Forwarded from Zer0 to her0 (Jonhnathan Jonhnathan Jonhnathan)
A great repository with resources about Linux Kernel Exploitation
https://github.com/xairy/linux-kernel-exploitation/blob/master/README.md
@FromZer0toHero
https://github.com/xairy/linux-kernel-exploitation/blob/master/README.md
@FromZer0toHero
GitHub
linux-kernel-exploitation/README.md at master · xairy/linux-kernel-exploitation
A collection of links related to Linux kernel security and exploitation - xairy/linux-kernel-exploitation
Forwarded from @Phantasm_Lab
The general HTTP authentication framework
HTTP provides a general framework for access control and authentication. The most common HTTP authentication is based on "Basic" schema. This page shows an introduction to HTTP framework for authentication and shows how restringe the access to your server using and HTTP "Basic" schema.
https://developer.mozilla.org/en-US/docs/Web/HTTP/AuthenticationMDN Web Docs
HTTP authentication - HTTP | MDN
HTTP provides a general framework for access control and authentication.
This page is an introduction to the HTTP framework for authentication, and shows how to restrict access to your server using the HTTP "Basic" scheme.
This page is an introduction to the HTTP framework for authentication, and shows how to restrict access to your server using the HTTP "Basic" scheme.
Hackers trocam código-fonte de distribuição Linux por malware no Github
https://olhardigital.com.br/fique_seguro/noticia/hackers-trocam-codigo-fonte-de-distribuicao-linux-por-malware-no-github/77099
🕴🏽 @Phantasm_Lab
A conta no GitHub de uma distribuição Linux foi invadida por um ou mais hackers na tarde desta última quinta-feira. Os cibercriminosos substituíram o código-fonte original de alguns de repositórios da Gentoo por um malicioso, como informaram os desenvolvedores por trás do sistema em um alerta de segurança.
A Gentoo ainda está investigando os efeitos e as causas da invasão junto com o GitHub, mas já recomenda descartar qualquer arquivo baixado ou puxado da conta na plataforma ontem. Os códigos maliciosos inseridos nos repositórios durante o ataque podem ser usados para apagar arquivos no computador da vítima, segundo o site Hacker News.
https://olhardigital.com.br/fique_seguro/noticia/hackers-trocam-codigo-fonte-de-distribuicao-linux-por-malware-no-github/77099
🕴🏽 @Phantasm_Lab
Olhar Digital - O futuro passa primeiro aqui
Hackers trocam código-fonte de distribuição Linux por malware no Github
Tudo sobre tecnologia, internet e redes sociais
Javanoscript Completo 2018. Do Iniciante Ao Mestre
https://mega.nz/#F!jmoh3KgD!jNDC_KCi4P6cpelUKThx3Q
https://mega.nz/#F!jmoh3KgD!jNDC_KCi4P6cpelUKThx3Q
mega.nz
MEGA provides free cloud storage with convenient and powerful always-on privacy. Claim your free 20GB now
Session Hijacking Cheat Sheet, Attack Examples & Protection
https://www.checkmarx.com/knowledge/knowledgebase/session-hijacking
🕴 @Phantasm_Lab
As the name suggests, Session Hijacking involves the exploitation of the web session control mechanism. The attacker basically exploits vulnerable connections and steals HTTP cookies to gain unauthorized access to sensitive information/data stored in web servers.https://www.checkmarx.com/knowledge/knowledgebase/session-hijacking
🕴 @Phantasm_Lab
Checkmarx
Session Hijacking | Checkmarx Application Security
Session Hijacking is the exploitation of the web session control mechanism, where the hacker exploits vulnerable connections and steals HTTP cookies to gain unauthorized access to sensitive information/data stored in web servers. This kind of attack, also…
Forwarded from @Phantasm_Lab ([L]uŧh1er)
#Pirate #Bay #AFK
https://youtu.be/yDt_uAqkxRY
🕴 @Phantasm_Lab
🕴 @PartidoPirataBrasil
Legenda traduzida em colaboração com voluntários do Partido Pirata Brasil.https://youtu.be/yDt_uAqkxRY
🕴 @Phantasm_Lab
🕴 @PartidoPirataBrasil
YouTube
The Pirate Bay AFK - Completo HD - Legendado PT-BR (2013)
Seja um pirata, junte-se a nós! Ahoooy!!!
Legenda traduzida em colaboração com voluntários do Partido Pirata do Brasil:
http://partidopirata.org/
https://www.facebook.com/PartidoPirata.BR
https://www.facebook.com/groups/partidopiratabrasil/
Para ativar…
Legenda traduzida em colaboração com voluntários do Partido Pirata do Brasil:
http://partidopirata.org/
https://www.facebook.com/PartidoPirata.BR
https://www.facebook.com/groups/partidopiratabrasil/
Para ativar…
#Perfil #HackerOne #Series
Alyssa Herrera
https://hackerone.com/alyssa_herrera
🕴🏽 @Phantasm_Lab
Alyssa Herrera
Reputation: 1441 Impact: 14.20https://hackerone.com/alyssa_herrera
🕴🏽 @Phantasm_Lab
HackerOne
HackerOne profile - alyssa_herrera
@Alyssa_Herrera_ - https://alyssaherrera.net
Forwarded from @Phantasm_Lab ([L]uŧh1er)
H2HC 10 - Palestra: Sandboxing is the shit - Jonathan Brossard
https://www.youtube.com/watch?v=1vgKym3fASg
🕴🏽 @Phantasm_Lab
https://www.youtube.com/watch?v=1vgKym3fASg
🕴🏽 @Phantasm_Lab
YouTube
Sandboxing is the shit - Jonathan Brossard - H2HC 2013
#Perfil #HackerOne #Series
Link
https://hackerone.com/linkks
🕴🏽 @Phantasm_Lab
Link
Reputation: 3463 Impact: 14.90
Bugs found: 307 Thanks received: 46https://hackerone.com/linkks
🕴🏽 @Phantasm_Lab
ACME TLS-SNI-01/02 challenge vulnerable when combined with shared hosting providers
https://hackerone.com/reports/304378
🕴🏽 @Phantasm_Lab
Frans Rosén (fransrosen)The ACME TLS-SNI-01 (and TLS-SNI-02) specification assumed wrong in terms of how current major cloud providers routed and validated domains. This was reported earlier this week to Let's Encrypt, and they decided to disable the method. Today Let's Encrypt decided to sunset both TLS-SNI-01 and TLS-SNI-02 due to the vulnerability I found. https://hackerone.com/reports/304378
🕴🏽 @Phantasm_Lab
HackerOne
Internet Bug Bounty disclosed on HackerOne: ACME TLS-SNI-01/02...
The [ACME TLS-SNI-01](https://tools.ietf.org/html/draft-ietf-acme-acme-01#section-7.3) (and [TLS-SNI-02](https://tools.ietf.org/html/draft-ietf-acme-acme-09#section-8.4)) specification assumed...