DebugFS tutorial from a Linux kernel because this is very useful for kernel programming
https://github.com/chadversary/debugfs-tutorial
https://github.com/chadversary/debugfs-tutorial
GitHub
chadversary/debugfs-tutorial
a tiny tutorial on how to use debugfs from a Linux kernel module - chadversary/debugfs-tutorial
Intersting Bug!!!
https://medium.com/@maxon3/lfi-to-command-execution-deutche-telekom-bug-bounty-6fe0de7df7a6
https://medium.com/@maxon3/lfi-to-command-execution-deutche-telekom-bug-bounty-6fe0de7df7a6
Medium
LFI to Command Execution: Deutche Telekom Bug Bounty
Few months ago I did a little subdomain bruteforce on telekom.de , to see if there are new subdomains which, if I’m luck enough, could have…
Abusing RFC-1342 to spoof email addresses vulnerability, Most mail clients are vunerable,
Vendors affected by Mailsploit (https://www.mailsploit.com/index) :
https://docs.google.com/spreadsheets/d/1jkb_ZybbAoUA43K902lL-sB7c1HMQ78-fhQ8nowJCQk/edit#gid=0
PoC:
https://www.youtube.com/embed/gfAGOMeiXNI
Vendors affected by Mailsploit (https://www.mailsploit.com/index) :
https://docs.google.com/spreadsheets/d/1jkb_ZybbAoUA43K902lL-sB7c1HMQ78-fhQ8nowJCQk/edit#gid=0
PoC:
https://www.youtube.com/embed/gfAGOMeiXNI
Today free book is out!
Expert Python Programming - Second Edition
https://www.packtpub.com/packt/offers/free-learning
Expert Python Programming - Second Edition
https://www.packtpub.com/packt/offers/free-learning
The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer
https://github.com/AlessandroZ/LaZagne
https://github.com/AlessandroZ/LaZagne
Charming Kitten: Iranian Cyber Espionage Against Human Rights Activists, Academic Researchers and Media Outlets – And the HBO Hacker Connection
http://www.clearskysec.com/charmingkitten/
http://www.clearskysec.com/charmingkitten/
[webapps] FS Facebook Clone - 'token' SQL Injection
https://www.exploit-db.com/exploits/43228/?rss
FS Facebook Clone - 'token' SQL Injection
https://www.exploit-db.com/exploits/43228/?rss
FS Facebook Clone - 'token' SQL Injection
The Cumulative Effect of Major Breaches: The Collective Risk of Yahoo & Equifax
http://feedproxy.google.com/~r/Securityweek/~3/sIFLD0G4FuY/cumulative-effect-major-breaches-collective-risk-yahoo-equifax
Until quite recently, people believed that a dizzying one billion accounts were compromised in the 2013 Yahoo! breach… and then it was revealed that the real number is about three billion accounts.
That raises the question: so what? Isn’t all the damage from a four-year-old breach already done?
read more (http://www.securityweek.com/cumulative-effect-major-breaches-collective-risk-yahoo-equifax)
http://feedproxy.google.com/~r/Securityweek/~3/sIFLD0G4FuY/cumulative-effect-major-breaches-collective-risk-yahoo-equifax
Until quite recently, people believed that a dizzying one billion accounts were compromised in the 2013 Yahoo! breach… and then it was revealed that the real number is about three billion accounts.
That raises the question: so what? Isn’t all the damage from a four-year-old breach already done?
read more (http://www.securityweek.com/cumulative-effect-major-breaches-collective-risk-yahoo-equifax)
Securityweek
The Cumulative Effect of Major Breaches: The Collective Risk of Yahoo & Equifax | SecurityWeek.Com
Automated extraction of meaningful content will dramatically increase the yield of the attacks that the criminals will be able to mount.
Sysinternals Sysmon suspicious activity guide
https://blogs.technet.microsoft.com/motiba/2017/12/07/sysinternals-sysmon-suspicious-activity-guide/
https://blogs.technet.microsoft.com/motiba/2017/12/07/sysinternals-sysmon-suspicious-activity-guide/