Jump to content

Usr6

Active Members
  • Content count

    1228
  • Joined

  • Last visited

  • Days Won

    68

Usr6 last won the day on August 19

Usr6 had the most liked content!

Community Reputation

1875 Excellent

4 Followers

About Usr6

  • Rank
    Registered user
  • Birthday 01/01/19

Profile Information

  • Gender
    Male

Converted

  • Interests
    Malware Analysis, Software Testing, Reverse , etc.

Recent Profile Visitors

2843 profile views
  1. Who should read this? Technical people who want to get up to speed on machine learning quickly Non-technical people who want a primer on machine learning and are willing to engage with technical concepts Anyone who is curious about how machines think This guide is intended to be accessible to anyone. Basic concepts in probability, statistics, programming, linear algebra, and calculus will be discussed, but it isn’t necessary to have prior knowledge of them to gain value from this series. Part 1: Why Machine Learning Matters. The big picture of artificial intelligence and machine learning — past, present, and future. Part 2.1: Supervised Learning. Learning with an answer key. Introducing linear regression, loss functions, overfitting, and gradient descent. Part 2.2: Supervised Learning II. Two methods of classification: logistic regression and SVMs. Part 2.3: Supervised Learning III. Non-parametric learners: k-nearest neighbors, decision trees, random forests. Introducing cross-validation, hyperparameter tuning, and ensemble models. Part 3: Unsupervised Learning. Clustering: k-means, hierarchical. Dimensionality reduction: principal components analysis (PCA), singular value decomposition (SVD). Part 4: Neural Networks & Deep Learning. Why, where, and how deep learning works. Drawing inspiration from the brain. Convolutional neural networks (CNNs), recurrent neural networks (RNNs). Real-world applications. Part 5: Reinforcement Learning. Exploration and exploitation. Markov decision processes. Q-learning, policy learning, and deep reinforcement learning. The value learning problem. Appendix: The Best Machine Learning Resources. A curated list of resources for creating your machine learning curriculum.
  2. Will this presentation make me an optical engineer? Maybe, but just remember, I omitted almost all the math. The purpose of this tutorial is to touch on a little bit of every topic, from the mundane to the advanced and unusual. But it helps to have a basic understanding of how and why things work, even if you aren’t designing fiber networks. https://www.nanog.org/sites/default/files/2_Steenbergen_Tutorial_New_And_v2.pdf
  3. Reverse Engineering Malware 102 Material Introduction Section 1) Setup Section 2) Information Gathering Section 3) Creating Travel Directions Section 4) Identifying Encryption Section 5) Evasion Techniques Section 6) Identifying Packing Section 7) Extra Fun Section 8) Conclusion Sursa: https://securedorg.github.io/RE102/
  4. June 29, 2017 ~ R3MRUM Over the past year-or-so, there seems to have been an uptick of miscreants password protecting the malicious office documents that they send to their target victims. They do this in an effort to bypass detection and thwart analysis. This blog details a few different tools and methodologies that can be used to analyze such files. Delivery & File Type These malicious documents typically end up making their way to the end point via email. The email message typically consists of some ruse to entice the user to open the document and, conveniently, includes the password needed to decrypt it (Figure 1). Figure 1: Example email with password protected MS Office document attached and password in message body. The ‘m’ at the end of the ‘.dotm’ file extension, shown in Figure 1, tells you that the file attached is macro-enabled. In this instance, it is an MS Office Document Template file but it could have just as easily been a ‘.docm’ file, ‘.xlsm’ file, or any other macro-enabled file type supported by MS Office 2007 or newer. Feel free to read more about these file types on Microsoft’s website. Figure 2 shows the prompt that you are presented with when you open a password protected Office document: Figure 2: Password prompt received when opening a password protected office document. Failed Analysis Method #1: Copy Macros When I first encountered this type of malicious document, my first instinct was to launch the document in an isolated sandbox, enter in the password provided to me in the message body, and then copy the embedded VBA macro code from the document into notepad where I can then perform my analysis. This technically could have worked if the miscreant did not also password protect the Visual Basic Project containing the malicious VBA code with a separate unknown password (Figure 3). Figure 3: Password prompt received when attempting to gain access to macro code. Failed Analysis Method #2: Re-Save Without Password My second thought was: “After I open the document and enter in the initial password, I’ll just re-save the document without a password. Then I’ll be able to use my analysis tools to inspect the file’s contents.” Unfortunately, this doesn’t work either due to the fact that the VB Project within the encrypted document is also password protected. If you attempt this method, the contents of the document (images, text, etc…) will still be present within the unencrypted copy of the document but any embedded macros will be stripped. Successful Analysis Method #1: Decrypt with MSOffice-Crypt & Analyze w/ olevba|ViperMonkey Let me introduce you to a nifty little tool called msoffice-crypt. This bad mama jama enables you to dump a decrypted version of the encrypted office document out to a file. As a bonus, it works in both Windows and Linux! Figure 4: msoffice-crypt options & decrypting of encrypted Office document In Figure 4, I ran msoffice-crypt.exe without any arguments so that you can see the different supported options. Then, in the highlighted section, I ran the following command, which decrypted smith.dotm using the password “6429”: msoffice-crypt.exe -d -p 6429 smith.dotm If you did not provide an output file name, msoffice-crypt will default to appending an “_d” to the file name, like so: smith_d.dotm. Figure 5: Decrypted document created within the current working directory Sure enough, we see in Figure 5 that the decrypted Office document has been created. Now, if we launch this newly created document (in an isolated environment, of course!), you should no longer received the password prompt. Figure 6: Office document decrypted. Password no longer needed to open. Voilà! No password prompt received! (Figure 6) If you didn’t know, MS Office 2007+ documents are OpenXML format which means they are actually just compressed archives that you can decompress using you’re favorite archive extractor (WinZip, 7z, etc..). We can also spot the difference between the encrypted and decrypted documents by comparing the decompressed contents of both. Figure 7: Contents of decompressed encrypted Office document Figure 7 shows the contents of my encrypted Office document whereas Figure 8 shows the contents of my decrypted Office document. Figure 