Fidjo La Koka
@fidjolakoka.bsky.social
🛡 Cybersecurity super novice 🛡
Reposted by Fidjo La Koka
I need to write more malware in Rust and then create a bug finder for Rust called WD-40.
November 14, 2024 at 7:11 PM
I need to write more malware in Rust and then create a bug finder for Rust called WD-40.
Reposted by Fidjo La Koka
joaoviictorti / RustRedOps: 🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language. ★761 https://github.com/joaoviictorti/RustRedOps
joaoviictorti / RustRedOps
🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.
github.com
May 13, 2024 at 5:46 PM
joaoviictorti / RustRedOps: 🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language. ★761 https://github.com/joaoviictorti/RustRedOps
I much prefer BlueSky over X, but for now it lacks of content
January 2, 2025 at 4:20 PM
I much prefer BlueSky over X, but for now it lacks of content
This talk was interesting on multiple levels. First, it introduced me to types of vulnerabilities I wasn't aware of, prompting me to consider researching one or two of them further. It also gave me a glimpse of the immense complexity in this field. #defcon #binaryExploitation
youtu.be/cHsRxkfxvq8
youtu.be/cHsRxkfxvq8
DEF CON 32 - The Rise and Fall of Binary Exploitation - Stephen Sims
YouTube video by DEFCONConference
youtu.be
December 27, 2024 at 7:55 AM
This talk was interesting on multiple levels. First, it introduced me to types of vulnerabilities I wasn't aware of, prompting me to consider researching one or two of them further. It also gave me a glimpse of the immense complexity in this field. #defcon #binaryExploitation
youtu.be/cHsRxkfxvq8
youtu.be/cHsRxkfxvq8
I made a post on medium on how install netdiscover on ParrotOs Home Edition
medium.com/@fidjolakoka...
medium.com/@fidjolakoka...
Netdiscover on parrot Home Edition
Netdiscover is a reconnaissance tool that allows users to map a network by capturing ARP packets.
medium.com
December 23, 2024 at 6:09 PM
I made a post on medium on how install netdiscover on ParrotOs Home Edition
medium.com/@fidjolakoka...
medium.com/@fidjolakoka...
Just renewed my annual subscription to HTB!
I hope to make the most of it this time, even though I’m the kind of person who might disappear from platforms for weeks—or even months.😅
I hope to make the most of it this time, even though I’m the kind of person who might disappear from platforms for weeks—or even months.😅
December 23, 2024 at 3:25 PM
Just renewed my annual subscription to HTB!
I hope to make the most of it this time, even though I’m the kind of person who might disappear from platforms for weeks—or even months.😅
I hope to make the most of it this time, even though I’m the kind of person who might disappear from platforms for weeks—or even months.😅
Very fun blog post about defender bypassing for "mimidogz" 😅
www.blackhillsinfosec.com/bypass-anti-...
www.blackhillsinfosec.com/bypass-anti-...
How to Bypass Anti-Virus to Run Mimikatz - Black Hills Information Security
Carrie Roberts // * Would you like to run Mimikatz without Anti-Virus (AV) detecting it? Recently I attempted running the PowerShell script “Invoke-Mimikatz” from PowerSploit on my machine but it was ...
www.blackhillsinfosec.com
December 22, 2024 at 1:25 PM
Very fun blog post about defender bypassing for "mimidogz" 😅
www.blackhillsinfosec.com/bypass-anti-...
www.blackhillsinfosec.com/bypass-anti-...
December 21, 2024 at 11:20 AM
"Although x86 has hundreds of special purpose instructions, students will be shown it is possible to read most programs by knowing only around 20-30 instructions and their variations."
p.ost2.fyi/courses/cour...
p.ost2.fyi/courses/cour...
Architecture 1001: x86-64 Assembly
This class teaches Intel x86 assembly language. It requires you know C programming.
p.ost2.fyi
December 20, 2024 at 3:28 PM
"Although x86 has hundreds of special purpose instructions, students will be shown it is possible to read most programs by knowing only around 20-30 instructions and their variations."
p.ost2.fyi/courses/cour...
p.ost2.fyi/courses/cour...
Reposted by Fidjo La Koka
The 80/20 Rule
20% of what you do leads to 80% of your desired results.
Do the 20% that matters and forget the rest.
20% of what you do leads to 80% of your desired results.
Do the 20% that matters and forget the rest.
