Forwarded from Hacking Brasil (ㅤ)
Pesquisadores da Symantec informaram sobre a expansão das operações de hacking realizadas pelo grupo iraniano de hackers Chafer. O grupo está ativo desde 2015 e, desde então, aumentou significativamente o seu arsenal de utilitários hackers.
https://hackingbrasil.wordpress.com/2018/03/02/o-grupo-hacker-que-reabasteceu-seu-arsenal-com-a-exploracao-da-nsa/
https://hackingbrasil.wordpress.com/2018/03/02/o-grupo-hacker-que-reabasteceu-seu-arsenal-com-a-exploracao-da-nsa/
Hacking Brasil
O grupo hacker que reabasteceu seu arsenal com a exploração da NSA
Pesquisadores da Symantec informaram sobre a expansão das operações de hacking realizadas pelo grupo iraniano de hackers Chafer. O grupo está ativo desde 2015 e, desde então, aumentou significativa…
Forwarded from HackerOne (Amir)
YouTube
Jackpotting an ATM with a black box
This video is a proof-of-concept of a black box attack against an ATM.
The attack is possible because no authentication is in place for the data exchange between the ATM’s hardware units and its main application.
Protect your business. Contact us at: h…
The attack is possible because no authentication is in place for the data exchange between the ATM’s hardware units and its main application.
Protect your business. Contact us at: h…
Hacker Documentary: Unauthorized Access by Annaliza Savage [1994]
https://www.youtube.com/watch?v=fDk82bLYscg
🕴 @Phantasm_Lab
This is a nostalgic hacker documentary about the early to mid 90s computer underground. Featuring old skool alpha geeks like Phiber Optik, once a member of the legendary hacker groups Legion of Doom and Masters of Deception. Plenty of cool interviews with the early 2600 crew in NYC, the l0pht, and even a bit on Agent Steal aka Justin Tanner Petersen who snitched on Kevin Poulsen. Also phone phreaking with a red box! Brace for lulz.https://www.youtube.com/watch?v=fDk82bLYscg
🕴 @Phantasm_Lab
YouTube
Hacker Documentary: Unauthorized Access by Annaliza Savage [1994]
This is a nostalgic hacker documentary about the early to mid 90s computer underground. Featuring old skool alpha geeks like Phiber Optik, once a member of the legendary hacker groups Legion of Doom and Masters of Deception. Plenty of cool interviews with…
Hacking Germany - computers, cyberattacks and the future | DW Documentary
https://www.youtube.com/watch?v=SNVxy65KV1M
🕴 @Phantasm_Lab
Cyberattacks are common and show how vulnerable our digitally interconnected lives have become. https://www.youtube.com/watch?v=SNVxy65KV1M
🕴 @Phantasm_Lab
YouTube
Hacking Germany - computers, cyberattacks and the future | DW Documentary
Cyberattacks are common and show how vulnerable our digitally interconnected lives have become. Burglars use a drone to target the home of a potential victim...
[glance] Path Traversal in glance static file server allows to read content of arbitrary file
https://hackerone.com/reports/310106
🕴 @Phantasm_Lab
Denoscriptionglance serves files from the server where was installed. No path sanitization is implemented, thus malicious user is able to read content of any file from the server using simple curl command (adjust number of ../ to reflect your system):https://hackerone.com/reports/310106
🕴 @Phantasm_Lab
HackerOne
Node.js third-party modules disclosed on HackerOne: [glance] Path...
Hi Guys,
There is Path Traversal vulnerability in ```glance``` module. This issue allows to read arbitrary files from the server, where ```glance``` is installed.
## Module
**glance**
a quick...
There is Path Traversal vulnerability in ```glance``` module. This issue allows to read arbitrary files from the server, where ```glance``` is installed.
## Module
**glance**
a quick...
Forwarded from Hacking Brasil (Ryoon Ivo)
Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort
Os administradores de sistemas precisam ficar à frente de novas vulnerabilidades de segurança que deixam suas redes expostas todos os dias. Um firewall e um sistema de detecção de intrusão(IDS) são duas armas importantes nessa batalha, o que lhe permite negar proativamente o acesso e monitorar o tráfego da rede para detectar sinais de um ataque.
No livro Linux Firewalls discute os detalhes técnicos do firewall iptables e do framework Netfilter incorporados ao kernel do Linux, e explica como fornecem recursos sólidos de filtragem, conversão de endereços de rede(NAT), controle de estado e capacidades de inspeção de camada de aplicativos que rivalizam com muitos ferramentas comerciais. Você aprenderá a implantar iptables como um IDS com psad e fwsnort e também como construir uma camada de autenticação passiva forte em torno de iptables com fwknop.
Os administradores de sistemas precisam ficar à frente de novas vulnerabilidades de segurança que deixam suas redes expostas todos os dias. Um firewall e um sistema de detecção de intrusão(IDS) são duas armas importantes nessa batalha, o que lhe permite negar proativamente o acesso e monitorar o tráfego da rede para detectar sinais de um ataque.
