The State of the Metasploit Framework.pdf

•

0 likes•9 views

This document provides an overview and update on the Metasploit Framework. Some key points: - 229 new modules were added since September 2015. Over 800 pull requests were merged from 176 unique authors with 4765 total commits. - Rex is being broken up into smaller components. New msfconsole commands and a reorganization of the tools directory were introduced. - New modules, payloads, and exploits were added for platforms like Linux, Windows, Android and mainframes. Module documentation is now in markdown. - Features added include tools for downloading Microsoft patches, a portable POSIX payload called Mettle, and improved Meterpreter functionality like XOR obfuscation and new extensions.

Technology

The State of the
Metasploit Framework
@egyp7

James Lee
@egyp7
Metasploit Developer
Community Manager
$ whoami
2

Statistics and
graphs and
stuff
3
http://resources.metasploit.com/

229
New Modules
git log --name-only --diff-ﬁlter A --since='2015-09-25' | grep '^modules' | wc -l
4

Over 800 Pull Requests merged
github.com/rapid7/metasploit-framework/pulls?q=is:pr+merged:<2015-09-26
6

176
unique authors
git log --since 2015-09-26 --format=%aE | sort | uniq -c
7

4765
Commits
git log --since 2015-09-26 --format=%aE | sort | wc -l
8

1588
Dead References to OSVDB
git grep OSVDB modules/ | wc -l
10

Breaking up is hard to do
Rex is huge and old
We’re slowly but surely breaking it up into smaller pieces
12

New msfconsole commands
options (alias of `show options`)
advanced (alias of `show advanced`)
13

tools/ Organization
Context
Dev
Exploit
Memdump
Modules
Password
Recon
14

msu_ﬁnder
tools/exploit/msu_ﬁnder.rb
Grabs download links for Microsoft patches
ruby msu_finder.rb -q ms15-100
15

Mettle
Portable POSIX payload
Runs on MIPS routers, Android phones, and desktop Linux
Uses Meterpreter protocol
Brent and Adam will cover this more Sunday at 13:00
16

Mainframes
Lots of work by Soldier of Fortran and Bigendian Smalls
Payloads
Auth’d RCE via job system
17

Module Documentation
Write in markdown
Lives in documentation/modules/
View with info -d
18

New Modules
git log --since 2015-09-26 --name-status | grep '^As*modules'

encoder/x64/zutto_dekiru
Similar in form to shikata_ga_nai
21

Not a traditional encoder
Embeds x86 shellcode in an existing BMP image
XOR’d and Stego’d across all the bits
Modiﬁes the header so the BMP itself is executable shellcode
encoder/x86/bmp_polyglot
22

ImageTragick
exploit/unix/ﬁleformat/imagemagick_delegate
You probably already forgot about this one
24

Shellshock
IPFire
Advantech Switches
Legend IRC Bot
Xdh IRC bot
25

Malware
Phoenix Exploit Kit
DarkComet
Legend IRC bot
Xdh IRC bot
26

Security Stuff
Fortinet SSH backdoor
Chkrootkit LPE
Metasploit Pro authenticated RCE
Metasploit Pro pre-auth cookie deserialization
27

Pageant Jacker
post/windows/manage/forward_pageant
Creates a local unix socket like ssh-agent(1)
Forwards to remote Pageant (PuTTY’s ssh-agent(1) equiv)
28

Privilege Escalation on Windows
ms16_016_webdav
ms16_032_secondary_logon_handle_privesc
windows/local/applocker_bypass
windows/misc/regsvr32_applocker_bypass_server
29

Privilege Escalation on Linux/Unix
chkrootkit
Exim
Docker daemon
30

Privilege Escalation on OSX
libmalloc
● Fun oldschool env cleaning fail
● write-ﬁle-as-root bug
31

XOR packet obfuscation
Gets rid of the ~static strings in TLVs
34

Reverse Listener Comm
Set a handler listening on a Meterpreter session
36

Reverse Port Forwarding
portfwd add -R -L 10.0.0.40 -l 22 -p 22
40

Windows: show_mount command
Lists all mounted ﬁlesystems
Including network shares
44

Android: sqlite_query command
sqlite_query -d <path> -q <query>
sqlite_query -d
/data/data/com.android.browser/databases/webviewCookiesChromium.db -q
'SELECT * from cookies'
45

Android
Registers itself as a service to run in the background
46

Where
FreeNode #metasploit
community.rapid7.com
@metasploit on twitter
Github Projects
48

