We are Zerodium
http://zerodium.com/
The premium acquisition program for zero-day exploits and advanced cybersecurity research.http://zerodium.com/
Zerodium
ZERODIUM - The Premium Exploit Acquisition Platform
ZERODIUM is the leading exploit acquisition platform for premium zero-days and advanced cybersecurity research. Our platform allows security researchers to sell their 0day (zero-day) exploits for the highest rewards.
Stored XSS when you read eamils. <style>
https://hackerone.com/reports/274844
🕴 @Phantasm_lab
Reported To: Mail.Ruhttps://hackerone.com/reports/274844
🕴 @Phantasm_lab
HackerOne
Mail.ru disclosed on HackerOne: Stored XSS when you read eamils....
XSS via crafted block style.
Demonstrated attack vector was eliminated on the date of reporintg, final solution changes parsing algorythm to eliminate similar attacks.
Demonstrated attack vector was eliminated on the date of reporintg, final solution changes parsing algorythm to eliminate similar attacks.
Instalando e configurando Freenet, Tor Browser e Retroshare no Arch linux
http://telegra.ph/Instalando-e-configurando-Freenet-Tor-Browser-e-Retroshare-no-Arch-linux-03-11
🕴 @Phantasm_lab
http://telegra.ph/Instalando-e-configurando-Freenet-Tor-Browser-e-Retroshare-no-Arch-linux-03-11
🕴 @Phantasm_lab
Telegraph
Instalando e configurando Freenet, Tor Browser e Retroshare no Arch linux
Vamos começar com a retroshare que é muito fácil de ser instalada.
Remote Code Execution (CVE-2018-5767) Walkthrough on Tenda AC15 Router
https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/
🕴 @Phantasm_Lab
https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/
🕴 @Phantasm_Lab
www.wavenet.co.uk
Fidus Information Security
2nd February 2023 - Wavenet announced the acquisition of Fidus Information Security Limited.
Shiva
https://github.com/UltimateHackers/Shiva
🕴 @Phantasm_Lab
First of all, put Shiva on watch. I will be upgrading it to a full stress testing suite over time. Shiva is designed to perform Denial Of Service (DOS) attack on wordpress sites by loading all jquery noscripts at once through load-noscripts.php. So basically its an exploit for CVE-2018-6389.https://github.com/UltimateHackers/Shiva
🕴 @Phantasm_Lab
GitHub
GitHub - s0md3v/Shiva: Improved DOS exploit for wordpress websites (CVE-2018-6389)
Improved DOS exploit for wordpress websites (CVE-2018-6389) - GitHub - s0md3v/Shiva: Improved DOS exploit for wordpress websites (CVE-2018-6389)
Forwarded from DARKNET BR
A série Stealing the Network, mais vendida , chega a suas conclusões climáticas, uma vez que a aplicação da lei e o crime organizado formam uma rede de alta tecnologia na tentativa de derrubar o maldito hacker-vilão conhecido como Knuth no livro Stealing ainda mais tecnicamente sofisticado
Forwarded from DARKNET BR
Stealing the Network How to Own a Shadow.pdf
9.1 MB
Forwarded from @Phantasm_Lab ([L]uŧh1er)
#Documentario #CyberCrime #Hackerville
https://m.youtube.com/watch?v=mJ0bN6Nq0PE
🕴 @Phantasm_Lab
Assista o documentário sobre cibercrime que apresenta a cidade romena chamada “Hackerville” ou a “Cidade mais perigosa da Internet”. Hackers blackhat condenados, como Guccifer (nome real), falam sobre worms, vírus, engenharia social, roubo de identidade e até sobre invadir o e-mail de Hillary Clinton.https://m.youtube.com/watch?v=mJ0bN6Nq0PE
🕴 @Phantasm_Lab
YouTube
A Cidade Mais Perigosa da Internet
Em breve: http://mostdangeroustown.com
Assista o documentário sobre cibercrime que apresenta a cidade romena chamada “Hackerville” ou a “Cidade mais perigosa da Internet”. Hackers blackhat condenados, como Guccifer (nome real), falam sobre worms, vírus, engenharia…
Assista o documentário sobre cibercrime que apresenta a cidade romena chamada “Hackerville” ou a “Cidade mais perigosa da Internet”. Hackers blackhat condenados, como Guccifer (nome real), falam sobre worms, vírus, engenharia…
Red Team Infrastructure Wiki
https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki
🕴 @Phantasm_Lab
This wiki is intended to provide a resource for setting up a resilient Red Team infrastructure. It was made to complement Steve Borosh (@424f424f) and Jeff Dimmock's (@bluscreenofjeff) BSides NoVa 2017 talk "Doomsday Preppers: Fortifying Your Red Team Infrastructure"https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki
🕴 @Phantasm_Lab
GitHub
GitHub - bluscreenofjeff/Red-Team-Infrastructure-Wiki: Wiki to collect Red Team infrastructure hardening resources
Wiki to collect Red Team infrastructure hardening resources - bluscreenofjeff/Red-Team-Infrastructure-Wiki
RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an organisation
https://medium.com/@networksecurity/rdp-hijacking-how-to-hijack-rds-and-remoteapp-sessions-transparently-to-move-through-an-da2a1e73a5f6
🕴 @Phantasm_Lab
How you can very easily use Remote Desktop Services to gain lateral movement through a network, using no external software — and how to defend against it.https://medium.com/@networksecurity/rdp-hijacking-how-to-hijack-rds-and-remoteapp-sessions-transparently-to-move-through-an-da2a1e73a5f6
🕴 @Phantasm_Lab
Medium
RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an organisation
How you can very easily use Remote Desktop Services to gain lateral movement through a network, using no external software — and how to…
Forwarded from Hunter X Hunter
#Cybary #Advanced #Pentesting
Cybary - Advanced Penetration Testing
https://www.cybrary.it/course/advanced-penetration-testing/
Cybary - Advanced Penetration Testing
This course covers how to attack from the web using cross-site noscripting, SQL injection attacks, remote and local file inclusion and how to understand the defender of the network you’re breaking into to. You’ll also learn tricks for exploiting a network.https://www.cybrary.it/course/advanced-penetration-testing/
www.cybrary.it
Advanced Penetration Testing Course & Pen Testing Training - Cybrary
Advanced Penetration Testing course & Pen Testing training from Cybrary, to learn widely used tools, manipulate network traffic, cross-site noscripting & SQL injection. Create a free account!
Awesome Infosec
https://github.com/onlurking/awesome-infosec
🕴 @Phantasm_Lab
A curated list of awesome infosec courses and training resources.https://github.com/onlurking/awesome-infosec
🕴 @Phantasm_Lab
GitHub
GitHub - onlurking/awesome-infosec: A curated list of awesome infosec courses and training resources.
A curated list of awesome infosec courses and training resources. - onlurking/awesome-infosec
Forwarded from Jonhnathan Jonhnathan Jonhnathan
OWASP AppSec California 2018: https://www.youtube.com/playlist?list=PLpr-xdpM8wG-mJASEZ4TqFYtiRgasd-ki
YouTube
OWASP AppSec California 2018 - YouTube