Twitter Archive of 14/04/2017 Friday

1) Hacking Customer Information Control System : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T1%20-%20Ayoub%20Elaassal%20-%20Hacking%20Customer%20Information%20System.pdf (Slides)

2) The Secret of ChakraCore : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T2%20-%20Linan%20Hao%20and%20Long%20Liu%20-%20The%20Secret%20of%20ChakraCore.pdf (Slides) #HITB2017AMS

3) Harnessing Intel Processor Trace on Windows for Vulnerability Discovery :  http://conference.hitb.org/hitbsecconf2017ams/materials/D1T1%20-%20Richard%20Johnson%20-%20Harnessing%20Intel%20Processor%20Trace%20on%20Windows%20for%20Vulnerability%20Discovery.pdf (Slides) #HITB2017AMS

4) Drammer : TheMaking-Of : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T1%20-%20Victor%20van%20der%20Veen%20-%20Drammer%20The%20Making%20Of.pdf (Slides) #HITB2017AMS

5) FemtoCell Hacking - From Zero to 0-day ! : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T2%20-%20JeongHoon%20Shin%20-%20Femotcell%20Hacking.pdf (Slides) #HITB2017AMS

6) Can’t Touch This : Cloning Any Android HCE Contactless Card : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T2%20-%20Slawomir%20Jasek%20-%20Cloning%20Any%20Android%20HCE%20Contactless%20Card.pdf (Slides) #HITB2017AMS

7) Lure10 : Exploiting Windows Automatic Wireless Association Algorithm : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20George%20Chatzisofroniou%20-%20Exploiting%20Windows%20Automatic%20Wireless%20Association%20Algorithm.pdf (Slides) #HITB2017AMS

8) iOS KPP/watchtower bypass : https://xerub.github.io/ios/kpp/2017/04/13/tick-tock.html

9) Meet & Greet with the Mac Malware Class of 2016 : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Patrick%20Wardle%20-%20Meet%20and%20Greet%20with%20the%20MacOS%20Malware%20Class%20of%202016.pdf (Slides) #HITB2017AMS

10) Pwning Banks : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Miika%20Turkia%20-%20Pwning%20Banks.pdf (Slides) #HITB2017AMS

11) So You Want to Hack Radios - A Primer on Wireless Reverse Engineering : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Marc%20Newlin%20and%20Matt%20Knight%20-%20So%20You%20Want%20to%20Hack%20Radios.pdf (Slides) #HITB2017AMS


12) Shadow-Box : The Practical and Omnipotent Sandbox : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T2%20-%20Seunghun%20Han%20-%20Shadow-Box%20-%20The%20Practical%20and%20Omnipotent%20Sandbox.pdf (Slides) #HITB2017AMS


13) Side Channel Attacks Against iOS Crypto Libraries and More :  http://conference.hitb.org/hitbsecconf2017ams/materials/D1T2%20-%20Najwa%20Aaraj%20-%20Side%20Channel%20Attacks%20Against%20iOS%20Crypto%20Libraries%20and%20More.pdf (Slides) #HITB2017AMS

14) Fault Injection Attacks on Secure Boot : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Niek%20Timmers%20and%20Albert%20Spruyt%20-%20Fault%20Injection%20Attacks%20On%20Secure%20Boot.pdf (Slides) #HITB2017AMS

15) Setting up a Shiny Development Environment within Linux on Windows 10 : https://www.hanselman.com/blog/SettingUpAShinyDevelopmentEnvironmentWithinLinuxOnWindows10.aspx

Twitter Archive of 13/04/2017 Thursday (@binitamshah)

1) Five Prison Inmates Built Two PCs and Hacked a Prison From Within : https://www.bleepingcomputer.com/news/security/five-inmates-built-two-pcs-and-hacked-a-prison-from-within/  , Report by ODRC : http://watchdog.ohio.gov/Portals/0/pdf/investigations/2015-CA00043.pdf (pdf) #Hacking

2)RCE in Linux Kernel ( < 4.5 + inc. Android) via specially crafted  UDP packets (Pl. update kernel) : https://nvd.nist.gov/vuln/detail/CVE-2016-10229 #Linux #Kernel #UDP

3)Write-up for alloc8 untethered bootrom exploit for iPhone 3GS : https://github.com/axi0mX/alloc8  #Exploit

4)ipwndfu : open-source jailbreaking tool for older iOS devices : https://github.com/axi0mX/ipwndfu cc @axi0mX #jailbreak #iOS

5)Identifying HTTPS-Protected Netflix Videos in Real-Time : https://www.mjkranch.com/docs/CODASPY17_Kranch_Reed_IdentifyingHTTPSNetflix.pdf (pdf) #Netflix

6) Remote Code Execution (CVE-2017-7280) - Part 1 : https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-1/ #RCE #Security

7) ApiScout : Painless Windows API information recovery : http://byte-atlas.blogspot.in/2017/04/apiscout.html #API #Hacking

8) Breaking the Security Model of Subgraph OS : https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/

