SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.

Hunting Octopus threat hunting

Hunting Octopus The pre-operation C2 for blue-teamers: (Part 1)

Octopus is an open-source, pre-operation C2 server written in python3. Octopus can control its agents with PowerShell and communicate on HTTP or HTTPS protocols.   Based on the article published here, Octopus has the following features: Control agents through HTTP/S. Execute system commands. Download files. Load external PowerShell modules. Use encrypted channels (AES-256) between C2 and…

twitter logo

Twitter Android app bug matched 17 million of phone numbers to accounts

Twitter for Android app had another bug that exposed users’ phone numbers. The exploit could expose failures in the company’s two-factor authentication system and give other security developers to pause. The exploit was discovered and tested by security researcher Ibrahim Balic over two months. The researcher succeeded in matching 17 million phone numbers with Twitter…