Leaderboard

Last week I wrote about Passwords Evolved: Authentication Guidance for the Modern Era with the aim of helping those building services which require authentication to move into the modern era of how we think about protecting accounts. In that post, I talked about NIST's Digital Identity Guidelines which were recently released. Of particular interest to me was the section advising organisations to block subscribers from using passwords that have previously appeared in a data breach. Here's the full excerpt from the authentication & lifecycle management doc (CSP is "Credential Service Provider"): NIST isn't mincing words here, in fact they're quite clearly saying that you shouldn't be allowing people to use a password that's been breached before, among other types of passwords they shouldn't be using. The reasons for this should be obvious but just in case you're not fully aware of the risks, have a read of my recent post on password reuse, credential stuffing and another billion records in Have I been pwned (HIBP). As I read NIST's guidance, I realised I was in a unique position to help do something about the problem they're trying to address due to the volume of data I've obtained in running HIBP. https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/ https://haveibeenpwned.com/Passwords

http://web.archive.org/web/20071011005152/http://rstzone.org:80/forum/ Stiu ca mai era un domeniu inainte, ceva cu romanian security group sau romanian security forum . La mai multi ani!

http://web.archive.org/web/20071026080353/http://rstzone.org:80/forum/member1337.rst il capo del tutti capi

Erau alte vremuri, alte "trend-uri".

Salutare! Acum 2 zile m-am apucat s? lucrez la o aplica?ie pentru iOS care s? afi?eze informa?ii despre o firm? anume, foarte util? pentru detectarea "firmelor fantom?" sau ob?inerea datelor despre o anumit? societate comercial?. Nu este chiar un tutorial de "hacking", pentru c? datele sunt publice ?i pot fi accesate de pe site-ul ministerului de finante. Problema apare în momentul în care dore?ti s? ob?ii aceste date în mod programatic, deoarece site-ul ministerului nu ofer? un API pentru programatori, ba chiar mai r?u, prezint? un captcha la solicitarea datelor. Screenshot: Desigur, primul meu gând a fost un captcha solver, dar nu este o solu?ie prea practic?. A?a c? m-am mai jucat pu?in, am mai întrebat pe diverse site-uri ?i am descoperit o alternativ?. Inspectând sursa paginii mfinante[punct]ro/agenticod.html observ?m c? formularul este procesat de pagina infocodfiscal.html iar parametrul pentru cif cod. Surpriza a ap?rut în momentul în care am descoperit c? cif-ul poate fi transmis ?i prin GET, iar în acest caz captcha-ul, nu mai este necesar. A?adar, datele pentru o firm? pot fi ob?inute accesând mfinante[punct]ro/infocodfiscal.html?cod=cifulfirmei. R?mâne o singur? problem? - în momentul în care vrem s? facem un request folosind cURL, suntem redirec?iona?i c?tre o pagin? care ne aten?ioneaz? c? trebuie s? avem javascript activat. Folosind o extensie pentru chrome, cum ar fi Postman, observ?m c? se mai transmit câ?iva parametrii prin POST: 'TS018732dc_id' => 3, 'TS018732dc_cr' => 'SESSIONID', 'TS018732dc_76' => 0, 'TS018732dc_86' => 0, 'TS018732dc_md' => 1, 'TS018732dc_rf' => 0, 'TS018732dc_ct' => 0, 'TS018732dc_pd' => 0 Parametrul TS018732dc_cr con?ine ID-ul de sesione, îl putem l?sa la varianta din Postman, datele vor fi afi?ate chiar dac? sesiunea a expirat. Asta e tot! Acum putem accesa pagina prin cURL ?i extrage datele folosind un DOM parser, gen DOMDocument dac? folosim php. Lista de bilan?uri poate fi ob?inut? dintr-un comment de deasupra op?iunilor pentru a nu fi nevoi?i s? pars?m fiecare op?iune. Dup? ce a?i ob?inut datele, aceste pot fi serializate în format JSON, XML sau orice alt format dori?i pentru a fi accesate de site-ul sau aplica?ia voastr?. Dac? dori?i s? pute?i c?uat dup? numele firmei, va trebui s? desc?rca?i ni?te csv-uri de pe data[punct]gov[punct]ro, ?terge?i toate coloanele în afar? de numele firmei ?i cif ?i le b?ga?i într-o baz? de date. Sper c? v-a fost util acest tutorial!

