⤷ Title: Local File Inclusion Double encoding @ Root-me Walkthrough
════════════════════════
𐀪 Author: Amr Elharery
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 22:14:03 GMT
════════════════════════
⌗ Tags: #penetration_testing #rce #local_file_inclusion #operating_systems #web_penetration_testing
════════════════════════
𐀪 Author: Amr Elharery
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 22:14:03 GMT
════════════════════════
⌗ Tags: #penetration_testing #rce #local_file_inclusion #operating_systems #web_penetration_testing
Medium
Local File Inclusion Double encoding @ Root-me Walkthrough
Introduction
⤷ Title: Proyecto HTB — La ruta de trabajo del Penetration Tester
════════════════════════
𐀪 Author: Raquel Hernández
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 21:53:04 GMT
════════════════════════
⌗ Tags: #penetration_testing #red_team #learning #ciberseguridad #beginner
════════════════════════
𐀪 Author: Raquel Hernández
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 21:53:04 GMT
════════════════════════
⌗ Tags: #penetration_testing #red_team #learning #ciberseguridad #beginner
Medium
Proyecto HTB — La ruta de trabajo del Penetration Tester
Realmente cuando empecé mi ruta profesional en ciberseguridad, no sabía a qué me estaba metiendo. Había cursado mi postgrado en bases de…
⤷ Title: TryHackMe Pre Security 101 — Offensive Security Intro
════════════════════════
𐀪 Author: Tayyeb Nadeem Somro
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 22:07:28 GMT
════════════════════════
⌗ Tags: #tryhackme_writeup #tryhackme #tryhackme_walkthrough #cybersecurity #information_security
════════════════════════
𐀪 Author: Tayyeb Nadeem Somro
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 22:07:28 GMT
════════════════════════
⌗ Tags: #tryhackme_writeup #tryhackme #tryhackme_walkthrough #cybersecurity #information_security
Medium
TryHackMe Pre Security 101 — Offensive Security Intro
In this tutorial, I’ll be covering how to complete the Offensive Security Intro room on TryHackMe’s Pre Security 101 course.
⤷ Title: IBM Study: 97% of Breached Firms Lacked Basic AI Safeguards, Exposing Critical Data
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:16:51 +0000
════════════════════════
⌗ Tags: #Data Leak #AI security #cybersecurity #data breach #Generative AI #IBM #Report #Risk Management #Shadow AI #Supply Chain
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:16:51 +0000
════════════════════════
⌗ Tags: #Data Leak #AI security #cybersecurity #data breach #Generative AI #IBM #Report #Risk Management #Shadow AI #Supply Chain
Penetration Testing Tools
IBM Study: 97% of Breached Firms Lacked Basic AI Safeguards, Exposing Critical Data
An IBM study reveals 13% of companies suffered AI-related breaches, with 97% lacking basic safeguards. The cost of inaction is rising, fueled by supply chain attacks and "shadow AI."
⤷ Title: crAPI: help you to understand the ten most critical API security risks
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:11:17 +0000
════════════════════════
⌗ Tags: #Open Source Tool #API security risks #crAPI
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:11:17 +0000
════════════════════════
⌗ Tags: #Open Source Tool #API security risks #crAPI
Penetration Testing Tools
crAPI: help you to understand the ten most critical API security risks
crAPI ((Completely Ridiculous API) defines an API that is intentionally vulnerable to the OWASP API Top 10 vulnerabilities
⤷ Title: Google Launches DBSC Public Beta: New Feature Binds Sessions to Devices to Combat Cookie Theft
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:08:46 +0000
════════════════════════
⌗ Tags: #Google #chrome #Cookie Theft #cybersecurity #DBSC #Device Bound Session Credentials #google #Passkeys #security #Session Hijacking
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:08:46 +0000
════════════════════════
⌗ Tags: #Google #chrome #Cookie Theft #cybersecurity #DBSC #Device Bound Session Credentials #google #Passkeys #security #Session Hijacking
Penetration Testing Tools
Google Launches DBSC Public Beta: New Feature Binds Sessions to Devices to Combat Cookie Theft
Google has launched Device Bound Session Credentials (DBSC) in public beta for Chrome on Windows, a new feature that binds authentication sessions to devices to prevent cookie theft.
⤷ Title: cats: REST API Fuzzer and negative testing tool
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 23:20:55 +0000
════════════════════════
⌗ Tags: #Open Source Tool #REST API fuzzer
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 23:20:55 +0000
════════════════════════
⌗ Tags: #Open Source Tool #REST API fuzzer
Penetration Testing Tools
cats: REST API Fuzzer and negative testing tool
REST API fuzzer and negative testing tool. Run thousands of self-healing API tests within minutes with no coding effort!
