NEW BOT Телеграм, страница

An off-by-one error in ngx_resolver_copy() while processing DNS responses allows a network attacker to write a dot character (‘.’, 0x2E) out of bounds in a heap allocated buffer.

2.25K viewsAdeL, 14:13

HackerOne

Forwarded from SecurityLab.ru (Pipiggi)

По информации издания Readovka, Павлу Ситникову, в телеграм-канале которого был опубликован файл с персональными данными 300 тысяч жителей Москвы, переболевших COVID-19, предъявлено обвинение по статье 273, ч.2 – Создание, использование и распространение вредоносных компьютерных программ. По этому делу блогеру грозит до пяти лет тюрьмы.

По данным следствия, Ситников создал вредоносную программу, с помощью которой похитил информацию из московского департамента информационных технологий. При этом ранее глава департамента Эдуард Лысенко признал, что утечка данных произошла по вине его сотрудников.

https://www.securitylab.ru/news/520670.php

SecurityLab.ru

Блогера обвинили в утечке персональных данных больных COVID-19

СК завел в отношении блогера, опубликовавшего утечку по ковидным больным Москвы, уголовное дело — ему грозит до 5 лет лишения свободы.

2.08K viewsН Е К И Б Е Р Л Е О, 02:08

HackerOne

https://www.youtube.com/watch?v=ss5iFcK5zxE

YouTube

Portuguese Track - SVG + OG = LFI - by Rafael ChOckO

Portuguese Track - SVG + OG = LFI - by Rafael ChOckO

Red Team Village Website: https://redteamvillage.io
Discord: https://redteamvillage.io/discord
Twitter: https://redteamvillage.io/twitter

2.38K viewsAmir Kiani, 20:44

HackerOne

https://github.com/swagkarna/Rafel-Rat

2.42K viewsAmir Kiani, 22:36

HackerOne

Owner of telegram channel: Freedom Fox has been arrested by Russian authorities.

https://securityaffairs.co/wordpress/118464/cyber-crime/pavel-sitnikov-arrested.html

Security Affairs

Russian hacker Pavel Sitnikov arrested for distributing malware

2.82K viewsDmitriy, 16:00

HackerOne

Attacking Active Directory
https://zer1t0.gitlab.io/posts/attacking_ad/

2.52K viewsAmir Kiani, edited 02:00

HackerOne

https://redcodelabs.io/

2.4K viewsAmir Kiani, edited 02:04

HackerOne

From Binary Patch to Proof-of-concept: a VMware ESXi vmxnet3 Case Study https://zerodayengineering.com/research/vmware-esxi-vmxnet3-from-patch-to-poc.html

2.4K viewsAdeL, 07:12

HackerOne

Zerodium offers 100k$ for a RCE in Pidgin

2.7K viewsAdeL, 20:15

HackerOne

https://reconshell.com/squalr-game-hacking-tool-written-in-c/

2.38K viewsAmir Kiani, 02:21

HackerOne

https://m0chan.github.io/2019/07/31/How-To-Attack-Kerberos-101.html

m0chan Blog - Info Sec, CTF & Hacking

How To Attack Kerberos 101

I want to start with article by saying I set out to learn Kerberos in greater detail and I figured that writing this would help cement my existing knowledge and give me reason to learn along the way, I am no Kerberos expert I am simply learning as I go along…

2.25K viewsAmir Kiani, 21:24

HackerOne

https://www.hackerone.com/blog/hack-hard-have-fun-increase-security

HackerOne

HACK HARD. HAVE FUN. INCREASE SECURITY

Amazon's Live Hacking Event with HackerOneAt Amazon, ensuring security is essential for earning customers’ trust. As part of Amazon’s ongoing public Vulnerability Research Program (VRP), Amazon expanded its support of security and education programs to tap…

2.1K viewsAmir Kiani, 05:06

HackerOne

https://youtu.be/-WkprZv2QCQ

YouTube

Honeypots | SANS ICS Concepts

Most people think that Honeypots are used to understand how attackers attack systems and networks. This is only one aspect of honeypots. Honeypots are actually an excellent method for intrusion detection and, when properly implemented, significantly reduce…

2.09K viewsAdeL, 07:03

HackerOne

Exploiting custom protocol handlers for cross-browser tracking in Tor, Safari, Chrome and Firefox
https://fingerprintjs.com/blog/external-protocol-flooding/

Fingerprint

Cross-browser tracking vulnerability in Tor, Safari, Chrome, and Firefox

Unveiling a scheme flooding vulnerability across major browsers. Learn how it threatens anonymous browsing.

2.29K viewsAdeL, 12:36

HackerOne

https://github.com/jfmaes/SharpZipRunner

GitHub

GitHub - jfmaes/SharpZipRunner: Executes position independent shellcode from an encrypted zip

Executes position independent shellcode from an encrypted zip - GitHub - jfmaes/SharpZipRunner: Executes position independent shellcode from an encrypted zip

2.29K viewsAmir Kiani, 06:53

HackerOne

2.4K viewsAmir Kiani, 04:17

HackerOne

Rules from Fireeye's capa-rules converted to YARA

https://github.com/ruppde/yara_rules/tree/main/capa2yara

GitHub

yara_rules/capa2yara at main · ruppde/yara_rules

Yara rules. Contribute to ruppde/yara_rules development by creating an account on GitHub.

2.4K viewsAdeL, 11:07

HackerOne

https://hackerone.com/reports/727330

HackerOne

Slack disclosed on HackerOne: Header modification results in...

I found *files.slack.com* domain will honor the **X-Forwarded-Host** header, instead of host header. Although file.slack.com has host validation to return 500 Internal server error when host is not...

2.3K viewsAmir Kiani, 09:51

HackerOne

Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls on their behalf

https://github.com/BC-SECURITY/Invoke-ZeroLogon

GitHub

GitHub - BC-SECURITY/Invoke-ZeroLogon: Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller…

Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls on their behalf. - BC-SECURITY/Invoke-ZeroLogon

2.6K viewsAdeL, 11:35

HackerOne

https://medium.com/r3d-buck3t/bypass-ip-restrictions-with-burp-suite-fb4c72ec8e9c

Medium

Bypass IP Restrictions with Burp Suite

Automatically add headers to all Burp requests to bypass basic WAF rules

3.09K viewsAmir Kiani, 22:29

HackerOne

https://alpaca-attack.com/

2.93K viewsAmir Kiani, 08:08

About

Blog

Apps

Platform