9) Exploiting Broadcom’s Wi-Fi Stack (Part 2): https://googleprojectzero.blogspot.in/2017/04/over-air-exploiting-broadcoms-wi-fi_11.html , Part 1 : https://googleprojectzero.blogspot.in/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html #Broadcom

10) Reverse Engineering a DGA (Domain Generation Algorithm) : https://vimeo.com/212352397 #ReverseEngineering #DGA

11) Go-SCP : Go programming language secure coding practices guide : https://github.com/Checkmarx/Go-SCP  #Go  #SecureCoding

12) Chrome 59 has cross-platform headless support : https://www.chromestatus.com/features/5678767817097216   #Chrome

13) Xenotix-Python-Keylogger : Xenotix Python Keylogger for Windows : https://github.com/ajinabraham/Xenotix-Python-Keylogger/blob/master/xenotix_python_logger.py #keylogger #Python #Windows

14) Disarming EMET 5.52 : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Niels%20Warnars%20-%20Disarming%20EMET.pdf (Slides)

15) Network-based Ransomware Detection : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Paulus%20Meesen%20and%20Don%20Mulders%20-%20A%20Passive%20Listing%20Ransomware%20Detector.pdf (Slides)

16) iCloud syncing and 2FA: friend or foe? : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Vladamir%20Katalov%20-%20Breaking%20Apple%E2%80%99s%20iCloud%20Keychain.pdf (Slides)

17) Exploiting CVE-2017-0199 : HTA Handler Vulnerability : https://www.mdsec.co.uk/2017/04/exploiting-cve-2017-0199-hta-handler-vulnerability/  

Twitter Archive of April,10th ,2017

1) Tunnelled IPv6 Attacks Bypass Network Intrusion Detection Systems : https://ccdcoe.org/sites/default/files/multimedia/pdf/ip6eva_0.pdf (pdf)

2) Router Exploitation : https://www.blackhat.com/presentations/bh-usa-09/LINDNER/BHUSA09-Lindner-RouterExploit-SLIDES.pdf (Slides)

3) CAA checking becomes mandatory for SSL/TLS certificates : https://ma.ttias.be/caa-checking-becomes-mandatory-ssltls-certificates/ 

4) mambo : A Low-Overhead Dynamic Binary Modification Tool for ARM : https://github.com/beehive-lab/mambo , Slides : http://www.cs.man.ac.uk/~gorgovc9/slides_hipeac.pdf

5) CVE-2017-3881 Cisco Catalyst : https://artkond.com/2017/04/10/cisco-catalyst-remote-code-execution/ ,  RCE PoC : https://github.com/artkond/cisco-rce/

6) OWASP Mobile Security Testing Guide : https://b-mueller.gitbooks.io/owasp-mobile-security-testing-guide/content/

7)Malware Analysis Cheats And Tools list : https://gbhackers.com/malware-analysis-cheat-sheet-and-tools-list/

8)Tampering and Reverse Engineering on Android : https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05c-Reverse-Engineering-and-Tampering.md

9) More Android Anti-Debugging Fun : http://www.vantagepoint.sg/blog/89-more-android-anti-debugging-fun

10) Using Ubuntu .DESKTOP as a Malware Vector : http://blog.mazinahmed.net/2017/04/using-ubuntu-desktop-as-malware-vector.html

11) A Tough call : Mitigating Advanced Code-Reuse Attacks At The Binary Level : http://syssec.rub.de/media/emma/veroeffentlichungen/2016/05/01/Tough-call-Oakland16.pdf (pdf) , Github : https://github.com/vusec/typearmor

12) whereami : Uses WiFi signals and machine learning to predict where you are. Even works for distances like 2-10 mt : https://github.com/kootenpv/whereami/blob/master/README.md

13) Automatically Inferring Malware Signatures for Anti-Virus Assisted Attacks : https://www.sec.cs.tu-bs.de/pubs/2017-asiaccs.pdf (pdf)

14) Wire messenger server code open-sourced : https://github.com/wireapp/wire-server

15) Unleashing use-before-initialization vulnerabilities in the Linux kernel : http://www.cc.gatech.edu/~klu38/publications/ubi-ndss17.pdf   (pdf)

16) Learn VIM while playing a game : https://vim-adventures.com/ 

Twitter Archive of 2/04/2017

1) How we exploited a code execution vulnerability in math.js :  https://capacitorset.github.io/mathjs/

2) One Line of Code that Compromises Your Server : https://martinfowler.com/articles/session-secret.html

3) ASUS B1M projector remote root exploit (0day) : https://www.myhackerhouse.com/asus-b1m-projector-remote-root-0day/

4) Windows DRM Social Engineering Attacks & TorBrowser : https://www.myhackerhouse.com/windows_drm_vs_torbrowser/

5) Tor : The Second-Generation Onion Router (Architecture) : http://sec.cs.ucl.ac.uk/users/smurdoch/papers/tor14design.pdf (pdf/wp)

6) usb-canary : Sends An SMS When Someone Tinkers With Your USB Ports : https://github.com/probablynotablog/usb-canary

7) Bypassing Cylance :

