Forwarded from The Bug Bounty Hunter
Misconfiguration of Demographics Privacy in a Page
https://medium.com/@markchristiandeduyo/misconfiguration-of-demographics-privacy-in-a-page-682feb1179f2
https://medium.com/@markchristiandeduyo/misconfiguration-of-demographics-privacy-in-a-page-682feb1179f2
Medium
Misconfiguration of Demographics Privacy in a Page
Denoscription: Demographics is Limit Visibility of This Post, Choose who can see your post on Facebook based on their demographic. For…
QRLJacking - A New Social Engineering Attack Vector
https://github.com/OWASP/QRLJacking
🕴🏼 @PhantasmLab
QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the “Login with QR code” feature as a secure way to login into accounts. In a nutshell, the victim scans the attacker’s QR code which results in session hijacking.https://github.com/OWASP/QRLJacking
🕴🏼 @PhantasmLab
GitHub
GitHub - OWASP/QRLJacking: QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the…
QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into account...
GitHub Enterprise - Remote Code Execution
https://www.youtube.com/watch?v=GoO7_lCOfic&feature=youtu.be
🕴🏼 @PhantasmLab
GitHub Enterprise smaller than 2.8.7 Remote Code Execution A demo video of Black Hat USA 2017https://www.youtube.com/watch?v=GoO7_lCOfic&feature=youtu.be
🕴🏼 @PhantasmLab
YouTube
GitHub Enterprise - Remote Code Execution
GitHub Enterprise smaller than 2.8.7 Remote Code Execution A demo video of Black Hat USA 2017 This is the demo video of http://blog.orange.tw/2017/07/how-i-c...
OSCP Prep - SLmail Buffer Overflow Exploit Development with Kali Linux
https://www.youtube.com/watch?v=OOkU7to0Ty4
🕴🏽 @Phantasm_Lab
https://www.youtube.com/watch?v=OOkU7to0Ty4
🕴🏽 @Phantasm_Lab
YouTube
SLmail Buffer Overflow Exploit Development with Kali Linux
Please check out my Udemy courses! Coupon code applied to the following links....
https://www.udemy.com/hands-on-penetration-testing-labs-30/?couponCode=NINE99
https://www.udemy.com/hands-on-penetration-testing-labs-20/?couponCode=NINE99
https://www.udemy.com/kali…
https://www.udemy.com/hands-on-penetration-testing-labs-30/?couponCode=NINE99
https://www.udemy.com/hands-on-penetration-testing-labs-20/?couponCode=NINE99
https://www.udemy.com/kali…
OSCP Prep - Vulnserver Buffer Overflow Exploit Development with Kali Linux
https://www.youtube.com/watch?v=qjWs___hQcE
🕴🏽 @Phantasm_Lab
https://www.youtube.com/watch?v=qjWs___hQcE
🕴🏽 @Phantasm_Lab
YouTube
Vulnserver Buffer Overflow Exploit Development with Kali Linux
Please check out my Udemy courses! Coupon code applied to the following links....
https://www.udemy.com/hands-on-penetration-testing-labs-30/?couponCode=NINE99
https://www.udemy.com/hands-on-penetration-testing-labs-20/?couponCode=NINE99
https://www.udemy.com/kali…
https://www.udemy.com/hands-on-penetration-testing-labs-30/?couponCode=NINE99
https://www.udemy.com/hands-on-penetration-testing-labs-20/?couponCode=NINE99
https://www.udemy.com/kali…
Forwarded from CryptoRave 2025
Mais do que nunca é hora de falar da importância da CryptoRave. Mais do que nunca é hora de compartilhar em todos os grupos que você faz parte.
A CryptoRave é um evento de muita resistência: voluntário, sem publicidade, sem terno, gravata e pão de queijo murcho. Financiada por todos nós. Construída por nós, com uma programação coletiva.
Ano passado 600 pessoas acreditaram e ajudaram a realizar o evento. Esse é um evento único no Brasil e que precisa continuar existindo.
É por esse motivo que nós agradecemos a cada um de vocês que, de alguma forma, em algum momento desses cinco anos apoiou a CryptoRave. Nem sempre dá para apoiar com dinheiro, mas divulgar para os/as amigos/as é sempre possível e muito importante.
Divulguem! <3
https://www.catarse.me/cryptorave2018
A CryptoRave é um evento de muita resistência: voluntário, sem publicidade, sem terno, gravata e pão de queijo murcho. Financiada por todos nós. Construída por nós, com uma programação coletiva.
Ano passado 600 pessoas acreditaram e ajudaram a realizar o evento. Esse é um evento único no Brasil e que precisa continuar existindo.
É por esse motivo que nós agradecemos a cada um de vocês que, de alguma forma, em algum momento desses cinco anos apoiou a CryptoRave. Nem sempre dá para apoiar com dinheiro, mas divulgar para os/as amigos/as é sempre possível e muito importante.
Divulguem! <3
https://www.catarse.me/cryptorave2018
Catarse
CryptoRave 2018
Apoie o maior evento aberto e gratuito de criptografia e segurança do mundo!
