Friday, 31 March 2017

AUD/USD Forex Report 1st April 2017

AUd/USD Primary & Weekly Cycles

The medium term bias is to go higher and reach the 2017 highs @ .7785, whilst the short term bias is to dip down into the Weekly lows.
Random Support :- .7482  /  . 7513

AUD looks to be moving higher in the 2nd Quater, as it follow the Quarterly dynamics towards the 2017 highs @ .7785 - 79

Trade on the side of  .7625

Monday, 27 March 2017

Popular attacker tools & techniques: survey results


In my last blog post, I decided to create a survey as to get a better perspective on popular or favourite tools of attackers, red teamers and/or pentesters.

Below  I present the results, with additional & minimal commentary from my side. Comments are below the figures. Note this is not fully indicative of an attacker or threat actor's arsenal, but I do hope it can give anyone some pointers. Enjoy the journey.

Yes, you may use this data as long as you mention the original source, which is this exact blog post. You may find a direct SurveyMonkey link to the results here.




Figure 1 - What do you do
Answered: 76 

First and foremost question: what do you do? Are you a red/blue or purple teamer? Or no idea at all?

Most people that answered were red teamers. Awesome! If you have no idea what any of this means, or you are just starting with all this, then I definitely advise you to read the following:
The Difference Between Red, Blue, and Purple Teams.




Figure 2 - Favourite lateral movement method

Answered: 66

Second question definitely yielded interesting results; with Pass the Hash (PtH) as most favourite or preferred method of lateral movement. Note that I shamelessly used this list from Mitre's excellent ATT&CK page on Lateral Movement here: https://attack.mitre.org/wiki/Lateral_Movement



Figure 3 - Favourite AV bypass tool
Answered: 64 

Bypassing AV can be interpreted quite broadly, but let's say using the most well-known tools with ability to evaded AV - with which Metasploit takes the lead, and Veil a close second.



Figure 4 - Favourite web app pentest tool
Answered: 66

Burp seems to have the biggest share of being most popular or used web app pentest tool.



Figure 5 - Favourite PowerShell tool
Answered: 66

This is definitely one of the, if not the most, interesting results of all questions. PowerShell Empire takes the lead, with PowerSploit following very closely... And not too far off is PowerShell itself. Draw your conclusions.



Figure 6 - Favourite credential dumper

Answered: 67

Mimikatz seems to be the most preferred credential dumper all around.



Figure 7 - Favourite password brute forcer

Answered: 66


Hashcat, Hydra and John the ripper rank among the top three of password brute forcers.



Figure 8 - Usage of RATs

Answered: 69 

This question and the next overlap slightly - if an attacker doesn't (or can't) build custom malware, they may be more inclined to use RATs (freely available or not). Building a RAT is definitely more trivial than building or writing custom malware.

However, don't be fooled. If an attacker is strongly motivated, it's not a question of if they'll get on the network, but when. Take appropriate defensive measures.

Figure 9 - Usage of malware
Answered: 58

Repeating: attackers will not hesitate to use custom malware which is adapted or tailored to/for your environment! (and to evade any security controls or measures in place)



Figure 10 - Application Whitelisting bypasses
Answered: 69

A rather surprising result, seeing 11 of the respondents either skipped, or didn't know what Application Whitelisting is. (and as such, how it may be bypassed)

I can definitely recommend you to check out Casey Smith's Catalog of Application Whitelisting Bypass Techniques.


Extra comments

... provided by some of the respondents yielded additional tools and information:

Lateral movement methods:
PowerUpSQL, CrackMapExecWin, smbexec, PowerSCCM, Kerberoasting, CobaltStrike (after obtaining admin creds for another system), WMI, Password reuse.

AV bypass:
PS Empire, PEspin, Shellter, Unicorn.py and even manually.

Web app pentesting:
metasploitHelper, Dirb, dirbuster, Kali2.

PowerShell tools:
Compress-File.ps1, BloodHound, PowerLurk, PowerSkype.ps1, PowerOPS, PowerForensics, Unicorn.py.

Credential dumping:
mimikittenz, go-mimikatz.

Password brute forcing:
Nmap NSE "brute"-category scripts, patator, Invoke-SMBAutoBrute.ps1, HashcatOCL.