8: Contents of decompressed decrypted Office document The contents depicted in both Figures 7 and 8 are typical and should match what you are seeing in whatever OpenXML formatted Office document you are analyzing; not just this sample. This actually segues nicely into the next step, which is to extract out the VBA Macro code. If you recall, the malware author also password protected the VB Project containing the macro code. While I am not aware of any tool that will strip this protection from the document, it doesn’t matter as existing tools such as oletools, ViperMonkey, etc.. completely bypass it. Back in the day (like 3 months ago), I would have extracted out the VBA code by decompressing the OpenXML archive, locating the OLE binary within the “word” folder (i.e vbaProject.bin), and then using something like OfficeMalScanner (Figures 9 & 10): Figure 9: Running OfficeMalScanner against OLE binary found within OpenXML archive Figure 10: VBA code extracted from OLE binary using OfficeMalScanner … or olevba from the oletools suite (Figure 11): Figure 11: VBA code extracted from OLE binary using olevba But this is old-school. These days, all the kids are using ViperMonkey. ViperMonkey not only extracts the VBA for you but also emulates execution so that if the VBA is heavily obfuscation (in this case, it is not), you can quickly and safely derive what the code is actually doing. Also, it can handle OpenXML files so there is no need to extract the archive and locate the OLE binary. Figure 12: Analysis of the decrypted Office document using ViperMoney Figure 12 shows how ViperMoney not only extracts and displays the embedded VBA macro but it also gives you the execution flow of the malicious code in a quick and easy-to-ingest format. This dramatically reduces analysis time which, in turn, expedites time-to-respond. If I ever meet Philippe Lagadec (@decalage2), I’m going to buy that man a beer! Successful Analysis Method #2: Simply Open w/ LibreOffice Your probably going to hate me for making you step through the entire blog before mentioning – what turns out to be – the most simplest (and laziest) solution for accessing the embedded VBA code within a password protected document/project. Since REMNux doesn’t come packaged with LibreOffice, you’ll need to install it by simply running: sudo apt-get install libreoffice Once installed, open the encrypted Office document in LibreOffice by running: libreoffice smith.dotm Like when you opened the encrypted Office document within MS Office (Figure 2), you will be requested to enter in the document’s password (Figure 13). Figure 13: LibreOffice password prompt When you enter in the password, the document will successfully load. Now, you will be able to access the embedded VBA macro code by navigating to: Tools –> Macros –> Organize Macros –> LibreOffice Basic You will be presented with a pop-up window (Figure 14) where you will need to find the project containing the VBA code and hit the Edit button. Figure 14: LibreOffice’s Macro Editor Dialogue And BOOM! LibreOffice’s Basic Editor opens; giving you direct access to the VBA macro code without needing to also know the VB Project’s password (Figure 15): Figure 15: LibreOffice’s Basic Editor providing access to embedded VBA code. Bypassing password. That’s it! It’s that simple! My personal preference is the first method as I’m a command-line junkie. But, if you are more comfortable with performing your analysis via a GUI, then the LibreOffice method might be a better fit for you! Regardless, knowing multiple methods for solving single problem will only make you a better analyst. References Open XML Formats and file name extensions How to remove a password from a document MSOffice-Crypt: A tool/lib to encrypt/decrypt Microsoft Office Document Wikipedia: Office Open XML OfficeMalScanner Decalage2: oletools GitHub Decalage2: ViperMonkey GitHub LibreOffice Wiki Sursa: https://r3mrum.wordpress.com/2017/06/29/analyzing-malicious-password-protected-office-documents/
  5. As a reverse engineer on the FLARE Team I rely on a customized Virtual Machine (VM) to perform malware analysis. The Virtual Machine is a Windows installation with numerous tweaks and tools to aid my analysis. Unfortunately trying to maintain a custom VM like this is very laborious: tools frequently get out of date and it is hard to change or add new things. There is also a constant fear that if the VM gets corrupted it would be super tedious to replicate all of the settings and tools that I’ve built up over the years. To address this and many related challenges, I have developed a standardized (but easily customizable) Windows-based security distribution called FLARE VM. FLARE VM is a freely available and open sourced Windows-based security distribution designed for reverse engineers, malware analysts, incident responders, forensicators, and penetration testers. Inspired by open-source Linux-based security distributions like Kali Linux, REMnux and others, FLARE VM delivers a fully configured platform with a comprehensive collection of Windows security tools such as debuggers, disassemblers, decompilers, static and dynamic analysis utilities, network analysis and manipulation, web assessment, exploitation, vulnerability assessment applications, and many others. The distribution also includes the FLARE team’s public malware analysis tools such as FLOSS and FakeNet-NG. How To Get It You are expected to have an existing installation of Windows 7 or above. This allows you to choose the exact Windows version, patch level, architecture and virtualization environment yourself. Once you have that available, you can quickly deploy the FLARE VM environment by visiting the following URL in Internet Explorer (other browsers are not going to work): http://boxstarter.org/package/url?https://raw.githubusercontent.com/fireeye/flare-vm/master/flarevm_malware.ps1 After you navigate to the above URL in the Internet Explorer, you will be presented with a Boxstarter WebLauncher dialog. Select Run to continue the installation as illustrated in Figure 1. Following successful installation of Boxstarter WebLauncher, you will be presented with a console window and one more prompt to enter your Windows password as shown in Figure 2. Your Windows password is necessary to restart the machine several times during the installation without prompting you to login every time. Figure 2: Boxstarter Password Prompt The rest of the process is fully automated, so prepare yourself a cup of coffee or tea. Depending on your connection speed, the initial installation takes about 30-40 minutes. Your machine will also reboot several times due to the numerous software installation’s requirements. During the deployment process, you will see installation logs of a number of packages. Once the installation is complete, it is highly recommended to switch the Virtual Machine networking settings to Host-Only mode so that malware samples would not accidentally connect to the Internet or local network. Also, take a fresh virtual machine snapshot so this clean state is saved! The final FLARE VM installation should look like Figure 3. NOTE: If you encounter a large number of error