#رایتاپ جامع و عالی در مورد نحوه ایجاد یک منبع #recon برای باگ بانتی با استفاده از Flask،MongoDB، REST Api و ChatGPT
#PartOne
https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-one-77ec3fd3b914
#PartTwo
https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-two-468405eb3520
#PartThree
https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873
#WriteUp
#Recon
#BugBountyTips
@Engineer_Computer
#PartOne
https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-one-77ec3fd3b914
#PartTwo
https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-two-468405eb3520
#PartThree
https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873
#WriteUp
#Recon
#BugBountyTips
@Engineer_Computer
Medium
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part One
Hellow world!
👍1
در کانادا فلیپر زیرو به دلیل اینکه ممکنه در سرقت ماشین استفاده بشه ممنوع میشه
https://www.canada.ca/en/public-safety-canada/news/2024/02/government-of-canada-hosts-national-summit-on-combatting-auto-theft.html
@Engineer_Computer
https://www.canada.ca/en/public-safety-canada/news/2024/02/government-of-canada-hosts-national-summit-on-combatting-auto-theft.html
@Engineer_Computer
www.canada.ca
Government of Canada hosts National Summit on Combatting Auto Theft - Canada.ca
Auto theft is impacting thousands of Canadian households every year, particularly in our urban centres.
Commercial spyware companies are behind most zero-day exploits - discovered by Google
Blog: https://blog.google/threat-analysis-group/commercial-surveillance-vendors-google-tag-report/
PDF: https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Buying_Spying_-_Insights_into_Commercial_Surveillance_Vendors_-_TAG_report.pdf
@Engineer_Computer
Blog: https://blog.google/threat-analysis-group/commercial-surveillance-vendors-google-tag-report/
PDF: https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Buying_Spying_-_Insights_into_Commercial_Surveillance_Vendors_-_TAG_report.pdf
@Engineer_Computer
Google
Buying Spying: How the commercial surveillance industry works and what can be done about it
The latest report from Threat Analysis Group documents the rise of commercial surveillance vendors and the industry that threatens free speech, the free press and the op…
GitHub - xnl-h4ck3r/waymore: Find way more from the Wayback Machine!
https://github.com/xnl-h4ck3r/waymore
@Engineer_Computer
https://github.com/xnl-h4ck3r/waymore
@Engineer_Computer
GitHub
GitHub - xnl-h4ck3r/waymore: Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence…
Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X! - xnl-h4ck3r/waymore
239 - Public Private Android Keys and Docker Escapes
https://dayzerosec.com/podcast/239.html
@Engineer_Computer
https://dayzerosec.com/podcast/239.html
@Engineer_Computer
dayzerosec
Public Private Android Keys and Docker Escapes
This week we have a crazy crypto fail where some Android devices had updates signed by publicly available private keys, as well as some Docker container escapes.
Reverse engineering of Android Phoenix RAT
Analysis: https://cryptax.medium.com/reverse-engineering-of-android-phoenix-b59693c03bd3
Phoenix overview: https://cryptax.medium.com/android-phoenix-authors-claims-sample-identification-and-trends-f199cbc9901d
@Engineer_Computer
Analysis: https://cryptax.medium.com/reverse-engineering-of-android-phoenix-b59693c03bd3
Phoenix overview: https://cryptax.medium.com/android-phoenix-authors-claims-sample-identification-and-trends-f199cbc9901d
@Engineer_Computer
Medium
Reverse engineering of Android/Phoenix
Android/Phoenix is a malicious Remote Access Tool. Its main goal is to extensively spy on the victim’s phone (grab all screenshots, steal…
JSON Smuggling: A far-fetched intrusion detection evasion technique
https://grimminck.medium.com/json-smuggling-a-far-fetched-intrusion-detection-evasion-technique-51ed8f5ee05f
@Engineer_Computer
https://grimminck.medium.com/json-smuggling-a-far-fetched-intrusion-detection-evasion-technique-51ed8f5ee05f
@Engineer_Computer
Medium
JSON Smuggling: A far-fetched intrusion detection evasion technique
TL:DR Insignificant whitespaces in the JSON standard can be used to encode data without breaking the format. This could aid malicious…
Zero-Day (via CVE-2023-45866): Exploiting Zero-click Android Bluetooth vulnerability to inject keystrokes without pairing.
