NEW BOT Телеграм, страница

2.24K viewsAmir Kiani, 19:05

5 RCEs in npm for $15,000
robertchen.cc/blog

2.2K viewsAmir Kiani, 20:42

NIST’s National Cybersecurity Center of Excellence (NCCoE) has released a draft of NIST Special Publication (SP) 1800-32, Securing the Industrial Internet of Things: Cybersecurity for Distributed Energy Resources - https://csrc.nist.gov/publications/detail/sp/1800-32/draft

CSRC | NIST

NIST Special Publication (SP) 1800-32 (Withdrawn), Securing the Industrial Internet of Things: Cybersecurity for Distributed Energy…

The Industrial Internet of Things, or IIoT, refers to the application of instrumentation and connected sensors and other devices to machinery and vehicles in the transport, energy, and other critical infrastructure sectors. In the energy sector, distributed…

2.16K viewsAdel, 20:41

HackerOne

RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941) – A Walk-Through

https://codewhitesec.blogspot.com/2021/09/citrix-sharefile-rce-cve-2021-22941.html

Blogspot

CODE WHITE | Blog: RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941) – A Walk-Through

Citrix ShareFile Storage Zones Controller uses a fork of the third party library NeatUpload. Versions before 5.11.20 are affected by a rela...

2.4K viewsAdel, 06:23

HackerOne

https://youtu.be/jimGQpftYWs

YouTube

Inside hacker solution | CVE-2019-20372 PoC | NGINX http request smuggling

#NGINX http request smuggling : cve-2019-20372 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted…

2.83K viewsAdel, 20:38

HackerOne

https://youtu.be/OfPb3sfqBUs

YouTube

Analyzing and Reversing Ransomware - (4/5)

In this video, we are going to solve Ransomware CTF that was a challenge at the HTB Business CTF 2021 from the Forensics category. [English subnoscripts added]
#Ransomware #analyzing #Hackthebox #Business #CTF #reversing #Forensics #python #powershell #visualbasic…

2.58K viewsAmir Kiani, 19:14

HackerOne

2.56K viewsAmir Kiani, 00:55

HackerOne

https://youtu.be/yZgYIaSm2ZE

YouTube

Android System Modification

A small demonstration of Android System Image and its content.

Resources:
1. Gist by tonio-nucci
https://gist.github.com/tonio-nucci/8ff2894c42c6320a50dc4b70b32a716a
2. https://github.com/mirsamantajbakhsh/AndroidSystemModification
3. https://mstajbakhsh.ir/android…

2.22K viewsMir Saman Tajbakhsh, 14:33

HackerOne

https://youtu.be/-mdK5HSRiQU

YouTube

Apache Druid vulnerability | CVE-2021-25646 PoC

What is apache druid?
Druid is a column-oriented, open-source, distributed data store written in Java. Druid is designed to quickly ingest massive quantities of event data, and provide low-latency queries on top of the data.
CVE-2021-25646 : Apache Druid…

2.19K viewsAdel, 10:27

HackerOne

https://youtu.be/5Ijwa7wtf2Y

2.33K viewsAdel, 17:15

HackerOne

2.32K viewsAmir Kiani, 10:35

HackerOne

https://medium.com/@mazoka777/two-factor-authentication-bypass-4c814627f8c3

Medium

Two-Factor Authentication Bypass

What is 2fa ?

2.67K viewsAmir Kiani, 10:41

HackerOne

2.9K viewsAmir Kiani, 14:54

HackerOne

https://hacktify.in/bugbounty/

3.69K viewsAmir Kiani, 15:18

HackerOne

In this video, we are going to solve wordpress cve-2021-29447 challenge on TryHackMe
This is my first video in english! :) stay tuned! Premieres 9.00 pm.
https://youtu.be/pkooNXGHl7c

YouTube

WordPress CVE-2021-29447 TryHackMe! WalkThrough

In this video, we are going to solve WordPress CVE-2021-29447 challenge on tryhackme!
WordPress versions 5.7, 5.6.2, 5.6.1, 5.6, 5.0.11 are affected to XML eXternal Entity vulnerability where an authenticated user with the ability to upload files in the Media…

❤1

3.15K viewsAdel, 16:29

HackerOne

2.63K viewsAmir Kiani, 00:22

HackerOne

https://github.com/hosch3n/ProxyVulns

GitHub

GitHub - hosch3n/ProxyVulns: [ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021…

[ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] CVE-2021-34473 & CVE-2...

2.46K viewsAdel, 09:55

HackerOne

https://youtu.be/BkEInFI4oIU

YouTube

#moodle RCE | #CVE-2020-14321 PoC

Moodle remote code execution vulnerability.

Credit : https://github.com/HoangKien1020/

Vulnmachines - Learning Place for Security Enthusiast
Vulnmachines is online cyber security training platform with a massive number of labs, allowing individuals, students…

2.43K viewsAdel, 13:29

HackerOne

nozominetworks.com/blog/extract-firmware-from-ot-devices-for-vulnerability-research/

Nozominetworks

Extract Firmware from OT Devices for Vulnerability Research

Learn how to hack your own OT devices by extracting firmware and operating memory for vulnerability research and analysis.

2.26K viewsAdel, 15:20

HackerOne

https://research.nccgroup.com/2021/10/11/the-challenges-of-fuzzing-5g-protocols/

2.35K viewsAdel, 18:21

HackerOne

Advanced MSSQL Injection Tricks

We compiled a list of several techniques for improved exploition of MSSQL injections. All the vectors have been tested on at least three of the latest versions of Microsoft SQL Server: 2019, 2017, 2016SP2.

https://swarm.ptsecurity.com/advanced-mssql-injection-tricks/

#Injection #MSSQL

PT SWARM

Advanced MSSQL Injection Tricks

We compiled a list of several techniques for improved exploition of MSSQL injections. All the vectors have been tested on at least three of the latest versions of Microsoft SQL Server: 2019, 2017, 2016SP2. DNS Out-of-Band If confronted with a fully blind…

3.66K viewsAdel, 18:22

About

Blog

Apps

Platform