Black Hills Information Security just published a great blog post for anyone interested in software defined radios (SDRs). It links to other tutorials that he found while working with a car key fob and how he used GNU Radio paired with a HackRF One to capture and replay the signal back to the receiver. This is a good read for anyone interested in doing working with SDRs.
BHIS Blog Post: http://bit.ly/3467czI
Many of you are probably already familiar with what Responder does. It takes advantages of protocols such as LLMNR to spoof responses to Windows auto proxy discovery. Black Hills Information Security has just published a blog post on how to disable LLMNR. This protocol has no security, is a broadcast layer 2 protocol and was designed to be used for DNS resolution when there is no DNS server in the network. Nice right? It is also how Windows performs it’s proxy discovery since Windows Vista and it can be spoofed from any node on the broadcast domain. This has been used by hackers to send the user to a proxy server they control to steal user credentials for websites such as online banking and also exploit the browser itself.
BHIS Blog Post: http://bit.ly/2RHtBAZ
You can read more about China’s “Great Cannon” here: http://bit.ly/34awInD
BSidesNoVA has posted all the talks from this year (2019) as well 2018 and 2017.
Offensive Security, the company that is behind Kali Linux, has just released a new version of Kali Linux they are calling 2019.4. This recent release includes the usual updates to their tools, changes the default window manage from Gnome to XFCE, inclusion of PowerShell for Linux and other minor tweaks but it also has a new mode that was introduced that they are calling “UnderCover Mode” which changes the Kali desktop to look like Windows 10. This is great if you are trying to do penetration testing in a public place or at the client facility.
Black Hills Information Security posted all the videos for their talks held at this years Wild West Hackin’ Fest.
You can find them here: http://bit.ly/2RnuChe
Black Hills Information Security just published an article with a lot of living off the land techniques for pentesting and red teaming. Turns out there is a lot you can do on modern day Windows systems such as decode Base64 data using “certutil.exe” and writing data to the clipboard using “clip.exe”.
Full BHIS article: http://bit.ly/32Y54JD
Finally some competition for recon-ng! This tool will collect and aggregate data from the following sources:
GitHub repo can be found here: http://bit.ly/2KAPjCj
Turns out it is really easy to bypass Windows Defender on the most up-to-date fully patched version of Windows 10 simply by naming the file “msiexec.exe“.
Here’s the full article: http://bit.ly/358LhJ0
Ever wish you could just take your piece of VBScript code and convert it into shellcode? How about that .NET DLL? Boy, do I have a treat for you! Meet Donut. Donut is a tool for generating shellcode for x86 and x64 architectures that will convert VBScript, JScript, .NET assemblies and even traditional EXEs and DLLs and will convert it into position independent code (PIC) shellcode.
More information can be found here: http://bit.ly/2Xnre78