Threat Hunt Deep Dives Ep. 4 - Apache Struts RCE (CVE-2020-17530)
Welcome to Threat Hunt Deep Dives, Episode 4! Today we are looking at a recent Apache Struts Remote Code Execution (RCE) vulnerability, CVE-2020-17530. Join us as we put this threat under the microscope.
Cyborg Security is changing the Threat Hunting game, check us out at:
https://www.cyborgsecurity.com/
https://twitter.com/CyborgSecInc
https://www.linkedin.com/company/cyborg-security/
CVE-2020-17530 Python PoC from Cyborg Security:
https://github.com/CyborgSecurity/CVE-2020-17530
NIST, CVE-2020-17530 Details:
https://nvd.nist.gov/vuln/detail/CVE-2020-17530
Packet Storm, Apache Struts 2 Forced Multi OGNL Evaluation:
https://packetstormsecurity.com/files/160721/Apache-Struts-2-Forced-Multi-OGNL-Evaluation.html
OGNL on Wikipedia:
https://en.wikipedia.org/wiki/OGNL
Vulhub struts2:2.5.25 docker hub image:
https://hub.docker.com/layers/vulhub/struts2/2.5.25/images/sha256-eaf49b95f2c178cca77d3c8454f79a4fe4ed4dd9d342c9e9a911e842565217d2?context=explore
PerchLabs Suricata web server rules with detection for CVE-2020-17530:
https://github.com/PerchSecurity/PerchLabs/blob/main/suricata/web_server.rules
Chapters:
0:00 Intro
1:35 Overview
6:55 Emulation
12:48 Detection / Hunting
Видео Threat Hunt Deep Dives Ep. 4 - Apache Struts RCE (CVE-2020-17530) канала Cyborg Security
Cyborg Security is changing the Threat Hunting game, check us out at:
https://www.cyborgsecurity.com/
https://twitter.com/CyborgSecInc
https://www.linkedin.com/company/cyborg-security/
CVE-2020-17530 Python PoC from Cyborg Security:
https://github.com/CyborgSecurity/CVE-2020-17530
NIST, CVE-2020-17530 Details:
https://nvd.nist.gov/vuln/detail/CVE-2020-17530
Packet Storm, Apache Struts 2 Forced Multi OGNL Evaluation:
https://packetstormsecurity.com/files/160721/Apache-Struts-2-Forced-Multi-OGNL-Evaluation.html
OGNL on Wikipedia:
https://en.wikipedia.org/wiki/OGNL
Vulhub struts2:2.5.25 docker hub image:
https://hub.docker.com/layers/vulhub/struts2/2.5.25/images/sha256-eaf49b95f2c178cca77d3c8454f79a4fe4ed4dd9d342c9e9a911e842565217d2?context=explore
PerchLabs Suricata web server rules with detection for CVE-2020-17530:
https://github.com/PerchSecurity/PerchLabs/blob/main/suricata/web_server.rules
Chapters:
0:00 Intro
1:35 Overview
6:55 Emulation
12:48 Detection / Hunting
Видео Threat Hunt Deep Dives Ep. 4 - Apache Struts RCE (CVE-2020-17530) канала Cyborg Security
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Out of the Woods: The Threat Hunting Podcast | Ep. 6
PT. 2 - Lateral Movement Quick Tip 🎯 #cybersecurity #workshop #cyber #threathunting
PT. 1 - Impact Quick Tip ⬆️ #threathunting #impact #mitreattack #cybersecurity #security #infosec
Pt. 2 - Exfiltration Quick Tip⬆️ #cybersecurity #threathunting #mitreattack #security #infosec
Out of the Woods: The Threat Hunting Podcast | Ep. 1 - Know Your Ground, Your Pack, and Your Quarry
Out of the Woods: The Threat Hunting Podcast | Ep. 11
Threat Hunt Deep Dives Ep. 9 - Get to Know Your Logs Pt. 1
Happy Hunting | Episode 6 - FIN7
Pt. 4 - Credential Access Quick Tip 💻 #threathunting #workshop #cyber #cybersecurity #mitre
Chance Favors the Prepared Mind: Building an Advanced Threat Hunter
Happy Hunting | Episode 4 - Mastering False Positives
Happy Hunting | Episode 2 - BlackCat/ALPHV Ransomware
Out of the Woods: The Threat Hunting Podcast | Ep. 3
Threat Hunt Deep Dives Ep. 1 - Return of the WIZard - Exim MTA RCE (CVE-2019-10149)
Pt. 4.2 -Exfiltration Quick Tip 🎯 #cybersecurity #security #threathunting #infosec #mitre #cyber
Pt. 1 - Credential Access Quick Tip! Learn more @ our #ThreatHunting Workshop - Link in bio #cyber
Pt. 1 - Exfiltration Quick Tip ⬆️ #cybersecurity #threathunting #exfiltration #mitre #security
Out of the Woods: The Threat Hunting Podcast | Ep. 7
Out of the Woods: The Threat Hunting Podcast | Ep. 2
Exploring Microcorruption
Pumpkin Spice Logs: Hunting for Toolkits