danielsauder

Recently I took the course Security in Office 365 using the free Audit Access, the final exam and the Certificate are missing here. Link: https://www.edx.org/course/security-in-office-365-1 The sections of the course are: Threats and data breaches targeting your data Office 365 Advanced Threat Protection Office 365 Threat Intelligence Auditing, alerting and reporting in Office 365 Advanced Security Management…

Some time ago I tested some techniques, now published quick & dirty as a note to whom it might be interesting. Test WCE Source: http://www.ampliasecurity.com E:\wce_v1_42beta_x32>wce WCE v1.42beta (Windows Credentials Editor) – (c) 2010-2013 Amplia Security – by Hernan Ochoa (hernan@ampliasecurity.com) Use -h for help. Administrator:ACME:E52CAC67419A9A224A3B10XXXXXXXXXX:8846F7EAEE8FB118AB06BDXXXXXXXXXX dax:DAX-RYMZ48Z3EYO:E52CAC67419A9A224A3B10XXXXXXXXXX:8846F7EAEE8FB118AB06BDXXXXXXXXXX DAX-RYMZ48Z3EYO$:ACME:00000000000000000000000000000000:4460E0BCB8CCF37D8A9E81XXXXXXXXXX E:\wce_v1_42beta_x32>wce -s Administrator:ACME:E52CAC67419A9A224A3B10XXXXXXXXXX:8846F7EAEE8FB118AB06BDXXXXXXXXXX WCE v1.42beta (Windows Credentials…

Like last here here some recommendations for starting into 2019. Mainly from 35C3 and one from Bluehat. See the original thread from twitter here (It’s a bit messed up, but should be complete): A deep dive into the world of DOS viruses by @Benjojo12https://t.co/ufSYk5Bcs8 — Daniel (@DanielX4v3r) January 4, 2019 What The Fax?! by @ynvb…

Now there is a setup.sh script for easier installation of AVET (thanks to https://github.com/tacticaljmp). Tested with kali linux 2018.3a. I made two short videos: After starting the script you may have to wait for a couple of minutes. Then click trough the installation routine for the compiler: … and you are done. Download AVET: https://github.com/govolution/avet

Here is the paper for the Blackhat Arsenal 2018 AVET presentation: https://danielsauder.com/wp-content/uploads/2018/08/blackhat_usa_2018_arsenal.pdf Thanks to Nina and Florian for reviewing & improving!

Since I found that some information was missing from this course https://govolution.wordpress.com/2018/06/30/review-udemy-certified-cyber-threat-intelligence-analyst/ I found a course on cybrary, which is only about 3 hours long and which is free. So the review will also be a bit shorter. For the content please review: https://www.cybrary.it/course/advanced-cyber-threat-intelligence/ Module 1 – Threat Intelligence Maturity Model is the intro, with…

As a second course (see previous blog post for the first course) I bought “Certified Cyber Threat Intelligence Analyst” which has the same instructor as “Certified Advanced Persistent Threat Analyst”. Section 1: Phases Overview The first three videos give an overview on the agenda (hunting, features&behavior extraction, attribution, tracking and take down). The two videos…

Although being a Pentester, I am also into that topic, since I also got some Incident Response experience. So I took the course as a wrap up for myself, in a special offer the course costs about 10$ instead of about 100$. The course is starting with a short introduction of the instructor, followed by…

DKMC is a tool that writes shellcode into valid pictures and was written by Mr.Un1k0d3r (https://twitter.com/MrUn1k0d3r). I wrote a PoC that can be used here (and of course also for other raw shellcode). The PoC is downloading a shellcode file into memory and then execute the shellcode. Download DKMC: https://github.com/Mr-Un1k0d3r/DKMC Update: The PoC is now…

A new year always brings the talks from the Chaos Communication Congress. Since I had some time for watching, here is a list with my tweets of recommended talks (plus one from Blackhat). Have fun watching. 34C3 talk 1-day exploit development for Cisco IOS by @artkond https://t.co/OvoCBvGzxc — Daniel (@DanielX4v3r) December 28, 2017 34C3 Talk:…