RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an organisation
https://medium.com/@networksecurity/rdp-hijacking-how-to-hijack-rds-and-remoteapp-sessions-transparently-to-move-through-an-da2a1e73a5f6
🕴 @Phantasm_Lab
How you can very easily use Remote Desktop Services to gain lateral movement through a network, using no external software — and how to defend against it.https://medium.com/@networksecurity/rdp-hijacking-how-to-hijack-rds-and-remoteapp-sessions-transparently-to-move-through-an-da2a1e73a5f6
🕴 @Phantasm_Lab
Medium
RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an organisation
How you can very easily use Remote Desktop Services to gain lateral movement through a network, using no external software — and how to…
Forwarded from Hunter X Hunter
#Cybary #Advanced #Pentesting
Cybary - Advanced Penetration Testing
https://www.cybrary.it/course/advanced-penetration-testing/
Cybary - Advanced Penetration Testing
This course covers how to attack from the web using cross-site noscripting, SQL injection attacks, remote and local file inclusion and how to understand the defender of the network you’re breaking into to. You’ll also learn tricks for exploiting a network.https://www.cybrary.it/course/advanced-penetration-testing/
www.cybrary.it
Advanced Penetration Testing Course & Pen Testing Training - Cybrary
Advanced Penetration Testing course & Pen Testing training from Cybrary, to learn widely used tools, manipulate network traffic, cross-site noscripting & SQL injection. Create a free account!
Awesome Infosec
https://github.com/onlurking/awesome-infosec
🕴 @Phantasm_Lab
A curated list of awesome infosec courses and training resources.https://github.com/onlurking/awesome-infosec
🕴 @Phantasm_Lab
GitHub
GitHub - onlurking/awesome-infosec: A curated list of awesome infosec courses and training resources.
A curated list of awesome infosec courses and training resources. - onlurking/awesome-infosec
Forwarded from Jonhnathan Jonhnathan Jonhnathan
OWASP AppSec California 2018: https://www.youtube.com/playlist?list=PLpr-xdpM8wG-mJASEZ4TqFYtiRgasd-ki
YouTube
OWASP AppSec California 2018 - YouTube
Why is Hong Kong the Perfect Setting for Cyberpunk?
https://www.youtube.com/watch?v=G93eQ9HXNdg
🕴 @Phantasm_Lab
Hong Kong is the most cyberpunk place in the world. Hong Kong has been featured in the most popular and influential Cyberpunk films. In this video I discussed why Hong Kong is such a preferred destination fro cyberpunk filmmakers.https://www.youtube.com/watch?v=G93eQ9HXNdg
🕴 @Phantasm_Lab
YouTube
Why is Hong Kong the Perfect Setting for Cyberpunk?
Hong Kong is the most cyberpunk place in the world. Hong Kong has been featured in the most popular and influential Cyberpunk films. In this video I discussed why Hong Kong is such a preferred destination fro cyberpunk filmmakers.
Music:
Chris Zabriskie…
Music:
Chris Zabriskie…
If You Want to Get into Hard Sci Fi - Watch These 8 Movies
https://www.youtube.com/watch?v=LniCiCOm4j8
🕴 @Phantasm_Lab
https://www.youtube.com/watch?v=LniCiCOm4j8
🕴 @Phantasm_Lab
YouTube
If You Want to Get into Hard Sci Fi - Watch These 8 Movies
8 Hard scifi movies mini-review & recommendations. If you're only want to watch the best imo, check these out.
Support this channel at: https://www.patreon.com/user?u=5540784
Follow me at: https://www.facebook.com/HyperDriveUK1/
Website: http://hyperdriveuk.com/…
Support this channel at: https://www.patreon.com/user?u=5540784
Follow me at: https://www.facebook.com/HyperDriveUK1/
Website: http://hyperdriveuk.com/…
Interested in CyberPunk Sci-Fi? Watch These 8 Movies
https://www.youtube.com/watch?v=WtkS3ZPlDHk
🕴 @Phantasm_Lab
https://www.youtube.com/watch?v=WtkS3ZPlDHk
🕴 @Phantasm_Lab
YouTube
Interested in Cyberpunk Movies - 8 Films for Fans of the Sci-fi Genre
8 cyberpunk sci-fi movies mini-review & recommendations.