RATs and malware:
Empire, Meterpreter (Metasploit), ADC2.ps1, ThinkPwn, manwhoami/Bella, tinymet/Ultimet, CobaltStrike beacons.



Conclusion

You may wonder if every attacker will use every tool on this list. They may well do so, or not use any of the tools and scripts discussed at all, and rather write everything tailored to your environment.

Also keep in mind that an attacker's TTPs may change over the course of weeks, months or even years. However, some tools will always be popular and withstand the test of time.

What's next?

I definitely advise you to either subscribe to feeds, or follow people on Twitter - both red teamers and blue teamers. Often, they both provide a unique insight which in turn will help you to defend better as well. Don't hesitate to share your findings with the community!

Try to think like an attacker. Leave nothing out. Know your own environment.


I'm not sure where to start.

Why not start by checking out a real live intrusion that happened, featuring APT29? There's an excellent presentation out there by Matthew Dunwoody and Nick Carr here:

Another excellent blog to check out is: http://adsecurity.org/

I additionally advise you to check out Matt Swan's Incident Response Hierarchy of Needs. If you like hierarchies or pyramids. definitely check out the threat intelligence Pyramid of Pain by David Bianco.

There's also a good paper on detecting lateral movement in Windows infrastructure by CERT-EU.

Lastly, check out JPCert's excellent report on lateral movement here:

Still in doubt? Start Googling some of the TTPs mentioned above and check out their functionality - and shortcomings!


What about PowerShell and all its misuses?

If your organisation has no need for it, disable PowerShell by configuring AppLocker. Note that PowerShell has many valid usages as well, such as logon scripts. There's a short blog post by Michael Schneider here that touches on this very subject: A story about blocking PowerShell

If you do want to use PowerShell, I advise you to upgrade to the latest version (currently v5) and turn on all the logging! A blog post worth reading: Greater Visibility Through PowerShell Logging

And the last one in regards to PowerShell is a very recent blog post written by Ashley McGlone:
Practical PowerShell Security: Enable Auditing and Logging with DSC


What about AV and how it can be bypassed?

AV should never be your only layer of protection. Next-gen or not.


What about... ?

Where there are attackers, there are defenders and vice versa. Use Event Logging. Use Sysmon.


I'm a red teamer, where can I find more information?

A recent post by Artem Kondratenk offers a ton of resources and insight:
A Red Teamer's guide to pivoting


Can I use this data?

Of course! As long as you mention the original source, which is this exact blog post. You may find a direct SurveyMonkey link to the results here.


Thanks to all the participants, and to you for reading!

Please do comment with your feedback or questions or anything else you would like to discuss.

Friday, 24 March 2017

Guest Post - Updated List March 2017

Guest blogging is a method used by bloggers to increase blog traffic where bloggers write posts to be published on other bloggers' blogs. Guest posts and guest posting is where a writer who owns his or her own blog creates a unique and original post on another blog or site with a mention of the author and usually their blog at the bottom of the article. Guest posting can help build brand awareness with a different audience and help drive new traffic to your site.

Guest blogging is also a great way to establish yourself as an authority figure within your market and build relationships with other bloggers and experts within your field. It's an opportunity to take your expertise and share it with others, as well as an opportunity to increase traffic to both parties’ blogs. Since guest blogging should be a two-way street, when hopping on the bandwagon, you should also consider featuring posts developed by guest bloggers. Featuring guest posts will also expose your audience to a new perspective and fresh new content.


You may feel free to ask me any question anytime. Our services are perfectly customized to your Marketing Demand and needs. 


SEORapidly
Skype: SEORapidly

Saturday, 18 March 2017

Trainer NieR Automata



------------------------DONLOAD
--------------------------DONLOAD



 -------------------------DONLOAD------------------------DONLOAD

Thursday, 16 March 2017

Ancient Beast updated and the Deceiver

Ancient Beast 0.3 is here (blog post, forum announcement)! This gorgeously drawn game makes another step towards the vision of its developers.

Heya! It’s been too long since the last release, about 3 years; long time indeed.
We’ve finally repaired the prototype and added several new playable creatures, along with more features,
goodies and bug fixes, not to mention that all the old units have been pretty much revamped.
A ton of work, but it was totally worth it!

