Parameter discovery tools comparison
https://ift.tt/3Ai3XGx
Submitted July 01, 2021 at 08:34PM by sh1yo_
via reddit https://ift.tt/3xcurYi
https://ift.tt/3Ai3XGx
Submitted July 01, 2021 at 08:34PM by sh1yo_
via reddit https://ift.tt/3xcurYi
sh1yo.art
Parameter discovery tools comparison
Some people asked me about publishing a comparison between x8 and other major tools for parameter discovery: Arjun and Param Miner, so here it is!
DOM Polyglot XSS & CSP-bypass in PayPal
https://ift.tt/3AdmrIk
Submitted July 01, 2021 at 08:21PM by albinowax
via reddit https://ift.tt/3dxOxoa
https://ift.tt/3AdmrIk
Submitted July 01, 2021 at 08:21PM by albinowax
via reddit https://ift.tt/3dxOxoa
PortSwigger Research
Finding DOM Polyglot XSS in PayPal the Easy Way
Introduction Finding DOM XSS can be tricky when it's buried in thousands of lines of code. We recently developed DOM Invader to help tackle this using a combined dynamic+manual approach to vulnerabili
SpoolSystem is a CNA noscript for Cobalt Strike which uses the Print Spooler named pipe impersonation trick to gain SYSTEM privileges.
https://ift.tt/2AmTkZ7
Submitted July 02, 2021 at 10:22AM by FilthyPlay
via reddit https://ift.tt/364SfBv
https://ift.tt/2AmTkZ7
Submitted July 02, 2021 at 10:22AM by FilthyPlay
via reddit https://ift.tt/364SfBv
GitHub
nccfsas/Tools/spoolsystem at main · nccgroup/nccfsas
Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team. - nccfsas/Tools/spoolsystem at main · nccgroup/nccfsas
New LinkedIn Data Leak Leaves 700 Million Users Exposed
https://ift.tt/3jl11D9
Submitted July 02, 2021 at 01:47PM by 7rillionaire
via reddit https://ift.tt/36mimnH
https://ift.tt/3jl11D9
Submitted July 02, 2021 at 01:47PM by 7rillionaire
via reddit https://ift.tt/36mimnH
RestorePrivacy
New LinkedIn Data Leak Leaves 700 Million Users Exposed | RestorePrivacy
Data from 700 million LinkedIn users has been put up for sale online, making this one of the largest LinkedIn data leaks to date. After analyzing the data and making contact with the seller, we have updated this article with more information, including how…
Measuring Traffic Rate by Means of U-models
https://ift.tt/3dzGmYe
Submitted July 02, 2021 at 05:15PM by shapelez
via reddit https://ift.tt/3Aortle
https://ift.tt/3dzGmYe
Submitted July 02, 2021 at 05:15PM by shapelez
via reddit https://ift.tt/3Aortle
blog.qrator.net
Blog — Measuring Traffic Rate by Means of U-models
First, let us look at and analyze a few examples of how events are counted and the rate of the stream is estimated in general. The next step is to see a generalization, namely some class of counters, which we call the u-model. Next, we explore what useful…
Client Puzzle Protocols as Countermeasure Against Automated Threats to Web Applications
https://ift.tt/3hv1aBu
Submitted July 02, 2021 at 06:33PM by 0xfffffg
via reddit https://ift.tt/3660FbR
https://ift.tt/3hv1aBu
Submitted July 02, 2021 at 06:33PM by 0xfffffg
via reddit https://ift.tt/3660FbR
Free Micropatches for PrintNightmare Vulnerability (CVE-2021-34527)
https://ift.tt/2Tsrmoh
Submitted July 02, 2021 at 07:38PM by jonasLyk
via reddit https://ift.tt/3jz3UAf
https://ift.tt/2Tsrmoh
Submitted July 02, 2021 at 07:38PM by jonasLyk
via reddit https://ift.tt/3jz3UAf
0Patch
Free Micropatches for PrintNightmare Vulnerability (CVE-2021-34527)
by Mitja Kolsek, the 0patch Team Update 8/11/2021: August 2021 Windows Updates brought a fix for PrintNightmare that has the same default ef...
Windows 11: TPMs and Digital Sovereignty
https://ift.tt/3w3pxeD
Submitted July 03, 2021 at 02:44PM by _klg
via reddit https://ift.tt/3xfVJNr
https://ift.tt/3w3pxeD
Submitted July 03, 2021 at 02:44PM by _klg
via reddit https://ift.tt/3xfVJNr
secret club
Windows 11: TPMs and Digital Sovereignty
The problem with enforcing TPMs on consumers
Resources for Digital Forensics and Incident Response Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack - Forensic Disk Images etc.
https://ift.tt/2SLtsiN
Submitted July 03, 2021 at 11:23PM by chris_dd
via reddit https://ift.tt/368IXED
https://ift.tt/2SLtsiN
Submitted July 03, 2021 at 11:23PM by chris_dd
via reddit https://ift.tt/368IXED
GitHub
GitHub - cado-security/DFIR_Resources_REvil_Kaseya: Resources for DFIR Professionals Responding to the REvil Ransomware Kaseya…
Resources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack - GitHub - cado-security/DFIR_Resources_REvil_Kaseya: Resources for DFIR Professionals Responding to t...