Hackathon?
Come to Austin and hang out with us
Hack all the things
● Maybe in the early summer?
● A week or so?
49

Greets
FireFart
Meatballs1
Stufus
zeroSteiner
shipcod3
h00die
talos-arch3y
pedrib
51
jhale85446
mmetince
KINGSABRI
bigendiansmalls
martinvigo
nstarke
espreto
bcoles
agix
jakxx
benpturner
h0ng10
rastating
g0tmi1k
scriptjunkie
aushack

This document summarizes new features and improvements in the Metasploit framework, including over 1200 pull requests and 7500 commits added since September 2014. Key additions include 358 new modules, 20 modules for local privilege escalation, exploits targeting antivirus products and SOHO routers, improved SMB and Kerberos support, and enhancements to payloads such as interactive Powershell and UUID tracking.

DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...

Felipe Prado

The document discusses findings from analyzing the web interfaces and firmware of various VoIP phone models. Several vulnerabilities were found, including: - Cross-site scripting (XSS) in AudioCodes 405HD phone web interface allowing injection of scripts - Information leakage in Gigaset Maxwell Basic phone web interface revealing if an admin is logged in - Authentication bypass in Gigaset Maxwell Basic phone by manipulating the session token The methodology involved analyzing phone web traffic, extracting and emulating firmware, and investigating code like PHP files. Many phones were found to have weaknesses in their cryptography implementation or use of plaintext credentials.

Gerrit linuxtag2011

thkoch

Gerrit is a code review system that tightly integrates with Git. It provides a web-based user interface and API for reviewing changes, managing access control, and integrating with other tools like Jenkins. Key features include fast and easy code reviews, flexible integration options, and tools for managing projects, users, and access control. Gerrit supports code review workflows and allows configuring commit policies and change submission actions.

App container rkt

Xiaofeng Guo

This document discusses container technologies including App Container (appc) and rkt. It provides an overview of appc components like the image format, discovery, and executor. It then discusses rkt, an implementation of appc, describing its modular architecture with stages 0-2 and use of systemd and cgroups for isolation. It also touches on rkt security, networking, and integration with systemd and user namespaces.

FPC for the Masses (SANSFire Edition)

Xavier Mertens

Azure Day Rome Reloaded 2019 - Deconstructing Kubernetes using AKS

azuredayit

This document provides an overview of Kubernetes and containers by beginning with an introduction to containers and their benefits over virtual machines. It then discusses microservices architectures and introduces key Kubernetes concepts like pods, deployments, and services. It explains the Kubernetes architecture by describing the main components like the master node, API server, etcd, workers and kubelet. Finally, it compares Kubernetes to the Azure Kubernetes Service.

Practical Operation Automation with StackStorm

Shu Sugimoto

Automation is getting more and more important these days, but it is not always easy to achieve, because it requires tremendous effort to convert existing procedures machine-friendly. That often means, you need to change almost everything! StackStorm (aka st2, https://stackstorm.com/) is an open source IFTTT-ish middleware that ships with powerful workflow engine and unique features called "inquiries". I'll focus on this workflow engine functionalities of st2 and show how these can ease the "automation" of day to day tasks. The example I'll show in this presentation is the actual workflow that we use at JPNAP, the real world IXP operation.

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Victor Rentea

The microservices honeymoon is over. When starting a new project or revamping a legacy monolith, teams started looking for alternatives to microservices. The Modular Monolith, or 'Modulith', is an architecture that reaps the benefits of (vertical) functional decoupling without the high costs associated with separate deployments. This talk will delve into the advantages and challenges of this progressive architecture, beginning with exploring the concept of a 'module', its internal structure, public API, and inter-module communication patterns. Supported by spring-modulith, the talk provides practical guidance on addressing the main challenges of a Modultith Architecture: finding and guarding module boundaries, data decoupling, and integration module-testing. You should not miss this talk if you are a software architect or tech lead seeking practical, scalable solutions. About the author With two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

This document discusses how Bryan Murphy uses Docker at his company Mediafly. It begins by introducing Bryan and his background. It then describes what Mediafly does, including content management systems, secure content delivery, document and video processing, and customizable user interfaces. The document highlights aspects of Mediafly that make it interesting, such as being multi-device, multi-tenant, service oriented, and distributed. It provides examples of technologies used at Mediafly and some key metrics. The document then discusses why Docker is used at Mediafly, covering benefits like being developer friendly, enabling faster iteration and testing, managing dependencies, sharing environments, standardization, isolation, and infrastructure freedom.