Authorities arrested the UK security researcher known for stopping the WannaCry ransomware attack in May. On Wednesday, 22-year-old Marcus Hutchins -- also known as MalwareTech -- was arrested in Las Vegas for "his role in creating and distributing the Kronos banking Trojan," according to a spokesperson from the U.S. Department of Justice. The charges relate to alleged conduct occurring between July 2014 and July 2015. According to an indictment provided to CNN Tech, Hutchins created the malware and shared it online. Earlier this year, Hutchins became an internet hero when he helped stop WannaCry, a cyberattack that targeted over 150 countries. The ransomware locked down computers and demanded $300 to get files back. Hutchins, who is a malware researcher at the Kryptos Logic security firm, created a killswitch that prevented the spread of the virus. Friends and family have not been able to speak with Hutchins, according to a person close to the situation. The news of the detention was first reported by Motherboard. This story is developing. sursa: http://money.cnn.com/2017/08/03/technology/culture/malwaretech-arrested-las-vegas-trojan/index.html acuzarea: https://www.documentcloud.org/documents/3912524-Kronos-Indictment-R.html pe acelasi subiect: https://motherboard.vice.com/en_us/article/ywp8k5/researcher-who-stopped-wannacry-ransomware-detained-in-us-after-def-con https://www.theguardian.com/technology/2017/aug/03/researcher-who-stopped-wannacry-ransomware-detained-in-us?CMP=share_btn_tw

Framing. Sounds like a 1984 Romanian Secret Police operation. The difference is they were much better at doing this than nowadays FBI. https://theoutline.com/post/2054/the-wannacry-hacker-hero-was-spending-big-in-vegas-before-his-arrest LOL

Config premium pentru Social Rockstar. G7 DWfeqSzdy0963x3xBdNmXIO5qWOdD+Kbw0hMEre63RnagO36CzhBwRnID8YOtI1eE85G

Am cumparat doua site-uri de la el, sunt multumit, am dat primul si nu au fost probleme. Recomand!

Hacking Livestream #28: Windows Kernel Debugging Part I Artem "honorary_bot" Shishkin is a fan of Windows RE, debugging and low-level stuff. He's been using WinDbg for kernel debugging for several years now for fun, customizing BSODs, building Windows kernel source tree or boot dependencies graph. Sometimes he might also accidentally discover such things as SMEP bypass on Windows 8 or how to disable PatchGuard in runtime. Being a great fan of Intel and specifically VMX technology he maintains his own bicycle debugger based on a bare metal hypervisor. Twitter handle: https://twitter.com/honorary_bot Github: https://github.com/honorarybot/ Links from the stream: Books: https://www.amazon.com/Windows-Intern... https://www.amazon.com/Windows-Intern... https://www.amazon.com/Programming-Mi... https://www.amazon.com/Developing-Win... VirtualKD http://virtualkd.sysprogs.org/ USB 3.0 debugging cable (example): https://www.datapro.net/products/usb-... Network card IDs for network debugging: https://docs.microsoft.com/en-us/wind...