messages, try to simply restart the installation. All of the existing packages will be preserved and new packages will be installed. Getting Started The VM configuration and the included tools were either developed or carefully selected by the members of the FLARE team who have been reverse engineering malware, analyzing exploits and vulnerabilities, and teaching malware analysis classes for over a decade. All of the tools are organized in the directory structure shown in Figure 4. Figure 4: FLARE VM Tools While we attempt to make the tools available as a shortcut in the FLARE folder, there are several available from command-line only. Please see the online documentation at http://flarevm.info for the most up to date list. Sample Analysis In order to best illustrate how FLARE VM can assist in malware analysis tasks let’s perform a basic analysis on one of the samples we use in our Malware Analysis Crash Course. First, let’s obtain some basic indicators by looking at the strings in the binary. For this exercise, we are going to run FLARE’s own FLOSS tool, which is a strings utility on steroids. Visit http://flosseveryday.info for additional information about the tool. You can launch it by clicking on the FLOSS icon in the taskbar and running it against the sample as illustrated in Figure 5. Unfortunately, looking over the resulting strings in Figure 6 only one string really stands out and it is not clear how it is used. Figure 6: Strings Analysis Let’s dig a bit more into the binary by opening up CFF Explorer in order to analyze sample’s imports, resources, and PE header structure. CFF Explorer and a number of other utilities are available in the FLARE folder that can be accessed from the Desktop or the Start menu as illustrated in Figure 7. Figure 7: Opening Utilities While analyzing the PE header, there were several indicators that the binary contains a resource object with an additional payload. For example, the Import Address Table contained relevant Windows API calls such as LoadResource, FindResource and finally WinExec. Unfortunately, as you can see in Figure 8 the embedded payload “BIN” contains junk so it is likely encrypted. Figure 8: PE Resource At this point, we could continue the static analysis or we could “cheat” a bit by switching over to basic dynamic analysis techniques. Let’s attempt to quickly gather basic indicators by using another FLARE tool called FakeNet-NG. FakeNet-NG is a dynamic network emulation tool which tricks malware into revealing its network functionality by presenting it with fake services such as DNS, HTTP, FTP, IRC and many others. Please visit http://fakenet.info for additional information about the tool. Also, let’s launch Procmon from Sysinternals Suite in order to monitor all of the File, Registry and Windows API activity as well. You can find both of these frequently used tools in the taskbar illustrated in Figure 9. Figure 9: Dynamic Analysis After executing the sample with Administrator privileges, we quickly find excellent network- and host–based indicators. Figure 10 shows FakeNet-NG responding to malware’s attempt to communicate with evil.mandiant.com using HTTP protocol. Here we capture useful indicators such as a complete HTTP header, URL and a potentially unique User-Agent string. Also, notice that FakeNet-NG is capable of identifying the exact process communicating which is level1_payload.exe. This process name corresponds to the unique string that we have identified in the static analysis, but couldn’t understand how it was used. Figure 10: FakeNet-NG Comparing our findings with the output of Procmon in Figure 11, we can confirm that the malware is indeed responsible for creating level1_payload.exe executable in the system32 folder. Figure 11: Procmon As part of the malware analysis process, we could continue digging deeper by loading the sample in a disassembler and performing further analysis inside a debugger. However, I would not want to spoil this fun for our Malware Analysis Crash Course students by sharing all the answers here. That said all of the relevant tools to perform such analysis are already included in the distribution such as IDA Pro and Binary Ninja disassemblers, a nice collection of debuggers and several plugins, and many others to make your reverse engineering tasks as convenient as possible. Have It Your Way FLARE VM is a constantly growing and changing project. While we try to cover as many use-case scenarios as possible it is simply impossible due to the nature of the project. Luckily, FLARE VM is extremely easy to customize because it was built on top of the Chocolatey project. Chocolatey is a Windows-based package management system with thousands of packages. You can find the list here https://chocolatey.org/packages In addition to the public Chocolatey repository, FLARE VM uses our own FLARE repository which constantly growing and currently contains about 40 packages. What all this means is that if you want to quickly add some package, let’s say Firefox, you no longer have to navigate to the software developer’s website. Simply open up a console and type in the command in Figure 12 to automatically download and install any package: Figure 12: Installing packages In a few short moments, Firefox icon is going to appear on your Desktop with no user interaction necessary. Staying up to date As I’ve mentioned in the beginning, one of the hardest challenges of unmanaged Virtual Machine is trying to keep all the tools up to date. FLARE VM solves this problem. You can completely update the entire system by simply running the command in Figure 13. Figure 13: Staying up to date If any of the installed packages have newer versions, they will be automatically downloaded and installed. NOTE: Don’t forget to take another clean snapshot of an updated system and set networking back to Host-Only. Conclusion I hope you enjoy this new free tool and will adopt it as another trusted resource to perform reverse engineering and malware analysis tasks. Next time you need to set up a new malware analysis environment, try out FLARE VM! In these few pages, we could only scratch the surface of everything that FLARE VM is capable of; however, feel free to leave your comments, tool requests, and bugs on our Github issues page here: https://github.com/fireeye/flare-vm or http://flarevm.info/ Installed Tools Debuggers OllyDbg + OllyDump + OllyDumpEx OllyDbg2 + OllyDumpEx x64dbg WinDbg Disassemblers ==== IDA Free Binary Ninja Demo Java ==== JD-GUI Visual Basic ==== VBDecompiler Flash ==== FFDec .NET ==== ILSpy DNSpy DotPeek De4dot Office ==== Offvis Hex Editors ==== FileInsight HxD 010 Editor PE ==== PEiD ExplorerSuite (CFF Explorer) PEview DIE Text Editors ==== SublimeText3 Notepad++ Vim Utilities ==== MD5 7zip Putty Wireshark RawCap Wget UPX Sysinternals Suite API Monitor SpyStudio Checksum Unxutils Python, Modules, Tools ==== Python 2.7 Hexdump PEFile Winappdbg FakeNet-NG Vivisect FLOSS FLARE_QDB PyCrypto Cryptography Other ==== VC Redistributable Modules (2008, 2010, 2012, 2013) Surse: https://www.fireeye.com/blog/threat-research/2017/07/flare-vm-the-windows-malware.html https://github.com/fireeye/flare-vm
  6. Udemy