Check out Amazon Prime's 30-day FREE trail here: https://amzn.to/2L1FIBP
Support this channel at: https://www.patreon.com/user?u=5540784
Follow me at: https://www.facebook.com/HyperDriveUK1/
Other…
Check out Amazon Prime's 30-day FREE trail here: https://amzn.to/2L1FIBP
Support this channel at: https://www.patreon.com/user?u=5540784
Follow me at: https://www.facebook.com/HyperDriveUK1/
Other…
Guardians Of The New World
https://www.youtube.com/watch?v=jUFEeuWqFPE
🕴 @Phantasm_Lab
(Hacking Documentary) - Real Storieshttps://www.youtube.com/watch?v=jUFEeuWqFPE
🕴 @Phantasm_Lab
YouTube
Guardians Of The New World (Hacking Documentary) | Real Stories
Until recently, many of us thought we were safe online and that the Internet provided a safe haven to share ideas and democratise information with the security of privacy. Guardians of the New World introduces us to the world of hacker culture. Emerging from…
Forwarded from ؘ.
Meetup sobre Comunidades e Carreiras em T.I que vai rolar em Campinas!! Simbora?!
https://www.meetup.com/pt-BR/Nerdzao/events/248250342/
https://www.meetup.com/pt-BR/Nerdzao/events/248250342/
Meetup
NerdZaoCampinas #5 - Comunidades e Carreiras em T.I
• O que vamos fazerNeste encontro PRESENCIAL e GRATUITO alguns profissionais irão contar um pouco sobre suas experiências e vivências no mercado de trabalho e principalmente nas comunidades relacionad
Cross Site Scripting Vulnerability in Oracle
https://www.ifrahiman.com/2018/02/cross-site-noscripting-vulnerability-in.html#more
🧠 @Phantasm_Lab
So as you already know that Cross Site Scripting is an attack in which we can inject custom JavaScript codes & the browser executes them as the part of the page. So for the proof of concept I used a simple alert(document.domain) payload, but the exploitation is not limited.https://www.ifrahiman.com/2018/02/cross-site-noscripting-vulnerability-in.html#more
🧠 @Phantasm_Lab
Ifrahiman
Cross Site Scripting Vulnerability in Oracle
Oracle Cross Site Scripting Bug
Webinar: Tips on Building a World Class Bug Bounty Program From Senior Red Team Expert, Mack Staples
https://www.youtube.com/watch?v=USRi1M2mlm8
🕴 @Phantasm_Lab
There’s nothing more important than protecting the lifeblood of your business: customer data. No one takes this more seriously than Zenefits, the All-in-One HR Platform. Zenefits holds sensitive personal and financial data for over 10,000 small and medium businesses. That’s a lot of high risk customer data, including Personally Identifiable Information (PII) and Protected Health Information (PHI). Thankfully, Zenefits has a world-class security program and a Red Team that knows, like many other companies with similarly sensitive data, they must be on their game 24/7. Mack Staples, Senior Manager of Zenefits' Red Team, walks through some best practices they use to enable bug bounties as a core product security strategy. He discusses tips, practical advice, and insights into how they’ve built their world-class bug bounty program into one of the top program’s on the HackerOne platform.https://www.youtube.com/watch?v=USRi1M2mlm8
🕴 @Phantasm_Lab
YouTube
Webinar: Tips on Building a World Class Bug Bounty Program From Senior Red Team Expert, Mack Staples
There’s nothing more important than protecting the lifeblood of your business: customer data. No one takes this more seriously than Zenefits, the All-in-One HR Platform. Zenefits holds sensitive personal and financial data for over 10,000 small and medium…