How to achieve enterprise-grade attack-surface monitoring with open source software
https://ift.tt/3zgq1QL
Submitted July 21, 2021 at 11:19AM by hakluke
via reddit https://ift.tt/3zkQnRK
https://ift.tt/3zgq1QL
Submitted July 21, 2021 at 11:19AM by hakluke
via reddit https://ift.tt/3zkQnRK
HΔKLUKΞ
How to achieve enterprise-grade attack-surface monitoring with open source software
How to achieve enterprise-grade attack-surface monitoring with open source software: SpiderFoot, bash, curl and cronjobs can go a long way.
REvil Ransomware Gang Mysteriously Disappears After High-Profile Attacks
https://ift.tt/36PaNWH
Submitted July 21, 2021 at 11:18AM by broken__beast0195
via reddit https://ift.tt/3xWwtfh
https://ift.tt/36PaNWH
Submitted July 21, 2021 at 11:18AM by broken__beast0195
via reddit https://ift.tt/3xWwtfh
TensorBugs
REvil Ransomware Gang Mysteriously Disappears After High-Profile Attacks
REvil, the infamous ransomware cartel behind some of the biggest cyberattacks targeting JBS and Kaseya, has mysteriously disappeared from the dark web
A hackers perspective on bug bounty triage
https://ift.tt/2UvRzmp
Submitted July 21, 2021 at 12:15PM by Mempodipper
via reddit https://ift.tt/36NmsVN
https://ift.tt/2UvRzmp
Submitted July 21, 2021 at 12:15PM by Mempodipper
via reddit https://ift.tt/36NmsVN
Shubham Shah
A hackers perspective on bug bounty triage
In the last few days, I have been able to have productive conversations with my peers in the bug bounty community including Patrik who works on the triage team and Luke who leads community efforts from HackerOne. Patrik has helped clear up misconceptions…
Summer of SAM - incorrect permissions on Windows 10/11 hives
https://ift.tt/2UBi6yy
Submitted July 21, 2021 at 11:55AM by 0xdea
via reddit https://ift.tt/3rnHlk1
https://ift.tt/2UBi6yy
Submitted July 21, 2021 at 11:55AM by 0xdea
via reddit https://ift.tt/3rnHlk1
SANS Internet Storm Center
InfoSec Handlers Diary Blog
Summer of SAM - incorrect permissions on Windows 10/11 hives, Author: Bojan Zdrnja
Ransomware Virtual Summit - July 29 - 30
https://ransomware.live
Submitted July 21, 2021 at 05:20PM by cyberxsec
via reddit https://ift.tt/3zkR6lU
https://ransomware.live
Submitted July 21, 2021 at 05:20PM by cyberxsec
via reddit https://ift.tt/3zkR6lU
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
Mindmap - Oracle Database Pentests with ODAT (Oracle Database Attacking Tool). Based on new ODAT version (v5.1)
https://ift.tt/1lI22w2
Submitted July 21, 2021 at 06:13PM by HeadProfessional
via reddit https://ift.tt/3wZrFV7
https://ift.tt/1lI22w2
Submitted July 21, 2021 at 06:13PM by HeadProfessional
via reddit https://ift.tt/3wZrFV7
GitHub
GitHub - quentinhardy/odat: ODAT: Oracle Database Attacking Tool
ODAT: Oracle Database Attacking Tool. Contribute to quentinhardy/odat development by creating an account on GitHub.
New Attacks on Kubernetes via Misconfigured Argo Workflows
https://ift.tt/2VWRc4y
Submitted July 21, 2021 at 08:19PM by Milafasents
via reddit https://ift.tt/3rpAuGM
https://ift.tt/2VWRc4y
Submitted July 21, 2021 at 08:19PM by Milafasents
via reddit https://ift.tt/3rpAuGM
Intezer
New Attacks on Kubernetes via Misconfigured Argo Workflows
Argo Workflows is an open-source, container-native workflow engine designed to run on K8s clusters.
