Cyber Research #43

Mert Coskuner

3 min readJul 9, 2022

Articles

Elligator

Elligator is a way to hide a cryptographic key exchange using elliptic curves as random noise, devised by Daniel J…

elligator.org

Building a SAST program at Razorpay’s scale

The inner workings of how we build a Static Application Security Testing program at Razorpay

engineering.razorpay.com

Microsoft Defender for Endpoint Internals 0x02 — Audit Settings and Telemetry

In the previous article of this series, I’ve put Microsoft Defender for Endpoint (MDE) next to Sysmon and highlighted…

medium.com

Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134) |…

On June 02, 2022, Atlassian published a security advisory about a critical severity Unauthenticated Remote Code…

blog.qualys.com

Weaponizing and Abusing Hidden Functionalities Contained in Office Document Properties | Offensive…

A few months ago, Microsoft released an article that stated that a change would be implemented on Microsoft Office…

www.offensive-security.com

A deep dive into Sigma rules and how to write your own threat detection rules - FourCore

Sigma Rules - a generic open-source signature format for SIEM Systems. What Snort is to network traffic, and YARA to…

fourcore.io

Golang code review notes

Our aim is both to collate various resources and patterns one can find on the Internet, but also to add a couple of…

www.elttam.com

Exploiting Intel Graphics Kernel Extensions on macOS

To escape the Safari sandbox for our Pwn2Own 2021 submission, we exploited a vulnerability in the Intel graphics…

blog.ret2.io

Burrowing your way into VPNs, Proxies, and Tunnels

When considering an attack lifecycle from an adversarial perspective, the adversary has a few options on how to proceed…

www.mandiant.com

FabricScape: Escaping Service Fabric and Taking Over the Cluster

Unit 42 researchers identified FabricScape (CVE-2022-30137), a vulnerability of important severity in Microsoft's…

unit42.paloaltonetworks.com

Tools

Diagrams · Diagram as Code

Diagrams lets you draw the cloud system architecture in Python code. It was born for prototyping a new system…

diagrams.mingrammer.com

GitHub - RoseSecurity/Anti-Virus-Evading-Payloads: During the exploitation phase of a pen test or…

During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause…

github.com

GitHub - turbot/steampipe-mod-aws-perimeter: Is your AWS perimeter secure? Use Steampipe to check…

Is your AWS perimeter secure? Use Steampipe to check your AWS accounts for public resources, resources shared with…

github.com

GitHub - h3xduck/TripleCross: A Linux eBPF rootkit with a backdoor, C2, library injection…

TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. TripleCross is…

github.com

GitHub - scribe-public/gitgat: Evaluate source control (GitHub) security posture

SCM (Source Control Management) security is of high importance as it serves as an entry point to the whole CI/CD…

github.com

GitHub - tomtom-international/vault-assessment-prometheus-exporter: Provides a prometheus exporter…

Provides a prometheus exporter for monitoring aspects secrets stored on a running HashiCorp Vault server - in contrast…

github.com

Thank you for reading!

If you find this newsletter useful and know other people who would too, forward it to them to help spread the knowledge. If you have questions, comments or feedback, reach out via /in/mcoskuner.

Cyber Research #43

Articles

Elligator

Elligator is a way to hide a cryptographic key exchange using elliptic curves as random noise, devised by Daniel J…

Building a SAST program at Razorpay’s scale

The inner workings of how we build a Static Application Security Testing program at Razorpay

Microsoft Defender for Endpoint Internals 0x02 — Audit Settings and Telemetry

In the previous article of this series, I’ve put Microsoft Defender for Endpoint (MDE) next to Sysmon and highlighted…

Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134) |…

On June 02, 2022, Atlassian published a security advisory about a critical severity Unauthenticated Remote Code…

Weaponizing and Abusing Hidden Functionalities Contained in Office Document Properties | Offensive…

A few months ago, Microsoft released an article that stated that a change would be implemented on Microsoft Office…

A deep dive into Sigma rules and how to write your own threat detection rules - FourCore

Sigma Rules - a generic open-source signature format for SIEM Systems. What Snort is to network traffic, and YARA to…

Golang code review notes

Our aim is both to collate various resources and patterns one can find on the Internet, but also to add a couple of…

Exploiting Intel Graphics Kernel Extensions on macOS

To escape the Safari sandbox for our Pwn2Own 2021 submission, we exploited a vulnerability in the Intel graphics…

Burrowing your way into VPNs, Proxies, and Tunnels

When considering an attack lifecycle from an adversarial perspective, the adversary has a few options on how to proceed…

FabricScape: Escaping Service Fabric and Taking Over the Cluster

Unit 42 researchers identified FabricScape (CVE-2022-30137), a vulnerability of important severity in Microsoft's…

Tools

Diagrams · Diagram as Code

Diagrams lets you draw the cloud system architecture in Python code. It was born for prototyping a new system…

GitHub - RoseSecurity/Anti-Virus-Evading-Payloads: During the exploitation phase of a pen test or…

During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause…

GitHub - turbot/steampipe-mod-aws-perimeter: Is your AWS perimeter secure? Use Steampipe to check…

Is your AWS perimeter secure? Use Steampipe to check your AWS accounts for public resources, resources shared with…

GitHub - h3xduck/TripleCross: A Linux eBPF rootkit with a backdoor, C2, library injection…

TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. TripleCross is…

GitHub - scribe-public/gitgat: Evaluate source control (GitHub) security posture

SCM (Source Control Management) security is of high importance as it serves as an entry point to the whole CI/CD…

GitHub - tomtom-international/vault-assessment-prometheus-exporter: Provides a prometheus exporter…

Provides a prometheus exporter for monitoring aspects secrets stored on a running HashiCorp Vault server - in contrast…

Thank you for reading!

Written by Mert Coskuner