Forwarded from @Phantasm_Lab (Deleted Account)
Advanced Penetration Testing - Hacking the World's Most Secure Networks | PDF/EPUB | 6/6 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfMy05SjhEaWpGODQ
Black Hat Python | PDF/EPUB | 3/3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfbHY0dWVSVURMVE0
Defensive security handbook | PDF/EPUB/AZW3 | 29/27/4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfT1JBa1VFMFBnVDg
Ethical Hacking and Penetration Testing Guide | PDF | 22 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfQVUwczFMU2JMWGc
Hacking - The Art of Explotation | PDF | 4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfeXNUbl96ZEt3Mk0
Hash Crack - Password Cracking Manual | PDF/EPUB/AZW3 | 6/2/3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfZDV1V251UzVtMmc
Kali Linux Revealed - Mastering the Penetration Testing Distribution | PDF | 26 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfSGpUSWk0QVJTUVU
RTFM - Red Team Field Manual | PDF | 3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfaFB5LVpsOGlMS00
The Hacker Playbook 2 - Practical Guide To Penetration Testing | PDF/EPUB/MOBI | 23/18/53 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfV0JpS1MtX015aEU
The Shellcoders's Handbook - Discovering and Exploiting Security Holes | PDF | 4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfeXFvX1YzdG8zMVU
Violent Python - A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers | PDF | 8 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfNnYtUHQycGZwS28
Black Hat Python | PDF/EPUB | 3/3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfbHY0dWVSVURMVE0
Defensive security handbook | PDF/EPUB/AZW3 | 29/27/4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfT1JBa1VFMFBnVDg
Ethical Hacking and Penetration Testing Guide | PDF | 22 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfQVUwczFMU2JMWGc
Hacking - The Art of Explotation | PDF | 4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfeXNUbl96ZEt3Mk0
Hash Crack - Password Cracking Manual | PDF/EPUB/AZW3 | 6/2/3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfZDV1V251UzVtMmc
Kali Linux Revealed - Mastering the Penetration Testing Distribution | PDF | 26 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfSGpUSWk0QVJTUVU
RTFM - Red Team Field Manual | PDF | 3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfaFB5LVpsOGlMS00
The Hacker Playbook 2 - Practical Guide To Penetration Testing | PDF/EPUB/MOBI | 23/18/53 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfV0JpS1MtX015aEU
The Shellcoders's Handbook - Discovering and Exploiting Security Holes | PDF | 4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfeXFvX1YzdG8zMVU
Violent Python - A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers | PDF | 8 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfNnYtUHQycGZwS28
Forwarded from Zer0 to her0
Server-Side Spreadsheet Injection – Formula Injection to Remote Code Execution
https://www.bishopfox.com/blog/2018/06/server-side-spreadsheet-injections/
@FromZer0toHero
https://www.bishopfox.com/blog/2018/06/server-side-spreadsheet-injections/
@FromZer0toHero
Bishop Fox
Server-Side Spreadsheet Injection - Formula Injection to Remote Code…
Bishop Fox's Jake Miller explains server-side spreadsheet injection, an attack vector based on CSV injection, in this write-up from an earlier talk.
The general HTTP authentication framework
HTTP provides a general framework for access control and authentication. The most common HTTP authentication is based on "Basic" schema. This page shows an introduction to HTTP framework for authentication and shows how restringe the access to your server using and HTTP "Basic" schema.
https://developer.mozilla.org/en-US/docs/Web/HTTP/AuthenticationMDN Web Docs
HTTP authentication - HTTP | MDN
HTTP provides a general framework for access control and authentication.
This page is an introduction to the HTTP framework for authentication, and shows how to restrict access to your server using the HTTP "Basic" scheme.
This page is an introduction to the HTTP framework for authentication, and shows how to restrict access to your server using the HTTP "Basic" scheme.
hypnotizing a police officer
Hipnotizando um policial sem que ele perceba!
https://www.youtube.com/watch?v=ByrsmUKWYk4
Hipnotizando um policial sem que ele perceba!
Spidey Indirectly hypnotizing a police officer to not be fined! Spidey Hipnotiza, de forma indireta, um policial para não ser multado.https://www.youtube.com/watch?v=ByrsmUKWYk4
YouTube
Hipnotizando um policial sem que ele perceba!
Spidey Hipnotiza, de forma indireta, um policial para não ser multado.
Video original:
https://www.youtube.com/watch?v=7gcQDuv_Kb0
Video original:
https://www.youtube.com/watch?v=7gcQDuv_Kb0
Forwarded from Hacking Brasil (Ryoon Ivo)
Escreva softwares que se baseiem diretamente nos serviços oferecidos pelo kernel do Linux e pelas bibliotecas do sistema principal. Com este livro abrangente, o colaborador do kernel do Linux, Robert Love, fornece um tutorial sobre a programação do sistema Linux, um manual de referência sobre chamadas do sistema Linux e um guia interno para escrever código mais rápido e inteligente.