Statically-linked ssh server with reverse shell functionality for CTFs
https://ift.tt/3xPnjBq
Submitted July 21, 2021 at 08:45PM by beleeee_dat
via reddit https://ift.tt/3eJ9RaO
https://ift.tt/3xPnjBq
Submitted July 21, 2021 at 08:45PM by beleeee_dat
via reddit https://ift.tt/3eJ9RaO
GitHub
GitHub - Fahrj/reverse-ssh: Statically-linked ssh server with reverse shell functionality for CTFs and such
Statically-linked ssh server with reverse shell functionality for CTFs and such - GitHub - Fahrj/reverse-ssh: Statically-linked ssh server with reverse shell functionality for CTFs and such
How is this domain redirecting to another website? If I manually go to the first link it shows as a wrong site, but if I click the link it goes to another website.
https://ift.tt/3eG8bid
Submitted July 21, 2021 at 09:43PM by tbilisi
via reddit https://ift.tt/2UrI5c0
https://ift.tt/3eG8bid
Submitted July 21, 2021 at 09:43PM by tbilisi
via reddit https://ift.tt/2UrI5c0
QilingLab: a series of challenges by Th3Zer0 to train your Qiling skills 💪🏾 -- solve 'em all and share your writeup!
https://ift.tt/3hTlEoI
Submitted July 21, 2021 at 10:10PM by smaury
via reddit https://ift.tt/3eGZ40I
https://ift.tt/3hTlEoI
Submitted July 21, 2021 at 10:10PM by smaury
via reddit https://ift.tt/3eGZ40I
Shielder
Shielder - QilingLab – Release
Release of the QilingLab challenge.
NPM Package "nodejs_net_server" caught Stealing user data from browser!
https://ift.tt/3BrxGh6
Submitted July 21, 2021 at 10:52PM by broken__beast0195
via reddit https://ift.tt/3iCEEHp
https://ift.tt/3BrxGh6
Submitted July 21, 2021 at 10:52PM by broken__beast0195
via reddit https://ift.tt/3iCEEHp
TensorBugs
NPM Package 'nodejs_net_server' caught Stealing user data from browser!
infoomagazines, news, latest, business
Reversing for dummies - x86 assembly and C code (Beginner/ADHD friendly) · 0x41.cf
https://ift.tt/3roPEfo
Submitted July 22, 2021 at 04:07AM by TheAndroidGeek
via reddit https://ift.tt/3x0NrI5
https://ift.tt/3roPEfo
Submitted July 22, 2021 at 04:07AM by TheAndroidGeek
via reddit https://ift.tt/3x0NrI5
Top Organizations On GitHub Vulnerable To Dependency Confusion Attacks - RedHunt Labs
https://ift.tt/3iy1pwc
Submitted July 22, 2021 at 04:14PM by redhuntlabs
via reddit https://ift.tt/3xXc61P
https://ift.tt/3iy1pwc
Submitted July 22, 2021 at 04:14PM by redhuntlabs
via reddit https://ift.tt/3xXc61P
RedHunt Labs
Top Organizations On GitHub Vulnerable To Dependency Confusion Attacks - RedHunt Labs
We analyzed the top 1,000 GitHub organizations. It involved scanning 38,691 GitHub repositories (Ruby, Python, JavaScript, Go, and PHP code).
Forgetting passwords for profit - I wrote a tool to find DNS vulnerabilities in web applications.
https://ift.tt/2UXUnZn
Submitted July 22, 2021 at 05:09PM by The_Login
via reddit https://ift.tt/3wRyqZi
https://ift.tt/2UXUnZn
Submitted July 22, 2021 at 05:09PM by The_Login
via reddit https://ift.tt/3wRyqZi
GitHub
GitHub - The-Login/DNS-Reset-Checker: Tools to assess the DNS security of web applications
Tools to assess the DNS security of web applications - GitHub - The-Login/DNS-Reset-Checker: Tools to assess the DNS security of web applications
CVE-2021-36934 temporary mitigation in commandprompt.
https://ift.tt/2TqLOWw
Submitted July 22, 2021 at 05:58PM by nindustries
via reddit https://ift.tt/2UBqf6i
https://ift.tt/2TqLOWw
Submitted July 22, 2021 at 05:58PM by nindustries
via reddit https://ift.tt/2UBqf6i
Gist
CVE-2021-36934 manual mitigation in commandprompt.
