HackerOne is looking for Mobile Security Engineer
//I would never thought I would post job offere in here, but this might help someone to move further in Mobile infosec field
https://jobs.lever.co/hackerone/316d0fbd-cf24-41be-a3e2-5180f62f3658
//I would never thought I would post job offere in here, but this might help someone to move further in Mobile infosec field
https://jobs.lever.co/hackerone/316d0fbd-cf24-41be-a3e2-5180f62f3658
Android StrandHogg vulnerability
Vulnerability allows malicious app to masquerade as any other app on the device.
So, if you launch Facebook, malware is executed.
https://promon.co/security-news/strandhogg/
Video demo: https://twitter.com/LukasStefanko/status/1201597521560244225
Vulnerability allows malicious app to masquerade as any other app on the device.
So, if you launch Facebook, malware is executed.
https://promon.co/security-news/strandhogg/
Video demo: https://twitter.com/LukasStefanko/status/1201597521560244225
Burp Suite Secret Finder - Burp Suite Extension To Discover Apikeys/Tokens From HTTP Response
https://ift.tt/34LHNwt
https://ift.tt/34LHNwt
Kitploit
Kitploit – Maintenance in Progress
Kitploit is temporarily under maintenance. We’ll be back shortly with improvements.
StrongSalt Eases Pain of Searching Encrypted Data in the Cloud
http://feedproxy.google.com/~r/Securityweek/~3/2hBd0XFlT5g/strongsalt-eases-pain-searching-encrypted-data-cloud
StrongSalt Helps Customers Gain Compliance Through Searchable Encryption for Cloud Services and Enterprise Applications
read more
(https://www.securityweek.com/strongsalt-eases-pain-searching-encrypted-data-cloud)
http://feedproxy.google.com/~r/Securityweek/~3/2hBd0XFlT5g/strongsalt-eases-pain-searching-encrypted-data-cloud
StrongSalt Helps Customers Gain Compliance Through Searchable Encryption for Cloud Services and Enterprise Applications
read more
(https://www.securityweek.com/strongsalt-eases-pain-searching-encrypted-data-cloud)
Securityweek
StrongSalt Eases Pain of Searching Encrypted Data in the Cloud | SecurityWeek.Com
StrongSalt has developed a Privacy API platform to make it easy to implement searchable encryption to any app using any storage for any company.
#Adobe #ZeroDay patch
https://www.zdnet.com/google-amp/article/adobe-patches-17-critical-code-execution-bugs-in-photoshop-reader-brackets/
https://www.zdnet.com/google-amp/article/adobe-patches-17-critical-code-execution-bugs-in-photoshop-reader-brackets/
ZDNET
Adobe patches 17 critical code execution bugs in Photoshop, Reader, Brackets
Other vulnerabilities resolved include privilege escalation and information leaks.
Hiding Shell using PrependMigrate -Metasploit
https://www.hackingarticles.in/hiding-shell-using-prependmigrate-metasploit/
In this article, you will get to know about the strength of mfsvenom along with PrependMigrate. You will also learn how to migrate the created payload into processes currently running on the targeted machine so, the victim unable to find the malicious file. It is very important to migrate your backdoor payload because if the... Continue reading →
The post Hiding Shell using PrependMigrate -Metasploit
(https://www.hackingarticles.in/hiding-shell-using-prependmigrate-metasploit/) appeared first on Hacking Articles (https://www.hackingarticles.in/).
https://www.hackingarticles.in/hiding-shell-using-prependmigrate-metasploit/
In this article, you will get to know about the strength of mfsvenom along with PrependMigrate. You will also learn how to migrate the created payload into processes currently running on the targeted machine so, the victim unable to find the malicious file. It is very important to migrate your backdoor payload because if the... Continue reading →
The post Hiding Shell using PrependMigrate -Metasploit
(https://www.hackingarticles.in/hiding-shell-using-prependmigrate-metasploit/) appeared first on Hacking Articles (https://www.hackingarticles.in/).
Hacking Articles
Hiding Shell using PrependMigrate -Metasploit - Hacking Articles
In this article, you will get to know about the strength of mfsvenom along with PrependMigrate. You will also learn how to migrate the created
Facebook Fails To Convince Lawmakers It Needs To Track Your Location At All Times
https://ift.tt/2EvcfPP
https://ift.tt/2EvcfPP
tech.slashdot.org
Facebook Fails To Convince Lawmakers It Needs To Track Your Location At All Times
Lawmakers aren't convinced that Facebook needs to track users' locations at all times -- even when their tracking services are turned off. CNBC reports: Facebook was responding to an inquiry from Sen. Josh Hawley, R-Mo., and Sen. Chris Coons, D-Del., who…
Forwarded from CTF Community | Hints
Performing Linux Forensic Analysis and Why You Should Care! Workshop
https://github.com/ashemery/LinuxForensics
#Linux
#Forensics
#Blueteam
@ctfplay
https://github.com/ashemery/LinuxForensics
#Linux
#Forensics
#Blueteam
@ctfplay
GitHub
GitHub - ashemery/LinuxForensics: Everything related to Linux Forensics
Everything related to Linux Forensics. Contribute to ashemery/LinuxForensics development by creating an account on GitHub.
Forwarded from CTF Community | Hints
Heavy-duty and Advanced Cross Site Scripting Scanner
https://github.com/haroonawanofficial/XSS-Finder
#web #xss #tool
@ctfplay
https://github.com/haroonawanofficial/XSS-Finder
#web #xss #tool
@ctfplay
RCE with Burp Suite intruder + Regex https://www.youtube.com/watch?v=Xm77r80NxZo
YouTube
RCE with Burp Suite intruder + Regex
Detection RCE technique with Burp suite.
I am useing regex for detection vulns and errors in response.
Regex: https://github.com/ghsec/webHunt/blob/master/ErrorsAndVulnsDetect.md
Payloads: https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/C…
I am useing regex for detection vulns and errors in response.
Regex: https://github.com/ghsec/webHunt/blob/master/ErrorsAndVulnsDetect.md
Payloads: https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/C…
Abusing ImageMagick to obtain RCE
Remote Code Execution because of an image source? Is it Possible? Yes! Definitely. Here in this blog post, a Strynx team member found a variation of Remote Code Execution AKA RCE through ImageMagick which earned him a generous bounty of $5000. Amazingly, some tweaks inside the image source exfiltrated the data over DNS (also called side-channel attacks). Let’s see how was it done after a short introduction to ImageMagick.
https://strynx.org/imagemagick-rce/