    Learn Programming in Python With the Power of Animation This is a Programming Course in Python. It will teach you coding from scratch with the Power of Animation&programming https://www.udemy.com/learn-programming-in-python-with-the-power-of-animation/?couponCode=PBCUDEMYGROUPS
  7. MalwareTech arrested

    Authorities arrested the UK security researcher known for stopping the WannaCry ransomware attack in May. On Wednesday, 22-year-old Marcus Hutchins -- also known as MalwareTech -- was arrested in Las Vegas for "his role in creating and distributing the Kronos banking Trojan," according to a spokesperson from the U.S. Department of Justice. The charges relate to alleged conduct occurring between July 2014 and July 2015. According to an indictment provided to CNN Tech, Hutchins created the malware and shared it online. Earlier this year, Hutchins became an internet hero when he helped stop WannaCry, a cyberattack that targeted over 150 countries. The ransomware locked down computers and demanded $300 to get files back. Hutchins, who is a malware researcher at the Kryptos Logic security firm, created a killswitch that prevented the spread of the virus. Friends and family have not been able to speak with Hutchins, according to a person close to the situation. The news of the detention was first reported by Motherboard. This story is developing. sursa: http://money.cnn.com/2017/08/03/technology/culture/malwaretech-arrested-las-vegas-trojan/index.html acuzarea: https://www.documentcloud.org/documents/3912524-Kronos-Indictment-R.html pe acelasi subiect: https://motherboard.vice.com/en_us/article/ywp8k5/researcher-who-stopped-wannacry-ransomware-detained-in-us-after-def-con https://www.theguardian.com/technology/2017/aug/03/researcher-who-stopped-wannacry-ransomware-detained-in-us?CMP=share_btn_tw
  8. Kali linux book

    Kali Linux is comprised of many powerful tools but you cannot put them to good use if you don’t master the underlying operating system. This book covers everything you need to know to be able to effectively use and deploy Kali Linux. This book will discuss basic Linux usage for beginners, Debian package management and usage, Kali installation, configuration, security, and advanced Kali usage including how Kali fits within the enterprise and Kali’s role in various phases of a security assessment. It will serve as an introduction to Kali for beginners but also to cater to users pursuing Kali certification and advanced users seeking more in-depth use cases and inspiration. https://kali.training/downloads/Kali_Revealed_1st_edition.pdf
  9. A bill that bans the use of proxies, Tor, and VPNs passed the Russian government's two legislative bodies and has now reached the desk of President Vladimir Putin, who can now sign it into law just by a stroke of his quill. The Russian Parliament (Duma) approved the proposed bill last week, while yesterday, the bill moved through the Russian Federation Council. The bill passed despite street protests in Moscow over the weekend. Thousands showed up to protest the bill and support a free Internet. The turnout varies from source to source, ranging from 800 to 10,000 protesters. ISPs have to implement the ban The bill is a reaction to Russian Internet users that started using these services to avoid state-sanctioned bans. Under the new bill, Russian Internet service providers have to implement blocks that prevent users from using proxies, Tor, or VPNs to avoid state-sanctioned bans. Russia, through its Roskomnadzor Internet watchdog, regularly bans access to certain websites it deems too explicit or promoting terrorist or extremist content. While some users employ proxies, Tor, or VPNs to access news outlets supporting Russian opposition, most Russians use it to access torrent portals and pornographic websites, some of which are blocked in the country. The bill was put together and forwarded by Roskomnadzor at the request of Russia's Security Council. Russia to become first country to officially block Tor, VPNs If signed into law, Russia will become the first country where officials ban proxies, Tor, and VPNs. Despite popular opinion, China does not block these tools. Instead, China requires VPN providers to register with state authorities. VPN providers approved to function in the country must enforce the same bans that Chinese authorities enforce via the government's Great Firewall. Countries like Turkey have also banned these Tor and VPNs, but it was only a temporary measure, or the government targeted only some VPN providers, not all. Sursa: https://www.bleepingcomputer.com/news/government/russia-passes-bill-banning-proxies-tor-and-vpns/
  10. The HyperV Architecture and its Memory Manager by Andrea Allievi SGX Enclave programming: common mistakes by Michael Atlas Digging Into the Core of Boot by Yuriy Bulygin, Oleksandr Bazhaniuk BASS Automated Signature Synthesizer Mariano Graziano, Jonas Zaddach BinCAT: purrfecting binary static analysis Philippe Biondi, Xavier Mehrenberger, Raphaël Rigo, Sarah Zennou Bochspwn Reloaded: Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking - Mateusz “j00ru” Jurczyk Bubble Struggle - Call Graph Visualization with Radare2 - Marion Marschalek You can run, but you can’t hide - Vlad Sabaka Crypton - Exposing malware’s deepest secrets - Julia karpin, Anna Dorfman Reverse Engineering DSSS - Michael Ossmann Exporting IDA Debug Information - Adam Schwalm FreeCalypso: a fully liberated GSM baseband - Mychaela Falconia POSTSCRIPT - FreeCalypso: a fully liberated GSM baseband - Mychaela Falconia Hacking Cell Phone Embedded Systems -Keegan Ryan The Life-Changing Magic of IDAPython: Embedded Device Edition - Maddie Stone MazeWalker - Enriching static malware analysis - Yevgeniy Kulakov Miasm: reverse engineering framework - Fabrice Desclaux, Camille Mougey ZapZap! bangBang! - Ang Cui, Rick Housley Sursa: https://recon.cx/2017/montreal/slides/
  11. FREE Microsoft eBook Giveaway

