Finite State’s Post

I had a great time joining Edward Amoroso from TAG Infosphere to discuss the importance of buying safe software. During the session we cover the past, the present, and the future of the software supply chain threat landscape and what ReversingLabs is doing to help. https://lnkd.in/egK8wPvy #cybersecurity #softwaresupplychain #thirdpartyriskmanagment #applicationsecurity

Check out the discussion between Edward Amoroso and Charlie Jones on the importance of buying safe software below!

115% growth in the last 28 days for #ThreatMapper as tracked by https://hubs.li/Q02lKTtJ0. Let us show you why our #opensource CNAPP and other #cloudsecurity projects are among the fastest growing projects for threat hunting, malware scanning, container security, and more. Get Deepfence at https://hubs.li/Q02lKVx80

Dear friends, I'd love to present a short interactive demo for CheckDEP by FeedNow.io. How often do you hear that your software is vulnerable? How often has someone from your team shared a post asking to check if your software is affected by a severe vulnerability? Show them this demo—don't wait for someone with deep technical expertise to come back with a list of vulnerabilities. They won't. They will tell you that, yes, we know that we had some vulnerabilities, but those were false positives or migration issues causing breaking changes. It is your software, your business, and your responsibility to find the right spot in the project schedule to fix it. With CheckDEP, you will need just a software manifest and a few seconds of your time to analyze and plan corrective measures. https://lnkd.in/d3X38f_S Stay ahead of security vulnerabilities with FeedNow.io

Tired of the game of jumping between systems during a pentest with LinPeas? Look no further! Introducing LinDistributor – your go-to solution to expedite the LinPeas enumeration process while maintaining impeccable organization. Say goodbye to delays and the tedious hunt for results one by one. With LinDistributor, do it all at once and reclaim valuable time to focus on other tasks! developed and maintained by Jarod Jaslow #cybersecurity #linpeas #hacking #penetrationtesting

Unveiling the Digital Sleuth: Sysmon’s Secrets In my previous post, you read about SysInternals, Living off the Land attacks, and now the use of SVChost by malicious actors. Now, I will discuss how these tools can be employed to detect and thwart malicious activities. Sysmon (System Monitor) is a robust Windows system utility developed by Sysinternals (now part of Microsoft). It offers detailed visibility into system activity, security events, and process behavior. Sysmon continuously monitors system events, including process creation, network connections, file creation, and registry modifications. It aids in identifying suspicious or malicious behavior by logging events related to unauthorized access, privilege escalation, and code execution. In this video, Mark Russinovich, co-creator of the Sysinternals tools, demonstrates how to identify malicious or anomalous activity using Sysmon: Watch the video here https://lnkd.in/e45HfV99

NimReflectiveLoader After dedicating some time and a lot of learning, I'm happy to share a project I've been working on: NimReflectiveLoader. This tool is my attempt to delve into in-memory DLL execution using Nim, with a focus on Reflective DLL Loading. It's designed to retrieve remote DLL via HTTP/HTTPS requests, execute it without disk traces and allows the execution of exported functions within these DLLs. This project was a great learning experience for me, exploring new aspects of Nim and dynamic library management. I'm hoping it might be useful or interesting to others in the field of cybersecurity and development. https://lnkd.in/ecvk9jgp #Nim #InMemoryExecution #NimReflectiveLoader #malware #redteam

Completed 'Log Analysis with Sysmon' challenge by LetsDefend, in which I inspected Sysmon logs to identify reverse shell activities that originated from an initial payload. This payload established a connection with the attacker, which subsequently led to the execution of Mimikatz.exe. This process was used to extract NTLM hashes, and those hashes were then utilized to initiate another PowerShell instance, enabling the download and execution of an additional payload. #infosec #cybersecurity #blueteam #splunk

🎉 Excited to share that I've completed the "Easy Peasy" room on TryHackMe! 🚀 This beginner-friendly room helped me sharpen my cybersecurity skills by covering topics like [mention specific topics, e.g., basic enumeration, web exploitation, privilege escalation]. 💻💡 🔍 During this journey, I've learned valuable techniques that are essential in today's cybersecurity landscape. Looking forward to applying these skills in real-world scenarios! 👨💻 Huge thanks to TryHackMe for providing such an interactive platform to learn and grow. Can't wait to tackle more challenges ahead! #TryHackMe #Cybersecurity #InfoSec #CTF #LearnByDoing #HackThePlanet --- Feel free to customize it further to reflect your personal experience and insights gained from the room!

🎉 Achievement Unlocked 🎉 I'm excited to share that I have successfully completed the Log Analysis with Sysmon challenge on Let'sDefend! 🚀 This experience has sharpened my skills in detecting malicious activities using Sysmon logs, analyzing patterns, and enhancing my incident response techniques. #Cybersecurity #SOC #IncidentResponse #Sysmon #LogAnalysis #LetsDefend #ContinuousLearning #MalwareAnalysis