A GitOps model for High Availability and Disaster Recovery on EKS

Weaveworks

Enterprises today require high availability and disaster recovery for critical business systems. One of the advantages Kubernetes can bring to the table is greater reliability and stability. When disaster strikes, cluster or application recovery should be quick and dependable. Paul Curtis, Principal Solutions Architect at Weaveworks will demonstrate how to leverage Weave Kubernetes Platform and GitOps to create disaster recovery plans and highly available clusters with minimal effort on EKS. In this webinar you will learn: The 4 principles of GitOps (operations by pull request) How to build for reproducibility, security and scale with EKS from the start GitOps driven cluster and cluster lifecycle management with WKP

Jump into Squeak - Integrate Squeak projects with Docker & Github

hubx

Reverse engineering Swisscom's Centro Grande Modem

Cyber Security Alliance

The document discusses reverse engineering the firmware of Swisscom's Centro Grande modems. It identifies several vulnerabilities found, including a command overflow issue that allows complete control of the device by exceeding the input buffer, and multiple buffer overflow issues that can be exploited to execute code remotely by crafting specially formatted XML files. Details are provided on the exploitation techniques and timeline of coordination with Swisscom to address the vulnerabilities.

LinuxLabs 2017 talk: Container monitoring challenges

Xavier Vello

Год в Github bugbounty, опыт участия

defcon_kz

GitHub Bug Bounty Experience provides an overview of the author's experience participating in GitHub's bug bounty program. The summary includes 3 key points: 1) The author is an information security engineer who participated in GitHub's bug bounty program to find vulnerabilities for monetary rewards, as well as for fun and the challenge. 2) Through analyzing GitHub Enterprise's virtual machine images and Ruby applications, the author discovered several security issues like hardcoded credentials, lack of input validation, and potential for command injection. 3) By probing the Babeld SVN proxy service, the author found ways to bypass authentication and potentially cause denial of service through excessive requests.

bcc/BPF tools - Strategy, current tools, future challenges

IO Visor Project

Brendan Gregg discusses the current state and future potential of BPF and BCC tools for observability in Linux. He outlines 18 areas where BPF support has progressed and 16 areas still needing work. Gregg also discusses challenges like dynamic tracing stability, overhead, ease of coding, and developing visualizations. He proposes finishing ports of his old DTrace tools and links to resources on BPF, BCC, and flame graphs.

BPF Tools 2017

Brendan Gregg

Beautiful History

Stefan Birkner

2012 coscup - Build your PHP application on Heroku

ronnywang_tw

The document discusses deploying PHP applications on Heroku. It provides an overview of Heroku, including that it is a Platform-as-a-Service, was launched in 2007, uses Amazon Web Services, offers many add-ons, allows easy scaling, supports PostgreSQL, and offers some free usage. It then walks through deploying a basic "Hello World" PHP app on Heroku, including creating an app, adding code, committing and pushing to Heroku, and viewing the deployed app.

Cloud RPI4 tomcat ARM64

Jean-Frederic Clere

This document discusses running Kubernetes on Raspberry Pi 4 boards to create a low-cost Kubernetes cloud. It describes setting up the infrastructure including an HTTP server, DHCP server, and DNS registry. It then covers building a custom Raspberry Pi 4 kernel, installing it on the boards, and configuring WiFi. Next, it discusses deploying Kubernetes with one master node and two worker nodes. Finally, it demonstrates running a multi-container Tomcat application on the Kubernetes cluster.

2008-06-25 Marist System z Summer Professors Series

Shawn Wells

Troubleshooting real production problems

Tier1 app

1. The document discusses various steps and tools for troubleshooting real production problems related to CPU spikes, thread dumps, memory leaks, and garbage collection issues. 2. It provides guidance on using tools like 'top', 'jstack', 'jmap', 'jcmd', Eclipse MAT and HeapHero to analyze thread dumps, capture heap dumps, and diagnose memory leaks. 3. The document also emphasizes the importance of enabling GC logs and capturing the right system metrics like thread states, file descriptors, and GC throughput to detect problems early.