Welcome to Awesome Fuzzing A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis. Table of Contents Books Courses Free Paid Videos NYU Poly Course videos Conference talks and tutorials Tutorials and Blogs Tools File Format Fuzzers Network Protocol Fuzzers Taint Analysis Symbolic Execution SAT and SMT Solvers Essential Tools Vulnerable Applications Anti-Fuzzing Contributing Awesome Fuzzing Resources Books Books on fuzzing Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton, Adam Greene, Pedram Amini. Fuzzing for Software Security Testing and Quality Assurance by Ari Takanen, Charles Miller, and Jared D Demott. Open Source Fuzzing Tools by by Gadi Evron and Noam Rathaus. Gray Hat Python by Justin Seitz. Note: Chapter(s) in the following books are dedicated to fuzzing. The Shellcoder's Handbook: Discovering and Exploiting Security Holes ( Chapter 15 ) by Chris Anley, Dave Aitel, David Litchfield and others. iOS Hacker's Handbook - Chapter 1 Charles Miller, Dino DaiZovi, Dion Blazakis, Ralf-Philip Weinmann, and Stefan Esser. IDA Pro - The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler Courses Courses/Training videos on fuzzing Free NYU Poly ( see videos for more ) - Made available freely by Dan Guido. Samclass.info ( check projects section and chapter 17 ) - by Sam. Modern Binary Exploitation ( RPISEC ) - Chapter 15 - by RPISEC. Offensive Computer Security - Week 6 - by W. Owen Redwood and Prof. Xiuwen Liu. Paid Offensive Security, Cracking The Perimeter ( CTP ) and Advanced Windows Exploitation ( AWE ) SANS 660/760 Advanced Exploit Development for Penetration Testers Exodus Intelligence - Vulnerability development master class Videos Videos talking about fuzzing techniques, tools and best practices NYU Poly Course videos Fuzzing 101 (Part 1) - by Mike Zusman. Fuzzing 101 (Part 2) - by Mike Zusman. Fuzzing 101 (2009) - by Mike Zusman. Fuzzing - Software Security Course on Coursera - by University of Maryland. Conference talks and tutorials Youtube Playlist of various fuzzing talks and presentations - Lots of good content in these videos. Browser bug hunting - Memoirs of a last man standing - by Atte Kettunen Coverage-based Greybox Fuzzing as Markov Chain Tutorials and Blogs Tutorials and blogs which explain methodology, techniques and best practices of fuzzing [2016 articles] Effective File Format Fuzzing - Mateusz “j00ru” Jurczyk @ Black Hat Europe 2016, London A year of Windows kernel font fuzzing Part-1 the results - Amazing article by Google's Project Zero, describing what it takes to do fuzzing and create fuzzers. A year of Windows kernel font fuzzing Part-2 the techniques - Amazing article by Google's Project Zero, describing what it takes to do fuzzing and create fuzzers. Interesting bugs and resources at fuzzing project - by fuzzing-project.org. Fuzzing workflows; a fuzz job from start to finish - by @BrandonPrry. A gentle introduction to fuzzing C++ code with AFL and libFuzzer - by Jeff Trull. A 15 minute introduction to fuzzing - by folks at MWR Security. Note: Folks at fuzzing.info has done a great job of collecting some awesome links, I'm not going to duplicate their work. I will add papers missed by them and from 2015 and 2016. Fuzzing Papers - by fuzzing.info Fuzzing Blogs - by fuzzing.info Root Cause Analysis of the Crash during Fuzzing - by Corelan Team. Root cause analysis of integer flow - by Corelan Team. Creating custom peach fuzzer publishers - by Open Security Research 7 Things to Consider Before Fuzzing a Large Open Source Project - by Emily Ratliff. From Fuzzing to Exploit: From fuzzing to 0-day - by Harold Rodriguez(@superkojiman). From crash to exploit - by Corelan Team. Peach Fuzzer related tutorials Getting Started with Peach Fuzzing with Peach Part 1 - by Jason Kratzer of corelan team Fuzzing with Peach Part 2 - by Jason Kratzer of corelan team. Auto generation of Peach pit files/fuzzers - by Frédéric Guihéry, Georges Bossert. AFL Fuzzer related tutorials Fuzzing workflows; a fuzz job from start to finish - by @BrandonPrry. Fuzzing capstone using AFL persistent mode - by @toasted_flakes RAM disks and saving your SSD from AFL Fuzzing Bug Hunting with American Fuzzy Lop Advanced usage of American Fuzzy Lop with real world examples Segfaulting Python with afl-fuzz Fuzzing Perl: A Tale of Two American Fuzzy Lops Fuzzing With AFL-Fuzz, a Practical Example ( AFL vs Binutils ) The Importance of Fuzzing...Emulators? How Heartbleed could've been found Filesystem Fuzzing with American Fuzzy lop Fuzzing Perl/XS modules with AFL How to fuzz a server with American Fuzzy Lop - by Jonathan Foote libFuzzer Fuzzer related tutorials libFuzzer Tutorial libFuzzer Workshop: "Modern fuzzing of C/C++ Projects" Spike Fuzzer related tutorials Fuzzing with Spike to find overflows Fuzzing with Spike - by samclass.info FOE Fuzzer related tutorials Fuzzing with FOE - by Samclass.info SMT/SAT solver tutorials Z3 - A guide - Getting Started with Z3: A Guide Tools Tools which helps in fuzzing applications