CVE-2021-36934 manual mitigation in commandprompt. - CVE-2021-36934.bat
5GC API parse - A Burp Suite extension to assess 5G core network functions
https://ift.tt/3hSHHfj
Submitted July 22, 2021 at 07:44PM by sebazzen
via reddit https://ift.tt/2UYhN0J
https://ift.tt/3hSHHfj
Submitted July 22, 2021 at 07:44PM by sebazzen
via reddit https://ift.tt/2UYhN0J
GitHub
GitHub - PentHertz/5GC_API_parse: A BurpSuite extension to parse 5GC NF OpenAPI 3.0 files to assess 5G core networks
A BurpSuite extension to parse 5GC NF OpenAPI 3.0 files to assess 5G core networks - GitHub - PentHertz/5GC_API_parse: A BurpSuite extension to parse 5GC NF OpenAPI 3.0 files to assess 5G core netw...
Looks like the old PunkSpider project is getting rebooted and updated
https://ift.tt/3zDLYJR
Submitted July 22, 2021 at 09:32PM by cleverRiver6
via reddit https://ift.tt/3iuSGuo
https://ift.tt/3zDLYJR
Submitted July 22, 2021 at 09:32PM by cleverRiver6
via reddit https://ift.tt/3iuSGuo
Risk Management for Cyber Security, Insurance, & Finance | QOMPLX
Punkspider Returns with Eyes on OWSAP Top 10 | QOMPLX
The popular Punkspider web vulnerability scanning tool is returning with bigger scale, broader reach and coverage of attacks in the OWASP Top 10.
Forgot password? Taking over user accounts Kaminsky style
https://ift.tt/3hY2yOp
Submitted July 22, 2021 at 09:57PM by The_Login
via reddit https://ift.tt/3kK3SWU
https://ift.tt/3hY2yOp
Submitted July 22, 2021 at 09:57PM by The_Login
via reddit https://ift.tt/3kK3SWU
SEC Consult
Forgot password? Taking over user accounts Kaminsky style
The "Forgot password?" feature and how DNS vulnerabilities may allow the takeover of user accounts.
Cryptojacking Attacks Continue To Target SSH Servers
https://ift.tt/2UwIeLi
Submitted July 23, 2021 at 04:21AM by securehoney
via reddit https://ift.tt/3kZXgUH
https://ift.tt/2UwIeLi
Submitted July 23, 2021 at 04:21AM by securehoney
via reddit https://ift.tt/3kZXgUH
Secure Honey
Cryptojacking Attacks Continue To Target SSH Servers | Secure Honey
Coming up in today's blog post: I'll be exploring recent cyber attacks targeting my SSH honeypots. From cryptojacking motives to techniques used by attackers.
Preventing Data Exfiltration with eBPF
https://ift.tt/3rtOIqa
Submitted July 23, 2021 at 04:14AM by benarent
via reddit https://ift.tt/3kZXiMj
https://ift.tt/3rtOIqa
Submitted July 23, 2021 at 04:14AM by benarent
via reddit https://ift.tt/3kZXiMj
Goteleport
Preventing Data Exfiltration with eBPF
An introduction to KRSI and how you can use it to dynamically prevent data exfiltration based on IP ranges.
Recon Script in VB . In case Powershell is disabled
https://ift.tt/2V7R3ep
Submitted July 23, 2021 at 11:19AM by hashbrown256
via reddit https://ift.tt/3y1AI9F
https://ift.tt/2V7R3ep
Submitted July 23, 2021 at 11:19AM by hashbrown256
via reddit https://ift.tt/3y1AI9F
Chaah
Recon in VB
Hardening results