domingo, abril 26, 2020

KPOT Info Stealer Samples


KPOT Stealer is a "stealer" malware that focuses on stealing account information and other data from various software applications and services

References

1.  2020-04-19 Didier Stevens posted analysis of KPOT infostealer on the Infosec Handlers Diary blog "KPOT Analysis: Obtaining the Decrypted KPOT EXE"
These are samples to follow his analysis routine.

2. 2019-05-09 Proofpoint. New KPOT v2.0 stealer brings zero persistence and in-memory features to silently steal credentials


Download

             Other malware




Download. Email me if you need the password (see in my profile)




Hashes

1. From Didier Stevens' post

MD5  56ad7b243511ee7398d43df7643dc904
SHA-1  ae5ab7798ca267b1265a0496c562f219821d17cf
SHA-256  3fd4aa339bdfee23684ff495d884aa842165e61af85fd09411abfd64b9780146

2. From Proofpoint

MD5 7d7667ddce8fd69a0fd50bb08c287d10
SHA-1 087fc3e9a082983ee6a2b25f0ccb09eb723e0f39

SHA-256 67f8302a2fd28d15f62d6d20d748bfe350334e5353cbdef112bd1f8231b5599d

MD5 45ddc687f88b45fc3fec79f9dc8b38e2
SHA-1 de37b748e0e32d96c31f469f9ba4ea4f11e3e78b
SHA-256 36dcd40aee6a42b8733ec3390501502824f570a23640c2c78a788805164f77cecontagio.deependresearch.org/crime/kpotstealer(proofpoint)_win_samp.zip

More articles


Spaghetti: A Website Applications Security Scanner


About Spaghetti
   Author: m4ll0k   Spaghetti is an Open Source web application scanner, it is designed to find various default and insecure files, configurations, and misconfigurations. Spaghetti is built on Python 2.7 and can run on any platform which has a Python environment.

Spaghetti Installation:

Spaghetti's Features:
   Fingerprints:
  • Server:
  • Web Frameworks (CakePHP,CherryPy,...)
  • Web Application Firewall (Waf)
  • Content Management System (CMS)
  • Operating System (Linux,Unix,..)
  • Language (PHP,Ruby,...)
  • Cookie Security
   Discovery:
  • Bruteforce:Admin Interface
    Common Backdoors
    Common Backup Directory
    Common Backup File
    Common Directory
    Common FileLog File
  • Disclosure: Emails, Private IP, Credit Cards
   Attacks:
  • HTML Injection
  • SQL Injection
  • LDAP Injection
  • XPath Injection
  • Cross Site Scripting (XSS)
  • Remote File Inclusion (RFI)
  • PHP Code Injection
   Other:
  • HTTP Allow Methods
  • HTML Object
  • Multiple Index
  • Robots Paths
  • Web Dav
  • Cross Site Tracing (XST)
  • PHPINFO
  • .Listing
   Vulns:
  • ShellShock
  • Anonymous Cipher (CVE-2007-1858)
  • Crime (SPDY) (CVE-2012-4929)
  • Struts-Shock
Spaghetti Example:
python spaghetti --url example.com --scan 0 --random-agent --verbose


More info


  1. Curso Hacking Gratis
  2. Hacking-Lab
  3. Hacking In Spanish
  4. Que Es Hacking Etico
  5. Hacking Live
  6. Hacking Virus
  7. Hacking News
  8. Herramientas De Seguridad Informatica
  9. Curso Growth Hacking

sábado, abril 25, 2020

November 2019 Connector

OWASP
Connector
November 2019

COMMUNICATIONS


Letter from the Vice-Chairman

Dear OWASP Community, 

Preparation for next year's conferences is underway. I had the pleasure of meeting people from our community at a recent ISACA Ireland event where I had an OWASP stand. I also had lots of swag to give away, loads left which I plan to share out amongst the community. 

I was on a call recently with both WIA leadership and a number of individuals looking to broaden our diversity reach, forming DIA (diversity in AppSec). This was a positive call and I look forward to reviewing their proposal under the committee 2.0 operating model.

I'd like to thank our volunteers, chapter and project leaders for making OWASP what it is today. We wouldn't have a foundation without you. We always want to make things better, to this end, it would be great if you could fill out the following feedback form.

Thank you, 
Owen Pendlebury, Vice-Chairman

FROM THE EXECUTIVE DIRECTOR


As we wind down 2019, we are planning lots of new opportunities to get involved with OWASP next year. The current working draft of the 2020 Operating Plan can be found on our staging site for our new website which is planned to launch next month.
 
Some of the highlights for 2020:
  • Quarterly Town Hall meetings.
  • Two Project Summits - the first in February 2020
  • Pilot single-day AppSec Days worldwide to offer local training and community.
We are also set to further increase the transparency of the daily workings of OWASP through our Staff Projects page. The pages linked there will always be a work in progress; some of which today are still only templates but still a great resource to know what's going on at OWASP.

All of this which adds to our Global and Regional Events, ongoing local chapter support, and other member activities. Our plans are ambitious and we look forward to your continued support this and every month as we look to better secure the web.