Ancient Beast is a player vs player turn based strategy game played online where you command all manner of creatures (3D printed! Beware the power of playing God!) in a battle for supremacy amongst the ruins of the apocolypse. Or something like that. Sounds fun. :)

Ancient Beast 0.3

Deceiver (formerly "The Yearning") has been rebranded in its latest update. GPL licensed code is available on github, and there's a steady history of updates going back 2 years, but the assets remain copyright of the developer.

So is it Free Software? Purists would justifiably say no. For example, no OS (Linux, BSD etc) distribution could include it without the developer's express consent. I can see the reasons for going down this path as the developer is now approaching publishers, and having anybody able to take his game and publish it externally would be an issue of contention. Which brings us back to an old topic of discussion - is it possible to monetize a Free Software game project without compromising on the licensing of any part of it?

Deceiver rain experiments
Some would say such a game shouldn't even appear on this blog, but given the relative inactivity of the blog you'll have to indulge me this once for discussion purposes if nothing else!

Sunday, 12 March 2017

Survey: favourite Red team / Pentest / Attacker methods & tools

SURVEY CLOSED AND RESULTS PUBLISHED:
Popular attacker tools & techniques: survey results


Yesterday I've set up a SurveyMonkey poll in regards to one's favourite Red team / Pentest / Attacker methods & tools.

Purpose of this survey is to get a better insight into which TTPs actual attackers usually use, or at least to get an insight in the most common methods leveraged by red teamers.

Unfortunately, the free version of SurveyMonkey allows only up to 10 questions. Answers are completely anonymous. The survey will run for 7 days, or until 100 responses are received, after which I'll publish a new blog post with the results and some comments.

You can find the survey below, please feel free to complete it and to share:
https://www.surveymonkey.co.uk/r/VSKJJ98

Friday, 10 March 2017

The Izila (& Wenja) Script

Smarkaka salwa! Mashi graybati Winjas : we finally have a writing system for Wenja. This was a system first proposed (in part) during the mocap shoots in Toronto during Summer 2015, though was ultimately not adopted by the creative team at Ubisoft. Here is a snapshot of what that system originally looked like:


Affixed to the back of my script binder, this is perhaps my favorite line in all of the game. It says "Puros putlom suxnus hasosyo."  Here's what that looks like today:


Some definite similarities, but you can see that a number of changes have been made.

Okay, so how does the script work? First & foremost, the Izila script is an alphabet, with characters that represent both vowels and consonants. The original idea was that the Izila invented a writing system to communicate with their celestial gods: Mensi & Suxli. Tensay learned the writing system while he was a slave of the Izila and brought it back to the Wenja village. (NOTE: THIS IS NOT CANON)

Each letter has a name in Izila: < p > is pód, < b > is bárs, etc. Each letter is based off of the first sound of the picture it represents. So, the picture of a foot stands for the letter < p >, because pód, the word for "foot" in Izila begins with a "p". This is a process called acrophony and is actually how our alphabet originally came into being (see here).


The letters themselves are arranged as only a linguist would -- stop consonants are first, moving from the front of the mouth to the back, then fricatives, then nasals, liquids, glides, and finally vowels. There are two letters with dual functions. The letter ulóm "owl" represents both < w > and < u >, and the letter yugí "eternal life" stands for both < y > and < i >. You can see this in two of the examples below. yugí represents < y > in Sayla, but < i > in pati. Similarly, ulóm represents both < w > and < u > in the name Wuga.

When a writing system is first invented (as occurred in the ancient Near East, China, or Mesoamerica), it starts off with letters that do not just represent sounds, but also letters that represent words (i.e., morphemes). Such characters are called logograms.  There are a handful of these in the Izila script.

What this means is that you would never write out the words "Izila", "Wenja", "Udam", etc. using the phonograms listed above. Rather. you would use one of these special signs. 

In addition, there are also additional logograms that can function as determiners, signs that you place before a specific concept to indicate what type of entity that thing is. If the noun in question is an animal, a man, a woman, a god, a spirit, or a tribe, you'll place one of these determiners before it. You can use these symbols as logograms as well.


