GitHub - projectdiscovery/katana: A next-generation crawling and spidering framework.
https://github.com/projectdiscovery/katana
GitHub - Ne-Lexa/php-zip: PhpZip is a php-library for extended work with ZIP-archives.
https://github.com/Ne-Lexa/php-zip
TrustCor Systems verifies web addresses, but its address is a UPS Store - The Washington Post
https://www.washingtonpost.com/technology/2022/11/08/trustcor-internet-addresses-government-connections/
Identifying Cobalt Strike Team Servers in the Wild
https://unit42.paloaltonetworks.com/cobalt-strike-team-server/
Professional / Community 2022.11 | Releases
https://portswigger.net/burp/releases/professional-community-2022-11
Steve Krenzel on Twitter: "With Twitter's change in ownership last week, I'm probably in the clear to talk about the most unethical thing I was asked to build while working at Twitter. 馃У" / Twitter
https://twitter.com/stevekrenzel/status/1589700721121058817
Lessons Learned from Cloning Windows Binaries and Code Signing Implants - Hack.Learn.Share
https://captmeelo.com/redteam/maldev/2022/11/07/cloning-signing.html
bernhard22jitpicking.pdf
https://mu00d8.me/paper/bernhard22jitpicking.pdf
Deloitte employee masterminds global hack gang, finds Sunday Times | Business Standard News
https://www.business-standard.com/article/companies/deloitte-s-india-office-employee-masterminds-global-hack-says-report-122110600787_1.html
Account hijacking using "dirty dancing" in sign-in OAuth-flows - Detectify Labs
https://labs.detectify.com/2022/07/06/account-hijacking-using-dirty-dancing-in-sign-in-oauth-flows/
Azov Ransomware is a wiper, destroying data 666 bytes at a time
https://www.bleepingcomputer.com/news/security/azov-ransomware-is-a-wiper-destroying-data-666-bytes-at-a-time/
U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud | USAO-SDNY | Department of Justice
https://www.justice.gov/usao-sdny/pr/us-attorney-announces-historic-336-billion-cryptocurrency-seizure-and-conviction
Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack
https://thehackernews.com/2022/11/medibank-refuses-to-pay-ransom-after-97.html
S3cur3Th1sSh1t on Twitter: "Alternative use cases for SystemFunction032, what do other people think about at night? 馃馃槄 https://t.co/pXKbbbemRR https://t.co/rKLSIoZhh6" / Twitter
https://twitter.com/ShitSecure/status/1589276402532384768
VirusTotal - File - c278288c210ce744c56e3c63f23705558c35694d5bcbdbd6595bbc1c73fe150a
https://www.virustotal.com/gui/file/c278288c210ce744c56e3c63f23705558c35694d5bcbdbd6595bbc1c73fe150a/detection
Will Dormann on Twitter: "So if it were a ZIP instead of ISO, would MotW be fine? Not really. Even though Windows tries to apply MotW to extracted ZIP contents, it's really quite bad at it. Without trying too hard, here I've got a ZIP file where the contents retain NO protection from Mark of the Web. https://t.co/1SOuzfca5q" / Twitter
https://twitter.com/wdormann/status/1544416883419619333
A port of [ https://s3cur3th1ssh1t.github.io/SystemFunction032_Shellcode ] to Python and C# 路 GitHub
https://gist.github.com/snovvcrash/3533d950be2d96cf52131e8393794d99![A port of [ https://s3cur3th1ssh1t.github.io/SystemFunction032_Shellcode ] to Python and C# 路 GitHub](/image/screenshot/133dea6ba39c49f15c537e90d1de3843.webp)
Triage | Behavioral Report
https://tria.ge/221108-al32qsgda3/behavioral2