How to Install apktool In Android: Decompile & Re-compile any Apk – Kali Nethunter [Reverse Engineering]
https://exploithub.info/install-apktool-in-android/
🕴 @Phantasm_Lab
In this article i will show you how to Install apktool in android and also show you how to decompile & recompile any android apk app with using android kali nethunter.https://exploithub.info/install-apktool-in-android/
🕴 @Phantasm_Lab
ExploitHub
How to Install apktool In Android: Decompile & Re-compile any Apk - Kali Nethunter [Reverse Engineering]
In this article i will show you how to Install apktool in android and also show you how to decompile & recompile any android apk app with using android kali nethunter. Let’s first talk about apktool! A tool for reverse engineering 3rd party, closed, binary…
#Perfil #HackerOne #Series
Dr.Jones (sp1d3rs)
https://hackerone.com/sp1d3rs
Dr.Jones (sp1d3rs)
Reputation: 3875 Rank: 78th Spiders are the only web developers that enjoy finding bugshttps://hackerone.com/sp1d3rs
HackerOne
HackerOne profile - sp1d3rs
The world tried to catch me, but it couldn't. - https://r1p.xyz
How Russia Hacked America—And Why It Will Happen Again
https://www.youtube.com/watch?v=GYIgmua-J7o
During the 2016 presidential campaign, Russian hackers attacked the U.S. on two fronts: the psychological and the technical. And it won't be the last time it happens. This psychological cyber warfare will only get better, and its methods more sophisticated.https://www.youtube.com/watch?v=GYIgmua-J7o
YouTube
How Russia Hacked America—And Why It Will Happen Again
During the 2016 presidential campaign, Russian hackers attacked the U.S. on two fronts: the psychological and the technical. And it won't be the last time it happens. This psychological cyber warfare will only get better, and its methods more sophisticated.…
How Russian Bots Invade Our Elections
https://www.youtube.com/watch?v=sZmrIkRDMsU
How do bots and trolls work to infiltrate social media platforms and influence U.S. elections? We take a closer look at these insidious online pests to explain how they work.https://www.youtube.com/watch?v=sZmrIkRDMsU
How Russian Trolls Collected Americans' Personal Information
https://www.youtube.com/watch?v=heXp2tyDl6k
The Kremlin-backed Internet Research Agency, a.k.a. the Troll Factory, used fake social media accounts before and after the 2016 U.S. election to collect sensitive personal information on Americans, a Wall Street Journal investigation has found. Shelby Holliday explains how the Russian schemes worked.https://www.youtube.com/watch?v=heXp2tyDl6k
YouTube
How Russian Trolls Collected Americans' Personal Information
The Kremlin-backed Internet Research Agency, a.k.a. the Troll Factory, used fake social media accounts before and after the 2016 U.S. election to collect sensitive personal information on Americans, a Wall Street Journal investigation has found. Shelby Holliday…
Hackers invadem sites da SSP, Polícia Civil e do Corpo de Bombeiros
http://imirante.com/oestadoma/noticias/2018/03/20/hackers-invadem-sites-da-ssp-policia-civil-e-do-corpo-de-bombeiros.shtml
Só a PM escapou por estar fora do ar; quem tentava acessar as páginas era surpreendido com uma mensagem de que os endereços estavam em manutenção http://imirante.com/oestadoma/noticias/2018/03/20/hackers-invadem-sites-da-ssp-policia-civil-e-do-corpo-de-bombeiros.shtml
Jornal O Estado do Maranhão
Hackers invadem sites da SSP, Polícia Civil e do Corpo de Bombeiros
Só a PM escapou por estar fora do ar; quem tentava acessar as páginas era surpreendido com uma mensagem de que os endereços estavam em manutenção
Forwarded from Full Python Alchemist
Security Weekly #416 - Python for Pentesters
https://www.youtube.com/watch?v=nukEMdt5ehs
🐍 @FullPythonAlchemist
Dan joins us in-studio for a tech segment on some python noscripts he has written. https://www.youtube.com/watch?v=nukEMdt5ehs
🐍 @FullPythonAlchemist
YouTube
Security Weekly #416 - Python for Pentesters
Dan joins us in-studio for a tech segment on some python noscripts he has written.
Check out the wiki for links to his github and Twitter.
http://wiki.securityweekly.com/wiki/index.php/Episode416#Tech_Segment:_Dan_McInerney_-_6:05PM-6:35PM
Check out the wiki for links to his github and Twitter.
http://wiki.securityweekly.com/wiki/index.php/Episode416#Tech_Segment:_Dan_McInerney_-_6:05PM-6:35PM
Linux Privilege Escalation - Tradecraft
https://www.youtube.com/watch?v=oYHAi0cgur4
After getting a shell on a server you may or may not have root access. To gain privileged access to a Linux system it may take performing more analysis of the system to find escalation issues. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) provides a methodology for performing various privilege escalation techniques against Linux-based systems. https://www.youtube.com/watch?v=oYHAi0cgur4
YouTube
Linux Privilege Escalation - Tradecraft Security Weekly #22
After getting a shell on a server you may or may not have root access. To gain privileged access to a Linux system it may take performing more analysis of the system to find escalation issues. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack)…
Three different priv escalation methods - Pentest Limited's BSides Edinburgh
https://www.youtube.com/watch?v=VglowrbEnCI
Abusing cron, mysql, and previous breach to gain root privileges. BSides Edinburgh boot2root.https://www.youtube.com/watch?v=VglowrbEnCI
YouTube
Three different priv escalation methods - Pentest Limited's BSides Edinburgh
Abusing cron, mysql, and previous breach to gain root privileges.
BSides Edinburgh boot2root.
https://maze.pentest-challenge.co.uk/
https://maze.pentest-challenge.co.uk/downloads/bsidesedi17.ova
BSides Edinburgh boot2root.
https://maze.pentest-challenge.co.uk/
https://maze.pentest-challenge.co.uk/downloads/bsidesedi17.ova