Finally, there are two types of punctuation in the kraybati -- a word-boundary marker and a final symbol that indicates the end of a text.


Allow me to explain logograms, determiners, and punctuation markers with the sentence below. 


Let's first transcribe the writing systems directly into what it says. I've used colons to indicate word boundaries, #  the end of text marker, capitalized all logograms, and superscripted any determiners.

smarkaka:mw:MANWENJApaty:hay:nawa:kraybaty:TRIBEWENJAs#

Let's begin with the word "Winjapati", the third word in the line. It begins with a determiner hnér, which marks that the person in question is a man. Essentially, it's like an unspoken "Mr.". If I were a woman, I'd use the sign gwéni. The determiner hnér is then followed by the logogram WENJA and then the phonograms < p > < a > < t > < y >, resulting in Winjapati. Later in the line the logogram WENJA reappears, but this time it's preceded by génhos, indicating that this Wenja is referring to the tribe (or language). 

As with much of what we have done in Far Cry Primal, this writing system is based in a certain amount of reality. There are a set of symbols called the Vinča Script (Vinča = Winja.... it's too perfect.), which were first used roughly 10,000 years ago. Though many call it a "script", it's unclear if it was actually one. (Highly unlikely that it was).  The symbols used above are taken from the Gimbutas font, designed by Prof. Sorin Paliga, a linguist at the University of Bucharest, Romania. Visit here for a fuller discussion, with references, of the Vinca script and a link to the truetype font so you can make your own Wenja texts.

I'll conclude this post with a sample of some of my favorite lines from the game, written in the Izila script.











Tuesday, 7 March 2017

Trainer Ultimate Marvel vs Capcom 3





------------------------DONLOAD
--------------------------DONLOAD

 -------------------------DONLOAD------------------------DONLOAD

The difference between Themes and Templates in Blogger

This article explains the difference between themes and templates in Blogger, Google's blogging tool.



What is (was) a Blogger template

How a blog that is made with Blogger is shown to a visitor is controlled by four sets of information:
  • The posts which the blogger writes (ie the content)
  • A user-editable "configuration file" which records the overall formatting options which the file designer and then the blogger have chosen
  • Another configuration file, called the post-template, which records choices that the blogger has made under Layout > Blog posts (edit), but cannot be edited elsewhere.   
  • Blogger's own software, which puts the other things together with some internal rules to make "web pages".   Bloggers cannot control the rules in this at all.

Originally, the first "configuration file" was called a template.   In fact, officially it was called a design-template, to distinguish it from the post-template.   However because most people aren't aware of the post template, usually just the word "template" is used to mean design-template.


What is a theme

Other blogging tools (eg Wordpress, Tumblr) called their equivalent file a theme.    Most (or even all) of those tools provide less access to change things in the Theme file, for example if you use a Wordpress free-hosted blog, then you cannot change any of the code in your theme, you can only make formatting changes which are allowed for in the Wordpress front-end.

Many of the Wordpress themes have had a lot of  graphic design work done on them - using them gives a blog-site which looks very attractive (or otherwise suited for their purpose) on a wide range of screens.    Many large websites have been made using Wordpress, and so very many professional designers have created Wordpress themes.    Because of this, many people believe that it's easier to get an excellent-looking website from a theme than from a Blogger template.

Blogger templates have now become themes

Recently - I noticed it in March 2017 - Blogger started calling their templates "themes".  
  • They've changed the menu option on their dashboard from "Template" to "Theme".
  • They've changed the action button names in the template/theme editor to say things like "Save theme".
  • They've written various help articles which refer to themes.



What hasn't changed

  • We can still edit our templates themes extensively.
  • The Blogger tools that make the changes in our themes haven't changed:  All the items under the Themes tab on the dashboard are the same as the ones on the Templates tab.
  • The contents of our existing themes are still much the same  (I cannot guarantees they haven't made any changes, but I haven't seen any)
  • The themes that we can choose from when making a new blog, or changing the format of an existing one, are the same.
  • There are hundreds of help and how-to articles written by blogger-helpers like myself, which all refer to templates.   (I've started changing mine - but it's going to take a while!)

What else is going to change?   

