Phishing Campaign Toolkit: King Phisher

King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. It features an easy to use, yet very flexible architecture allowing full control over both emails and server content. King Phisher can be used to run campaigns ranging from simple awareness...

PRYTEK meetup: Breach and Attack Simulation or Automated Pentest?

Last Tuesday, November 27, I spoke at "Business Asks for Cyber Attacks" meetup organized by PRYTEK investment platform. The event was held at the PRYTEK Moscow office in a beautiful XIX century building of a former textile manufactory. The goal of the meetup was to talk about new approaches in...

UPDATE: Infection Monkey 1.6.1

PenTestIT RSS Feed I'm sure you must have read my previous post title the List of Adversary Emulation Tools. In that post, I briefly mentioned about the Guardicore Infection Monkey. Good news now is that it has been updated! We now have Infection Monkey 1.6.1. An important change about this versi...

Microsoft Windows Unnamed Kernel Object Limit Elevation Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows Unnamed Kernel Object. An attacker can exploit the vulnerability to cause elevation of privilege by defaulting the security descriptor...

Huawei eNSP v1 - Buffer Overflow (DoS) Vulnerability

Document Title: =============== Huawei eNSP v1 - Buffer Overflow DoS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2132 Security ID: huawei-sa-20180309-01-ensp https://nvd.nist.gov/vuln/detail/CVE-2017-17321...

Analysis antivirus BitDefender of an integer overflow vulnerability, the first part-the vulnerability warning-the black bar safety net

In software vulnerabilities“Pantheon”, the security software vulnerability is considered other than software vulnerabilities in more serious. We rely on security software to defend against attackers, so our defensive system in the vulnerability only allows an attacker to cause harm, but also will...

MalwLess - Test Blue Team Detections Without Running Any Attack

MalwLess is an open source tool that allows you to simulate system compromise or attack behaviours without running processes or PoCs. The tool is designed to test Blue Team detections and SIEM correlation rules. It provides a framework based on rules that anyone can write, so when a new technique...

Design/Logic Flaw

Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data...

CVE-2018-8843

Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data...

CVE-2018-8843

Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data...

PLCWinNT software suffers from a memory leak vulnerability

CoDeSys is a complete development environment for programmable logic control PLCs, in which simulation functions can be implemented by configuring the PLCWinNT software. A memory leak vulnerability exists in the PLCWinNT software that corresponds to the V2 version of CoDeSys. An attacker can...

RTA - Framework Designed To Test The Detection Capabilities Against Malicious Tradecraft

RTA provides a framework of scripts designed to allow blue teams to test their detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK. RTA is composed of python scripts that generate evidence of over 50 different ATT&CK tactics, as well as a compiled binary application th...

Metta - An Information Security Preparedness Tool To Do Adversarial Simulation

Metta is an information security preparedness tool. This project uses Redis/Celery, python, and vagrant with virtualbox to do adversarial simulation. This allows you to test mostly your host based instrumentation but may also allow you to test any network based detection and controls depending on...

List of Adversary Emulation Tools

PenTestIT RSS Feed Every once in a while, the security industry brings forth a new buzz word and introduces terminologies that sound über cool and generate lot's of interest. One such word going around now-a-days is automated "adversary emulation". Let's first understand what this really means...

Students fell prey to phishing attacks conducted by their universities

By Waqas Universities Educating Students on Cybersecurity by Simulating Fake Phishing Attacks. This is a post from HackRead.com Read the original post: Students fell prey to phishing attacks conducted by their universities...

Information Security Preparedness Tool: Metta

Metta is an open-source information security preparedness tool for adversarial simulation. As an emerging concept, the industry has yet to settle on a definitive definition of adversarial simulation, but it involves simulating components of targeted attacks in order to test both an organization’s...

Linux Kernel Denial of Service Vulnerability (CNVD-2018-02199)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'einjerrorinject' function in the drivers/acpi/apei/einj.c file in the Linux kernel. A local attacker could exploit this...

New FakeNet-NG Feature: Content-Based Protocol Detection

I Matthew Haigh recently contributed to FLARE’s FakeNet-NG network simulator by adding content-based protocol detection and configuration. This feature is useful for analyzing malware that uses a protocol over a non-standard port; for example, HTTP over port 81. The new feature also detects and...

New FakeNet-NG Feature: Content-Based Protocol Detection

I Matthew Haigh recently contributed to FLARE’s FakeNet-NG network simulator by adding content-based protocol detection and configuration. This feature is useful for analyzing malware that uses a protocol over a non-standard port; for example, HTTP over port 81. The new feature also detects and...

CVE-2014-9733

CVE-2014-9733 concerns nw.js. The connected documents indicate that NW.js before 0.11.5 can simulate user input events within a normal frame, enabling a remote attacker to cause an unknown impact via unknown vectors. The CNVD entry explicitly notes a vulnerability in nw.js prior to 0.11.5 and men...