⤷ Title: Critical Buffer Overflow Flaws in Dahua IP Cameras Expose Devices to RCE
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 23:13:29 +0000
════════════════════════
⌗ Tags: #Vulnerability #Buffer Overflow #CVE_2025_31700 #CVE_2025_31701 #cybersecurity #Dahua #Denial of Service #DoS #IP Camera #RCE #remote code execution #vulnerability
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 23:13:29 +0000
════════════════════════
⌗ Tags: #Vulnerability #Buffer Overflow #CVE_2025_31700 #CVE_2025_31701 #cybersecurity #Dahua #Denial of Service #DoS #IP Camera #RCE #remote code execution #vulnerability
Penetration Testing Tools
Critical Buffer Overflow Flaws in Dahua IP Cameras Expose Devices to RCE
Bitdefender uncovers critical buffer overflow flaws (CVE-2025-31700, CVE-2025-31701) in Dahua IP cameras, allowing unauthenticated remote RCE. Update firmware now.
⤷ Title: The Ultimate Insider Threat: How North Korean IT Workers Infiltrated the Global Remote Economy
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:13:07 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Cybercrime #cybersecurity #DomainTools #Espionage #Insider Threat #Intellectual Property #North Korea #Remote Work #Supply Chain
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:13:07 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Cybercrime #cybersecurity #DomainTools #Espionage #Insider Threat #Intellectual Property #North Korea #Remote Work #Supply Chain
Daily CyberSecurity
The Ultimate Insider Threat: How North Korean IT Workers Infiltrated the Global Remote Economy
A DomainTools report exposes how North Korean IT workers use fake IDs, AI, and shell companies to infiltrate remote tech jobs globally, funding the regime's military and compromising corporate infrastructure.
⤷ Title: Interlock Ransomware Strikes: eSentire Exposes Multi-Stage Payload and ClickFix Social Engineering
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:10:37 +0000
════════════════════════
⌗ Tags: #Malware #ClickFix #cybersecurity #eSentire #Interlock #malware #NodeSnake #powershell #ransomware #social engineering
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:10:37 +0000
════════════════════════
⌗ Tags: #Malware #ClickFix #cybersecurity #eSentire #Interlock #malware #NodeSnake #powershell #ransomware #social engineering
Daily CyberSecurity
Interlock Ransomware Strikes: eSentire Exposes Multi-Stage Payload and ClickFix Social Engineering
eSentire exposes Interlock, a new ransomware group using multi-stage payloads and the ClickFix social engineering technique to deploy ransomware and backdoors via compromised websites.
⤷ Title: The OAuth Phishing Trap: Proofpoint Exposes AiTM Attacks That Bypass MFA to Hijack Cloud Accounts
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:03:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #AiTM #Cloud Security #cybersecurity #MFA Bypass #Microsoft 365 #OAuth #phishing #Proofpoint #Tycoon
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:03:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #AiTM #Cloud Security #cybersecurity #MFA Bypass #Microsoft 365 #OAuth #phishing #Proofpoint #Tycoon
Daily CyberSecurity
The OAuth Phishing Trap: Proofpoint Exposes AiTM Attacks That Bypass MFA to Hijack Cloud Accounts
Proofpoint reveals an AiTM phishing campaign using fake OAuth apps and the Tycoon platform to bypass MFA, hijack Microsoft 365 accounts, and steal credentials.
⤷ Title: Software and Data Integrity Failures (OWASP A08): For Hacking, Bug Bounty, and Web Development
════════════════════════
𐀪 Author: JPablo13
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:01:39 GMT
════════════════════════
⌗ Tags: #web_development #penetration_testing #ethical_hacking #cybersecurity #bug_bounty
════════════════════════
𐀪 Author: JPablo13
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:01:39 GMT
════════════════════════
⌗ Tags: #web_development #penetration_testing #ethical_hacking #cybersecurity #bug_bounty
Medium
Software and Data Integrity Failures (OWASP A08): For Hacking, Bug Bounty, and Web Development
Learn how software and data integrity flaws (OWASP A08) expose systems to RCE, supply chain attacks, and critical data manipulation.
⤷ Title: XXE Vulnerability: কী, কেন, এবং কিভাবে এটি অ্যাটাক হয়?
════════════════════════
𐀪 Author: Ayshee
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 23:21:17 GMT
════════════════════════
⌗ Tags: #xxe_attack #bug_bounty #cybersecurity #xxe #ethical_hacking
════════════════════════
𐀪 Author: Ayshee
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 23:21:17 GMT
════════════════════════
⌗ Tags: #xxe_attack #bug_bounty #cybersecurity #xxe #ethical_hacking
Medium
XXE Vulnerability: কী, কেন, এবং কিভাবে এটি অ্যাটাক হয়?
🛡️ XXE Vulnerability: কী, কেন, এবং কিভাবে এটি অ্যাটাক হয়?
⤷ Title: CTF SQHell| TryHackMe en Español
════════════════════════
𐀪 Author: Binyamin
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:04:27 GMT
════════════════════════
⌗ Tags: #tryhackme #hacking #web_app_pentesting #ctf_walkthrough #tryhackme_walkthrough
════════════════════════
𐀪 Author: Binyamin
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:04:27 GMT
════════════════════════
⌗ Tags: #tryhackme #hacking #web_app_pentesting #ctf_walkthrough #tryhackme_walkthrough
Medium
CTF SQHell| TryHackMe en Español
🧠 Introducción
⤷ Title: Bypass de WAF com Double Encoding: Uma Jornada através de SQL Injection
════════════════════════
𐀪 Author: Jonathan M.