Why use JavaScript in Hardware? GoTo Conf - Berlin

TechnicalMachine

Cray XT Porting, Scaling, and Optimization Best Practices

Jeff Larkin

The document discusses optimization best practices for Cray XT systems. It covers choosing compilers and compiler flags, profiling and debugging codes at scale with hardware performance counters and CrayPAT tools, optimizing communication with MPI by using techniques like pre-posting receives and reducing collectives, and optimizing I/O. The document emphasizes testing optimizations on the number of nodes the application will actually run on.

Magie di git

michele franzin

- Git is an open source version control system designed to handle large projects efficiently with non-linear and distributed development. - It uses cryptographic authentication and supports HTTP, FTP, SSH, rsync or its own Git protocol. - Basic Git workflow involves making changes, staging them with git add, and committing with descriptive messages. History can be explored with commands like git log and git show.

Elastic network of things with mqtt and micro python

Wei Lin

This document discusses using MicroPython and MQTT to create an elastic network of things. It introduces MicroPython and how to flash it onto ESP8266 modules. MQTT messaging is then covered as a way for devices to communicate in a publish/subscribe model. Lastly, some potential applications are proposed, such as using event systems and neural network-inspired approaches to coordinate devices in an "If These Then Those" type of distributed logic.

Ruby and Rails Packaging to Production

Fabio Kung

This document discusses packaging Ruby and Rails applications for production. It covers using system packages versus gems, configuration management tools like Chef and Puppet, creating Debian packages, packaging gems, build servers, pain points like outdated Rubygems packages, and ideas for deeper Bundler integration and packaging gems by default. Overall it presents strategies for deploying Ruby applications as system packages for production servers.

Pentesting111111 Cheat Sheet_OSCP_2023.pdf

faker1842002

This document contains cheat sheets and code snippets for penetration testing. It covers topics like recon, DNS enumeration, Nmap scanning, Netcat, SNMP, MySQL, MSSQL, web enumeration, RDP exploitation, file inclusion, XSS, SQL injection, and post-exploitation techniques for Linux and Windows. The document is intended to help penetration testers and those studying for the OSCP certification by providing examples for common tasks without relying on Metasploit.

jRecruiter - The AJUG Job Posting Service

Gunnar Hillert

Privilege Escalation with Metasploit

egypt

This document summarizes techniques for privilege escalation using the Metasploit framework. It begins by explaining why Metasploit is useful and why privilege escalation is important for gaining more access and control. It then provides examples of how to write Metasploit modules for local privilege escalation exploits, including generating payloads, including the necessary Metasploit mixins, and interacting with sessions post-exploitation. Specific local privilege escalation techniques demonstrated include exploiting vulnerable setuid binaries like Nmap, modifying Windows scheduled tasks, and relaying Windows authentication. The document concludes by discussing future work to improve Metasploit module development.

New Shiny in the Metasploit Framework

egypt

The document summarizes updates and improvements to the Metasploit framework. It notes that the framework has moved from SVN to GitHub for code hosting. It highlights new exploitation modules for vulnerabilities in SAP, UPnP libraries, IPMI, and WinRM. It also describes new Java, Meterpreter, and Python payloads as well as encoding improvements. The document demonstrates Android and Python Meterpreter functionality and password stealing with Mimikatz. It encourages contacting the author with any other questions.

Similar to The State of the Metasploit Framework.pdf

Chicago Docker Meetup Presentation - Mediafly

Mediafly

A GitOps model for High Availability and Disaster Recovery on EKS

Weaveworks

Jump into Squeak - Integrate Squeak projects with Docker & Github

hubx

Reverse engineering Swisscom's Centro Grande Modem

Cyber Security Alliance

LinuxLabs 2017 talk: Container monitoring challenges

Xavier Vello

Год в Github bugbounty, опыт участия

defcon_kz

bcc/BPF tools - Strategy, current tools, future challenges

IO Visor Project

BPF Tools 2017

Brendan Gregg

Beautiful History

Stefan Birkner

2012 coscup - Build your PHP application on Heroku

ronnywang_tw

Cloud RPI4 tomcat ARM64

Jean-Frederic Clere

2008-06-25 Marist System z Summer Professors Series

Shawn Wells

Troubleshooting real production problems

Tier1 app

Why use JavaScript in Hardware? GoTo Conf - Berlin

TechnicalMachine

Cray XT Porting, Scaling, and Optimization Best Practices

Jeff Larkin

Magie di git

michele franzin

Elastic network of things with mqtt and micro python

Wei Lin

Ruby and Rails Packaging to Production

Fabio Kung

Pentesting111111 Cheat Sheet_OSCP_2023.pdf

faker1842002

jRecruiter - The AJUG Job Posting Service

Gunnar Hillert

Similar to The State of the Metasploit Framework.pdf (20)

