Blog - Ptrace Security GmbH

Blog

IT Security News Bulletin #100

IT Security News Bulletin #100

Latest Infosec News and Articles DNS Over HTTPS for Cobalt Strike https://www.blackhillsinfosec.com/dns-over-https-for-cobalt-strike/ SillyRAT - A Cross Platform Multifunctional (Windows/Linux/Mac) RAT https://www.kitploit.com/2021/11/sillyrat-cross-platform-multifunctional.html Exploiting OAuth: Journey to Account Takeover  https://blog.dixitaditya.com/2021/11/19/account-takeover-chain.html 4-ZERO-3: Tool to bypass 403/401

IT Security News Bulletin #99

IT Security News Bulletin #99

Latest Infosec News and Articles [PowerShell Commands] https://themayor.notion.site/53512dc072c241589fc45c577ccea2ee?v=7b908e7e76a9416f98f40d9d3843d3cb CVE-2021-34866 Writeup https://blog.hexrabbit.io/2021/11/03/CVE-2021-34866-writeup/ Skrull: run malware on the victim using the Process Ghosting technique https://securityonline.info/skrull-run-malware-on-the-victim-using-the-process-ghosting-technique/ toutatis: extract information from instagrams accounts such as e-mails, phone

IT Security News Bulletin #98

IT Security News Bulletin #98

Latest Infosec News and Articles Apache HTTP Server 2.4.50 Remote Code Execution https://cxsecurity.com/issue/WLB-2021100131 RedTeam Toolkit: the useful offensive tools https://securityonline.info/redteam-toolkit-the-useful-offensive-tools/ This is how I bypassed almost every EDR! https://medium.com/@omribaso/this-is-how-i-bypassed-almost-every-edr-6e9792cf6c44 DLLHijackingScanner: bypassing UAC using

IT Security News Bulletin #97

IT Security News Bulletin #97

Latest Infosec News and Articles DInjector: Collection of shellcode injection techniques https://securityonline.info/dinjector-collection-of-shellcode-injection-techniques/ Kernel Karnage – Part 2 (Back to Basics) https://blog.nviso.eu/2021/10/29/kernel-karnage-part-2-back-to-basics/ XMachOViewer is a Mach-O viewer for Windows, Linux and MacOS  https://github.com/horsicq/XMachOViewer Rooting

IT Security News Bulletin #96

IT Security News Bulletin #96

Latest Infosec News and Articles A Huge Learning Resources with Labs For Offensive Security Players https://github.com/Zeyad-Azima/Offensive-Resources ZipExec: execute binaries from a password protected zip  https://securityonline.info/zipexec-execute-binaries-from-a-password-protected-zip/ crawpy: content discovery tool https://securityonline.info/crawpy-content-discovery-tool/ Exploit for CVE-2021-40449

IT Security News Bulletin #95

IT Security News Bulletin #95

Latest Infosec News and Articles Tor Rootkit: Python 3 standalone Windows 10 / Linux Rootkit https://securityonline.info/tor-rootkit-python-3-standalone-windows-10-linux-rootkit/ Karma_V2 - A Passive Open Source Intelligence (OSINT) Automated Reconnaissance (Framework) https://www.kitploit.com/2021/10/karmav2-passive-open-source.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29 Into the art of

IT Security News Bulletin #94

IT Security News Bulletin #94

Reconftw - Simple Script For Full Recon  https://www.kitploit.com/2021/01/reconftw-simple-script-for-full-recon.html Blue Team Operations [Part 2]: How To Investigate Malware Incidents as a SOC Analyst https://infosecwriteups.com/blue-team-operations-part-2-how-to-investigate-malware-incidents-as-a-soc-analyst-7e98c387cd WAF Bypassing with Unicode Compatibility https://jlajara.gitlab.io/web/2020/02/19/Bypass_WAF_Unicode.html Drone pentesting framework console

IT Security News Bulletin #93

IT Security News Bulletin #93

Latest Infosec News and Articles Pwncat - Fancy Reverse And Bind Shell Handler https://www.kitploit.com/2021/10/pwncat-fancy-reverse-and-bind-shell.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29 Learning Linux Kernel Exploitation - Part 2 https://lkmidas.github.io/posts/20210128-linux-kernel-pwn-part-2/ Tool to decrypt iOS apps using r2frida https://github.com/as0ler/r2flutch WinDbg Cheat Sheet

IT Security News Bulletin #92

IT Security News Bulletin #92

Latest Infosec News and Articles Azure AD Introduction for Red Teamers https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html How to Use Frida & Radare to Crack a Mobile IoT App https://www.nowsecure.com/blog/2021/09/29/how-to-use-frida-radare-to-crack-a-mobile-iot-app/ A Complete Osint Tool https://github.com/Lucksi/Mr.Holmes fail2ban – Remote

IT Security News Bulletin #91

IT Security News Bulletin #91

Latest Infosec News and Articles How to hack a car — a quick crash-course  https://www.freecodecamp.org/news/hacking-cars-a-guide-tutorial-on-how-to-hack-a-car-5eafcfbbb7ec/ Beginners Guide to 0day/CVE AppSec Research https://0xboku.com/2021/09/14/0dayappsecBeginnerGuide.html PS2EXE - Module To Compile Powershell Scripts To Executables https://www.kitploit.com/2021/09/ps2exe-module-to-compile-powershell.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29 CVE-2021-38112:

>