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:28:21 GMT
════════════════════════
⌗ Tags: #infosec #sql_injection #ctf #cybersecurity #pentesting
════════════════════════
𐀪 Author: Jonathan M.
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:28:21 GMT
════════════════════════
⌗ Tags: #infosec #sql_injection #ctf #cybersecurity #pentesting
Medium
Bypass de WAF com Double Encoding: Uma Jornada através de SQL Injection
🎯 Introdução
⤷ Title: Identity and Access Management: RBAC vs ABAC — Choosing the Right Authorisation Model
════════════════════════
𐀪 Author: Samuel Odekunle
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:34:29 GMT
════════════════════════
⌗ Tags: #role_based_access_control #cybersecurity #zero_trust #technology #access_control
════════════════════════
𐀪 Author: Samuel Odekunle
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:34:29 GMT
════════════════════════
⌗ Tags: #role_based_access_control #cybersecurity #zero_trust #technology #access_control
Medium
Identity and Access Management: RBAC vs ABAC — Choosing the Right Authorisation Model
Authorisation is the gatekeeper of modern applications, determining what authenticated users can access and modify. While authentication…
⤷ Title: PM in Progress: Reading the Tea Leaves of an App in Hot Water
════════════════════════
𐀪 Author: Andrew Leng Ly
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:05:17 GMT
════════════════════════
⌗ Tags: #vibe_coding #data #product_design #product_management #cybersecurity
════════════════════════
𐀪 Author: Andrew Leng Ly
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 00:05:17 GMT
════════════════════════
⌗ Tags: #vibe_coding #data #product_design #product_management #cybersecurity
Medium
PM in Progress: Reading the Tea Leaves of an App in Hot Water
In product management, every feature choice leaves a mark. Sometimes, it’s a mark of innovation while other times, it can be a scar left…
⤷ Title: Smart Phishing Scams Are Now Changing Tactics in Real Time. Can Your Defenses Keep Up?
════════════════════════
𐀪 Author: Akshay Chauhan
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 23:09:32 GMT
════════════════════════
⌗ Tags: #information_security #safeaeon #phishing #cybersecurity
════════════════════════
𐀪 Author: Akshay Chauhan
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 23:09:32 GMT
════════════════════════
⌗ Tags: #information_security #safeaeon #phishing #cybersecurity
Medium
Smart Phishing Scams Are Now Changing Tactics in Real Time. Can Your Defenses Keep Up?
Phishing isn’t what it used to be. Gone are the days of broken English emails from a “Nigerian prince” offering you millions. Today’s…
⤷ Title: Fileless Malware: A Growing Threat
════════════════════════
𐀪 Author: Cyber Security Details
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 23:03:48 GMT
════════════════════════
⌗ Tags: #cybersecurity #security #malware #cyber_threat #fileless_malware
════════════════════════
𐀪 Author: Cyber Security Details
════════════════════════
ⴵ Time: Fri, 01 Aug 2025 23:03:48 GMT
════════════════════════
⌗ Tags: #cybersecurity #security #malware #cyber_threat #fileless_malware
Medium
Fileless Malware: A Growing Threat
Fileless malware represents a significant and increasingly prevalent threat in the cybersecurity landscape. Unlike traditional malware that…
⤷ Title: MITRE ATT&CK T1190 ve ToolShell (CVE‑2025‑53770): Gerçek Bir RCE Saldırısının Anatomisi
════════════════════════
𐀪 Author: Serhat Çallı
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 01:12:06 GMT
════════════════════════
⌗ Tags: #cybersecurity #hacking #rce #soc_analyst #mitre_attck
════════════════════════
𐀪 Author: Serhat Çallı
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 01:12:06 GMT
════════════════════════
⌗ Tags: #cybersecurity #hacking #rce #soc_analyst #mitre_attck
Medium
MITRE ATT&CK T1190 ve ToolShell (CVE‑2025‑53770): Gerçek Bir RCE Saldırısının Anatomisi
2025 yılının Temmuz ayında, Microsoft SharePoint sunucularını hedef alan kritik bir zafiyet, dünya genelinde şirketleri alarma geçirdi…
⤷ Title: The Ultimate 2FA App Battle: Proton, Aegis, and Authy Duke It Out in 2025
════════════════════════
𐀪 Author: BiyteLüm
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 02:21:35 GMT
════════════════════════
⌗ Tags: #application #cybersecurity #privacy #technology #authenticator_apps
════════════════════════
𐀪 Author: BiyteLüm
════════════════════════
ⴵ Time: Sat, 02 Aug 2025 02:21:35 GMT
════════════════════════
⌗ Tags: #application #cybersecurity #privacy #technology #authenticator_apps
Medium
🔐 The Ultimate 2FA App Battle: Proton, Aegis, and Authy Duke It Out in 2025
Listen up, friends. If you’re still relying on just passwords to protect your digital life, we need to have a serious chat. It’s 2025, and…