New Attacks on Kubernetes via Misconfigured Argo Workflows
https://ift.tt/2VWRc4y
Submitted July 21, 2021 at 08:19PM by Milafasents
via reddit https://ift.tt/3rpAuGM
https://ift.tt/2VWRc4y
Submitted July 21, 2021 at 08:19PM by Milafasents
via reddit https://ift.tt/3rpAuGM
Intezer
New Attacks on Kubernetes via Misconfigured Argo Workflows
Argo Workflows is an open-source, container-native workflow engine designed to run on K8s clusters.
Statically-linked ssh server with reverse shell functionality for CTFs
https://ift.tt/3xPnjBq
Submitted July 21, 2021 at 08:45PM by beleeee_dat
via reddit https://ift.tt/3eJ9RaO
https://ift.tt/3xPnjBq
Submitted July 21, 2021 at 08:45PM by beleeee_dat
via reddit https://ift.tt/3eJ9RaO
GitHub
GitHub - Fahrj/reverse-ssh: Statically-linked ssh server with reverse shell functionality for CTFs and such
Statically-linked ssh server with reverse shell functionality for CTFs and such - GitHub - Fahrj/reverse-ssh: Statically-linked ssh server with reverse shell functionality for CTFs and such
How is this domain redirecting to another website? If I manually go to the first link it shows as a wrong site, but if I click the link it goes to another website.
https://ift.tt/3eG8bid
Submitted July 21, 2021 at 09:43PM by tbilisi
via reddit https://ift.tt/2UrI5c0
https://ift.tt/3eG8bid
Submitted July 21, 2021 at 09:43PM by tbilisi
via reddit https://ift.tt/2UrI5c0
QilingLab: a series of challenges by Th3Zer0 to train your Qiling skills 💪🏾 -- solve 'em all and share your writeup!
https://ift.tt/3hTlEoI
Submitted July 21, 2021 at 10:10PM by smaury
via reddit https://ift.tt/3eGZ40I
https://ift.tt/3hTlEoI
Submitted July 21, 2021 at 10:10PM by smaury
via reddit https://ift.tt/3eGZ40I
Shielder
Shielder - QilingLab – Release
Release of the QilingLab challenge.
NPM Package "nodejs_net_server" caught Stealing user data from browser!
https://ift.tt/3BrxGh6
Submitted July 21, 2021 at 10:52PM by broken__beast0195
via reddit https://ift.tt/3iCEEHp
https://ift.tt/3BrxGh6
Submitted July 21, 2021 at 10:52PM by broken__beast0195
via reddit https://ift.tt/3iCEEHp
TensorBugs
NPM Package 'nodejs_net_server' caught Stealing user data from browser!
infoomagazines, news, latest, business
Reversing for dummies - x86 assembly and C code (Beginner/ADHD friendly) · 0x41.cf
https://ift.tt/3roPEfo
Submitted July 22, 2021 at 04:07AM by TheAndroidGeek
via reddit https://ift.tt/3x0NrI5
https://ift.tt/3roPEfo
Submitted July 22, 2021 at 04:07AM by TheAndroidGeek
via reddit https://ift.tt/3x0NrI5
Top Organizations On GitHub Vulnerable To Dependency Confusion Attacks - RedHunt Labs
https://ift.tt/3iy1pwc
Submitted July 22, 2021 at 04:14PM by redhuntlabs
via reddit https://ift.tt/3xXc61P
https://ift.tt/3iy1pwc
Submitted July 22, 2021 at 04:14PM by redhuntlabs
via reddit https://ift.tt/3xXc61P
RedHunt Labs
Top Organizations On GitHub Vulnerable To Dependency Confusion Attacks - RedHunt Labs
We analyzed the top 1,000 GitHub organizations. It involved scanning 38,691 GitHub repositories (Ruby, Python, JavaScript, Go, and PHP code).