    Category Title Format Azure Introducing Windows Azure™ for IT Professionals PDF MOBI EPUB Azure Microsoft Azure Essentials Azure Automation PDF MOBI EPUB Azure Microsoft Azure Essentials Azure Machine Learning PDF MOBI EPUB Azure Microsoft Azure Essentials Fundamentals of Azure PDF MOBI EPUB Azure Microsoft Azure Essentials Fundamentals of Azure, Second Edition PDF Azure Microsoft Azure Essentials Fundamentals of Azure, Second Edition Mobile PDF Azure Microsoft Azure Essentials Migrating SQL Server Databases to Azure – Mobile PDF Azure Microsoft Azure Essentials Migrating SQL Server Databases to Azure 8.5X11 PDF Azure Microsoft Azure ExpressRoute Guide PDF Azure Overview of Azure Active Directory DOC Azure Rapid Deployment Guide For Azure Rights Management PDF Azure Rethinking Enterprise Storage: A Hybrid Cloud Model PDF MOBI EPUB BizTalk BizTalk Server 2016 Licensing Datasheet PDF BizTalk BizTalk Server 2016 Management Pack Guide DOC Cloud Enterprise Cloud Strategy PDF MOBI EPUB Cloud Enterprise Cloud Strategy – Mobile PDF Developer .NET Microservices: Architecture for Containerized .NET Applications PDF Developer .NET Technology Guidance for Business Applications PDF Developer Building Cloud Apps with Microsoft Azure™: Best practices for DevOps, data storage, high availability, and more PDF MOBI EPUB Developer Containerized Docker Application Lifecycle with Microsoft Platform and Tools PDF Developer Creating Mobile Apps with Xamarin.Forms, Preview Edition 2 PDF MOBI EPUB Developer Creating Mobile Apps with Xamarin.Forms: Cross-platform C# programming for iOS, Android, and Windows PDF MOBI EPUB Developer Managing Agile Open-Source Software Projects with Microsoft Visual Studio Online PDF MOBI EPUB Developer Microsoft Azure Essentials Azure Web Apps for Developers PDF MOBI EPUB Developer Microsoft Platform and Tools for Mobile App Development PDF Developer Microsoft Platform and Tools for Mobile App Development – Mobile PDF Developer Moving to Microsoft® Visual Studio® 2010 XPS PDF MOBI EPUB Developer Programming Windows 8 Apps with HTML, CSS, and JavaScript PDF MOBI EPUB Developer Programming Windows Store Apps with HTML, CSS, and JavaScript, Second Edition PDF MOBI EPUB Developer Programming Windows® Phone 7 (Special Excerpt 2) XPS PDF Developer Team Foundation Server to Visual Studio Team Services Migration Guide PDF Dynamics 5 cool things you can do with CRM for tablets PDF Dynamics Create Custom Analytics in Dynamics 365 with Power BI PDF Dynamics Create of Customize System Dashboards PDF Dynamics Create Your First CRM Marketing Campaign PDF Dynamics CRM Basics for Outlook basics PDF Dynamics CRM Basics for Sales Pros and Service Reps PDF Dynamics Give Great Customer Service with CRM PDF Dynamics Go Mobile with CRM for Phones – Express PDF Dynamics Go Mobile with CRM for Tablets PDF Dynamics Import Contacts into CRM PDF Dynamics Introducing Microsoft Social Engagement PDF Dynamics Introduction to Business Processes PDF Dynamics Meet Your Service Goals with SLAs and Entitlements PDF Dynamics Microsoft Dynamics CRM 2016 Interactive Service Hub User Guide PDF Dynamics Microsoft Dynamics CRM 2016 On-Premises Volume Licensing and Pricing Guide PDF Dynamics Microsoft Dynamics CRM for Outlook Installing Guide for use with Microsoft Dynamics CRM Online PDF Dynamics Microsoft Dynamics CRM Resource Guide 2015 PDF Dynamics Microsoft Social Engagement for CRM PDF Dynamics Product Overview and Capability Guide Microsoft Dynamics NAV 2016 PDF Dynamics RAP as a Service for Dynamics CRM PDF Dynamics Set Up A Social Engagement Search For Your Product PDF Dynamics Social is for Closers PDF Dynamics Start Working in CRM PDF Dynamics Your Brand Sux PDF General 10 essential tips and tools for mobile working PDF General An employee’s guide to healthy computing PDF General Guide for People who have Language or Communication Disabilities DOC General Guide for People who have Learning Disabilities DOC Licensing Introduction to Per Core Licensing and Basic Definitions PDF Licensing Licensing Windows and Microsoft Office for use on the Macintosh PDF Licensing VLSC Software Assurance Guide PDF Licensing Windows Server 2016 and System Center 2016 Pricing and Licensing FAQs PDF Office Access 2013 Keyboard Shortcuts PDF Office Azure AD/Office 365 seamless sign-in PDF Office Content Encryption in Microsoft Office 365 PDF Office Controlling Access to Office 365 and Protecting Content on Devices PDF Office Customize Word 2013 Keyboard Shortcuts PDF Office Data Resiliency in Microsoft Office 365 PDF Office Excel 2013 Keyboard Shortcuts PDF Office Excel 2016 keyboard shortcuts and function keys DOC Office Excel Online Keyboard Shortcuts PDF Office File Protection Solutions in Office 365 PDF Office First Look: Microsoft® Office 2010 XPS PDF Office Get Started With Microsoft OneDrive PDF Office Get Started With Microsoft Project Online PDF Office Getting started with MyAnalytics DOC Office How To Recover That Un-Saved Office Document PDF Office InfoPath 2013 Keyboard Shortcuts PDF Office Keyboard shortcuts for Microsoft Outlook 2013 and 2016 DOC Office Keyboard shortcuts for Microsoft Word 2016 for Windows DOC Office Licensing Microsoft Office 365 ProPlus Subscription Service in Volume Licensing PDF Office Licensing Microsoft Office software in Volume Licensing PDF Office Microsoft Access 2013 Quick Start Guide PDF Office Microsoft Classroom Deployment PDF Office Microsoft Excel 2013 Quick Start Guide PDF Office Microsoft Excel 2016 for Mac Quick Start Guide PDF Office Microsoft Excel 2016 Quick Start Guide PDF Office Microsoft Excel Mobile Quick Start Guide PDF Office Microsoft Excel VLOOKUP Troubleshooting Tips PDF Office Microsoft OneNote 2013 Quick Start Guide PDF Office Microsoft OneNote 2016 for Mac