File Format Fuzzers Fuzzers which helps in fuzzing file formats like pdf, mp3, swf etc., MiniFuzz - Basic file format fuzzing tool by Microsoft. BFF from CERT - Basic Fuzzing Framework for file formats. AFL Fuzzer (Linux only) - American Fuzzy Lop Fuzzer by Michal Zalewski aka lcamtuf Win AFL - A fork of AFL for fuzzing Windows binaries by Ivan Fratic Shellphish Fuzzer - A Python interface to AFL, allowing for easy injection of testcases and other functionality. TriforceAFL - A modified version of AFL that supports fuzzing for applications whose source code not available. Peach Fuzzer - Framework which helps to create custom dumb and smart fuzzers. MozPeach - A fork of peach 2.7 by Mozilla Security. Failure Observation Engine (FOE) - mutational file-based fuzz testing tool for windows applications. rmadair - mutation based file fuzzer that uses PyDBG to monitor for signals of interest. honggfuzz - A general-purpose, easy-to-use fuzzer with interesting analysis options. Supports feedback-driven fuzzing based on code coverage. Supports GNU/Linux, FreeBSD, Mac OSX and Android. zzuf - A transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. radamsa - A general purpose fuzzer and test case generator. binspector - A binary format analysis and fuzzing tool Network Protocol Fuzzers Fuzzers which helps in fuzzing applications which use network based protocals like HTTP, SSH, SMTP etc., Peach Fuzzer - Framework which helps to create custom dumb and smart fuzzers. Sulley - A fuzzer development and fuzz testing framework consisting of multiple extensible components by Michael Sutton. boofuzz - A fork and successor of Sulley framework. Spike - A fuzzer development framework like sulley, a predecessor of sulley. Metasploit Framework - A framework which contains some fuzzing capabilities via Auxiliary modules. Nightmare - A distributed fuzzing testing suite with web administration, supports fuzzing using network protocols. rage_fuzzer - A dumb protocol-unaware packet fuzzer/replayer. Misc Other notable fuzzers like Kernel Fuzzers, general purpose fuzzer etc., KernelFuzzer - Cross Platform Kernel Fuzzer Framework. honggfuzz - A general-purpose, easy-to-use fuzzer with interesting analysis options. Hodor Fuzzer - Yet Another general purpose fuzzer. libFuzzer - In-process, coverage-guided, evolutionary fuzzing engine for targets written in C/C++. syzkaller - Distributed, unsupervised, coverage-guided Linux syscall fuzzer. ansvif - An advanced cross platform fuzzing framework designed to find vulnerabilities in C/C++ code. Taint Analysis How user input affects the execution PANDA ( Platform for Architecture-Neutral Dynamic Analysis ) QIRA (QEMU Interactive Runtime Analyser) Symbolic Execution SAT and SMT Solvers Z3 - A theorem prover from Microsoft Research. SMT-LIB - An international initiative aimed at facilitating research and development in Satisfiability Modulo Theories (SMT) References I haven't included some of the legends like AxMan, please refer the following link for more information.https://www.ee.oulu.fi/research/ouspg/Fuzzers Essential Tools Tools of the trade for exploit developers, reverse engineers Debuggers Windbg - The preferred debugger by exploit writers. Immunity Debugger - Immunity Debugger by Immunity Sec. OllyDbg - The debugger of choice by reverse engineers and exploit writers alike. Mona.py ( Plugin for windbg and Immunity dbg ) - Awesome tools that makes life easy for exploit developers. x64dbg - An open-source x64/x32 debugger for windows. Evan's Debugger (EDB) - Front end for gdb. GDB - Gnu Debugger - The favorite linux debugger. PEDA - Python Exploit Development Assistance for GDB. Radare2 - Framework for reverse-engineering and analyzing binaries. Disassemblers and some more Dissemblers, disassembly frameworks etc., IDA Pro - The best disassembler binnavi - Binary analysis IDE, annotates control flow graphs and call graphs of disassembled code. Capstone - Capstone is a lightweight multi-platform, multi-architecture disassembly framework. Others ltrace - Intercepts library calls strace - Intercepts system calls Vulnerable Applications Exploit-DB - https://www.exploit-db.com (search and pick the exploits, which have respective apps available for download, reproduce the exploit by using fuzzer of your choice) PacketStorm - https://packetstormsecurity.com/files/tags/exploit/ Fuzzgoat - Vulnerable C program for testing fuzzers. Samples files for seeding during fuzzing: https://files.fuzzing-project.org/ PDF Test Corpus from Mozilla MS Office file format documentation Fuzzer Test Suite - Set of tests for fuzzing engines. Includes different well-known bugs such as Heartbleed, c-ares $100K bug and others. Anti Fuzzing Introduction to Anti-Fuzzing: A Defence In-Depth Aid Contributing Please refer the guidelines at contributing.md for details. Thanks to the following folks who made contributions to this project. Tim Strazzere jksecurity Sursa: https://github.com/secfigo/Awesome-Fuzzing/blob/master/README.md