This is the big question:   Is the rename a precursor to some other changes, eg restricting how much control we have over our themes? - or is it just a cosmetic change to make Blogger seem more modern?

Will there be some new themes released - ones that look better across a range of devices, maybe even some that are optimized for mobile instead of desktop use?

Will there be new theme-editing features introduced into Blogger's interface, to let us control things we cannot control now?

Conclusion / TL-DR

Only Google's Blogger product managers know exactly what the future plans for Blogger are - and they're not known for talking about the future direction  until they're just about to introduce new features.   

But until they do, my conclusion is that there is no difference between templates and themes in Blogger.  They are simply two different words for exactly the same thing.



NB:   Blogger product a announcements are usually made in the Blogger Buzz blog - and I see that template were still called templates in their most recent post in November 2016:






Related Articles

How to edit your Theme in Blogger

What types of theme / templates does Blogger have

Editing your blog's template:  advantages and disadvantages

How to turn on a mobile theme for your blog

Blogs, Blogger, bloggers, posts pages and screens - understanding Blogger-basics

How to make a real website, using Blogger

Monday, 6 March 2017

A New Project

Proud to have worked on National Geographic's new series, Origins : The Journey of Humankind. Premieres tonight in the US at 9 pm ET.  I worked on eight languages for it!

Image result for nat geo origins
  • Lydian
  • Gaulish
  • Proto-Indo-European
  • Germanic-flavored Proto-Indo-European
  • Nostratic
  • Proto-Afro-Asiatic
  • Basque-flavored Proto-Dene-Caucasian\\
  • Proto Pama-Nyungan

Hopefully (if I get approval from the powers that be), I'll be able to go into some detail here about my work on the show.

Sunday, 5 March 2017

Australian Dollar USD 3rd March 2017 monthly Report

Australian Dollar/USD Dollar Primary & Weekly Cycles

AUD looks steady without providing a long term target.

The medium term bias is to go higher and reach the 2017 highs @ .7785, whilst the short term bias is to dip down into the Weekly lows.

Random Support :- .7482  /  . 7513

Wednesday, 1 March 2017

How to Speak Wenja : Wuga's Scenes

Today we'll look at Wuga's scenes (known as Wogah in the game), a quirky, one-armed crafter who introduces Takkar to Wugas fnagu "Woga's claw" and a whole host of upgrades.

Played by the extremely talented (and extremely kind) Ron Kennell, I smile every time I hear him yell "Fmaygan".  Mi-sharm hadarsh!

Meeting Wuga


Wuga:

Mawra Udam!
Stupid Udam!
Stupid Udam!

Takkar :

Mu Winja!
I Wenja!
I'm Wenja!

Wuga:

Nay! Mu supima Winja! Ta dijam-shanti, fmayga-su tagata. Udam-war-way.
No! I last Wenja! You dirt-face, piss-in covered. Udam-just-like.
No! I'm the last Wenja! You're a dirt face, covered in piss. Just like Udam.

Smarka, Fmaygan.
Bye, Pisser/Pissee.
Bye, Piss-man.
(Fun fact : the suffix -an can mark an agent noun, equivalent to the -er suffix in English. So, shaja "lead" + -an = shajan "leader".  BUT it also marks the recipient of an action, so technically shajan can mean "leadee; the one who is lead". This is much less common in Wenja. But this is precisely what the -an in Fmaygan is doing. Wuga is really drawing attention to the fact that he peed on Takkar) 


Confronting Wuga


Wuga:

Sharm-hadan. Udam. Mawra sharm-hadan. Ay!
Arm-eaters. Udam. Stupid arm-eaters. Ah!
Arm-eaters. Udam. Stupid arm-eaters. Ah!

Na-ta Udam.
Not-you Udam.
You're not an Udam.

(*sniffs*)

Fmaygan!
Pissee!
Piss-man!

Winja! Mu Winja!
Wenja! I Wenja!
Wenja! I'm a Wenja!

Ku-na Winja marwa?
QUESTION-not Wenja dead?
Are the Wenja not dead?

Takkar :

Palhu gwayfarsh, na mayta ti-way.
Many live-they, not crazy you-like
Many live, not crazy like you.

Wuga:

Nam mayta. Winja sakwim!
Not-I crazy. Wenja help-I!
I'm not crazy. I help Wenja!

