Skip to content
Latest
Jscrambler npm Compromise Shows Build Pipelines Need Runtime ControlsGhost Phishing Shows Why Email Security Must Follow the BrowserPakistani Police Intrusions Show Why Public-Sector Data Systems Are Strategic TargetsBad Epoll Shows Linux Kernel LPEs Belong in the Patch Priority QueueFake Payment SDKs Show Why Dependency Risk Is Credential RiskCritical UniFi Flaws Put Network Control Planes Back in the Patch QueueVidar Stealer Campaign Shows Why File Size and Fake Signatures Still Beat Weak ControlsADFS Signing Keys Show Why Federation Servers Are Tier-Zero Identity InfrastructureUAT-7810 Shows Edge Devices Are Becoming China-Nexus Relay InfrastructureFortiBleed Shows Firewall Credentials Are Ransomware FuelNetNut and Popa Takedown Shows Residential Proxies Are Now Attack InfrastructureVect and TeamPCP Show Supply-Chain Credentials Are Ransomware FuelOusaban Shows Banking Trojans Are Learning to Hide From SandboxesNUT upsmon Command Injection Shows UPS Monitoring Belongs in the Patch Queue

Category Archive

Projects

6 reports · All intelligence

Bulwark Black cyber threat intelligence filed under Projects.

Projects
Velvet Tempest Ransomware Group Deploys CastleRAT via ClickFix Attacks Linked to Termite Operations
Projects·

Velvet Tempest Ransomware Group Deploys CastleRAT via ClickFix Attacks Linked to Termite Operations

Five-Year Ransomware Affiliate Uses Malvertising and Legitimate Windows Tools in Sophisticated Intrusion Security researchers at MalBeacon have exposed a 12-day intrusion campaign by Velvet Tempest (also tracked as DEV-0504), a prolific ransomware affiliate group now deploying th

Becoming Self Sufficient
Complete Guide: Setting Up FreePBX with VPS, Docker, and VPN (CGNAT Bypass Solution)
Becoming Self Sufficient·

Complete Guide: Setting Up FreePBX with VPS, Docker, and VPN (CGNAT Bypass Solution)

Complete FreePBX Setup Guide – Docker, VPN, and Twilio Integration Requirements / Setup Digital Ocean or whatever cloud provider you choose Docker (FreePBX) Nginx Setup OVPN Configuration IP Tables Setup YeaLink Phone configuration, the (YeaLinkT45w) was used in this tutorial Twi

Bug Bounty
Book.HackTricks
Bug Bounty·

Book.HackTricks

To the Book! Disclaimer This book, ‘HackTricks,’ is intended for educational and informational purposes only. The content within this book is provided on an ‘as is’ basis, and the authors and publishers make no representations or warranties of any kind, express or implied, about

Offensive Devices / Tactics
How to protect Evilginx using Cloudflare and HTML Obfuscation
Offensive Devices / Tactics·

How to protect Evilginx using Cloudflare and HTML Obfuscation

Read Article Using a combination of Cloudflare and HTML Obfuscation, it is possible to protect your Evilginx server from being flagged as deceptive and so increase your chances of success on Red Team and Social Engineering engagements. Anyone who has tried to run a Social Enginee

Offensive Devices / Tactics
PWNAGOTCHI: DEEP REINFORCEMENT LEARNING FOR WIFI PWNING!
Offensive Devices / Tactics·

PWNAGOTCHI: DEEP REINFORCEMENT LEARNING FOR WIFI PWNING!

Project Site Pwnagotchi is an A2C-based “AI” powered by bettercap and running on a Raspberry Pi Zero W that learns from its surrounding WiFi environment in order to maximize the crackable WPA key material it captures (either through passive sniffing or by performing deauthenticat

Business
Automating C2 Infrastructure with Terraform, Nebula, Caddy and Cobalt Strike
Business·

Automating C2 Infrastructure with Terraform, Nebula, Caddy and Cobalt Strike

Read Article The ability to quickly build out a C2 infrastructure within a few minutes, including all the set up and tear down logic included would be a great asset for any offensive security group or operator. In this post, I will show exactly how to build a fully automated func