submitted by /u/SS41BR
[link] [comments]

/r/netsec - Information Security News & Discussion

Unmasking Adversary Cloud Defense Evasion Strategies: Modify Cloud Compute Infrastructure Part 1

By: ／u／permis0 — May 10^th 2024 at 15:29

submitted by /u/permis0
[link] [comments]

/r/netsec - Information Security News & Discussion

Kinsing Demystified - A Comprehensive Technical Guide

By: ／u／Pale_Fly_2673 — May 10^th 2024 at 12:44

submitted by /u/Pale_Fly_2673
[link] [comments]

/r/netsec - Information Security News & Discussion

SSL/TLS, part 3: Toy TLS 1.2 client in ~1600 SLOC of Python.

By: ／u／yurichev — May 10^th 2024 at 11:24

submitted by /u/yurichev
[link] [comments]

/r/netsec - Information Security News & Discussion

Digging for SSRF in NextJS apps

By: ／u／Mempodipper — May 9^th 2024 at 22:39

submitted by /u/Mempodipper
[link] [comments]

/r/netsec - Information Security News & Discussion

apk.sh v1.0.9 is out! Making reverse engineering Android apps easier!

By: ／u／recovo_recovo — May 9^th 2024 at 21:31

submitted by /u/recovo_recovo
[link] [comments]

/r/netsec - Information Security News & Discussion

Minecraft Source Pack Becomes Gateway for zEus Stealer Distribution

By: ／u／goki7 — May 9^th 2024 at 17:10

submitted by /u/goki7
[link] [comments]

/r/netsec - Information Security News & Discussion

AWS CloudQuarry: Digging for Secrets in Public AMIs

By: ／u／_TheTime_ — May 9^th 2024 at 11:44

submitted by /u/_TheTime_
[link] [comments]

/r/netsec - Information Security News & Discussion

E2E Security Testing via exploratory Testing

By: ／u／samsbp97 — May 9^th 2024 at 06:02

submitted by /u/samsbp97
[link] [comments]

/r/netsec - Information Security News & Discussion

mlcsec/SharpGraphView: Microsoft Graph API post-exploitation toolkit

By: ／u／Frequent_Passenger82 — May 8^th 2024 at 19:02

submitted by /u/Frequent_Passenger82
[link] [comments]

/r/netsec - Information Security News & Discussion

AI-Exploits: 4 new exploits released for major AI tools - Gradio, BentoML, FastAPI, AnythingLLM

By: ／u／FlyingTriangle — May 8^th 2024 at 16:21

submitted by /u/FlyingTriangle
[link] [comments]

/r/netsec - Information Security News & Discussion

Systematic VPN Detection

By: ／u／incolumitas — May 8^th 2024 at 14:55

submitted by /u/incolumitas
[link] [comments]

/r/netsec - Information Security News & Discussion

Online DFIR Conference

By: ／u／dardaryy — May 8^th 2024 at 13:26

submitted by /u/dardaryy
[link] [comments]

/r/netsec - Information Security News & Discussion

Redefining Roles in Application Security

By: ／u／NXT1_Cloud — May 8^th 2024 at 13:23

submitted by /u/NXT1_Cloud
[link] [comments]

/r/netsec - Information Security News & Discussion

Everyday Ghidra: Symbols — Prescription Lenses for Reverse Engineers — Part 1

By: ／u／onlinereadme — May 8^th 2024 at 13:06

submitted by /u/onlinereadme
[link] [comments]

/r/netsec - Information Security News & Discussion

Interesting take on current state of phishing sim & sat

By: ／u／markqlogan — May 8^th 2024 at 12:27

submitted by /u/markqlogan
[link] [comments]

/r/netsec - Information Security News & Discussion

Over the past couple of months, I've built more than a dozen Python and D3 tools that might interest you. Such as this GitHub repo; an application that catalogs and visualizes all internal facing links from a given number of pages on a specific domain. Ot

By: ／u／-bretbernhoft__ — May 8^th 2024 at 09:31

submitted by /u/-bretbernhoft__
[link] [comments]

/r/netsec - Information Security News & Discussion

3D-Printed USB Dead Man Switch (Prototype Demo)

By: ／u／maltfield — May 7^th 2024 at 17:22

submitted by /u/maltfield
[link] [comments]

/r/netsec - Information Security News & Discussion

Neat idea - A 'scarecrow' for your computer.

By: ／u／Hoban_Riverpath — May 7^th 2024 at 12:57

submitted by /u/Hoban_Riverpath
[link] [comments]

/r/netsec - Information Security News & Discussion

Introducing SecureDrop Protocol

By: ／u／smaury — May 7^th 2024 at 10:34

submitted by /u/smaury
[link] [comments]

/r/netsec - Information Security News & Discussion

File-write on Gitlab via YAML parser differential

By: ／u／albinowax — May 7^th 2024 at 08:53

submitted by /u/albinowax
[link] [comments]

/r/netsec - Information Security News & Discussion

Multiple vulnerabilities in RIOT OS

By: ／u／0xdea — May 7^th 2024 at 08:48

submitted by /u/0xdea
[link] [comments]

/r/netsec - Information Security News & Discussion

CVE-2024-3661: TunnelVision - DHCP option 121 allows attacker controlled DHCP to subvert VPN routing rules

By: ／u／Secret-Inspection180 — May 7^th 2024 at 08:39

submitted by /u/Secret-Inspection180
[link] [comments]

/r/netsec - Information Security News & Discussion

poutine: a scanner that detects misconfigurations and vulnerabilities in build pipelines (i.e. GitHub Actions, etc.)