OWASP Foundation Global AppSec Event Dates for 2020

Global AppSec Dublin, June 15 - 19, 2020
(Formerly known as AppSec EU)
Sponsorship is now available
Call for Papers & Call for Training December 2019
 
Global AppSec San Francisco, October 19 - 23, 2020
(Formerly known as AppSec US)
CFP &  CFT February 2020

** Visit our website for future announcements.**
NEW OWASP Project Summit - Winter 2020
February 2020 in Cancun, Mexico

 
The OWASP Foundation will host a three-day working session for FIVE selected projects in Cancun, Mexico, February 2020. Arrival day will be Wednesday the 19th and departures will be the 23rd. Projects must apply and then get selected to participate. The application process will require project meeting goals, work plans, key contributors, and expected attendance. The OWASP Foundation Officers Group will make the final selection. For more information click here

You can also email Emily Berman Global Events Director or Harold Blankenship Director of Technology and Projects.
Announcing a New Opportunity to become part of a Global AppSec Program Team
 
Conference Program Teams are constituted for each Global AppSec event and consists of members of OWASP members and staff. The selection of team members is based on subject-matter expertise and a balanced representation of the OWASP community. For planning purposes, team members shall reside on the continent of the Global AppSec for which they serve. Teams are constituted no later than six months prior to the Global AppSec event.

To apply to become a member of the Conference Program Team click here.


 
We are so excited to announce that both the London OWASP and WIA community have been asked to speak at BlackHat Europe 2019 on Wednesday 4 December at the EXCEL London.   Andra Lezza is leading the panel of women to "Share insights gained at different stages of their careers to help other women in the field."  Thank you, Andra, for leading the initiative and also to Sonya Moisset, Bibi Sanjarani, Katy Anton and Lauren Chiesa for volunteering to be part of the panel.  Also from the OWASP Community and a London Chapter Leader Sam Stepanyan and Paul Harragan.  Sam and Pau will be presenting a more in-depth demo on the OWASP Nettacker.  Good luck to all the speakers have a great conference.

I would like to encourage all of the OWASP community that will be attending BlackHat Europe to please make every effort to attend and support our fellow OWASP members Wednesday, 4 December 2019. (Click to view the schedule details.)

OWASP Members don't forget you are eligible for € 200.00 discount, email marketing@owasp.org for code to use when registering.


BlackHat Europe has extended an invitation to our London WIA community  to  lead a panel to "Share insights gained at different stages of their careers that could help other women in the field."  Thank you to Andra Lezza for leading this initiative and Sonya Moisset, Bibi Sanjarani, Katy Anton and Lauren Chiesa for volunteering to be part of the panel and to contribute.  Good luck I am sure your session will be a huge success.

BlackHat Europe 2019 London at EXCEL London
2019 December 2-5 
The OWASP Booth 1015
Business Hall December 4 & 5 
December 4, 10:30 AM - 7:00 PM
December 5: 10:00 AM - 4:00 PM

EVENTS 

You may also be interested in one of our other affiliated events:


REGIONAL EVENTS
Event DateLocation
German OWASP Day 2019 December 10, 2019 Karlsruhe, Germany
AppSec California 2020 January 21 - 24, 2020 Santa Monica, CA
OWASP New Zealand Day 2020 February 20 - 21, 2020 Auckland, New Zealand
OWASP Seasides March 3 - 5, 2020 Panjim Goa, India
SnowFROC 2020 March 5, 2020 Denver, CO
AppSec Morocco & Africa 2020 June 4 - 5, 2020 Rabat, Morocco

GLOBAL PARTNERSHIP EVENTS
Event Date Location
BlackHat Europe 2019 December 2 - 5, 2019 London

PROJECTS


As the foundation moves toward the migration of the OWASP web presence from the old wiki site to our new Github-hosted home, some of you may still have questions regarding what to move and how to move it. Essentially, if you have a chapter page or project page and you have not migrated it to the new website, that would be first. Steps on what to do and what is needed can be found at https://www2.owasp.org/migration There are also some minor instructions on the default project or chapter page itself. And if you are wondering where that page is located, you can go to https://github.com/OWASP and type your chapter name in the repository search bar. If your project or chapter is not there, contact me. Lastly, there are a number of excellent examples already done by other leaders (also linked on the migration page).

And, as a precaution, you should click over into the 'Settings' of your repository and then click the 'Collaborators & teams' link on the left menu and check to make sure that the usernames added to Collaborators match what you expect.  Having someone you do not know edit your web page without your knowledge is no longer the expected behavior.

Some resources, mostly for projects, have been uploaded to the OWASP Site Theme Repository and can be linked to via the /assets/image/common/<file> URL.

After your chapter or project page is done, there is a www-community repository which would include any files from the wiki that are not currently in a project or chapter or board/staff policy area.  For instance, there are pages there for GSoC and XSS and CSRF.  A list of the top pages that need to be migrated can be found attached to one of the TODO cards on our website migration Trello board which you are invited to join if you want to help migrate loose pages and/or perform some automation work.

Our current plan can be found on the Website Relaunch project page.

PROJECT ANNOUNCEMENT

As part of OWASP's participation in Google's Season of Docs, the ZAP project has had Nirojan Selvanathan (@sshniro)  working on API documentation.  The first iteration of the documentation is now live.  It includes Java, Python, and shell
example snippets all presented in a responsive and accessible design which we will continue to build on in the future.

Big thanks to Nirojan for his efforts on this wonderful initiative!
Congratulations and thanks to Google Open Source for helping to bring the open-source and technical writer communities together!

COMMUNITY

 
Welcome to our New OWASP Chapters

Colombo, Sri Lanka
Des Moines, IA
Harrisburg, PA
Louisville, KY
Monterrey, Brazil
Moscow, Russia


 
Contributor Corporate Members
 

 
*Ads and logos are not endorsements and reflect the messages of the advertiser only. *
Join us
Donate
Our mailing address is:
OWASP Foundation 
1200-C Agora Drive, #232
Bel Air, MD 21014  
Contact Us
Unsubscribe






This email was sent to *|EMAIL|*
why did I get this?    unsubscribe from this list    update subscription preferences
*|LIST:ADDRESSLINE|*