Taking over Uber accounts through voicemail
https://ift.tt/3AjBBvE
Submitted July 04, 2021 at 07:37AM by Mempodipper
via reddit https://ift.tt/2UWDcHy
https://ift.tt/3AjBBvE
Submitted July 04, 2021 at 07:37AM by Mempodipper
via reddit https://ift.tt/2UWDcHy
A fast tool to scan prototype pollution vulnerability written in Rust. 🦀
https://ift.tt/3hvED7G
Submitted July 04, 2021 at 05:49PM by dwisiswant0
via reddit https://ift.tt/3jJ8I6q
https://ift.tt/3hvED7G
Submitted July 04, 2021 at 05:49PM by dwisiswant0
via reddit https://ift.tt/3jJ8I6q
GitHub
GitHub - dwisiswant0/ppfuzz: A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀 - GitHub - dwisiswant0/ppfuzz: A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
Digital violence: how the NSO Group enables state terror
https://ift.tt/2SMNeKF
Submitted July 05, 2021 at 04:00AM by liotier
via reddit https://ift.tt/3yoxZGU
https://ift.tt/2SMNeKF
Submitted July 05, 2021 at 04:00AM by liotier
via reddit https://ift.tt/3yoxZGU
reddit
Digital violence: how the NSO Group enables state terror
Posted in r/netsec by u/liotier • 1 point and 0 comments
Scale, details of massive ransomware attack emerge
https://ift.tt/3xcUL4t
Submitted July 05, 2021 at 05:04AM by thegreatblazed
via reddit https://ift.tt/3dFM5vS
https://ift.tt/3xcUL4t
Submitted July 05, 2021 at 05:04AM by thegreatblazed
via reddit https://ift.tt/3dFM5vS
POLITICO
Scale, details of massive ransomware attack emerge
An affiliate of the notorious REvil gang infected thousands of victims in at least 17 countries.
Internet-Wide Analysis on Unauthenticated Exposed Databases
https://ift.tt/3qEWhtN
Submitted July 05, 2021 at 04:49PM by 0xInfection
via reddit https://ift.tt/3An3Ut8
https://ift.tt/3qEWhtN
Submitted July 05, 2021 at 04:49PM by 0xInfection
via reddit https://ift.tt/3An3Ut8
RedHunt Labs
Thousands Of Unauthenticated Databases Exposed On The Internet - RedHunt Labs
Internet-wide research on the security posture of databases exposed on the internet. This blog contains all the specifics and analysis of results.
Number-two-factor Authentication
https://ift.tt/2V57wMM
Submitted July 05, 2021 at 08:46PM by jesseflorig
via reddit https://ift.tt/3hB4tXQ
https://ift.tt/2V57wMM
Submitted July 05, 2021 at 08:46PM by jesseflorig
via reddit https://ift.tt/3hB4tXQ
Nature
A mountable toilet system for personalized health monitoring via the analysis of excreta
Nature Biomedical Engineering - A ‘smart’ toilet that uses pressure and motion sensors, biometric identification, urinalysis strips, a computer-vision uroflowmeter and machine learning...
19. Unpacking the Kaseya VSA incident. - Amplified And Intensified
https://ift.tt/3hlJxW0
Submitted July 06, 2021 at 07:40PM by MSP-Kontinuum
via reddit https://ift.tt/2TIbjTt
https://ift.tt/3hlJxW0
Submitted July 06, 2021 at 07:40PM by MSP-Kontinuum
via reddit https://ift.tt/2TIbjTt
Less.js Exploit to RCE
https://ift.tt/2SUSgoC
Submitted July 06, 2021 at 11:01PM by slapChops
via reddit https://ift.tt/3hHWc4i
https://ift.tt/2SUSgoC
Submitted July 06, 2021 at 11:01PM by slapChops
via reddit https://ift.tt/3hHWc4i
Exploiting the Sudo Baron Samedit vulnerability (CVE-2021-3156) on VMWare vCenter Server 7.0
https://ift.tt/3ACrBxF
Submitted July 07, 2021 at 01:38AM by digicat
via reddit https://ift.tt/36jphxD
https://ift.tt/3ACrBxF
Submitted July 07, 2021 at 01:38AM by digicat
via reddit https://ift.tt/36jphxD
NCC Group Research
Exploiting the Sudo Baron Samedit vulnerability (CVE-2021-3156) on VMWare vCenter Server 7.0
NCC Group’s Exploit Development Group document exploiting the sudo vulnerability on VMWare vCenter Server
Hookshot - A Python Tool to Scrape Websites for Emails and Check Them for Data Breaches with HIBP
https://ift.tt/2Vf3ODW
Submitted July 07, 2021 at 01:18AM by malanom3
via reddit https://ift.tt/36ezQ5j
https://ift.tt/2Vf3ODW
Submitted July 07, 2021 at 01:18AM by malanom3
via reddit https://ift.tt/36ezQ5j
GitHub
hookshot/README.md at master · andrew-vii/hookshot
Integrated web scraper and email account data breach comparison tool - hookshot/README.md at master · andrew-vii/hookshot
Damn Vulnerable Bank Guide
https://ift.tt/3yvvans
Submitted July 07, 2021 at 03:52AM by Rewanth_Tammana
via reddit https://ift.tt/2SVoMXI
https://ift.tt/3yvvans
Submitted July 07, 2021 at 03:52AM by Rewanth_Tammana
via reddit https://ift.tt/2SVoMXI
These Data leaks are literally backdoors, they always come out much later.
https://ift.tt/2UGxQ3a
Submitted July 07, 2021 at 05:19AM by chumze_simius
via reddit https://ift.tt/3hFjwjk
https://ift.tt/2UGxQ3a
Submitted July 07, 2021 at 05:19AM by chumze_simius
via reddit https://ift.tt/3hFjwjk