https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/
@Engineer_Computer
https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/
@Engineer_Computer
Mobile Hacker
Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing Mobile Hacker
[update 2024-02-19] This vulnerability can be even used to remotely wipe data of targeted Android smartphone. Using this vulnerability it is possible to guess user lock screen PIN. After five incorrect PINs device is locked out for 30 seconds. This operation…
Bypassing Wi-Fi Encryption by Manipulating Transmit Queues.
https://www.usenix.org/system/files/usenixsecurity23-schepers.pdf
@Engineer_Computer
https://www.usenix.org/system/files/usenixsecurity23-schepers.pdf
@Engineer_Computer
آخرین قربانی حملات SQL Injection و XSS
https://www.bleepingcomputer.com/news/security/hackers-steal-data-of-2-million-in-sql-injection-xss-attacks/
@Engineer_Computer
https://www.bleepingcomputer.com/news/security/hackers-steal-data-of-2-million-in-sql-injection-xss-attacks/
@Engineer_Computer
BleepingComputer
Hackers steal data of 2 million in SQL injection, XSS attacks
A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site noscripting (XSS) attacks.
رسیدگی کنید
در کاتالوگ KEV درج شده است
CVE-2023-29357
شیر پوینت
https://thehackernews.com/2024/01/act-now-cisa-flags-active-exploitation.html
@Engineer_Computer
در کاتالوگ KEV درج شده است
CVE-2023-29357
شیر پوینت
https://thehackernews.com/2024/01/act-now-cisa-flags-active-exploitation.html
@Engineer_Computer
🔖Extract domains from a list of subdomains or URLs. :
If you know a better way to extract domains from a list of subdomains, please comment below👇🏻
#BugBounty #BugBountyTools
— Share & Support Us —
@Engineer_Computer
cat subdomainslist.txt | while read line; do python -c "import tldextract;domain = tldextract.extract('$line');extracted=str(domain.domain)+'.'+str(domain.suffix);print(extracted) if domain.domain != '' and extracted[-1] != '.' else False"; doneIf you know a better way to extract domains from a list of subdomains, please comment below👇🏻
#BugBounty #BugBountyTools
— Share & Support Us —
@Engineer_Computer
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Three
https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873
@Engineer_Computer
https://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873
@Engineer_Computer
Medium
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Three
Hellow world!
مطمئن شین که Outlook شما وصله شده!
هکرها میتونن از راه دور، رمزهای ورود به سیستم ویندوز 🔑 NTLM شما رو سرقت کنن
آسیب پذیری CVE-2023-35636 در قابلیت تقویم Outlook وجود داره که از طریق دعوتنامه هایی که بهطور خاص ساخته شدهن، راهاندازی میشه
جزئیات در اینجا: https://thehackernews.com/2024/01/researchers-uncover-outlook.html
#امنیت_سایبری #هک #آسیب_پذیری
#cybersecurity #hacking #vulnerability
@Engineer_Computer
هکرها میتونن از راه دور، رمزهای ورود به سیستم ویندوز 🔑 NTLM شما رو سرقت کنن
آسیب پذیری CVE-2023-35636 در قابلیت تقویم Outlook وجود داره که از طریق دعوتنامه هایی که بهطور خاص ساخته شدهن، راهاندازی میشه
جزئیات در اینجا: https://thehackernews.com/2024/01/researchers-uncover-outlook.html
#امنیت_سایبری #هک #آسیب_پذیری
#cybersecurity #hacking #vulnerability
@Engineer_Computer
🔍 موتورهای جستجو برای پنتسترها
🔍 Search Engine for Pentesters
#searchengine #pentester #cyber #hacking #cybersecurity
@Engineer_Computer
🔍 Search Engine for Pentesters
#searchengine #pentester #cyber #hacking #cybersecurity
@Engineer_Computer
👍1