GitHub - Octoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
https://github.com/Octoberfest7/MemFiles
GitHub - horizon3ai/CVE-2022-39952: POC for CVE-2022-39952
https://github.com/horizon3ai/CVE-2022-39952
Bobby Cooke on Twitter: "DLL module stomping and all beacon memory allocators are now supported! The options are pulled right from the malleable C2 profile! VirtualAlloc is the only one via direct syscall. The new allocators DLL module stomping, HeapAlloc, MapViewOfFile, were https://t.co/WnolPE5YIw…" / Twitter
https://twitter.com/i/web/status/1628261320188628992
GitHub - xforcered/BokuLoader: Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.
https://github.com/xforcered/BokuLoader
Let's build a Chrome extension that steals everything
https://mattfrisbie.substack.com/p/spy-chrome-extension
Threat Hunting Series: Detection Engineering VS Threat Hunting | by Kostas | Feb, 2023 | Medium
https://kostas-ts.medium.com/threat-hunting-series-detection-engineering-vs-threat-hunting-f12f3a72185f
GitHub - Scarehehe/Weblogic-CVE-2023-21839
https://github.com/Scarehehe/Weblogic-CVE-2023-21839
Qakbot/Qakbot_obama241_22.02.2023.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_obama241_22.02.2023.txt
Google Online Security Blog: Vulnerability Reward Program: 2022 Year in Review
https://security.googleblog.com/2023/02/vulnerability-reward-program-2022-year.html
Detecting Cobalt Strike Fork&Run - Yaxser's Blog
https://blog.yaxser.io/blue/detecting-cobalt-strike-fork-and-run
Job Description - Strategic Cyber Threat Analyst (230121)
https://nato.taleo.net/careersection/2/jobdetail.ftl?job=230121
Add a basic JavaScript-to-FuzzIL compiler · googleprojectzero/fuzzilli@807625f · GitHub
https://github.com/googleprojectzero/fuzzilli/commit/807625f0112df22bfe293aa4d36d67c31c4fb243
VMware Patches Critical Vulnerability in Carbon Black App Control Product
https://thehackernews.com/2023/02/vmware-patches-critical-vulnerability.html
IcedID/icedID_21.02.2023.txt at main · pr0xylife/IcedID · GitHub
https://github.com/pr0xylife/IcedID/blob/main/icedID_21.02.2023.txt
Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
https://securityintelligence.com/posts/direct-kernel-object-manipulation-attacks-etw-providers/
Qakbot/Qakbot_BB16_22.02.2023.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB16_22.02.2023.txt
Russia blames hackers as commercial radio stations broadcast fake air strike warnings - The Record from Recorded Future News
https://therecord.media/russia-radio-hackers-fake-air-raid-missile-strike-warnings/
Florian Roth ⚡ on Twitter: "Someone claims to have breached @vxunderground and is selling their password in underground forums https://t.co/mOoF3vUdFx" / Twitter
https://twitter.com/cyb3rops/status/1628369584821620736
BrunoHalltari (Bruno Halltari) · GitHub
https://github.com/BrunoHalltari
Technical Analysis of Rhadamanthys Obfuscation Techniques
https://www.zscaler.com/blogs/security-research/technical-analysis-rhadamanthys-obfuscation-techniques
GitHub - expl0itabl3/check_mdi: Python script to enumerate valid Microsoft 365 domains, retrieve tenant name, and check for an MDI instance
https://github.com/expl0itabl3/check_mdi
http://redsiege.com/wedoff
http://redsiege.com/wedoff