Posts

  • Feb 2, 2021

    purple-team-attack-automation

    Praetorian’s public release of our Metasploit automation of MITRE ATT&CK™ TTPs

    At Praetorian, we were seeking a way to automatically emulate adversary tactics in order to evaluate detection and response capabilities. Our solution implements MITRE ATT&CK™ TTPs as Metasploit Framework post modules. As of this release, we’ve automated a little over 100 TTPs as modules.

    Metasploit’s advantage is its robust library, capability to interact with operating system APIs, and its flexible license. In addition, we’re able to emulate the features of other tools such as in-memory .NET execution via leveraging Metasploit’s execute_powershell functionality. This allows Blue Teams to ensure that their tools are alerting on the actual TTP behavior and not execution artifacts (such as encoded PowerShell).

    Our solution is built on top of the latest version of Metasploit as of 09Apr2019 (pulled from: https://github.com/rapid7/metasploit-framework). We’ve made minor modifications to Metasploit’s code base to enable some of the automation. Everything should work as intended if you’re already familiar with Metasploit. The magic happens after you establish a Meterpreter session and run a TTP as a post-exploitation module.

    We’re open sourcing our work because we believe in solving the cybersecurity problem. By giving Blue Teams more tools to emulate adversary behavior, we hope to improve their capabilities and reduce the still very high average dwell time.

    Tags: #ruby

  • Feb 2, 2021

    bazarr

    Bazarr is a companion application to Sonarr and Radarr. It manages and downloads subtitles based on your requirements. You define your preferences by TV show or movie and Bazarr takes care of everything for you.

    Bazarr is a companion application to Sonarr and Radarr. It manages and downloads subtitles based on your requirements. You define your preferences by TV show or movie and Bazarr takes care of everything for you.

    Be aware that Bazarr doesn’t scan disk to detect series and movies: It only takes care of the series and movies that are indexed in Sonarr and Radarr.

    Thanks to the folks at OpenSubtitles for their logo that was an inspiration for ours.

    Tags: #python • sonarr • subliminal

  • Feb 1, 2021

    typescript-fundamentals

    👨‍🏫 Mike’s TypeScript Fundamentals Course

    Tags: #typescript • javascript • course

  • Feb 1, 2021

    fenster

    A library to display videos in a TextureView using a custom MediaPlayer controller

    The minSDK for the use of the library is minSDK 16

    Displaying a video with custom controller

    Tags: #java

  • Feb 1, 2021

    commafeed

    Google Reader inspired self-hosted RSS reader.

    Sources for CommaFeed.com.

    Google Reader inspired self-hosted RSS reader, based on Dropwizard and AngularJS. CommaFeed is now considered feature-complete and is in maintenance mode.

    Tags: #java • rss-reader • self-hosted

  • Jan 31, 2021

    auth

    :atom: Social (OAuth1\OAuth2\OpenID\OpenIDConnect) sign with PHP :shipit:

    Open source social sign on PHP. Connect your application(s) with social network(s).

    Code examples you can find in example directory

    Tags: #php • oauth • social

  • Jan 31, 2021

    wp-nested-pages

    A more intuitive way to manage pages in the WordPress admin

    Nested Pages provides an intuitive drag and drop interface for managing pages & posts in the WordPress admin, while maintaining quick edit functionality.

    For installation and usage information visit nestedpages.com. Available for download/installation in the WordPress Plugin Directory.

    Tags: #php

  • Jan 31, 2021

    drf-writable-nested

    Writable nested model serializer for Django REST Framework

    We have a special mixin UniqueFieldsMixin which solves this problem. The mixin moves UniqueValidator’s from the validation stage to the save stage.

    If you want more details, you can read related issues and articles: https://github.com/beda-software/drf-writable-nested/issues/1 http://www.django-rest-framework.org/api-guide/validators/#updating-nested-serializers

    Tags: #python

  • Jan 30, 2021

    omniauth-wechat-oauth2

    Wechat OAuth2 Strategy for OmniAuth 1.0.

    Add to your Gemfile:

    gem "omniauth-wechat-oauth2"

    Then bundle install.

    Tags: #ruby

  • Jan 30, 2021

    venn.js

    Area proportional Venn and Euler diagrams in JavaScript

    If you use NPM, npm install venn.js. Otherwise, download the latest release.

    Tags: #javascript • venn-diagram • d3

subscribe via RSS