Threat Hunt Deep Dives Ep. 4 - Apache Struts RCE (CVE-2020-17530)
Welcome to Threat Hunt Deep Dives, Episode 4! Today we are looking at a recent Apache Struts Remote Code Execution (RCE) vulnerability, CVE-2020-17530. Join us as we put this threat under the microscope.
Cyborg Security is changing the Threat Hunting game, check us out at:
https://www.cyborgsecurity.com/
https://twitter.com/CyborgSecInc
https://www.linkedin.com/company/cyborg-security/
CVE-2020-17530 Python PoC from Cyborg Security:
https://github.com/CyborgSecurity/CVE-2020-17530
NIST, CVE-2020-17530 Details:
https://nvd.nist.gov/vuln/detail/CVE-2020-17530
Packet Storm, Apache Struts 2 Forced Multi OGNL Evaluation:
https://packetstormsecurity.com/files/160721/Apache-Struts-2-Forced-Multi-OGNL-Evaluation.html
OGNL on Wikipedia:
https://en.wikipedia.org/wiki/OGNL
Vulhub struts2:2.5.25 docker hub image:
https://hub.docker.com/layers/vulhub/struts2/2.5.25/images/sha256-eaf49b95f2c178cca77d3c8454f79a4fe4ed4dd9d342c9e9a911e842565217d2?context=explore
PerchLabs Suricata web server rules with detection for CVE-2020-17530:
https://github.com/PerchSecurity/PerchLabs/blob/main/suricata/web_server.rules
Chapters:
0:00 Intro
1:35 Overview
6:55 Emulation
12:48 Detection / Hunting
Видео Threat Hunt Deep Dives Ep. 4 - Apache Struts RCE (CVE-2020-17530) канала Cyborg Security
Cyborg Security is changing the Threat Hunting game, check us out at:
https://www.cyborgsecurity.com/
https://twitter.com/CyborgSecInc
https://www.linkedin.com/company/cyborg-security/
CVE-2020-17530 Python PoC from Cyborg Security:
https://github.com/CyborgSecurity/CVE-2020-17530
NIST, CVE-2020-17530 Details:
https://nvd.nist.gov/vuln/detail/CVE-2020-17530
Packet Storm, Apache Struts 2 Forced Multi OGNL Evaluation:
https://packetstormsecurity.com/files/160721/Apache-Struts-2-Forced-Multi-OGNL-Evaluation.html
OGNL on Wikipedia:
https://en.wikipedia.org/wiki/OGNL
Vulhub struts2:2.5.25 docker hub image:
https://hub.docker.com/layers/vulhub/struts2/2.5.25/images/sha256-eaf49b95f2c178cca77d3c8454f79a4fe4ed4dd9d342c9e9a911e842565217d2?context=explore
PerchLabs Suricata web server rules with detection for CVE-2020-17530:
https://github.com/PerchSecurity/PerchLabs/blob/main/suricata/web_server.rules
Chapters:
0:00 Intro
1:35 Overview
6:55 Emulation
12:48 Detection / Hunting
Видео Threat Hunt Deep Dives Ep. 4 - Apache Struts RCE (CVE-2020-17530) канала Cyborg Security
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Out of the Woods: The Threat Hunting Podcast | Ep. 6PT. 2 - Lateral Movement Quick Tip 🎯 #cybersecurity #workshop #cyber #threathuntingPT. 1 - Impact Quick Tip ⬆️ #threathunting #impact #mitreattack #cybersecurity #security #infosecPt. 2 - Exfiltration Quick Tip⬆️ #cybersecurity #threathunting #mitreattack #security #infosecOut of the Woods: The Threat Hunting Podcast | Ep. 1 - Know Your Ground, Your Pack, and Your QuarryOut of the Woods: The Threat Hunting Podcast | Ep. 11Threat Hunt Deep Dives Ep. 9 - Get to Know Your Logs Pt. 1Happy Hunting | Episode 6 - FIN7Pt. 4 - Credential Access Quick Tip 💻 #threathunting #workshop #cyber #cybersecurity #mitreChance Favors the Prepared Mind: Building an Advanced Threat HunterHappy Hunting | Episode 4 - Mastering False PositivesHappy Hunting | Episode 2 - BlackCat/ALPHV RansomwareOut of the Woods: The Threat Hunting Podcast | Ep. 3Threat Hunt Deep Dives Ep. 1 - Return of the WIZard - Exim MTA RCE (CVE-2019-10149)Pt. 4.2 -Exfiltration Quick Tip 🎯 #cybersecurity #security #threathunting #infosec #mitre #cyberPt. 1 - Credential Access Quick Tip! Learn more @ our #ThreatHunting Workshop - Link in bio #cyberPt. 1 - Exfiltration Quick Tip ⬆️ #cybersecurity #threathunting #exfiltration #mitre #securityOut of the Woods: The Threat Hunting Podcast | Ep. 7Out of the Woods: The Threat Hunting Podcast | Ep. 2Exploring MicrocorruptionPumpkin Spice Logs: Hunting for Toolkits