NEW BOT Телеграм, страница

راورو با همکاری "آکادمی راوین"
برگزار می‌کند:
پنج‌شنبه شب (۱۶ مرداد) از ساعت ۲۰، به صورت زنده و رایگان شکار آسیب‌پذیری توسط «امیرکیانی» را بر روی twitch تماشا کنید.

برای کسب اطلاعات بیشتر درباره‌ی پخش زنده‌ی شکار آسیب‌پذیری، کلیک کنید.

#باگ_بانتی #شکارچی #راورو #پخش_زنده
#BugBounty #BugHunter #Ravro

@Ravro_ir

3.28K viewsAmir Kiani, 18:49

HackerOne

Iranian hacking group known as Fox Kitten (or Parisite) attacking F5 networking devices
https://ift.tt/3isKEAJ

Security Magazine

Iranian hacking group known as Fox Kitten (or Parisite) attacking F5 networking devices

A group of Iranian hackers have been attacking the US private and government sector, according to a security alert sent by the FBI last week.

2.88K viewsG0dfather, 15:01

HackerOne

https://github.com/VoidSec/CVE-2020-1337

GitHub

GitHub - VoidSec/CVE-2020-1337: CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch

CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch - GitHub - VoidSec/CVE-2020-1337: CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch

2.25K viewsAmir Kiani, 20:24

HackerOne

Attack of the week: Voice calls in LTE

https://blog.cryptographyengineering.com/2020/08/12/attack-of-the-week-voice-calls-in-lte/

https://revolte-attack.net

https://github.com/RUB-SysSec/mobile_sentinel

https://www.usenix.org/conference/usenixsecurity20/presentation/rupprecht

A Few Thoughts on Cryptographic Engineering

Attack of the week: Voice calls in LTE

I haven’t written an “attack of the week” post in a while, and it’s been bumming me out. This is not because there’s been a lack of attacks, but mostly because there h…

2.56K viewsG0dfather, 06:04

HackerOne

https://blog.0xatul.me/posts/2020/02/external-xml-entity-via-file-upload-noscript/

2.16K viewsAmir Kiani, 21:34

HackerOne

https://www.youtube.com/watch?v=URBnM6gGODo

YouTube

Mechanizing the Methodology: by Daniel Miessler

Mechanizing the Methodology : Automating Discovery, Testing, and Alerting using Recon/Testing Tools and Amazon SES

Daniel Miessler is a recognized cybersecurity expert and writer with 20 years in Information Security. His experience ranges from technical…

2.28K viewsAmir Kiani, 21:43

HackerOne

Get all possible href | src | url from target url or domain

https://github.com/YashGoti/gal

GitHub

GitHub - YashGoti/gal: Get all possible href | src | url from target url or domain

Get all possible href | src | url from target url or domain - YashGoti/gal

2.14K viewsG0dfather, 07:15

HackerOne

https://github.com/kimocoder/qualcomm_android_monitor_mode

GitHub

GitHub - kimocoder/qualcomm_android_monitor_mode: Qualcomm QCACLD WiFi monitor mode for Android

Qualcomm QCACLD WiFi monitor mode for Android. Contribute to kimocoder/qualcomm_android_monitor_mode development by creating an account on GitHub.

2.3K viewsMmD, 07:30

HackerOne

GitHub - IoT-PTv/IoT-PT: A Virtual environment for Pentesting IoT Devices
https://github.com/IoT-PTv/IoT-PT

GitHub

GitHub - IoT-PTv/IoT-PT-v1: A Virtual environment for Pentesting IoT Devices

A Virtual environment for Pentesting IoT Devices. Contribute to IoT-PTv/IoT-PT-v1 development by creating an account on GitHub.

2.4K viewsG0dfather, 06:22

HackerOne

The #FBI and #NSAGov have released a cybersecurity advisory about a malware known as Drovorub. Russia’s military intelligence unit created Drovorub to target customers who use Linux systems. http://ow.ly/s5uJ50AYHGk

www.fbi.gov

NSA and FBI Expose Russian Previously Undisclosed Malware Drovorub in Cybersecurity Advisory — FBI

The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) released a new cybersecurity advisory about previously undisclosed Russian malware.

2.22K viewsG0dfather, 06:23

HackerOne

Windows Debugger API — The End of Versioned Structures

Some time ago I was introduced to the Windows debugger API and found it incredibly useful for projects that focus on forensics or analysis of data on a machine. This API allows us to open a dump file taken on any windows machine and read information from it using the symbols that match the specific modules contained in the dump.

https://medium.com/swlh/windows-debugger-api-the-end-of-versioned-structures-ac4acaa351bd
#windows #internals #debug

Medium

Windows Debugger API — The End of Versioned Structures

Some time ago I was introduced to the Windows debugger API and found it incredibly useful for projects that focus on forensics or analysis…

2.3K viewsG0dfather, 18:00

HackerOne

Researchers exploited a vulnerability in Emotet malware to create a KILL-SWITCH, and prevented it from spreading for six months.

Details — https://thehackernews.com/2020/08/emotet-botnet-malware.html

2.43K viewsG0dfather, 12:53

HackerOne

Wanna Bypass Rate Limit ? Try Bypass with adding null payload %00, %0d%0a, %09, %0C, %20, %0 on email.
Not Works ?
Just try adding "blank space" on the email, works!

https://twitter.com/harrmahar/status/1247306384128872448

Twitter

Harrmahar

Wanna Bypass Rate Limit ? Try Bypass with adding null payload %00, %0d%0a, %09, %0C, %20, %0 on email. Not Works ? Just try adding "blank space" on the email, works! Alhamdulillah, Allah has willed it to me to got this on a Private Program. This my second…

2.84K viewsG0dfather, 04:41

HackerOne

Forwarded from Security Analysis

Fuzzing JavaScript Engines with Aspect-preserving Mutation

https://github.com/sslab-gatech/DIE

#reverse #expdev #fuzzing #javanoscript @securation

GitHub

GitHub - sslab-gatech/DIE: Fuzzing JavaScript Engines with Aspect-preserving Mutation

Fuzzing JavaScript Engines with Aspect-preserving Mutation - sslab-gatech/DIE

1.85K viewsG0dfather, 13:28

HackerOne