New Open-Source Tool Spotlight

angr is a Python-based framework for binary analysis, spanning capabilities like symbolic execution, control-flow analysis, and decompilation. Ideal for CTF challenges and reverse engineering tasks. #binaryanalysis #reverseengineering

Project link on #GitHub https://github.com/angr/angr

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

Had the pleasure of playing a super cool and interesting #CTF 5/5 challenge focused on prompt injection vulnerabilities in multi-chain #LLM applications created by @Jhaddix and team from Arcanum Security

New Open-Source Tool Spotlight

GOAD (Game of Active Directory) by Orange-Cyberdefense is a lab for pentesting Active Directory environments. With multiple configurations like GOAD-Mini and SCCM labs, it helps security professionals practice AD attack techniques. Caution: Designed for isolated lab use only. #ActiveDirectory #Cybersecurity

Project link on #GitHub https://github.com/Orange-Cyberdefense/GOAD

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

Mapping your threat-hunting workflows to the MITRE ATT&CK framework? Check out olafhartong's ThreatHunting Splunk app. With 130+ reports and dashboards, it simplifies hunting while integrating Sysmon data for deep insights. Requires tuning for best results. #ThreatHunting #MITREATTACK

Project link on #GitHub https://github.com/olafhartong/ThreatHunting

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

SAVE THE DATE: HackHERthon am 08.-10.09. in Berlin

Wir wollen talentierte und interessierte Menschen, die sich als Frau identifizieren, anhand von technischen Herausforderungen zusammenbringen.

Drei Tage und zwei Events in einem: Wir bieten euch einen Tag voll mit Challenges in einem #CTF-Wettbewerb und zwei Tage kreativer Problemlösung. Du hast die Wahl, entweder an einem Format teilzunehmen oder beides mitzuerleben!

Die Teilnahme ist kostenfrei und bietet dir nicht nur eine moderne Umgebung, in der du dich frei von Erwartungshaltung oder Leistungsdruck entfalten kannst, sondern auch eine Atmosphäre, in der Teamarbeit und individuelle Weiterentwicklung im Vordergrund stehen.

Die Veranstaltung ist für alle Interessierten, die sich als Frau identifizieren.

Eindrücke aus dem vergangenen Jahr: https://youtu.be/jee2Y8n8KOc?si=gOB3qxuPizuPeBxZ

Bewirb dich jetzt hier: https://www.hisolutions.com/hackherthon

New Open-Source Tool Spotlight

Scopify is a Python-based recon tool for pentesters, leveraging `netify.ai` to analyze CDNs, hosting, and SaaS infra of target companies. Optional OpenAI integration adds AI-guided insights for deeper testing. Built by @Jhaddix & Arcanum-Sec. #CyberSecurity #BugBounty

Project link on #GitHub https://github.com/Arcanum-Sec/Scopify

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

I will be giving a talk on Pwndbg open source development in ~1h on a local Python meeetup!

It will be livestreamed on: https://www.youtube.com/live/euK_S81Qnuo?si=EhZ-WhnP-4yZRElE

New Open-Source Tool Spotlight

Mandiant's `capa` analyzes executable files to pinpoint their capabilities. From detecting HTTP communications to identifying persistence mechanisms, it helps analysts assess malware functionality quickly. Supports PE, ELF, .NET, shellcode, and sandbox reports. #malwareanalysis #cybersecurity

Project link on #GitHub https://github.com/fireeye/capa

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

Im Umfeld des @RaumZeitLabor formt sich gerade ein neues #CTF-Team. Wenn ihr Bock habt euch regelmäßig vor Ort in Mannheim mit anderen zum lernen und pwnen zu treffen, guckt mal nächsten Montag 28.04. um 19Uhr zum ersten regulären Treffen im Space vorbei. Alle Skill-Level sind willkommen. Weitere Infos folgen voraussichtlich dannach auf Website/Mailingliste/Wiki/Masto
https://raumzeitlabor.de/kontakt/anfahrt/

How can a simple SQL command open the door to full system takeover and cryptocurrency mining?

A recent cloud attack campaign is exploiting misconfigured PostgreSQL servers, using legitimate database functionality to run malicious code on compromised systems. The operation, tracked by Wiz under the name JINX-0126, has targeted more than 1,500 exposed PostgreSQL instances so far. It builds on an earlier wave of attacks identified in mid-2024, but now includes more advanced evasion techniques.

At the core is the misuse of PostgreSQL's `COPY ... FROM PROGRAM` command. This command, intended for importing data, is leveraged to execute arbitrary shell commands directly on the host. Once inside, the attacker runs a Base64-decoded shell script that removes rival miners and installs a binary called PG_CORE.

A critical piece of this attack is an obfuscated Golang binary named *postmaster*. It mimics PostgreSQL’s real process, helping it blend in. It also sets up persistence through cron jobs, creates new privileged roles, and writes a binary named *cpu_hu* to disk.

