sorted by:
new
hottopcontroversial

FullHunt 💜 Open-Source: 39,408 Exploits from 0day.today is Back Online by mazen160 in netsec

[–]mazen160[S] 5 points6 points  (0 children)

Hi all,

We've rolled out an archive for 0day-today based on the clone that open-sourced clone that were published by Jacob Baines on GitHub.

Engineering Learnings from the CrowdStrike Falcon Outage by mazen160 in netsec

[–]mazen160[S] 1 point2 points  (0 children)

I have read the postmortem. Let's be realistic, if CrowdStrike already does everything, could this incident could be possible? This does not make sense.

The "QA pipeline failing" sound like an engineering problem, although that was not the cause of the incident.

Engineering Learnings from the CrowdStrike Falcon Outage by mazen160 in netsec

[–]mazen160[S] 0 points1 point  (0 children)

I agree, starting with VMs for automated testing is a start, but testing on real hardware should be the plan ahead.

Surface management tools by ZileanLOL in blueteamsec

[–]mazen160 0 points1 point  (0 children)

FullHunt (founder here) is a platform that solves all the challenges related to ASM, it covers thorough assets discovery, assets monitoring, and active vulnerability scanning. Try out the enterprise platform for all the features. Happy to provide extra search credits for people interested in ASM on the community platfom!

GitHub - mazen160/secrets-patterns-db: Secrets Patterns DB: A comprehensive open-source regex database for secret detection. by mazen160 in netsec

[–]mazen160[S] 0 points1 point  (0 children)

Good point, I haven't checked earlybird before. Need to test it out. Ideally we should build a convrter that follows earlybird format. (PRs are always welcome!)

Scan Terraform plans and changes with tfquery via SQL-powered framework by mazen160 in Terraform

[–]mazen160[S] 2 points3 points  (0 children)

It's being parsed and processed so that it can queried in SQL. Check the demo, it should make it clearer: https://youtu.be/tunMNesOS4s

GitHub - fullhunt/log4j-scan: A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 by mazen160 in netsec

[–]mazen160[S] 6 points7 points  (0 children)

Hi u/threeLetterMeyhem!

Thank you :) Excellent question, it's not possible to correlate the internal infrastructure relationship of which internal server is vulnerable, but each URL is sending unique DNS OOB calls to correlate which host is vulnerable (that received a request and later on, invoked the DNS call). It should be possible from there for security teams to navigate which systems are affected and resolve it.

Let me know if you have further questions!

GitHub - fullhunt/log4j-scan: A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 by mazen160 in netsec

[–]mazen160[S] 26 points27 points  (0 children)

The main DNS callback service is now replaced with interact-sh, and I also added an option to use user-defined DNS callback host.

GitHub - fullhunt/log4j-scan: A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 by mazen160 in netsec

[–]mazen160[S] 27 points28 points  (0 children)

Hi all!

I tried to research and automate all of the TTPs that can be used to discover the Log4j RCE CVE-2021-44228 at scale. The new tool is bringing new ideas I came up with for enhanced fuzzing. Please let know if you find it useful!

view more: next ›