Revisiting Pegasus on iOS9
https://shadowfile.inode.link/blog/2022/07/revisiting-pegasus-on-ios9/
GitHub - S3cur3Th1sSh1t/Amsi-Bypass-Powershell: This repo contains some Amsi Bypass methods i found on different Blog Posts.
https://github.com/S3cur3Th1sSh1t/Amsi-Bypass-Powershell
AMSI provider patch PoC by S3cur3Th1sSh1t · Pull Request #51 · byt3bl33d3r/OffensiveNim · GitHub
https://github.com/byt3bl33d3r/OffensiveNim/pull/51
oss-security - Linux Kernel use-after-free write in netfilter
https://www.openwall.com/lists/oss-security/2022/05/31/1
GitHub - Orange-Cyberdefense/GOAD: game of active directory
https://github.com/Orange-Cyberdefense/GOAD
GitHub - winterknife/PINKPANTHER: Windows x64 handcrafted token stealing kernel-mode shellcode
https://github.com/winterknife/PINKPANTHER
Game Of Active Directory v2 | Mayfly
https://mayfly277.github.io/posts/GOADv2/
Kernel Debugger Design - HyperDbg Research
https://research.hyperdbg.org/debugger/kernel-debugger-design.html
[25] Making Fun of Your APT Malware - Hacking Bitter APT's ZxxZ Backdoor - YouTube
https://www.youtube.com/watch?v=m3jrWoQK6sI![[25] Making Fun of Your APT Malware - Hacking Bitter APT's ZxxZ Backdoor - YouTube](/image/screenshot/ce84944569a0fb346d4e192e70adbecd.webp)
IntelTechniques OSINT Online Search Tool
https://inteltechniques.com/tools/
From Misconfigured Certificate Template to Domain Admin - Red Teaming Experiments
https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/from-misconfigured-certificate-template-to-domain-admin
Making Fun of Your APT Malware - Bitter APT Using ZxxZ Backdoor to Target Pakistan Public Accounts Committee | Malware Hell
https://c3rb3ru5d3d53c.github.io/malware-blog/2022-07-04-bitter-apt-zxxz-backdoor/
Django fixes SQL Injection vulnerability in new releases
https://www.bleepingcomputer.com/news/security/django-fixes-sql-injection-vulnerability-in-new-releases/
Postviewer challenge writeup from GoogleCTF 2022 · GitHub
https://gist.github.com/terjanq/7c1a71b83db5e02253c218765f96a710
GitHub - Wh04m1001/IDiagnosticProfileUAC
https://github.com/Wh04m1001/IDiagnosticProfileUAC
Microsoft Defender for Endpoint Internals 0x02 — Audit Settings and Telemetry | by Olaf Hartong | FalconForce | Jul, 2022 | Medium
https://medium.com/falconforce/microsoft-defender-for-endpoint-internals-0x02-audit-settings-and-telemetry-1d0af3ebfb27
CZ 🔶 Binance on Twitter: "Our threat intelligence detected 1 billion resident records for sell in the dark web, including name, address, national id, mobile, police and medical records from one asian country. Likely due to a bug in an Elastic Search deployment by a gov agency. This has impact on ..." / Twitter
https://twitter.com/cz_binance/status/1543700689611792386
https://www.malvuln.com/advisory/38745539b71cf201bb502437f891d799.txt
https://www.malvuln.com/advisory/38745539b71cf201bb502437f891d799.txt
2268 - Windows: Windows Defender Remote Credential Guard Authentication Relay EoP - project-zero
https://bugs.chromium.org/p/project-zero/issues/detail?id=2268
AstraLocker ransomware shuts down and releases decryptors
https://www.bleepingcomputer.com/news/security/astralocker-ransomware-shuts-down-and-releases-decryptors/
Microsoft declines new cloud customers after promise to Ukraine
https://www.telegraph.co.uk/business/2022/07/02/microsoft-declines-new-cloud-customers-promise-ukraine/
HackerOne Employee Caught Stealing Vulnerability Reports for Personal Gains
https://thehackernews.com/2022/07/hackerone-employee-caught-stealing.html
vx-underground on Twitter: "We have acquired a sample of Lockbit 3.0 (or alternatively referred to as Lockbit Black). Sample and image courtesy of @WhichbufferArda VXUG Download: https://t.co/L3GdoH9kLl Bazaar Download: https://t.co/joIpIxKmGP https://t.co/tAQKWVnjRA" / Twitter
https://twitter.com/vxunderground/status/1543661557883740161
Bulk Analysis of Cobalt Strike's Beacon Configurations · Arch Cloud Labs
https://www.archcloudlabs.com/projects/bulk-cs-analysis/