By: ／u／fproulx — May 6^th 2024 at 20:35

submitted by /u/fproulx
[link] [comments]

/r/netsec - Information Security News & Discussion

Burpscript - Python3/JavaScript scripting support for Burp

By: ／u／fbcd84f4335e5681f6f9 — May 6^th 2024 at 17:30

submitted by /u/fbcd84f4335e5681f6f9
[link] [comments]

/r/netsec - Information Security News & Discussion

LLM pentest: Leveraging agent integration for RCE

By: ／u／dr_delete — May 6^th 2024 at 13:08

submitted by /u/dr_delete
[link] [comments]

/r/netsec - Information Security News & Discussion

Malware Analysis Blog(Formbook info stealer analysis)

By: ／u／AdvancedFinish6896 — May 6^th 2024 at 02:13

submitted by /u/AdvancedFinish6896
[link] [comments]

/r/netsec - Information Security News & Discussion

Built a Python script that maps all of the connections shared by a given number of internal links from any accessible website on the Internet. Those relationships are returned as a JSON file, and then visualized using a D3 network graph. Each node can be

By: ／u／-bretbernhoft__ — May 5^th 2024 at 21:13

submitted by /u/-bretbernhoft__
[link] [comments]

/r/netsec - Information Security News & Discussion

pcap-did-what: Analyze pcaps with Zeek and a Grafana Dashboard

By: ／u／thewanderer1999 — May 4^th 2024 at 23:11

submitted by /u/thewanderer1999
[link] [comments]

/r/netsec - Information Security News & Discussion

Flutter Windows Thick Client SSL Pinning Bypass

By: ／u／Ano_F — May 3^rd 2024 at 17:24

submitted by /u/Ano_F
[link] [comments]

/r/netsec - Information Security News & Discussion

Demystifying RCE Vulnerabilities in LLM-Integrated Apps

By: ／u／louis11 — May 3^rd 2024 at 15:33

submitted by /u/louis11
[link] [comments]

/r/netsec - Information Security News & Discussion

Ever wondered where your inserted data went? Our Burp Suite Extension FlowMate helps you find out.

By: ／u／usdAG — May 3^rd 2024 at 13:30

submitted by /u/usdAG
[link] [comments]

/r/netsec - Information Security News & Discussion

Microsoft Developer Blogs Search Tool

By: ／u／elliotkillick — May 3^rd 2024 at 03:39

submitted by /u/elliotkillick
[link] [comments]

/r/netsec - Information Security News & Discussion

North Korea's Lazarus Group Tied to Laundering $200M+ in Crypto Since 2020

By: ／u／webbs3 — May 2^nd 2024 at 07:58

submitted by /u/webbs3
[link] [comments]

/r/netsec - Information Security News & Discussion

It’s Morphin’ Time: Self-Modifying Code Sections with WriteProcessMemory for EDR Evasion

By: ／u／thewatcher_ — May 2^nd 2024 at 05:55

submitted by /u/thewatcher_
[link] [comments]

/r/netsec - Information Security News & Discussion

5 Methods I Use To Discover APIs

By: ／u／Specific_Energy_3895 — May 1^st 2024 at 16:10

submitted by /u/Specific_Energy_3895
[link] [comments]

/r/netsec - Information Security News & Discussion

Front Porch Digital Forensics - Trap beats, open loops and Dirty Daves spell trouble for our forensicators.

By: ／u／jms_dot_py — May 1^st 2024 at 14:09

submitted by /u/jms_dot_py
[link] [comments]

/r/netsec - Information Security News & Discussion

A Basic Guide to AFL QEMU

By: ／u／cy1337 — April 30^th 2024 at 23:39

This tutorial gives an example showing how to fuzz a function out of a compiled binary using AFL's QEMU mode.

submitted by /u/cy1337
[link] [comments]

/r/netsec - Information Security News & Discussion

Exploit Education :: Andrew Griffiths' Exploit Education

By: ／u／louis11 — April 30^th 2024 at 15:48

submitted by /u/louis11
[link] [comments]

/r/netsec - Information Security News & Discussion

Nearly 20% of Docker Hub Repositories were used to spread malware & phishing scams

By: ／u／SRMish3 — April 30^th 2024 at 14:18

submitted by /u/SRMish3
[link] [comments]

/r/netsec - Information Security News & Discussion

Your NVMe Had Been Syz’ed: Fuzzing NVMe-oF/TCP with Syzkaller

By: ／u／alon_za — April 30^th 2024 at 09:33

submitted by /u/alon_za
[link] [comments]

/r/netsec - Information Security News & Discussion

How Not To Protect Your Android Applications

By: ／u／Lightricks_Tech — April 30^th 2024 at 08:16

submitted by /u/Lightricks_Tech
[link] [comments]