Chicago Docker Meetup Presentation - Mediafly

A GitOps model for High Availability and Disaster Recovery on EKS

Jump into Squeak - Integrate Squeak projects with Docker & Github

Reverse engineering Swisscom's Centro Grande Modem

LinuxLabs 2017 talk: Container monitoring challenges

Год в Github bugbounty, опыт участия

bcc/BPF tools - Strategy, current tools, future challenges

BPF Tools 2017

Beautiful History

2012 coscup - Build your PHP application on Heroku

Cloud RPI4 tomcat ARM64

2008-06-25 Marist System z Summer Professors Series

Troubleshooting real production problems

Why use JavaScript in Hardware? GoTo Conf - Berlin

Cray XT Porting, Scaling, and Optimization Best Practices

Magie di git

Elastic network of things with mqtt and micro python

Ruby and Rails Packaging to Production

Pentesting111111 Cheat Sheet_OSCP_2023.pdf

jRecruiter - The AJUG Job Posting Service

More from egypt

Privilege Escalation with Metasploit

egypt

New Shiny in the Metasploit Framework

egypt

Open Source, Security, and Open Source Security.pdf

egypt

The document discusses open source software, security, and open source security. It outlines the goals of open source software which include producing high-quality programs, sharing work, and democratizing code. People work on open source for puzzles, prestige, profit, and community. Difficulties include getting users and contributors. Security goals include identifying, quantifying, and mitigating risks. People work in security for protection, puzzles, prestige, profit, and politics. Difficulties in security include reporting issues and limited budgets. Open source security aims to standardize vulnerabilities and democratize security, though most people lack programming skills.

Authenticated Code Execution by Design.pptx

egypt

The document discusses authenticated code execution by design (ACEbD), where an attacker can leverage legitimate login credentials to access systems and execute code. It provides numerous examples of services that could allow this, such as remote desktop, VNC, SSH, Windows Remote Management, SMB shares, and content management systems like Wordpress or Drupal if exploited. The document stresses that passwords will always enable some level of access and that logging in is preferable to exploiting vulnerabilities. It concludes by advising organizations to carefully audit login activity and restrict which users can access what systems.

One-Liners to Rule Them All

egypt

Offensive Security with Metasploit

egypt

This document discusses Metasploit and modern cybersecurity attacks. It provides a brief history of exploitation from the Golden Era to the Modern Era. It then demonstrates how modern attacks use credentials obtained through tools like Mimikatz to conduct SMB relay attacks and achieve remote code execution. The document also discusses post-exploitation techniques like maintaining presence, achieving persistence, and pivoting. It concludes by offering some mitigation strategies like disabling WPAD, blocking SMB outbound traffic, requiring SMB signing, and implementing proper access controls and monitoring.

already-0wned

egypt

- The document discusses the history of exploitation from the Golden Era up to the modern era, noting key developments like the rise of the internet, mobile computing, and secure development practices. - It describes common exploitation techniques from each era, such as password cracking, client-side attacks, and worms that targeted vulnerabilities in software like IIS and SQL Server. - Modern exploitation still relies on similar tactics to illegitimately gain access, such as exploiting trust relationships, stealing credentials using tools like mimikatz, and establishing persistence and pivoting within compromised networks. The document demonstrates these post-exploitation techniques using Metasploit.

Post Metasploitation

egypt

This document discusses techniques for post-exploitation using Metasploit. It covers maintaining presence on a compromised system by examining users and processes. It also discusses achieving persistence through techniques like dropping executable files and modifying autoruns. Pivoting is covered as moving laterally such as relaying NTLM authentication or abusing trust relationships. Specific demonstrations are provided like exploiting an suid misconfiguration on Nmap or using a LNK file drop combined with SMB relay. The document emphasizes developing reliable and readable Metasploit modules to automate post-exploitation tasks.

State of the Framework Address: Recent Developments in the Metasploit Framework

egypt

The document summarizes the past, present, and future of the Metasploit framework. In the past, the framework was tied to its directory structure and modules would break if moved. Currently, the focus is on usability, scalability, passwords, better payloads, and post exploitation. Going forward, there will be continued work on authenticated code execution, payloads for additional platforms, and improving post exploitation modules and APIs.