December 15, 2024 at 1:48 AM
The 80/20 Rule
20% of what you do leads to 80% of your desired results.
Do the 20% that matters and forget the rest.
20% of what you do leads to 80% of your desired results.
Do the 20% that matters and forget the rest.
I saw a tool today on github called 'TireFire'. I'll give it a try on some HTB boxes
github.com/CoolHandSqui...
github.com/CoolHandSqui...
GitHub - CoolHandSquid/TireFire: Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the target. Comfortable GUI-ish platform. Great for ...
Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the target. Comfortable GUI-ish platform. Great for OSCP/HTB type Machines as well...
github.com
December 14, 2024 at 11:22 PM
I saw a tool today on github called 'TireFire'. I'll give it a try on some HTB boxes
github.com/CoolHandSqui...
github.com/CoolHandSqui...
Novice starter kit: Create a github account to store all your notes. Done ✅
December 14, 2024 at 8:16 PM
Novice starter kit: Create a github account to store all your notes. Done ✅
First (after update && upgrade), get the obsidian appimage and create the shortcut
[Desktop Entry]
Version=1.7.7
Type=Application
Terminal=false
Exec=/opt/Obsidian-1.7.7.AppImage
Name=Obsidian
Comment=obsidian
[Desktop Entry]
Version=1.7.7
Type=Application
Terminal=false
Exec=/opt/Obsidian-1.7.7.AppImage
Name=Obsidian
Comment=obsidian
December 13, 2024 at 9:58 PM
First (after update && upgrade), get the obsidian appimage and create the shortcut
[Desktop Entry]
Version=1.7.7
Type=Application
Terminal=false
Exec=/opt/Obsidian-1.7.7.AppImage
Name=Obsidian
Comment=obsidian
[Desktop Entry]
Version=1.7.7
Type=Application
Terminal=false
Exec=/opt/Obsidian-1.7.7.AppImage
Name=Obsidian
Comment=obsidian
Back to parrot OS
December 13, 2024 at 9:49 PM
Back to parrot OS
I just finished reading this write-up. It's very nice.🤓 Unfortunately, even though I hoped to contribute my part, I have to admit that, for now, this is beyond my league. Thanks for sharing!
Spent some time researching #CVE-2024-11477, the new #7zip CVE and made a writeup about my work on it. Let me know what you think! github.com/TheN00bBuild...
GitHub - TheN00bBuilder/cve-2024-11477-writeup: CVE-2024-11477 7Zip Code Execution Writeup and Analysis
CVE-2024-11477 7Zip Code Execution Writeup and Analysis - TheN00bBuilder/cve-2024-11477-writeup
github.com
December 11, 2024 at 8:39 PM
I just finished reading this write-up. It's very nice.🤓 Unfortunately, even though I hoped to contribute my part, I have to admit that, for now, this is beyond my league. Thanks for sharing!
Read “[ Bastard ] HTB Manual Walkthrough 2023 | OSCP Prep“ by Tonee Marqus on Medium: medium.com/@toneemarqus...
[ Bastard ] HTB Manual Walkthrough 2023 | OSCP Prep
Hi everyone!
medium.com
December 10, 2024 at 6:47 AM
Read “[ Bastard ] HTB Manual Walkthrough 2023 | OSCP Prep“ by Tonee Marqus on Medium: medium.com/@toneemarqus...
TCM :)
Some good offensive security training resources:
- zero point security
- maldev academy
- Xintra
- mr-un1k0d3r
- antisyphon
- TCM
- hack the box
- try hack me
- zero point security
- maldev academy
- Xintra
- mr-un1k0d3r
- antisyphon
- TCM
- hack the box
- try hack me
more books: training.dfirdiva.com/listing-cate...
Offensive (Disclaimer: I'm no pentester)
1. Hackthebox.com - it's free! and can teach you a lot. Start by watching Ippsec as you perform the lab
2. Actually, @techspence.bsky.social , do you have recommendations for books or other resources?
Offensive (Disclaimer: I'm no pentester)
1. Hackthebox.com - it's free! and can teach you a lot. Start by watching Ippsec as you perform the lab
2. Actually, @techspence.bsky.social , do you have recommendations for books or other resources?
December 9, 2024 at 5:48 PM
TCM :)
"If an exploit is developed to weaponize this vulnerability you can expect to see activity around CVE-2024-11477 increase tremendously."
www.trustwave.com/en-us/resour...
www.trustwave.com/en-us/resour...
CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution
On November 20, 2024, Zero Day Initiative (ZDI) researchers disclosed a critical flaw in 7-Zip.
www.trustwave.com
December 6, 2024 at 2:33 PM
"If an exploit is developed to weaponize this vulnerability you can expect to see activity around CVE-2024-11477 increase tremendously."
www.trustwave.com/en-us/resour...
www.trustwave.com/en-us/resour...
December 6, 2024 at 10:48 AM
Today I was searching a tool to decode JWT and got this link in my mailbox 📫 from Clint Gibler newsletter. I'll try it tomorrow at work
github.com/mike-engel/j...
github.com/mike-engel/j...
GitHub - mike-engel/jwt-cli: A super fast CLI tool to decode and encode JWTs built in Rust
A super fast CLI tool to decode and encode JWTs built in Rust - mike-engel/jwt-cli
github.com
December 5, 2024 at 6:09 PM
Today I was searching a tool to decode JWT and got this link in my mailbox 📫 from Clint Gibler newsletter. I'll try it tomorrow at work
github.com/mike-engel/j...
github.com/mike-engel/j...
What is TPM?
According to this article "TPM 2.0 (Trusted Platform Module 2.0) is a dedicated processor on modern computers that provides hardware-based security functions and serves as a trusted hardware component for storing sensitive data, including encryption keys and other security credentials."
According to this article "TPM 2.0 (Trusted Platform Module 2.0) is a dedicated processor on modern computers that provides hardware-based security functions and serves as a trusted hardware component for storing sensitive data, including encryption keys and other security credentials."
Microsoft made it abundantly clear this week that Windows 10 users won't be able to upgrade to Windows 11 unless their systems come with TPM 2.0 support, stating it's a "non-negotiable" requirement.
www.bleepingcomputer.com/news/microso...
www.bleepingcomputer.com/news/microso...
Microsoft says having a TPM is "non-negotiable" for Windows 11
Microsoft made it abundantly clear this week that Windows 10 users won't be able to upgrade to Windows 11 unless their systems come with TPM 2.0 support, stating it's a "non-negotiable" requirement.
www.bleepingcomputer.com
December 5, 2024 at 7:23 AM
What is TPM?
According to this article "TPM 2.0 (Trusted Platform Module 2.0) is a dedicated processor on modern computers that provides hardware-based security functions and serves as a trusted hardware component for storing sensitive data, including encryption keys and other security credentials."
According to this article "TPM 2.0 (Trusted Platform Module 2.0) is a dedicated processor on modern computers that provides hardware-based security functions and serves as a trusted hardware component for storing sensitive data, including encryption keys and other security credentials."
Reposted by Fidjo La Koka
📢New: Europol dismantles #MATRIX, an encrypted messaging platform used for international arms trafficking, drug trade, money laundering, and other criminal activities.
Read: hackread.com/encrypted-me...
#CyberSecurity #Cybercrime #Privacy #Europol #Encryption
Read: hackread.com/encrypted-me...
#CyberSecurity #Cybercrime #Privacy #Europol #Encryption
Authorities Take Down Criminal Encrypted Messaging Platform MATRIX
Europol dismantles MATRIX, an encrypted messaging service used by criminals for illegal activities inclding drug, arms deals and money laundering.
hackread.com
December 4, 2024 at 11:32 AM
📢New: Europol dismantles #MATRIX, an encrypted messaging platform used for international arms trafficking, drug trade, money laundering, and other criminal activities.
Read: hackread.com/encrypted-me...
#CyberSecurity #Cybercrime #Privacy #Europol #Encryption
Read: hackread.com/encrypted-me...
#CyberSecurity #Cybercrime #Privacy #Europol #Encryption
Heard about it today... Seems like a really efficient tool..
A new phishing-as-a-service (PhaaS) platform named 'Rockstar 2FA' has emerged, facilitating large-scale adversary-in-the-middle (AiTM) attacks to steal Microsoft 365 credentials.
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
New Rockstar 2FA phishing service targets Microsoft 365 accounts
A new phishing-as-a-service (PhaaS) platform named 'Rockstar 2FA' has emerged, facilitating large-scale adversary-in-the-middle (AiTM) attacks to steal Microsoft 365 credentials.
www.bleepingcomputer.com
December 1, 2024 at 9:10 PM
Heard about it today... Seems like a really efficient tool..