Quick Start Guide PDF Office Microsoft OneNote 2016 Quick Start Guide PDF Office Microsoft OneNote 2016 Tips and Tricks PDF Office Microsoft OneNote Mobile Quick Start Guide PDF Office Microsoft Outlook 2013 Quick Start Guide PDF Office Microsoft Outlook 2016 for Mac Quick Start Guide PDF Office Microsoft Outlook 2016 Quick Start Guide PDF Office Microsoft Outlook 2016 Tips and Tricks PDF Office Microsoft Powerpoint 2013 Quick Start Guide PDF Office Microsoft PowerPoint 2016 for Mac Quick Start Guide PDF Office Microsoft PowerPoint 2016 for Mac Quick Start Guide PDF Office Microsoft PowerPoint Mobile Quick Start Guide PDF Office Microsoft Project 2013 Quick Start Guide PDF Office Microsoft Publisher 2013 Quick Start Guide PDF Office Microsoft Visio 2013 Quick Start Guide PDF Office Microsoft Word 2013 Quick Start Guide PDF Office Microsoft Word 2016 for Mac Quick Start Guide PDF Office Microsoft Word 2016 Quick Start Guide PDF Office Microsoft Word Mobile Quick Start Guide PDF Office Microsoft® Office 365: Connect and Collaborate Virtually Anywhere, Anytime PDF Office Monitoring and protecting sensitive data in Office 365 DOC Office Office 365 Dedicated Platform vNext Service Release PDF Office Office 365 Licensing Brief PDF Office OneNote 2013 Keyboard Shortcuts PDF Office OneNote Online Keyboard Shortcuts PDF Office Outlook 2013 Keyboard Shortcuts PDF Office Outlook Web App Keyboard Shortcuts PDF Office Own Your Future: Update Your Skills with Resources and Career Ideas from Microsoft® XPS PDF MOBI EPUB Office PowerPoint Online Keyboard Shortcuts PDF Office Project 2013 Keyboard Shortcuts PDF Office Publisher 2013 Keyboard Shortcuts PDF Office Security and Privacy For Microsoft Office 2010 Users PDF MOBI EPUB Office Security Incident Management in Microsoft Office 365 PDF PDF Office SharePoint Online Dedicated & OneDrive for Business Dedicated vNext Service Release PDF Office Skype for Business User Tips & Tricks for Anyone PDF Office Switching from Google Apps to Office 365 for business PDF Office Tenant Isolation in Microsoft Office 365 PDF Office Visio 2013 Keyboard Shortcuts PDF Office Windows 10 Tips and Tricks PDF Office Word 2013 Keyboard Shortcuts PDF Office Word Online Keyboard Shortcuts PDF Office Working with SmartArt Graphics Keyboard Shortcuts PDF Power BI Ask, find, and act—harnessing the power of Cortana and Power BI DOC Power BI Bidirectional cross-filtering in SQL Server Analysis Services 2016 and Power BI Desktop DOC Power BI Configuring Power BI mobile apps with Microsoft Intune DOC Power BI Getting started with the Power BI for Android app DOC Power BI Getting Started with the Power BI for iOS app DOC Power BI How to plan capacity for embedded analytics with Power BI Premium PDF Power BI Introducing Microsoft Power BI PDF Power BI Introducing Microsoft Power BI – Mobile PDF Power BI Microsoft Power BI Premium Whitepaper PDF Power BI Power BI mobile apps—enabling data analytics on the go DOC Power BI Propelling digital transformation in manufacturing operations with Power BI DOC Power BI Using Power BI to visualize data insights from Microsoft Dynamics CRM Online DOC PowerShell Microsoft Dynamics GP 2015 R2 PowerShell Users Guide PDF PowerShell PowerShell Integrated Scripting Environment 3.0 PDF PowerShell Simplify Group Policy administration with Windows PowerShell PDF PowerShell Windows PowerShell 3.0 Examples PDF PowerShell Windows PowerShell 3.0 Language Quick Reference PDF PowerShell WINDOWS POWERSHELL 4.0 LANGUAGE QUICK REFERENCE PDF PowerShell Windows PowerShell 4.0 Language Reference Examples PDF PowerShell Windows PowerShell Command Builder User’s Guide PDF PowerShell Windows PowerShell Desired State Configuration Quick Reference PDF PowerShell WINDOWS POWERSHELL INTEGRATED SCRIPTING ENVIRONMENT 4.0 PDF PowerShell Windows PowerShell Web Access PDF PowerShell WMI in PowerShell 3.0 PDF PowerShell WMI in Windows PowerShell 4.0 PDF SharePoint Configuring Microsoft SharePoint Hybrid Capabilities PDF SharePoint Configuring Microsoft SharePoint Hybrid Capabilities – Mobile PDF SharePoint Deployment guide for Microsoft SharePoint 2013 PDF SharePoint Microsoft SharePoint Server 2016 Architectural Models PDF SharePoint Planning and Preparing for Microsoft SharePoint Hybrid – 8.5 X 11 PDF SharePoint Planning and Preparing for Microsoft SharePoint Hybrid – Mobile PDF SharePoint RAP as a Service for SharePoint Server PDF SharePoint SharePoint Online Dedicated Service Description PDF SharePoint SharePoint Products Keyboard Shortcuts PDF SharePoint SharePoint Server 2016 Databases – Quick Reference Guide PDF SharePoint SharePoint Server 2016 Quick Start Guide PDF SQL Server 5 Tips For A Smooth SSIS Upgrade to SQL Server 2012 PDF SQL Server Backup and Restore of SQL Server Databases PDF SQL Server Data Science with Microsoft SQL Server 2016 PDF SQL Server Deeper insights across data with SQL Server 2016 – Technical White Paper PDF SQL Server Deploying SQL Server 2016 PowerPivot and Power View in a Multi-Tier SharePoint 2016 Farm DOC SQL Server Deploying SQL Server 2016 PowerPivot and Power View in SharePoint 2016 DOC SQL Server Guide to Migrating from Oracle to SQL Server 2014 and Azure SQL Database PDF SQL Server Introducing Microsoft Azure™ HDInsight™ PDF MOBI EPUB SQL Server Introducing Microsoft Data Warehouse Fast Track for SQL Server 2016 PDF SQL Server Introducing Microsoft SQL Server 2012 PDF MOBI EPUB SQL Server Introducing Microsoft SQL Server 2014 PDF MOBI EPUB SQL Server Introducing Microsoft SQL Server 2016: Mission-Critical Applications, Deeper Insights, Hyperscale Cloud, Preview 2 PDF MOBI EPUB SQL Server Introducing Microsoft SQL Server 2016: Mission-Critical Applications, Deeper Insights, Hyperscale Cloud, Preview 2 – Mobile PDF SQL Server