unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Covert TLS n-day backdoors: SparkCockpit & SparkTar
In early 2024, Ivanti’s Pulse Secure appliances suffered from wide-spread...
2024-3-1 18:59:0 | 阅读: 12 |
收藏
|
NVISO Labs - blog.nviso.eu
backdoors
network
nviso
sparktar
ivanti
Top things that you might not be doing (yet) in Entra Conditional Access
IntroductionIn this blog post, I focus on the top things that you might not be doing (yet) i...
2024-2-27 16:0:14 | 阅读: 14 |
收藏
|
NVISO Labs - blog.nviso.eu
entra
microsoft
security
identities
Is the Google search bar enough to hack Belgian companies?
In this blog post, we will go over a technique called Google Dorking and demonstrate how it can...
2024-1-22 16:0:0 | 阅读: 24 |
收藏
|
NVISO Labs - blog.nviso.eu
security
robots
attacker
belgium
Deobfuscating Android ARM64 strings with Ghidra: Emulating, Patching, and Automating
In a recent engagement I had to deal with some custom encrypted strings inside an Android ARM64...
2024-1-15 16:0:0 | 阅读: 31 |
收藏
|
NVISO Labs - blog.nviso.eu
ghidra
pcode
xorstring
decrypted
Scaling your threat hunting operations with CrowdStrike and PSFalcon
IntroductionMost modern day EDRs have some sort of feature which allows blue teamers to remo...
2023-12-13 16:0:0 | 阅读: 21 |
收藏
|
NVISO Labs - blog.nviso.eu
powershell
psfalcon
crowdstrike
groupid
RPC or Not, Here We Log: Preventing Exploitation and Abuse with RPC Firewall
Welcome, readers, to the first installment of our blog series “Preventing Exploitation and Abu...
2023-12-8 16:0:0 | 阅读: 22 |
收藏
|
NVISO Labs - blog.nviso.eu
windows
11d1
4b06
ab04
Data Connector Health Monitoring on Microsoft Sentinel
IntroductionSecurity information and event management (SIEM) tooling allows security teams t...
2023-12-6 16:0:0 | 阅读: 17 |
收藏
|
NVISO Labs - blog.nviso.eu
microsoft
monitoring
security
connectors
AI in Cybersecurity: Bridging the Gap Between Imagination and Reality
IntroductionIn today’s digital environment, we encounter a mix of evolving cyber systems and...
2023-11-8 16:0:0 | 阅读: 22 |
收藏
|
NVISO Labs - blog.nviso.eu
security
machine
analysis
threats
Generating IDA Type Information Libraries from Windows Type Libraries
When working with IDA, a commonly leveraged feature are type information libraries (TIL). These...
2023-11-7 16:0:0 | 阅读: 24 |
收藏
|
NVISO Labs - blog.nviso.eu
til
idaclang
mscorlib
library
maxime
Introducing CS2BR pt. III – Knees deep in Binary
IntroductionOver the span of the previous two blog posts in the series, I showed why the m...
2023-10-26 19:0:0 | 阅读: 23 |
收藏
|
NVISO Labs - blog.nviso.eu
cs2br
brc4
ty
scl
Most common Active Directory misconfigurations and default settings that put your organization at risk
IntroductionIn this blog post, we will go over the most recurring (and critical) findings th...
2023-10-26 15:0:0 | 阅读: 21 |
收藏
|
NVISO Labs - blog.nviso.eu
security
machine
attacker
encryption
spooler
XOR Known-Plaintext Attacks
In this blog post, we show in detail how a known-plaintext attack on XOR encoding works, and aut...
2023-10-12 15:0:0 | 阅读: 21 |
收藏
|
NVISO Labs - blog.nviso.eu
partial
ciphertext
kpa
nviso
keystream
A Beginner’s Guide to Adversary Emulation with Caldera
Target AudienceThe target audience for this blog post is individuals who have a basic und...
2023-8-25 15:0:0 | 阅读: 26 |
收藏
|
NVISO Labs - blog.nviso.eu
emulation
abilities
security
ttps
agents
Introducing BitSight Automation Tool
GlossaryIntroductionBitSightAutomationOperationsStructureInstallation...
2023-8-8 15:0:0 | 阅读: 27 |
收藏
|
NVISO Labs - blog.nviso.eu
bitsight
subsidiary
python
entityone
Unlocking the power of Red Teaming: An overview of trainings and certifications
NVISO enjoys an excellent working relationship with SANS and has been involved as Instructors an...
2023-7-31 15:0:0 | 阅读: 68 |
收藏
|
NVISO Labs - blog.nviso.eu
security
eur
costs
certified
development
The SOC Toolbox: Analyzing AutoHotKey compiled executables
One day, a long time ago, whilst handling my daily tasks, an alert was g...
2023-7-20 15:0:0 | 阅读: 22 |
收藏
|
NVISO Labs - blog.nviso.eu
nicholas
autohotkey
security
dhaeyer
rcdata
Introducing CS2BR pt. II – One tool to port them all
IntroductionIn the previous post of this series we showed why Brute Ratel C4 (BRC4) isn’t...
2023-7-18 00:0:22 | 阅读: 17 |
收藏
|
NVISO Labs - blog.nviso.eu
cs2br
brc4
bofs
entrypoint
beacon
Transforming search sentences to query Elastic SIEM with OpenAI API
(In the Blog Post, we will demonstrate a Proof-of-Concept on how to use a OpenAI’s Large Languag...
2023-5-30 17:48:53 | 阅读: 29 |
收藏
|
NVISO Labs - blog.nviso.eu
openai
security
penalty
probability
Enforce Zero Trust in Microsoft 365 – Part 3: Introduction to Conditional Access
This blog post is the third blog post of a series dedicated to Zero Trust security in Microsof...
2023-5-24 15:0:0 | 阅读: 37 |
收藏
|
NVISO Labs - blog.nviso.eu
microsoft
security
cloud
enforce
Introducing CS2BR pt. I – How we enabled Brute Ratel Badgers to run Cobalt Strike BOFs
If you know all about CS, BRC4 and BOFs you might want to skip this introduction and get right...
2023-5-15 15:0:0 | 阅读: 29 |
收藏
|
NVISO Labs - blog.nviso.eu
bofs
brc4
entrypoint
imports
winapi
Previous
2
3
4
5
6
7
8
9
Next