#Qubes_Core
Qubes OS A reasonably secure operating system ( https://www.qubes-os.org/ )
Founder : https://en.wikipedia.org/wiki/Joanna_Rutkowska
Download : https://www.qubes-os.org/downloads/
Qubes OS A reasonably secure operating system ( https://www.qubes-os.org/ )
Founder : https://en.wikipedia.org/wiki/Joanna_Rutkowska
Download : https://www.qubes-os.org/downloads/
HackerOne
#Qubes_Core Qubes OS A reasonably secure operating system ( https://www.qubes-os.org/ ) Founder : https://en.wikipedia.org/wiki/Joanna_Rutkowska Download : https://www.qubes-os.org/downloads/
Qubes OS is a project, Qubes support Linux multi-process applications. Comparable to virtual machines, (eg : Graphene runs applications in an isolated environment (QVM)),
We can see "Graphene Library OS" [https://github.com/oscarlab/graphene] can support running Linux applications with the latest Intel SGX (Software Guard Extension) in secure hardware and diffrent memory regions,
We have different application environment with multi-tasking in the virtual machines in user-space with Qubes OS,
We can see "Graphene Library OS" [https://github.com/oscarlab/graphene] can support running Linux applications with the latest Intel SGX (Software Guard Extension) in secure hardware and diffrent memory regions,
We have different application environment with multi-tasking in the virtual machines in user-space with Qubes OS,
GitHub
GitHub - oscarlab/graphene: Graphene / Graphene-SGX - a library OS for Linux multi-process applications, with Intel SGX support
Graphene / Graphene-SGX - a library OS for Linux multi-process applications, with Intel SGX support - GitHub - oscarlab/graphene: Graphene / Graphene-SGX - a library OS for Linux multi-process appl...
XXE inside a SOAP node:
<soap:Body><foo><![CDATA[<!DOCTYPE doc [<!ENTITY % dtd SYSTEM "http://0x0:22/"> %dtd;]><xxx/>]]></foo></soap:Body>
<soap:Body><foo><![CDATA[<!DOCTYPE doc [<!ENTITY % dtd SYSTEM "http://0x0:22/"> %dtd;]><xxx/>]]></foo></soap:Body>
DebugFS tutorial from a Linux kernel because this is very useful for kernel programming
https://github.com/chadversary/debugfs-tutorial
https://github.com/chadversary/debugfs-tutorial
GitHub
chadversary/debugfs-tutorial
a tiny tutorial on how to use debugfs from a Linux kernel module - chadversary/debugfs-tutorial
Intersting Bug!!!
https://medium.com/@maxon3/lfi-to-command-execution-deutche-telekom-bug-bounty-6fe0de7df7a6
https://medium.com/@maxon3/lfi-to-command-execution-deutche-telekom-bug-bounty-6fe0de7df7a6
Medium
LFI to Command Execution: Deutche Telekom Bug Bounty
Few months ago I did a little subdomain bruteforce on telekom.de , to see if there are new subdomains which, if I’m luck enough, could have…
Abusing RFC-1342 to spoof email addresses vulnerability, Most mail clients are vunerable,
Vendors affected by Mailsploit (https://www.mailsploit.com/index) :
https://docs.google.com/spreadsheets/d/1jkb_ZybbAoUA43K902lL-sB7c1HMQ78-fhQ8nowJCQk/edit#gid=0
PoC:
https://www.youtube.com/embed/gfAGOMeiXNI
Vendors affected by Mailsploit (https://www.mailsploit.com/index) :
https://docs.google.com/spreadsheets/d/1jkb_ZybbAoUA43K902lL-sB7c1HMQ78-fhQ8nowJCQk/edit#gid=0
PoC:
https://www.youtube.com/embed/gfAGOMeiXNI
Today free book is out!
Expert Python Programming - Second Edition
https://www.packtpub.com/packt/offers/free-learning
Expert Python Programming - Second Edition
https://www.packtpub.com/packt/offers/free-learning
The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer
https://github.com/AlessandroZ/LaZagne
https://github.com/AlessandroZ/LaZagne
Charming Kitten: Iranian Cyber Espionage Against Human Rights Activists, Academic Researchers and Media Outlets – And the HBO Hacker Connection
http://www.clearskysec.com/charmingkitten/
http://www.clearskysec.com/charmingkitten/