That binary fetches and launches the XMRig cryptocurrency miner—without leaving files behind. This uses Linux's `memfd_create`, a technique that loads executables directly into memory to bypass detection tools that scan disk activity.

Each infected system is assigned a unique worker identity and connected to one of three Monero wallets controlled by the attacker. With about 550 active miners tied to each wallet, the impact spans at least 1,500 machines.

The broader issue is clear: many PostgreSQL services remain poorly secured with weak or default credentials. Combined with powerful features like programmatic file imports, they become easy targets for attackers looking to monetize unauthorized access without raising alarms.

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

"Threat-Informed Defense" isn't just a buzzword. The Center for Threat-Informed Defense bridges MITRE ATT&CK with actionable tools like Adversary Emulation Plans and the Attack Workbench, empowering defenders to stay ahead of real-world TTPs. #CyberDefense #MITREATTACK

Want to map security controls to adversary behavior? Check out Mappings Explorer by the Center for Threat-Informed Defense. It aligns your defense strategy directly with the MITRE ATT&CK framework. Precision matters. #ThreatIntelligence #Cybersecurity

Attack Flow helps you visualize how attackers chain techniques into full-scale operations. An indispensable tool for understanding and mitigating attack sequences. Powered by the Center for Threat-Informed Defense. #SOCtools #ThreatModeling

TRAM leverages automation to map CTI reports directly to MITRE ATT&CK tactics and techniques. Less manual work, more actionable insights. Open-source ingenuity at its best. #CyberThreats #MITREATTACK

Building effective cyber analytics requires depth; "Summiting the Pyramid" delivers frameworks to challenge adversary evasion strategies. A research-backed way to harden defenses. #CyberAnalytics #ThreatHunting

Project link on #GitHub https://github.com/center-for-threat-informed-defense

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

Iscriviti alla CTF della RHC Conference 2025!

Regolamento ed iscrizione : https://tinyurl.com/rhcctf
Scenari: https://tinyurl.com/ctf-scenari

New Open-Source Tool Spotlight

The ThreatHunter-Playbook on GitHub is a robust resource for threat detection. It integrates MITRE ATT&CK with Jupyter notebooks to share detection techniques and enable testing on pre-recorded datasets. Perfect for security researchers streamlining hunting workflows. #ThreatHunting #CyberSecurity

Project link on #GitHub https://github.com/OTRF/ThreatHunter-Playbook

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

Released new Pwndbg: 2025.04.18

It adds display of breakpoints in the disasm view, new libcinfo command, improves attachp & hexdump commands, UI, TUI and more. Also, command names use "-" istead of "_" now for consistency.

Read more and download it on https://github.com/pwndbg/pwndbg/releases/tag/2025.04.18 !

From Vibe Coding to Vibe Decoding
Using AI to decompile a binary and reverse engineer functions including S-boxes.

https://c.mov/nfuncs-agent/

New Open-Source Tool Spotlight

Google's GRR (GRR Rapid Response) is an open-source framework for remote live forensics and incident response. It allows security teams to investigate systems at scale without interrupting operations. Used for data collection, analysis, and hunting. #CyberSecurity #DFIR

Project link on #GitHub https://github.com/google/grr

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

SecLists is a powerful resource for security testing. It consolidates usernames, passwords, payloads, sensitive patterns, and more into one repository. Essential for pen testers and bug hunters. #CyberSecurity #PenTesting

Project link on #GitHub https://github.com/danielmiessler/SecLists

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

DEFCON 33 CTF Write-Up Series #1: jxl4fun2 (pwn):

https://blog.cykor.kr/2025/04/DEFCON-33-Series-jxl4fun-pwn

DEFCON 33 CTF Write-Up Series #2: tinii (rev):

https://blog.cykor.kr/2025/04/DEFCON-33-Series-tinii

New Open-Source Tool Spotlight

Active Directory Certificate Services (AD CS) can be a goldmine if misconfigured. Tools like Certipy simplify enumeration and abuse, leveraging techniques like Shadow Credentials, Golden Certificates, and domain escalation paths (ESC1-ESC11). #CyberSecurity #RedTeam

Certipy's `shadow` command exemplifies ADCS weaknesses. By manipulating `msDS-KeyCredentialLink`, you can take over accounts via PKINIT. It's seamless but devastating for privilege escalation. #Pentesting #ActiveDirectory

Golden Certificates mimic Golden Tickets but target ADCS. Using a compromised CA private key, an attacker can forge certs for domain controllers or users. Certipy automates this process—caution with CA backups. #InfoSec #PKI

Project link on #GitHub https://github.com/ly4k/Certipy

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

Good morning, does anyone have a security/dev contact at Garmin?

I'd like to talk to them about Ph0wn CTF...

Thanks.