Unmanned Aerial Vehicles: Exploit Automation with the Metasploit Framework

egypt

Using Guided Missiles in Drive-bys: Automatic Browser Fingerprinting and Expl...

egypt

This document discusses using guided missiles in drive-bys through automatic browser fingerprinting and exploitation with the Metasploit Framework's Browser Autopwn module. It describes how the module fingerprints browsers to determine effective exploits, selects targeted exploits, and aims for stealth to evade detection. Examples are provided of writing exploits for the module and its advantages over commercial tools. The document encourages downloading and contributing to its continued development.

More from egypt (11)

Privilege Escalation with Metasploit

New Shiny in the Metasploit Framework

Open Source, Security, and Open Source Security.pdf

Authenticated Code Execution by Design.pptx

One-Liners to Rule Them All

Offensive Security with Metasploit

already-0wned

Post Metasploitation

State of the Framework Address: Recent Developments in the Metasploit Framework

Unmanned Aerial Vehicles: Exploit Automation with the Metasploit Framework

Using Guided Missiles in Drive-bys: Automatic Browser Fingerprinting and Expl...

Recently uploaded

Full-RAG: A modern architecture for hyper-personalization

Zilliz

Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.

Presentation of the OECD Artificial Intelligence Review of Germany

innovationoecd

How to Get CNIC Information System with Paksim Ga.pptx

danishmna97

Cosa hanno in comune un mattoncino Lego e la backdoor XZ?

Speck&Tech

ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune. Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile. BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

My slides at Nordic Testing Days 6.6.2024 Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

Neo4j

GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...

Neo4j

Leonard Jayamohan, Partner & Generative AI Lead, Deloitte This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Aggregage

Removing Uninteresting Bytes in Software Fuzzing

Aftab Hussain

Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process. In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds. - These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.

Communications Mining Series - Zero to Hero - Session 1

DianaGray10

This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered: • Communication Mining Overview • Why is it important? • How can it help today’s business and the benefits • Phases in Communication Mining • Demo on Platform overview • Q/A

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing. One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.

RESUME BUILDER APPLICATION Project for students

KAMESHS29

Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI

Vladimir Iglovikov, Ph.D.

Presented by Vladimir Iglovikov: - https://www.linkedin.com/in/iglovikov/ - https://x.com/viglovikov - https://www.instagram.com/ternaus/ This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation. Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners. This case study covers various aspects, including: People: The contributors and community that have supported Albumentations. Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions. Challenges: The hurdles in monetizing open-source projects and measuring user engagement. Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration. Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community. Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations. Mental Health: Maintaining balance and not feeling pressured by user demands. Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth. Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects. Explore more about Albumentations and join the community at: GitHub: https://github.com/albumentations-team/albumentations Website: https://albumentations.ai/ LinkedIn: https://www.linkedin.com/company/100504475 Twitter: https://x.com/albumentations

Data structures and Algorithms in Python.pdf

TIPNGVN2

PCI PIN Basics Webinar from the Controlcase Team

ControlCase

Introduction to CHERI technology - Cybersecurity

mikeeftimakis1

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

Large Language Model (LLM) and it’s Geospatial Applications

Rohit Gautam

みなさんこんにちはこれ何文字まで入るの？40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの？えこ...

名前です男

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

Recently uploaded (20)

Full-RAG: A modern architecture for hyper-personalization

Presentation of the OECD Artificial Intelligence Review of Germany

How to Get CNIC Information System with Paksim Ga.pptx

Cosa hanno in comune un mattoncino Lego e la backdoor XZ?

Climate Impact of Software Testing at Nordic Testing Days

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Removing Uninteresting Bytes in Software Fuzzing

Communications Mining Series - Zero to Hero - Session 1

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

RESUME BUILDER APPLICATION Project for students

Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI

Data structures and Algorithms in Python.pdf

PCI PIN Basics Webinar from the Controlcase Team

Introduction to CHERI technology - Cybersecurity

Securing your Kubernetes cluster_ a step-by-step guide to success !

