Cyber-News

ATT&CK Sync: A Tool for Keeping Current with MITRE ATT&CK® | by Jon Baker | MITRE-Engenuity | May, 2023 | Medium

ATT&CK Sync helps teams keep up with latest version of ATT&CK, saving time and effort for all.

Article · Tools

May 25, 2023 at 5:56:37 PM UTC * · permalink

https://medium.com/mitre-engenuity/att-ck-sync-a-tool-for-keeping-current-with-mitre-att-ck-1a4fe385ca5c

Infecting SSH Public Keys with backdoors

Article

May 24, 2023 at 4:36:00 PM UTC * · permalink

https://blog.thc.org/infecting-ssh-public-keys-with-backdoors

Pentester vs. SOC: Active Directory hardening, attack, and defense

Get ready for an epic showdown between a seasoned pentester and a skilled SOC analyst!

Article

May 22, 2023 at 1:07:57 PM UTC * · permalink

https://www.hackthebox.com/blog/active-directory-hardening-pentester-vs-soc

Azure-Sentinel/Solutions/Microsoft Defender Threat Intelligence/Playbooks at master · Azure/Azure-Sentinel · GitHub

Cloud-native SIEM for intelligent security analytics for your entire enterprise. - Azure-Sentinel/Solutions/Microsoft Defender Threat Intelligence/Playbooks at master · Azure/Azure-Sentinel

Sentinel

May 17, 2023 at 6:18:00 AM UTC * · permalink

https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Microsoft%20Defender%20Threat%20Intelligence/Playbooks

GitHub - iknowjason/Awesome-CloudSec-Labs: Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.

Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs. - GitHub - iknowjason/Awesome-CloudSec-Labs: Awesome free clou...

Tools

May 16, 2023 at 11:01:54 AM UTC * · permalink

https://github.com/iknowjason/Awesome-CloudSec-Labs

Cybercriminals have adapted since Microsoft's decision to block macros | CyberScoop

Microsoft's decision to disable macros by default last year has forced hacking crews to find new, and sometimes old, ways to get a foothold.

Article

May 16, 2023 at 8:47:25 AM UTC * · permalink

https://cyberscoop.com/cybercriminals-microsoft-macros-proofpoint/

GitHub - georgesotiriadis/Chimera: Automated DLL Sideloading Tool With EDR Evasion Capabilities

Automated DLL Sideloading Tool With EDR Evasion Capabilities - GitHub - georgesotiriadis/Chimera: Automated DLL Sideloading Tool With EDR Evasion Capabilities

Tools

May 15, 2023 at 11:55:24 PM UTC * · permalink

https://github.com/georgesotiriadis/Chimera

GitHub - cyberark/White-Phoenix: A tool to recover content from files encrypted with intermittent encryption

A tool to recover content from files encrypted with intermittent encryption - GitHub - cyberark/White-Phoenix: A tool to recover content from files encrypted with intermittent encryption

Tools · Ransomware

May 15, 2023 at 10:47:55 AM UTC * · permalink

https://github.com/cyberark/White-Phoenix

GitHub - imthenachoman/How-To-Secure-A-Linux-Server: An evolving how-to guide for securing a Linux server.

An evolving how-to guide for securing a Linux server. - GitHub - imthenachoman/How-To-Secure-A-Linux-Server: An evolving how-to guide for securing a Linux server.

Article

May 15, 2023 at 10:40:57 AM UTC * · permalink

https://github.com/imthenachoman/How-To-Secure-A-Linux-Server

GitHub - boringthegod/postmaniac: Postman OSINT tool to extract creds, token, username, email & more from Postman Public Workspaces

Postman OSINT tool to extract creds, token, username, email & more from Postman Public Workspaces - GitHub - boringthegod/postmaniac: Postman OSINT tool to extract creds, token, username, e...

Tools

May 14, 2023 at 4:36:01 PM UTC * · permalink

https://github.com/boringthegod/postmaniac

GitHub - CERN-CERT/pDNSSOC: Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.

Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC. - GitHub - CERN-CERT/pDNSSOC: Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.

Tools

May 14, 2023 at 4:26:03 AM UTC * · permalink

https://github.com/CERN-CERT/pDNSSOC

What's New: Defender TI Intel Reporting Dashboard and Workbook - Microsoft Community Hub

Strategic threat intelligence involves gathering and analyzing information to identify potential threats to an organization's security. This proactive

Sentinel

May 10, 2023 at 7:05:10 AM UTC * · permalink

https://techcommunity.microsoft.com/t5/microsoft-defender-threat/what-s-new-defender-ti-intel-reporting-dashboard-and-workbook/ba-p/3812899

GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A list of useful payloads and bypass for Web Application Security and Pentest/CTF - GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Tools

May 8, 2023 at 6:44:09 PM UTC * · permalink

https://github.com/swisskyrepo/PayloadsAllTheThings

You got Domain Admin, now what?

Typically when you’re starting out on your red teaming journey, a goal on an Internal Penetration Test or maybe even the ultimate goal is to compromise the Windows Active Directory Domain. Getting to that goal is always fun and the “boss” feeling of doing it is unexplainable, particularly if it is your first time achieving it. But does it end there? We achieved the big bad so surely the engagement is basically over, right? Pack it up, go home and get that report done? WRONG!

Article

May 8, 2023 at 6:42:45 PM UTC * · permalink

https://infosecwriteups.com/you-got-domain-admin-now-what-aab749c4200d

Unlocking the Power of ChatGPT for Incident Management: A Step-by-Step Guide to Integrating with Microsoft Sentinel | by Zubair Rahim | Medium

Thank you for the love and feedback on my previous article. This weekend, I had several ideas for topics to write about but was…

Article

May 8, 2023 at 6:41:48 PM UTC * · permalink

https://zubairrahimse.medium.com/unlocking-the-power-of-chatgpt-for-incident-management-a-step-by-step-guide-to-integrating-with-1862ab7b38bb

GitHub - Anof-cyber/APTRS: Automated Penetration Testing Reporting System

Automated Penetration Testing Reporting System. Contribute to Anof-cyber/APTRS development by creating an account on GitHub.

Tools

May 8, 2023 at 6:40:19 PM UTC * · permalink

https://github.com/Anof-cyber/APTRS

GitHub - WithSecureLabs/chainsaw: Rapidly Search and Hunt through Windows Forensic Artefacts

Rapidly Search and Hunt through Windows Forensic Artefacts - GitHub - WithSecureLabs/chainsaw: Rapidly Search and Hunt through Windows Forensic Artefacts

Tools

May 8, 2023 at 6:38:56 PM UTC * · permalink

https://github.com/WithSecureLabs/chainsaw

GitHub - JPCERTCC/LogonTracer: Investigate malicious Windows logon by visualizing and analyzing Windows event log

Investigate malicious Windows logon by visualizing and analyzing Windows event log - GitHub - JPCERTCC/LogonTracer: Investigate malicious Windows logon by visualizing and analyzing Windows event log

Tools

May 8, 2023 at 6:29:06 PM UTC * · permalink

https://github.com/JPCERTCC/LogonTracer

GitHub - lucky-luk3/Grafiki: Threat Hunting tool about Sysmon and graphs

Threat Hunting tool about Sysmon and graphs. Contribute to lucky-luk3/Grafiki development by creating an account on GitHub.

Tools

May 8, 2023 at 6:28:22 PM UTC * · permalink

https://github.com/lucky-luk3/Grafiki

GitHub - karimhabush/cis-vsphere: A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.

A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark. - GitHub - karimhabush/cis-vsphere: A tool to assess the compliance of a VMware vSphere environment agains...

Tools

May 8, 2023 at 6:27:44 PM UTC * · permalink

https://github.com/karimhabush/cis-vsphere