December 2018 - DigitalMunition

Infoga – Email OSINT

December 30th, 2018 📅

Infoga is a tool gathering email accounts informations (ip,hostname,country,…) from different public source (search engines, pgp key servers and shodan) and check

Electrum Wallet Hacked, 200 BTC Stolen over Christmas

December 30th, 2018 📅

The attack started on Friday, December 21, 2018 Hackers duped users to update their wallet Electrum Wallet has faced serious

Smap – Shellcode Mapper

December 30th, 2018 📅

Handy tool for shellcode analysis. Requirements objdump Installation and execution Then you can download smap by cloning the Git repository: git clone https://github.com/suraj-root/smap.git cd

Russia-linked Sofacy APT developed a new ‘Go’ variant of Zebrocy tool

December 21st, 2018 📅

Researchers at Palo Alto Networks discovered that the Russian-linked Sofacy APT has written a new version of their Zebrocy backdoor using the

Scavenger – Is A Multi-Threaded Post-Exploitation Scanning Tool For Scavenging Systems, Finding Most Frequently Used Files And Folders As Well As “Interesting” Files Containing Sensitive Information

December 21st, 2018 📅

scavenger : is a multi-threaded post-exploitation scanning tool for scavenging systems, finding most frequently used files and folders as well as “interesting” files

NASA data breach – The agency notifies employees of a security intrusion

December 21st, 2018 📅

U.S. National Aeronautics and Space Administration (NASA) notifies employees of a data breach that exposed social security numbers and other personal information.

Wordlistctl – Fetch, Install And Search Wordlist Archives From Websites And Torrent Peers

December 21st, 2018 📅

Script to fetch, install, update and search wordlist archives from websites offering wordlists with more than 1800 wordlists available. In the latest version of

Seedworm APT Group targeted more than 130 victims in 30 organizations since Sept

December 15th, 2018 📅

The Seedworm APT Group has targeted more than 130 victims in 30 organizations since September including NGOs, oil and gas,

Celerystalk – An Asynchronous Enumeration and Vulnerability Scanner

December 15th, 2018 📅

celerystalk helps you automate your network scanning/enumeration process with asynchronous jobs (aka tasks) while retaining full control of which tools you

Group-IB identifies leaked credentials of 40,000 users of government websites in 30 countries

December 13th, 2018 📅

Group-IB, an international company that specializes in preventing cyberattacks, has detected more than 40 000 compromised user credentials of online government services in 30 countries around

Knock v.4.1.1 – Subdomain Scan

December 13th, 2018 📅

Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist. It is designed to scan for DNS zone

Security Culture

December 13th, 2018 📅

Psychology plays an increasing role in how organisations influence employee behaviour and develop a desired culture for success. A series

Jackhammer – One Security Vulnerability Assessment/Management Tool To Solve All The Security Team Problems

December 13th, 2018 📅

One Security vulnerability assessment/management tool to solve all the security team problems. What is Jackhammer? Jackhammer is a collaboration tool

Experts at Yoroi – Cybaze Z-Lab analyzed MuddyWater Infection Chain

December 9th, 2018 📅

Malware researchers at Yoroi – Cybaze Z-Lab analyzed the MuddyWater Infection Chain observed in a last wave of cyber attacks.

Osweep – Don’t Just Search OSINT, Sweep It

December 9th, 2018 📅

If you work in IT security, then you most likely use OSINT to help you understand what it is that

Fileless malware surge, warns Malwarebytes report

December 9th, 2018 📅

Fileless malware is a “hard to remediate” class of malware that is growing in popularity among cyber attackers, according to the

Hayat – Auditing & Hardening Script For Google Cloud Platform

December 6th, 2018 📅

Hayat is a auditing & hardening script for Google Cloud Platform services such as: Identity & Access Management Networking Virtual

Kubernetes security flaw allows hackers to infiltrate backend servers

December 6th, 2018 📅

First major security flaw in popular cloud container orchestrator Kubernetes discovered – and it may be impossible to tell if

Veil – Tool To Generate Metasploit Payloads That Bypass Common Anti-virus Solutions

December 6th, 2018 📅

Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions. Veil is current under support by

CVE-2018-15982 Adobe zero-day exploited in targeted attacks

December 6th, 2018 📅

Adobe released security updates for Flash Player that address two vulnerabilities, including a critical flaw, tracked as CVE-2018-15982, exploited in targeted attacks.

AccuDoc Data Breach impacted 2.6 Million Atrium Health patients

December 1st, 2018 📅

Hospital network Atrium Health suffered a data breach, hacked accessed patients’ personal information after compromised the technology solutions provider AccuDoc.

Kamerka – Build Interactive Map Of Cameras From Shodan

December 1st, 2018 📅

Build an interactive map of cameras from Shodan. The script creates a map of Shodan cameras based on your address or coordinates. https://medium.com/@woj_ciech/%EA%93%98amerka-build-interactive-map-of-cameras-from-shodan-a0267849ec0a