Pashta? Kala. Saywa shash-way. Hasar Urusis. 
See-you? Pretty. Hard rock-like. Blood Oros-of.
You see?  Pretty. Hard as a rock. Blood of Oros.

Bal Winja tachisla dahay su. Ma Hasar Urusis mibi chawda.
Strong Wenja weapons make-for good. But Blood Oros-of me-from hides.
Good for making strong Wenja weapons. But Blood of Oros hides from me.

Takkar :

Shash waydam. U nartar hay - u Winja-ha gwayfa.
Rocks find-I. COMMAND west go - COMMAND Wenja-with live.
I find the stones. You go west - live with Wenja.

Wuga:

Buda Fmaygan. Sashwalsu dayshan Hasar Urusis sansha. Hay miyi.
Smart Pissee. Sun-in shining Blood Oros-of Seek. This me-for.
Smart Piss-man. Look for the Blood of Oros shining in the sun. This one's mine.
(You can see that -an also is equivalent to -ing in English : daysha "to shine" : dayshan "shining". Very useful suffix)

Peak of Oros



Wuga:

Fmaygan! Mu bal damshi tatishta. Nu-ta bal fnagu taticham!
Pissee! Me strong hut build-you. Now-you strong claw build-I!
Piss-man! You built me a strong hut. Now I build a strong claw for you!

Kwayda shanchim, u apa gwam. Tu kwarkwar shwaldata darfata-kwa!
When stop-I, COMMAND back come. Then wherewhere climb-you jump-you-and!
When I finish, you come back. Then you climb and jump anywhere!
(If you haven't noticed already, the basic word for "and" is -kwa and it comes after the 2nd thing it's conjoining.  So: Winja Izila-kwa = "Wenja & Izila". Nu can also mean "and", though it only occurs at the beginning of a sentence: Nu shawsi Ulls hinacha "And take Ull's ear!")

Takkar :

Hay-ha shwaldam darfam-kwa.
This-with climb-I jump-I-and. 
I climb and jump with this.

Wuga:

Wugas fnagu! Waydata!
Woga-of claw! Found-it!
Woga's claw! You found it!

Su fnagu! U barju yaha, shwalda.
Good claw! COMMAND high throw, climb.
A good claw. Throw high, climb up.

Faran parkun! U-ra fnagu bawga, ha farun parkun shwalda. Su ha nawa kwarwi taticha.
Eagle feather! COMMAND-REFLEXIVE claw be.useful, so.that eagle feather climb. Good so.that new tool make.
Eagle feather! Use claw to climb eagle cliff. Good to make new tools.

Na kwarwi bal Wugas fnagu-way!
Not tool strong Woga-of claw-like!
(But) no tool strong like Wogah's claw!


The Lost Totem



Wuga:

Udam gwar jarshna Winja damsha waykarsh, chwanta drawbarsh - mi-sharm hadarsh!
Udam beasts old Wenja home attack-they, totem break-they - my-arm eat-they!
Udam beasts attack old Wenja home, break totem - eat my arm!

Na sharm yakam, ma chwanta yakam!
Not arm fix-I, but totem fix-I!
I didn't fix my arm, but I did fix the totem.

Udam gwan, Fmaygan. Chwanta sakman hinacha. Tu nawa Winja chwanta damsham!
Udam kill, Pissee. Totem scraps take. Then new Wenja totem build-I!
Kill Udam, Piss Man. Take back totem scraps. Then I build new Wenja totem.



Wuga:

Apa, apa! Kuswa dashta!
Back, Back! Almost done!
Back, back! Almost done!

Kakura, piki, Udam hasar!
Dung, tar, Udam blood!
Dung, tar, Udam blood!

Chwanta saywa daha, darwa-way.
Totem hard make, tree-as.
Makes totem hard as tree.

Dashta!
Done!
Done!

Takkar :

Bal. Winja shayu-way.
Strong. Wenja spirit-like
Strong. Like Wenja spirit.

Wuga:

Bal. Fmaygan-way.
Strong. Pissee-like.
Strong. Like Piss-man!

Winja damsha prapa. 
Wenja home seems
Feels like Wenja home.