Introducing Microsoft Technologies for Data Storage, Movement and Transformation DOC SQL Server Introducing Microsoft® SQL Server® 2008 R2 XPS PDF MOBI EPUB SQL Server Microsoft SharePoint Server 2016 Reviewer’s Guide PDF SQL Server Microsoft SQL Server 2012 Tutorials: Analysis Services – Data Mining Step-by-Step PDF SQL Server Microsoft SQL Server 2012 Tutorials: Analysis Services – Multidimensional Modeling Step-by-Step PDF SQL Server Microsoft SQL Server 2012 Tutorials: Reporting Services Quick Step-by-Step PDF SQL Server Microsoft SQL Server 2012 Tutorials: Writing Transact-SQL-Statements PDF SQL Server Microsoft SQL Server 2014 Licensing Guide PDF SQL Server Microsoft SQL Server 2016 Licensing Datasheet PDF SQL Server Microsoft SQL Server 2016 Licensing Guide PDF SQL Server Microsoft SQL Server 2016 Mission-Critical Performance Technical White Paper PDF SQL Server Microsoft SQL Server 2016 New Innovations PDF SQL Server Microsoft SQL Server 2016 SP1 Editions PDF SQL Server Microsoft SQL Server In-Memory OLTP and Columnstore Feature Comparison PDF SQL Server RAP as a Service for SQL Server PDF SQL Server SQLCAT’s Guide to: Relational Engine PDF SQL Server Xquery Language Reference PDF Surface Surface Book User Guide PDF Surface Surface Pro 4 User Guide PDF System Center Guide to Microsoft System Center Management Pack for SQL Server 2016 Reporting Services (Native Mode) DOC System Center Guide to System Center Management Pack for Windows Print Server 2016 DOC System Center Introducing Microsoft System Center 2012 R2 PDF MOBI EPUB System Center Microsoft System Center Building a Virtualized Network Solution, Second Edition PDF MOBI EPUB System Center Microsoft System Center Data Protection for the Hybrid Cloud PDF MOBI EPUB System Center Microsoft System Center Deploying Hyper-V with Software-Defined Storage & Networking PDF MOBI EPUB System Center Microsoft System Center Extending Operations Manager Reporting PDF MOBI EPUB System Center Microsoft System Center Introduction to Microsoft Automation Solutions PDF MOBI EPUB System Center Microsoft System Center Operations Manager Field Experience PDF MOBI EPUB System Center Microsoft System Center Software Update Management Field Experience PDF MOBI EPUB System Center Microsoft System Center: Building a Virtualized Network Solution PDF MOBI EPUB System Center Microsoft System Center: Cloud Management with App Controller PDF MOBI EPUB System Center Microsoft System Center: Configuration Manager Field Experience PDF MOBI EPUB System Center Microsoft System Center: Designing Orchestrator Runbooks PDF MOBI EPUB System Center Microsoft System Center: Integrated Cloud Platform PDF MOBI EPUB System Center Microsoft System Center: Network Virtualization and Cloud Computing PDF MOBI EPUB System Center Microsoft System Center: Optimizing Service Manager PDF MOBI EPUB System Center Microsoft System Center: Troubleshooting Configuration Manager PDF MOBI EPUB System Center What’s new in System Center 2016 White Paper PDF Virtualization Understanding Microsoft Virtualizaton R2 Solutions XPS PDF Windows Client Deploying Windows 10: Automating deployment by using System Center Configuration Manager PDF MOBI EPUB Windows Client Deploying Windows 10: Automating deployment by using System Center Configuration Manager – Mobile PDF Windows Client Getting the most out of Microsoft Edge DOC Windows Client Introducing Windows 10 for IT Professionals PDF MOBI EPUB Windows Client Introducing Windows 10 for IT Professionals, Preview Edition PDF MOBI EPUB Windows Client Introducing Windows 8.1 for IT Professionals PDF MOBI EPUB Windows Client Introducing Windows 8: An Overview for IT Professionals PDF MOBI EPUB Windows Client Licensing Windows desktop operating system for use with virtual machines PDF Windows Client Protecting your data with Windows 10 BitLocker DOC Windows Client RAP as a Service for Windows Desktop PDF Windows Client Shortcut Keys for Windows 10 DOC Windows Client Use Reset to restore your Windows 10 PC DOC Windows Client Volume Licensing Reference Guide Windows 10 Desktop Operating System PDF Windows Client Windows 10 IT Pro Essentials Support Secrets PDF PDF MOBI EPUB Windows Client Windows 10 IT Pro Essentials Top 10 Tools PDF MOBI EPUB Windows Client Windows 10 IT Pro Essentials Top 10 Tools – Mobile PDF Windows Client Work Smart: Windows 8 Shortcut Keys PDF Windows Server Automating Windows Server 2016 configuration with PowerShell and DSC DOC Windows Server Introducing Windows Server 2008 R2 XPS PDF MOBI EPUB Windows Server Introducing Windows Server 2012 PDF MOBI MOBI EPUB EPUB Windows Server Introducing Windows Server 2012 R2 PDF MOBI EPUB Windows Server Introducing Windows Server 2016 PDF Windows Server Introducing Windows Server 2016 – Mobile PDF Windows Server Introducing Windows Server 2016 Technical Preview PDF Windows Server Introducing Windows Server 2016 Technical Preview – Mobile PDF Windows Server Introducing Windows Server® 2012 R2 Preview Release PDF MOBI EPUB Windows Server Offline Assessment for Active Directory PDF Windows Server RAP as a Service for Active Directory PDF Windows Server RAP as a Service for Failover Cluster PDF Windows Server RAP as a Service for Internet Information Services PDF Windows Server RAP as a Service for Windows Server Hyper-V PDF Windows Server Sursa: Windows Server 2016 Licensing https://blogs.msdn.microsoft.com/mssmallbiz/2017/07/11/largest-free-microsoft-ebook-giveaway-im-giving-away-millions-of-free-microsoft-ebooks-again-including-windows-10-office-365-office-2016-power-bi-azure-windows-8-1-office-2013-sharepo/ PDF
  12. Exercitii: http://malware-traffic-analysis.net/training-exercises.html Tutoriale: http://malware-traffic-analysis.net/tutorials/index.html
  13. O problema diferita