Part 1 – Using VSAgent.exe : http://www.blackhillsinfosec.com/?p=5792
Part 2 – Using DNSCat2 : http://www.blackhillsinfosec.com/?p=5798
Part 3 – Netcat & Nishang ICMP C2 Channel : http://www.blackhillsinfosec.com/?p=5804
Part 4 – Metasploit Meterpreter & PowerShell Empire Agent : http://www.blackhillsinfosec.com/?p=5806
Part 5 – Looking Forward : http://www.blackhillsinfosec.com/?p=5808


8)  box-js : A tool for studying JavaScript malware : https://github.com/CapacitorSet/box-js

9) An introduction to programming for non-technical people by explaining jokes for programmers : http://eattheworldbook.com/content.html

Blackhat Slides / WhitePaper - 2017 Asia ,Singapore  :


1) 24 Techniques to Gather Threat Intel and Track Actors :

https://www.blackhat.com/docs/asia-17/materials/asia-17-Huang-24-Techniques-to-Gather-Threat-Intel-And-Track-Actors.pdf (Slides)

2) 3G/4G Intranet Scanning and its Application on the WormHole Vulnerability : https://www.blackhat.com/docs/asia-17/materials/asia-17-Bai-3G-4G-Intranet-Scanning-And-Its-Application-On-The-WormHole-Vulnerability.pdf (Slides)

3) Beyond the blacklists : Detecting malicious URL through machine learning : https://www.blackhat.com/docs/asia-17/materials/asia-17-Dong-Beyond-The-Blacklists-Detecting-Malicious-URL-Through-Machine-Learning.pdf (Slides)

4) Cache Side Channel Attack : Exploitability & Countermeasures : https://www.blackhat.com/docs/asia-17/materials/asia-17-Irazoqui-Cache-Side-Channel-Attack-Exploitablity-And-Countermeasures.pdf (Slides)

5)In-Depth Analysis of Go Language Runtime & the New Class of Vulnerabilities it introduces : https://www.blackhat.com/docs/asia-17/materials/asia-17-Clapis-Go-Get-My-Vulnerabilities-An-In-Depth-Analysis-Of-Go-Language-Runtime-And-The-New-Class-Of-Vulnerabilities-It-Introduces.pdf (Slides)

6) Hack Microsoft Using Microsoft Signed Binaries : https://www.blackhat.com/docs/asia-17/materials/asia-17-Braeken-Hack-Microsoft-Using-Microsoft-Signed-Binaries-wp.pdf (Whitepaper)

7) MASHaBLE : Mobile Applications of Secret Handshakes over Bluetooth Low-Energy : https://www.blackhat.com/docs/asia-17/materials/asia-17-Michalevsky-MASHABLE-Mobile-Applications-Of-Secret-Handshakes-Over-Bluetooth-LE.pdf (Slides) , https://www.blackhat.com/docs/asia-17/materials/asia-17-Michalevsky-MASHABLE-Mobile-Applications-Of-Secret-Handshakes-Over-Bluetooth-LE-wp.pdf (Whitepaper)

8) Never Let Your Guard Down : Finding Unguarded Gates to Bypass Control Flow Guard with Big Data :
https://www.blackhat.com/docs/asia-17/materials/asia-17-Sun-Never-Let-Your-Guard-Down-Finding-Unguarded-Gates-To-Bypass-Control-Flow-Guard-With-Big-Data.pdf (Slides)

9)The Power of Data-Oriented Attacks : Bypassing Memory Mitigation Using Data-Only
Exploitation Technique (Part I) : https://www.blackhat.com/docs/asia-17/materials/asia-17-Sun-The-Power-Of-Data-Oriented-Attacks-Bypassing-Memory-Mitigation-Using-Data-Only-Exploitation-Technique.pdf (Slides)

10) UEFI Firmware Rootkits : Myths and Reality : https://www.blackhat.com/docs/asia-17/materials/asia-17-Matrosov-The-UEFI-Firmware-Rootkits-Myths-And-Reality.pdf (Slides)

Twitter archive of 1st April,2017

1)  Marble : CIA's Malware obfuscation tools released by Wikileaks : https://wikileaks.org/ciav7p1/cms/page_14588467.html?marble=1 , Slides : https://wikileaks.org/ciav7p1/cms/files/Marble%20Framework.pptx

2) libfuzzer-workshop : Repository for materials of "Modern fuzzing of C/C++ Projects" workshop : https://github.com/Dor1s/libfuzzer-workshop

3)mimipenguin : A tool to dump the login password from the current linux user : https://github.com/huntergregal/mimipenguin 

4) rev.ng : suite of tools for binary analysis based on QEMU and LLVM, aiming at accuracy and portability of the analyses across a wide range of architectures : https://rev.ng/

5)Analysis of Dimnie : Hiding in Plain Sight - Github targeted Malware :  http://researchcenter.paloaltonetworks.com/2017/03/unit42-dimnie-hiding-plain-sight/

6) RJ45 building + RJ11

7)Compiling C to printable x86, to make an executable research paper : https://www.youtube.com/watch?v=LA_DrBwkiJA