NEW BOT Телеграм, страница - 166609632

HackerOne

11K subscribers

644 photos

31 videos

79 files

2.74K links

Community : @Sec0x01
@Bug0x

Download Telegram

About

Blog

Apps

Platform

11K subscribers

https://github.com/derv82/wifite2

GitHub - derv82/wifite2: Rewrite of the popular wireless network auditor, "wifite"

Rewrite of the popular wireless network auditor, "wifite" - derv82/wifite2

1.41K viewsMir Saman Tajbakhsh, 20:28

1.32K viewsAmir, 16:30

https://hackernoon.com/10-common-security-gotchas-in-python-and-how-to-avoid-them-e19fbe265e03

10 common security gotchas in Python and how to avoid them

Writing secure code is hard. When you learn a language, a module or a framework, you learn how it <strong><em>supposed to be used</em></strong>. When thinking about security, you need to think about <strong><em>how it can be misused</em></strong>. Python…

1.09K viewsAmir, 07:52

https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325

Attacking Private Networks from the Internet with DNS Rebinding

TL;DR Following the wrong link could allow remote attackers to control your WiFi router, Google Home, Roku, Sonos speakers, home…

1.21K viewsAmir, 10:43

1.15K viewsAmir, 11:55

1.15K viewsAmir, 12:14

Forwarded from Bug Bounty (Amir)

https://medium.com/@cachemoney/using-a-github-app-to-escalate-to-an-organization-owner-for-a-10-000-bounty-4ec307168631

Using a GitHub app to escalate to an organization owner for a $10,000 bounty

I’m going to walk through a simple yet high-impact privilege escalation I landed on while poking around…

72 viewsAmir, 19:56

Forwarded from Bug Bounty (Amir)

https://blog.vulnspy.com/2018/06/21/phpMyAdmin-4-8-x-Authorited-CLI-to-RCE/

phpMyAdmin 4.8.x LFI to RCE (Authorization Required)

Author: @Ambulong Security Team ChaMd5 disclose a Local File Inclusion vulnerability in phpMyAdmin latest version 4.8.1. And the exploiting of this vulnerability may lead to Remote Code Execution. In

78 viewsAmir, 19:56

1.4K viewsAmir, 16:22

https://github.com/threat9/routersploit

GitHub - threat9/routersploit: Exploitation Framework for Embedded Devices

Exploitation Framework for Embedded Devices. Contribute to threat9/routersploit development by creating an account on GitHub.

1.28K viewsMir Saman Tajbakhsh, 08:07

SleuthQL - Burp History Parsing Tool To Discover Potential SQL Injection Points
https://github.com/RhinoSecurityLabs/SleuthQL

GitHub - RhinoSecurityLabs/SleuthQL: Python3 Burp History parsing tool to discover potential SQL injection points. To be used in…

Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap. - RhinoSecurityLabs/SleuthQL

1.41K viewsMir Saman Tajbakhsh, 08:08

Forwarded from Mir Saman Tajbakhsh

https://opsecx.com/index.php/security-books/

At OpSecX, we understand the importance of security education. We believe that books are great resources that provide detailed and in-depth knowledge on a topic and serves as a great reference material. If you are into books, then we recommend the following…

113 viewsMir Saman Tajbakhsh, 19:54

https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/

1.29K viewsAmir, 06:55

Ever had trouble searching for particular malware samples? This project is an analyst-friendly web GUI to look through your digital warehouse.
mquery can be used to search through terabytes of malware in a blink of an eye

https://github.com/CERT-Polska/mquery

GitHub - CERT-Polska/mquery: YARA malware query accelerator (web frontend)

YARA malware query accelerator (web frontend). Contribute to CERT-Polska/mquery development by creating an account on GitHub.

1.65K viewsMir Saman Tajbakhsh, 08:51

https://github.com/maxchehab/CSS-Keylogging

GitHub - maxchehab/CSS-Keylogging: Chrome extension and Express server that exploits keylogging abilities of CSS.

Chrome extension and Express server that exploits keylogging abilities of CSS. - maxchehab/CSS-Keylogging

1.83K viewsMir Saman Tajbakhsh, 08:57

https://github.com/cryps1s/DARKSURGEON

GitHub - cryps1s/DARKSURGEON: DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware…

DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense. - cryps1s/DARKSURGEON

1.83K viewsMir Saman Tajbakhsh, 06:47

https://0x09al.github.io/waf/bypass/ssl/2018/07/02/web-application-firewall-bypass.html

0x09AL Security blog

Bypassing Web-Application Firewalls by abusing SSL/TLS

During the latest years Web Security has become a very important topic in the IT Security field. The advantages the web offers resulted in very critical services being developed as web applications. The business requirements for their web applications security…

1.46K viewsAmir, 13:08

Android Mobile CTFs:
https://github.com/xtiankisutsa/awesome-mobile-CTF

GitHub - xtiankisutsa/awesome-mobile-CTF: This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them…

This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform. - GitHub - xtiankisutsa/awesome-mobile-CTF: This i...

1.78K viewsMir Saman Tajbakhsh, 08:29

https://medium.com/@th3g3nt3l/how-i-found-an-ssrf-in-yahoo-guesthouse-recon-wins-8722672e41d4

How i found an SSRF in Yahoo! Guesthouse (Recon Wins)

1.34K viewsAmir, 07:15

Find Evil - know normal. \n hunting malware document

1.94K viewsxDD, edited 10:05

backdooring pe file with aslr
https://hansesecure.de/backdooring-pe-file-with-aslr/

1.2K viewsxDD, 10:31