Large Language Model (LLM) and it’s Geospatial Applications

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

The State of the Metasploit Framework.pdf

1. The State of the Metasploit Framework @egyp7

2. James Lee @egyp7 Metasploit Developer Community Manager $ whoami 2

3. Statistics and graphs and stuff 3 http://resources.metasploit.com/

4. 229 New Modules git log --name-only --diff-ﬁlter A --since='2015-09-25' | grep '^modules' | wc -l 4

5. Module Counts 5

6. Over 800 Pull Requests merged github.com/rapid7/metasploit-framework/pulls?q=is:pr+merged:<2015-09-26 6

7. 176 unique authors git log --since 2015-09-26 --format=%aE | sort | uniq -c 7

8. 4765 Commits git log --since 2015-09-26 --format=%aE | sort | wc -l 8

9. Commits to metasploit-framework 9

10. 1588 Dead References to OSVDB git grep OSVDB modules/ | wc -l 10

11. Cool Stuff Grab Bag

12. Breaking up is hard to do Rex is huge and old We’re slowly but surely breaking it up into smaller pieces 12

13. New msfconsole commands options (alias of `show options`) advanced (alias of `show advanced`) 13

14. tools/ Organization Context Dev Exploit Memdump Modules Password Recon 14

15. msu_ﬁnder tools/exploit/msu_ﬁnder.rb Grabs download links for Microsoft patches ruby msu_finder.rb -q ms15-100 15

16. Mettle Portable POSIX payload Runs on MIPS routers, Android phones, and desktop Linux Uses Meterpreter protocol Brent and Adam will cover this more Sunday at 13:00 16

17. Mainframes Lots of work by Soldier of Fortran and Bigendian Smalls Payloads Auth’d RCE via job system 17

18. Module Documentation Write in markdown Lives in documentation/modules/ View with info -d 18

19. New Modules git log --since 2015-09-26 --name-status | grep '^As*modules'

20. Lols multi/manage/set_wallpaper 20

21. encoder/x64/zutto_dekiru Similar in form to shikata_ga_nai 21

22. Not a traditional encoder Embeds x86 shellcode in an existing BMP image XOR’d and Stego’d across all the bits Modiﬁes the header so the BMP itself is executable shellcode encoder/x86/bmp_polyglot 22

23. SMB Delivery Works like web_delivery 23

24. ImageTragick exploit/unix/ﬁleformat/imagemagick_delegate You probably already forgot about this one 24

25. Shellshock IPFire Advantech Switches Legend IRC Bot Xdh IRC bot 25

26. Malware Phoenix Exploit Kit DarkComet Legend IRC bot Xdh IRC bot 26

27. Security Stuff Fortinet SSH backdoor Chkrootkit LPE Metasploit Pro authenticated RCE Metasploit Pro pre-auth cookie deserialization 27

28. Pageant Jacker post/windows/manage/forward_pageant Creates a local unix socket like ssh-agent(1) Forwards to remote Pageant (PuTTY’s ssh-agent(1) equiv) 28

29. Privilege Escalation on Windows ms16_016_webdav ms16_032_secondary_logon_handle_privesc windows/local/applocker_bypass windows/misc/regsvr32_applocker_bypass_server 29

30. Privilege Escalation on Linux/Unix chkrootkit Exim Docker daemon 30

31. Privilege Escalation on OSX libmalloc ● Fun oldschool env cleaning fail ● write-ﬁle-as-root bug 31

32. Persistence on Linux ssh at, cron 32

33. Meterpreter

34. XOR packet obfuscation Gets rid of the ~static strings in TLVs 34

35. New extensions Python Powershell BF 35

36. Reverse Listener Comm Set a handler listening on a Meterpreter session 36

37.

38.

39.

40. Reverse Port Forwarding portfwd add -R -L 10.0.0.40 -l 22 -p 22 40

41. ...

42. ...

43. ...

44. Windows: show_mount command Lists all mounted ﬁlesystems Including network shares 44

45. Android: sqlite_query command sqlite_query -d <path> -q <query> sqlite_query -d /data/data/com.android.browser/databases/webviewCookiesChromium.db -q 'SELECT * from cookies' 45

46. Android Registers itself as a service to run in the background 46

47. Get involved

48. Where FreeNode #metasploit community.rapid7.com @metasploit on twitter Github Projects 48

49. Hackathon? Come to Austin and hang out with us Hack all the things ● Maybe in the early summer? ● A week or so? 49

50. Questions? @egyp7

51. Greets FireFart Meatballs1 Stufus zeroSteiner shipcod3 h00die talos-arch3y pedrib 51 jhale85446 mmetince KINGSABRI bigendiansmalls martinvigo nstarke espreto bcoles agix jakxx benpturner h0ng10 rastating g0tmi1k scriptjunkie aushack