Learn Information Security

A place to share links and articles that i have found helpful. This blog tends to be more offensive security minded. Basically it is a collection of notes that I will update periodically. None of this is set in stone, and I could very well be wrong on most of it. Just saying.

Pages

Learning
Paste Sites
Threat Hunting
Volatility
Blue Team
Red Team
OSINT - Google Dorks

Teams Phishing

Security controls like Sender Policy Framework (SPF) that can prevent direct spoofing of domains and email security gateways that can flag suspicious domains. Those security controls don’t exist for IM, so we have new options for spoofing.

https://github.com/Octoberfest7/TeamsPhisher
https://labs.jumpsec.com/advisory-idor-in-microsoft-teams-allows-for-external-tenants-to-introduce-malware/
https://www.bleepingcomputer.com/news/security/microsoft-teams-phishing-attack-pushes-darkgate-malware/

at 7/22/2024 09:00:00 AM

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Labels: aitm, phishing, spf, spoofing, teams, teams phishing, tools

Newer Post Older Post Home

Links

My Malware Notes Site
MITRE
MITRE Pre-Attack

Cheats and Notes

CTF Notes
nmap
Metasploit

Blog Archive

► 2016 (26)
- Feb (1)
- Mar (1)
- Apr (6)
- Jun (1)
- Jul (4)
- Aug (2)
- Sep (3)
- Oct (1)
- Nov (6)
- Dec (1)

► 2017 (66)
- Jan (1)
- Feb (18)
- Mar (9)
- Apr (12)
- May (10)
- Jun (3)
- Jul (6)
- Aug (1)
- Sep (1)
- Oct (1)
- Dec (4)

► 2018 (43)
- Jan (5)
- Feb (1)
- Mar (7)
- Apr (2)
- May (10)
- Jun (5)
- Jul (4)
- Aug (2)
- Sep (2)
- Oct (5)

► 2019 (41)
- Mar (1)
- Apr (1)
- May (1)
- Jul (18)
- Aug (17)
- Sep (3)

► 2021 (1)
- Dec (1)

► 2022 (2)
- Jan (1)
- Oct (1)

► 2023 (6)
- Aug (5)
- Nov (1)

▼ 2024 (5)
- Jun (1)
- Jul (4)

Labels

breach shellcode linux learn malware hacking windows red exploit security tool apt tools vulnerability msf practice x86 article blue boot2root CTF news pentest printer report vulnhub United States howto powershell detect dfir doc forensics hunt metasploit notes phishing red team russia video web attacks WMI aitm blog china conference course credit cards exploitation funny healthcare hunting kb privacy recon review sans script x64 Military attack bash begin big data black hat buffer overflow canada cmdline code cyberwar defcon dll egghunter guide infowar invest jenkins lateral movement links logs memory miicrosoft money msfvenom offensive paper password cracking passwords pos post-exploit privilege escalation python reverse engineering saas shell social media spoofing tech threat hunting threat intel top turla 2019 40k AV AutoIT CIM COMpfun DoS IIS IMO Initial Access Iran Israel KRYPTON Lazarus MOF Molina Nmap North Korea Norway OilRig OpenSSL Pegasus PythocyDbg Snake Sony TajMahal UAC USA USB Uroburos Venomous Bear WebDAV WestWild active directory alert android anthem apple apple. fbi application bypass apt29 arm aslr assembly attachment attacks audit authentication authorization aws bindshell boeing bro browser buckle bypass bypassuac chameleon cia code execution command crime crypto currency csv dns dob economic election empire endpoint espionage evasion exec exercise exploit kits fierce food framework france free german github government great Britain groovy gruq habit hard hash health hijacking hosts hyperion icmp ida identity ids implant inject integrate iot iptables ipv4 iso javascript jobs kerberos keylog kmart koadic kovter kpot ldap leak link preview medium metasploitable meterpreter mimikatz mitre mixed msdn mshta nation state network analysis note nsa null null byte office oil rig old oscp osint passive persistence plane plot policy post exploit pup qatar rce read read later recipe reg registry regsvr32 ricin robotics rootkit rundll32 s3 saml jacking samples scripting siem slack spf splunk spoof sqrl ssn study sunset surveillance taxi teams teams phishing teamviewer terrorism trick trojan troll tutorial exploit tweet user-agent veil vimeo virus vnc volatility website wget which word worm xss

Pages

Home
Recon

CTF Levels

begin (2)
boot2root (7)
CTF (6)
hard (1)
medium (1)

2021. Simple theme. Theme images by enot-poloskun. Powered by Blogger.