-
Recommended Talks for the New Year (mainly 35C3)
Like last here here some recommendations for starting into 2019. Mainly from 35C3 and one from Bluehat. See the original thread from twitter here (It’s a bit messed up, but should be complete): A deep dive into the world of DOS viruses by @Benjojo12https://t.co/ufSYk5Bcs8 — Daniel Sauder (@DanielX4v3r) January 4, 2019 What The Fax?! by…
-
Avet setup.sh script
Now there is a setup.sh script for easier installation of AVET (thanks to https://github.com/tacticaljmp). Tested with kali linux 2018.3a. I made two short videos: After starting the script you may have to wait for a couple of minutes. Then click trough the installation routine for the compiler: … and you are done. Download AVET: https://github.com/govolution/avet
-
Paper AVET BLACKHAT USA ARSENAL 2018
Here is the paper for the Blackhat Arsenal 2018 AVET presentation: https://govolution.files.wordpress.com/2018/08/blackhat_usa_2018_arsenal.pdf Thanks to Nina and Florian for reviewing & improving!
-
Review Cybrary Advanced Cyber Threat Intelligence
Since I found that some information was missing from this course https://govolution.wordpress.com/2018/06/30/review-udemy-certified-cyber-threat-intelligence-analyst/ I found a course on cybrary, which is only about 3 hours long and which is free. So the review will also be a bit shorter. For the content please review: https://www.cybrary.it/course/advanced-cyber-threat-intelligence/ Module 1 – Threat Intelligence Maturity Model is the intro, with…
-
Review Udemy “Certified Cyber Threat Intelligence Analyst”
As a second course (see previous blog post for the first course) I bought “Certified Cyber Threat Intelligence Analyst” which has the same instructor as “Certified Advanced Persistent Threat Analyst”. Section 1: Phases Overview The first three videos give an overview on the agenda (hunting, features&behavior extraction, attribution, tracking and take down). The two videos…
-
Review Udemy “Certified Advanced Persistent Threat Analyst”
Although being a Pentester, I am also into that topic, since I also got some Incident Response experience. So I took the course as a wrap up for myself, in a special offer the course costs about 10$ instead of about 100$. The course is starting with a short introduction of the instructor, followed by…
-
Download & Exec PoC and DKMC
DKMC is a tool that writes shellcode into valid pictures and was written by Mr.Un1k0d3r (https://twitter.com/MrUn1k0d3r). I wrote a PoC that can be used here (and of course also for other raw shellcode). The PoC is downloading a shellcode file into memory and then execute the shellcode. Download DKMC: https://github.com/Mr-Un1k0d3r/DKMC Update: The PoC is now…
-
Recommended Talks for the New Year (34C3, BH)
A new year always brings the talks from the Chaos Communication Congress. Since I had some time for watching, here is a list with my tweets of recommended talks (plus one from Blackhat). Have fun watching. 34C3 talk 1-day exploit development for Cisco IOS by @artkond https://t.co/OvoCBvGzxc — Daniel Sauder (@DanielX4v3r) December 28, 2017 34C3…
-
Reverse (Pseudo) Shell over SSH
So after exploring libssh a little bit I wanted to do something useful, so my idea was to have a kind of a reverse (pseudo) shell that works via SSH. the client connects to the ssh server of the attacker with a port forward on the attacker machine port 8080 will be opened on localhost…
-
libssh first steps
Here I describe some first steps for using libssh on an old setup (WinXP with Visual Studio 2008). I think steps for other platforms are more or less similar. OpenSSL: Win32OpenSSL-1_0_2m.exe from http://slproweb.com/products/Win32OpenSSL.html -> Install it. zlib123dll.zip from http://www.winimage.com/zLibDll/ zlibwapi.dll renamed to zlib1.dll -> I placed it into my working directory. libssh-0.7.2-msvc.zip from https://red.libssh.org/projects/libssh/files ->…