Forgetting passwords for profit - I wrote a tool to find DNS vulnerabilities in web applications.
https://ift.tt/2UXUnZn
Submitted July 22, 2021 at 05:09PM by The_Login
via reddit https://ift.tt/3wRyqZi
https://ift.tt/2UXUnZn
Submitted July 22, 2021 at 05:09PM by The_Login
via reddit https://ift.tt/3wRyqZi
GitHub
GitHub - The-Login/DNS-Reset-Checker: Tools to assess the DNS security of web applications
Tools to assess the DNS security of web applications - GitHub - The-Login/DNS-Reset-Checker: Tools to assess the DNS security of web applications
CVE-2021-36934 temporary mitigation in commandprompt.
https://ift.tt/2TqLOWw
Submitted July 22, 2021 at 05:58PM by nindustries
via reddit https://ift.tt/2UBqf6i
https://ift.tt/2TqLOWw
Submitted July 22, 2021 at 05:58PM by nindustries
via reddit https://ift.tt/2UBqf6i
Gist
CVE-2021-36934 manual mitigation in commandprompt.
CVE-2021-36934 manual mitigation in commandprompt. - CVE-2021-36934.bat
5GC API parse - A Burp Suite extension to assess 5G core network functions
https://ift.tt/3hSHHfj
Submitted July 22, 2021 at 07:44PM by sebazzen
via reddit https://ift.tt/2UYhN0J
https://ift.tt/3hSHHfj
Submitted July 22, 2021 at 07:44PM by sebazzen
via reddit https://ift.tt/2UYhN0J
GitHub
GitHub - PentHertz/5GC_API_parse: A BurpSuite extension to parse 5GC NF OpenAPI 3.0 files to assess 5G core networks
A BurpSuite extension to parse 5GC NF OpenAPI 3.0 files to assess 5G core networks - GitHub - PentHertz/5GC_API_parse: A BurpSuite extension to parse 5GC NF OpenAPI 3.0 files to assess 5G core netw...
Looks like the old PunkSpider project is getting rebooted and updated
https://ift.tt/3zDLYJR
Submitted July 22, 2021 at 09:32PM by cleverRiver6
via reddit https://ift.tt/3iuSGuo
https://ift.tt/3zDLYJR
Submitted July 22, 2021 at 09:32PM by cleverRiver6
via reddit https://ift.tt/3iuSGuo
Risk Management for Cyber Security, Insurance, & Finance | QOMPLX
Punkspider Returns with Eyes on OWSAP Top 10 | QOMPLX
The popular Punkspider web vulnerability scanning tool is returning with bigger scale, broader reach and coverage of attacks in the OWASP Top 10.
Forgot password? Taking over user accounts Kaminsky style
https://ift.tt/3hY2yOp
Submitted July 22, 2021 at 09:57PM by The_Login
via reddit https://ift.tt/3kK3SWU
https://ift.tt/3hY2yOp
Submitted July 22, 2021 at 09:57PM by The_Login
via reddit https://ift.tt/3kK3SWU
SEC Consult
Forgot password? Taking over user accounts Kaminsky style
The "Forgot password?" feature and how DNS vulnerabilities may allow the takeover of user accounts.
Cryptojacking Attacks Continue To Target SSH Servers
https://ift.tt/2UwIeLi
Submitted July 23, 2021 at 04:21AM by securehoney
via reddit https://ift.tt/3kZXgUH
https://ift.tt/2UwIeLi
Submitted July 23, 2021 at 04:21AM by securehoney
via reddit https://ift.tt/3kZXgUH
Secure Honey
Cryptojacking Attacks Continue To Target SSH Servers | Secure Honey
Coming up in today's blog post: I'll be exploring recent cyber attacks targeting my SSH honeypots. From cryptojacking motives to techniques used by attackers.
Preventing Data Exfiltration with eBPF
https://ift.tt/3rtOIqa
Submitted July 23, 2021 at 04:14AM by benarent
via reddit https://ift.tt/3kZXiMj
https://ift.tt/3rtOIqa
Submitted July 23, 2021 at 04:14AM by benarent
via reddit https://ift.tt/3kZXiMj
Goteleport
Preventing Data Exfiltration with eBPF
An introduction to KRSI and how you can use it to dynamically prevent data exfiltration based on IP ranges.