No livro Linux Firewalls discute os detalhes técnicos do firewall iptables e do framework Netfilter incorporados ao kernel do Linux, e explica como fornecem recursos sólidos de filtragem, conversão de endereços de rede(NAT), controle de estado e capacidades de inspeção de camada de aplicativos que rivalizam com muitos ferramentas comerciais. Você aprenderá a implantar iptables como um IDS com psad e fwsnort e também como construir uma camada de autenticação passiva forte em torno de iptables com fwknop.
Forwarded from Hacking Brasil (Ryoon Ivo)
9781593271411(1).pdf
6.5 MB
Joomla Joomanager 2.0.0 Joomanager Arbitrary File Download Exploit
https://0daydb.com/exploit/16348
🕴 @Phantasm_Lab
https://0daydb.com/exploit/16348
🕴 @Phantasm_Lab
#Pentest #SANS #SecurityGuildes
SANS Security Guildes
https://www.sans.org/reading-room/whitepapers/testing/
🕴 @Phantasm_Lab
SANS Security Guildes
https://www.sans.org/reading-room/whitepapers/testing/
🕴 @Phantasm_Lab
www.sans.org
SANS Institute: Reading Room - Penetration Testing
Computer security training, certification and free resources. We specialize in computer/network security, digital forensics, application security and IT audit.
Forwarded from The Bug Bounty Hunter
How I gained access to Sony’s database
https://medium.com/bugbountywriteup/how-i-gained-access-to-sonys-database-f3ba08d0e035
https://medium.com/bugbountywriteup/how-i-gained-access-to-sonys-database-f3ba08d0e035
Medium
How I gained access to Sony’s database
This was a bug that I found back in 2017. This started when a friend of mine (a.k.a 1337) showed me a T-Shirt that he got from Sony . So I…
Forwarded from @Phantasm_Lab (Deleted Account)
Advanced Penetration Testing - Hacking the World's Most Secure Networks | PDF/EPUB | 6/6 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfMy05SjhEaWpGODQ
Black Hat Python | PDF/EPUB | 3/3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfbHY0dWVSVURMVE0
Defensive security handbook | PDF/EPUB/AZW3 | 29/27/4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfT1JBa1VFMFBnVDg
Ethical Hacking and Penetration Testing Guide | PDF | 22 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfQVUwczFMU2JMWGc
Hacking - The Art of Explotation | PDF | 4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfeXNUbl96ZEt3Mk0
Hash Crack - Password Cracking Manual | PDF/EPUB/AZW3 | 6/2/3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfZDV1V251UzVtMmc
Kali Linux Revealed - Mastering the Penetration Testing Distribution | PDF | 26 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfSGpUSWk0QVJTUVU
RTFM - Red Team Field Manual | PDF | 3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfaFB5LVpsOGlMS00
The Hacker Playbook 2 - Practical Guide To Penetration Testing | PDF/EPUB/MOBI | 23/18/53 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfV0JpS1MtX015aEU
The Shellcoders's Handbook - Discovering and Exploiting Security Holes | PDF | 4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfeXFvX1YzdG8zMVU
Violent Python - A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers | PDF | 8 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfNnYtUHQycGZwS28
Black Hat Python | PDF/EPUB | 3/3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfbHY0dWVSVURMVE0
Defensive security handbook | PDF/EPUB/AZW3 | 29/27/4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfT1JBa1VFMFBnVDg
Ethical Hacking and Penetration Testing Guide | PDF | 22 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfQVUwczFMU2JMWGc
Hacking - The Art of Explotation | PDF | 4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfeXNUbl96ZEt3Mk0
Hash Crack - Password Cracking Manual | PDF/EPUB/AZW3 | 6/2/3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfZDV1V251UzVtMmc
Kali Linux Revealed - Mastering the Penetration Testing Distribution | PDF | 26 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfSGpUSWk0QVJTUVU
RTFM - Red Team Field Manual | PDF | 3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfaFB5LVpsOGlMS00
The Hacker Playbook 2 - Practical Guide To Penetration Testing | PDF/EPUB/MOBI | 23/18/53 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfV0JpS1MtX015aEU
The Shellcoders's Handbook - Discovering and Exploiting Security Holes | PDF | 4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfeXFvX1YzdG8zMVU
Violent Python - A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers | PDF | 8 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfNnYtUHQycGZwS28
Forwarded from Hacking Brasil (Ryoon Ivo)
No plano foi sugerido que a Agência de Segurança Nacional(NSA) realizasse ataques cibernéticos para neutralizar sites russos e o hacker Guccifer 2.0 que hackearia o email da sede da campanha de Hillary Clinton e do Comitê Nacional do Partido Democrata.
https://hackingbrasil.wordpress.com/2018/03/11/a-casa-branca-planejava-um-ataque-cibernetico-massivo-contra-a-russia/
https://hackingbrasil.wordpress.com/2018/03/11/a-casa-branca-planejava-um-ataque-cibernetico-massivo-contra-a-russia/