O Love distingue claramente as funções padrão POSIX e os serviços especiais oferecidos apenas pelo Linux. Com um novo capítulo sobre multithreading, esta edição atualizada e expandida fornece uma visão detalhada do Linux de uma perspectiva teórica e aplicada sobre uma ampla gama de tópicos de programação, incluindo:
- Um kernel Linux, biblioteca C e visão geral do compilador C
- Operações básicas de I/O, como ler e gravar em arquivos
- Interfaces avançadas de I/O, mapeamentos de memória e técnicas de otimização
- A família de chamadas do sistema para gerenciamento básico de processos
- Gerenciamento avançado de processos, incluindo processos em tempo real
- Conceitos de encadeamento, programação multithread e Pthreads
-Gerenciamento de arquivos e diretórios
- Interfaces para alocação de memória e otimização do acesso à memória
- Interfaces de sinal básicas e avançadas e seu papel no sistema
O Love distingue claramente as funções padrão POSIX e os serviços especiais oferecidos apenas pelo Linux. Com um novo capítulo sobre multithreading, esta edição atualizada e expandida fornece uma visão detalhada do Linux de uma perspectiva teórica e aplicada sobre uma ampla gama de tópicos de programação, incluindo:
- Um kernel Linux, biblioteca C e visão geral do compilador C
- Operações básicas de I/O, como ler e gravar em arquivos
- Interfaces avançadas de I/O, mapeamentos de memória e técnicas de otimização
- A família de chamadas do sistema para gerenciamento básico de processos
- Gerenciamento avançado de processos, incluindo processos em tempo real
- Conceitos de encadeamento, programação multithread e Pthreads
-Gerenciamento de arquivos e diretórios
- Interfaces para alocação de memória e otimização do acesso à memória
- Interfaces de sinal básicas e avançadas e seu papel no sistema
Forwarded from Hacking Brasil (Ryoon Ivo)
Linux System Programming.pdf
2.4 MB
Forwarded from Security Talks (Jonhnathan Jonhnathan Jonhnathan)
DevSec Defense
by Daniel Bohannon at x33fcon
This talk demonstrates how defenders can apply DevOps practices to their detection research and development processes to drive more robust detection creation and maintenance over a rule’s lifetime. In addition, the PowerShell community has already developed numerous components and frameworks that information security practitioners can leverage for this defensive R&D, namely: PowerShell’s Abstract Syntax Tree (AST), PSScriptAnalyzer and Pester.
https://www.youtube.com/watch?v=QJe8xikf-iE
@SecTalks
by Daniel Bohannon at x33fcon
This talk demonstrates how defenders can apply DevOps practices to their detection research and development processes to drive more robust detection creation and maintenance over a rule’s lifetime. In addition, the PowerShell community has already developed numerous components and frameworks that information security practitioners can leverage for this defensive R&D, namely: PowerShell’s Abstract Syntax Tree (AST), PSScriptAnalyzer and Pester.
https://www.youtube.com/watch?v=QJe8xikf-iE
@SecTalks
YouTube
16. x33fcon 2018 - DevSec Defense by Daniel Bohannon
This talk demonstrates how defenders can apply DevOps practices to their detection research and development processes to drive more robust detection creation and maintenance over a rule’s lifetime. In addition, the PowerShell community has already developed…
Forwarded from Zer0 to her0 (Jonhnathan Jonhnathan Jonhnathan)
A great repository with resources about Linux Kernel Exploitation
https://github.com/xairy/linux-kernel-exploitation/blob/master/README.md
@FromZer0toHero
https://github.com/xairy/linux-kernel-exploitation/blob/master/README.md
@FromZer0toHero
GitHub
linux-kernel-exploitation/README.md at master · xairy/linux-kernel-exploitation
A collection of links related to Linux kernel security and exploitation - xairy/linux-kernel-exploitation
Forwarded from @Phantasm_Lab
The general HTTP authentication framework
HTTP provides a general framework for access control and authentication. The most common HTTP authentication is based on "Basic" schema. This page shows an introduction to HTTP framework for authentication and shows how restringe the access to your server using and HTTP "Basic" schema.
https://developer.mozilla.org/en-US/docs/Web/HTTP/AuthenticationMDN Web Docs
HTTP authentication - HTTP | MDN
HTTP provides a general framework for access control and authentication.
This page is an introduction to the HTTP framework for authentication, and shows how to restrict access to your server using the HTTP "Basic" scheme.
This page is an introduction to the HTTP framework for authentication, and shows how to restrict access to your server using the HTTP "Basic" scheme.