Recon Script in VB . In case Powershell is disabled
https://ift.tt/2V7R3ep
Submitted July 23, 2021 at 11:19AM by hashbrown256
via reddit https://ift.tt/3y1AI9F
https://ift.tt/2V7R3ep
Submitted July 23, 2021 at 11:19AM by hashbrown256
via reddit https://ift.tt/3y1AI9F
Chaah
Recon in VB
Hardening results
Hidden parameters discovery suite wrapper - x8-Burp
https://ift.tt/3eJljTG
Submitted July 23, 2021 at 01:30AM by lmpact_
via reddit https://ift.tt/3kLqwOy
https://ift.tt/3eJljTG
Submitted July 23, 2021 at 01:30AM by lmpact_
via reddit https://ift.tt/3kLqwOy
GitHub
GitHub - Impact-I/x8-Burp: Hidden parameters discovery suite
Hidden parameters discovery suite. Contribute to Impact-I/x8-Burp development by creating an account on GitHub.
OpenSSH ssh-agent Shielded Private Key Extraction (x86_64 Linux)
https://ift.tt/3rwqmfC
Submitted July 23, 2021 at 02:41PM by 0xdea
via reddit https://ift.tt/2TuSKSx
https://ift.tt/3rwqmfC
Submitted July 23, 2021 at 02:41PM by 0xdea
via reddit https://ift.tt/2TuSKSx
hn security
OpenSSH ssh-agent Shielded Private Key Extraction (x86_64 Linux) - hn security
Some notes about retrieving an OpenSSH shielded private key from ssh-agent process memory (gcore dump)
A DDoS weakness assessment tool
https://ift.tt/3kKuwPz
Submitted July 23, 2021 at 07:24PM by alexbodryk
via reddit https://ift.tt/3zpxtcn
https://ift.tt/3kKuwPz
Submitted July 23, 2021 at 07:24PM by alexbodryk
via reddit https://ift.tt/3zpxtcn
GitHub
GitHub - Cyberlands-io/epiphany: A pre-DDoS security assessment tool
A pre-DDoS security assessment tool. Contribute to Cyberlands-io/epiphany development by creating an account on GitHub.
Windows Command-Line Obfuscation
https://ift.tt/3BwqcsZ
Submitted July 23, 2021 at 07:22PM by Wietze-
via reddit https://ift.tt/3eLdPzK
https://ift.tt/3BwqcsZ
Submitted July 23, 2021 at 07:22PM by Wietze-
via reddit https://ift.tt/3eLdPzK
www.wietzebeukema.nl
Windows Command-Line Obfuscation
Many Windows applications have multiple ways in which the same command line can be expressed, usually for compatibility or ease-of-use reasons. As a result, command-line arguments are implemented inconsistently making detecting specific commands harder due…
Meet JWTs Cousin: CBOR Web Tokens (CWTs) - An Introduction
https://ift.tt/3eOO8Ow
Submitted July 23, 2021 at 09:41PM by _SecurityGOAT
via reddit https://ift.tt/3BzbGkk
https://ift.tt/3eOO8Ow
Submitted July 23, 2021 at 09:41PM by _SecurityGOAT
via reddit https://ift.tt/3BzbGkk
Medium
CBOR Web Tokens (CWTs)
Meet JWTs cousin: CWT: machine-friendly, saves processing power, and is especially suitable for IoT devices. Provides same features as…
Windows Command-Line Obfuscation - Use & Discovery
https://ift.tt/3zy7vDF
Submitted July 23, 2021 at 09:20PM by WM-M-GM
via reddit https://ift.tt/37b55yJ
https://ift.tt/3zy7vDF
Submitted July 23, 2021 at 09:20PM by WM-M-GM
via reddit https://ift.tt/37b55yJ
www.wietzebeukema.nl
Windows Command-Line Obfuscation
Many Windows applications have multiple ways in which the same command line can be expressed, usually for compatibility or ease-of-use reasons. As a result, command-line arguments are implemented inconsistently making detecting specific commands harder due…