namishelex01

import socket
import ipaddress
import json
import time

def save_results(results):
    with open("last_scan_results.json", "w") as file:
        json.dump(results, file)

def load_results():

namishelex01

import PyPDF2
from PIL import Image

def mergePdfs():
  pdfs = ['sf_1.pdf', 'sf_2.pdf']

  merger = PyPDF2.PdfFileMerger()

  for pdf in pdfs:
      merger.append(pdf)

namishelex01

What are the consequences if private keys of a Root CA gets compromised?
If you have rogue certificates of a well-known company, as an attacker, how can you use it for you own benefit?
As a security threat analyst, what will be your approach to respond to this incident? Securing Infra, servers and people!
> https://darknetdiaries.com/transcript/3/

How would you check the signature of a binary and restrict any unsigned binaries to run on a machine(Win/Linux/Mac)
> https://docs.microsoft.com/en-us/windows/win32/seccrypto/using-signtool-to-verify-a-file-signature
> (Rogue) https://blog.rapid7.com/2019/01/03/santas-elfs-running-linux-executables-without-execve/

How can I restrict the normal user to run only limited set of commands in Linux?

namishelex01

https[:]//docs.microsoft.com/en-us/archive/msdn-magazine/2002/march/inside-windows-an-in-depth-look-into-the-win32-portable-executable-file-format-part-2
https[:]//blahcat.github.io/2019/03/17/small-dumps-in-the-big-pool/
https[:]//www.fuzzysecurity.com/tutorials/16.html
https://blog.ropnop.com/hosting-clr-in-golang/
https[:]//evasions.checkpoint.com/
http[:]//www.catb.org/esr/faqs/hacker-howto.html
https[:]//vx-underground.org/
http[:]//sq.ro/malwarez.htm#
https[:]//github.com/d30sa1/RootKits-List-Download
https[:]//github.com/christian-roggia/open-myrtus

namishelex01

Core Information Security

• What is information security and how is it achieved?

• What are the core principles of information security?

• What is the CIA triangle?

• What is non-repudiation (as it applies to IT security)?

namishelex01

-------------------------------------
INITIAL ACCESS
-------------------------------------

$ Drive-by Compromise
A drive-by compromise is when an adversary gains access to a system through a user visiting a website over the normal course of browsing.
Multiple ways of delivering exploit code to a browser exist, including:
    > A legitimate website injected with JavaScript, iFrames, XSS.
    > Malicious ads
    > Built-in web application interfaces (e.g. forum posts, comments, and other user controllable web content)

namishelex01

CAM table Poisoning
Content Addressable Memory table poisoning attack on network switches. 
This attack intends to corrupt the entries in the switch's CAM table so that the network traffic will be directed, causing a DoS attack attack situation

ARP Cache Poisoning-Based MiM
Introducing a spurious IP address to MAC address mapping in another host's ARP cache.

Abnormal ARP Traffic Detection

namishelex01

> WordPress Plugin Quizlord 2.0 - XSS	
> WordPress Plugin Jibu Pro 1.7 - XSS	
> phpMyAdmin 4.7.x - XSRF	
> WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection	
> Responsive FileManager < 9.13.4 - Directory Traversal	
> LiteCart 2.1.2 - Arbitrary File Upload	
> Gleez CMS 1.2.0 - XSRF (Add Admin)	
> WordPress Plugin Gift Voucher 1.0.5 - 'template_id' SQLi	
> UltimatePOS 2.5 - RCE	
> Twitter-Clone 1 - 'code' SQLi	

namishelex01

RSA 2017 DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links  SessionID: HTA-W02

https://www.slideshare.net/chrisgates/devoops-attacks-and-defenses-for-devops-toolchains

Recording of talk from CERN
https://indico.cern.ch/event/622483/  (click the recording button)

Past talks:
http://www.slideshare.net/KenJohnson61/aws-surival-guide

namishelex01

Main Project Page -> github.com/corelan/mona

Download the file and save it to this typical location -> 
C:\Program Files\Immunity Inc\Immunity Debugger\PyCommands

BASIC USAGE :
!mona in the input box and press enter
For more information = Open log window (ALT-L)

For Help options ->