- #휘발성 데이터 수집
- #live response
- 모의 해킹
- #라이브 리스폰스
- kali linux
- 디지털 포렌식 개론
목록Security News (11)
랜섬웨어 걸리신 분들 한국 인터넷 진흥원에서 글을 읽어보아요:) 복구방법에 대해 설명되어있습니다.!! https://www.krcert.or.kr/ransomware/recovery.do
__ __ __ __ __ / / ___ ____ _____ _/ / / / / /___ ______/ /_____ __________ / / / _ \/ __ `/ __ `/ / / /_/ / __ `/ ___/ //_/ _ \/ ___/ ___/ / /___/ __/ /_/ / /_/ / / / __ / /_/ / /__/ ,< / __/ / (__ ) /_____/\___/\__, /\__,_/_/ /_/ /_/\__,_/\___/_/|_|\___/_/ /____/ /____/ ============================================= - Discovered by: Dawid Golunski - dawid[at]legalhackers.com - https://legalhack..
Key FindingsIn this report we track a malware operation targeting members of the Tibetan Parliament over August and October 2016.The operation uses known and patched exploits to deliver a custom backdoor known as KeyBoy.We analyze multiple versions of KeyBoy revealing a development cycle focused on avoiding basic antivirus detection.This operation is another example of a threat actor using “just..
’ Pivoting kerberos golden tickets in LinuxKerberos golden ticket allows attacker to establish persistent and covert authenticated access to Windows domain. The attack works as follows: Attacker gains administrator privileges in domainAttacker extracts ntlm hash of a domain user "krbtgt" and obtains SID of the target domainThe attacker forges kerberos ticketThis ticket is used to authenticate in..
Understanding larger disassemblyThis past weekend I was disassembling something and it struck me how few people knew how to do what I was doing. So I figured I would quickly document the process of taking a chunk of disassembled code and putting it into a format that's easier to understand. The disassembly I'm going to use for my examples is the same disassembly I was working on this weekend. It..
CHAKRA JIT CFG BYPASSby Theori — 14 Dec 2016IntroductionAs promised in our previous blog post, we are going to take a look at a method to bypass Microsoft’s Control Flow Guard (CFG) when attacking Internet Explorer and Edge browsers. Our previous proof-of-concept exploit worked by ovewriting the function pointer of an object. However, with CFG in place, we cannot simply do that without aborting...
펜테스트를 위한 유용한 사이트 들입니다. 페이스북에서 가져 온거지만 한번 정도 보면 좋을 것 같습니다, :) https://github.com/jhaddix/pentest-bookmarks/blob/master/wiki/BookmarksList.wiki
구글, 고차원 데이터 시각화 도구 오픈소스 공개 자세한 내용 :) http://www.bloter.net/archives/269041