    "Am reusit sa vorbesc cu ea de pe un cont facebook" zii sa posteze pe fb ca e ocupata cu construirea unei centuri de explozibil, ca are nevoie sa-i faca cineva rost de declansator, ca e in cautarea de colaboratori pt distrugerea paganilor europeni, chestii de genu, si sa incheie cu un calduros allah akbar. in cateva ore o sa fie in siguranta
  14. CloudFail

    CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by CloudFlare in the hopes of discovering the location of the server. Using Tor to mask all requests, the tool as of right now has 3 different attack phases. Misconfigured DNS scan using DNSDumpster.com. Scan the Crimeflare.com database. Bruteforce scan over 2500 subdomains. Please feel free to contribute to this project. If you have an idea or improvement issue a pull request! Disclaimer This tool is a PoC (Proof of Concept) and does not guarantee results. It is possible to setup CloudFlare properly so that the IP is never released or logged anywhere; this is not often the case and hence why this tool exists. This tool is only for academic purposes and testing under controlled environments. Do not use without obtaining proper authorization from the network owner of the network under testing. The author bears no responsibility for any misuse of the tool. Usage To run a scan against a target: python cloudfail.py --target seo.com To run a scan against a target using Tor: service tor start (or if you are using Windows or Mac install vidalia or just run the Tor browser) python cloudfail.py --target seo.com --tor Dependencies Python3 argparse colorama socket binascii datetime requests Download:https://github.com/m0rtem/CloudFail
×