Zuthuka : A collaborative free open-souce c2 integration framework
https://ift.tt/37vSmq8
Submitted August 07, 2021 at 09:31PM by Nhoty
via reddit https://ift.tt/3Ao1IRA
https://ift.tt/37vSmq8
Submitted August 07, 2021 at 09:31PM by Nhoty
via reddit https://ift.tt/3Ao1IRA
GitHub
GitHub - pucarasec/zuthaka: Zuthaka is an open source application designed to assist red-teaming efforts, by simplifying the task…
Zuthaka is an open source application designed to assist red-teaming efforts, by simplifying the task of managing different APTs and other post-exploitation tools. - GitHub - pucarasec/zuthaka: Zu...
GitHub - Tylous/SourcePoint: Is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
https://ift.tt/3lGhQtm
Submitted August 08, 2021 at 02:38AM by tylous
via reddit https://ift.tt/37s5xc0
https://ift.tt/3lGhQtm
Submitted August 08, 2021 at 02:38AM by tylous
via reddit https://ift.tt/37s5xc0
GitHub
GitHub - Tylous/SourcePoint: SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure…
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion. - GitHub - Tylous/SourcePoint: SourcePoint is a C2 profile generator for Cobalt Stri...
Want to build a 5G Lab after watching some of the awesome talks at BH 2021 ?
https://ift.tt/30qpJp4
Submitted August 07, 2021 at 03:14AM by pentest4life
via reddit https://ift.tt/3AlYDBn
https://ift.tt/30qpJp4
Submitted August 07, 2021 at 03:14AM by pentest4life
via reddit https://ift.tt/3AlYDBn
GitHub
GitHub - W00t3k/Awesome-Cellular-Hacking: Awesome-Cellular-Hacking
Awesome-Cellular-Hacking. Contribute to W00t3k/Awesome-Cellular-Hacking development by creating an account on GitHub.
DEF CON 29 Main Stage Presentations [VIDEO]
https://www.youtube.com/playlist?list=PL9fPq3eQfaaBUD1zVxJWJmX86A6d0isBI
Submitted August 08, 2021 at 03:03AM by sanitybit
via reddit https://ift.tt/37sE6Pa
https://www.youtube.com/playlist?list=PL9fPq3eQfaaBUD1zVxJWJmX86A6d0isBI
Submitted August 08, 2021 at 03:03AM by sanitybit
via reddit https://ift.tt/37sE6Pa
CVE-2021-29922 – rust standard library “net” – Improper Input Validation of octal literals in rust 1.52 and below. (See comments for CVE-2021-29923 golang)
https://ift.tt/3lWKHtN
Submitted August 08, 2021 at 05:11PM by docker-osx
via reddit https://ift.tt/3yzhUP8
https://ift.tt/3lWKHtN
Submitted August 08, 2021 at 05:11PM by docker-osx
via reddit https://ift.tt/3yzhUP8
Sick Codes - Security Research, Hardware & Software Hacking, Consulting, Linux, IoT, Cloud, Embedded, Arch, Tweaks & Tips!
CVE-2021-29922 – rust standard library “net” – Improper Input Validation of octal literals in rust 1.52.0 std::net and below results…
Title CVE-2021-29922 rust standard library "net" - Improper Input Validation of octal literals in rust 1.52.0 std::net and below results
Intigriti’s PHP challenge breakdown
https://ift.tt/3s3LiuI
Submitted August 08, 2021 at 09:44PM by _SecurityGOAT
via reddit https://ift.tt/3AilOwi
https://ift.tt/3s3LiuI
Submitted August 08, 2021 at 09:44PM by _SecurityGOAT
via reddit https://ift.tt/3AilOwi
Medium
Intigriti’s PHP challenge breakdown
Let’s discuss issues with the PHP code shared by Initgriti! We will discuss on how you can shoot yourself in the foot with PHP’s…
Being “root” on two Agriculture Companies (in Good Faith). Maxing out the John Deere Operations Center Worldwide and Case Industrial in Brazil (ft. PEGA CVE, SQLi, exposed Java Melody)
https://ift.tt/3fLu3Jp
Submitted August 09, 2021 at 10:04AM by docker-osx
via reddit https://ift.tt/3lOhDEu
https://ift.tt/3fLu3Jp
Submitted August 09, 2021 at 10:04AM by docker-osx
via reddit https://ift.tt/3lOhDEu
Sick Codes - Security Research, Hardware & Software Hacking, Consulting, Linux, IoT, Cloud, Embedded, Arch, Tweaks & Tips!
Being “root” on two Agriculture Companies (in Good Faith). Maxing out the John Deere Operations Center Worldwide and Case Industrial…
Over the weekend, we presented an undertaking by a group of researchers that decided to "just have a look" at
Our student project (UC Berkeley) is a tool providing company intelligence with a focus on net security and safety. Would love hear any feedback and thoughts - thanks so much!
https://ift.tt/3CxYBrO
Submitted August 09, 2021 at 10:45AM by Raio95
via reddit https://ift.tt/3AqJyyk
https://ift.tt/3CxYBrO
Submitted August 09, 2021 at 10:45AM by Raio95
via reddit https://ift.tt/3AqJyyk
flowpro-test.web.app
CyberSights
Web site created using create-react-app
CVE-2021-2109: Oracle Weblogic/Peoplesoft Malware attack and Analysis
https://ift.tt/3jATAGu
Submitted August 09, 2021 at 12:26PM by thatmemforensicsguy
via reddit https://ift.tt/3jEIXCj
https://ift.tt/3jATAGu
Submitted August 09, 2021 at 12:26PM by thatmemforensicsguy
via reddit https://ift.tt/3jEIXCj
TNP IT Security - Gaining root access on Sonos Play (1st gen and 2nd gen 'One') Speakers
https://ift.tt/3jD9dgz
Submitted August 09, 2021 at 04:57PM by TNPitsecurity
via reddit https://ift.tt/37toJG3
https://ift.tt/3jD9dgz
Submitted August 09, 2021 at 04:57PM by TNPitsecurity
via reddit https://ift.tt/37toJG3
Tnpitsecurity
[EN] Responsible Disclosure - Gaining root access on Sonos Play (1st gen and 2nd gen 'One') Speakers - TNP IT Security
Gaining root access on Sonos Play (1st-gen and 2nd-gen 'One') Speakers
NO STARTTLS
https://ift.tt/3lK6CnA
Submitted August 09, 2021 at 08:23PM by moviuro
via reddit https://ift.tt/3jCl9iG
https://ift.tt/3lK6CnA
Submitted August 09, 2021 at 08:23PM by moviuro
via reddit https://ift.tt/3jCl9iG
nostarttls.secvuln.info
NO STARTTLS
We present multiple vulnerabilities related to the use of STARTTLS
Why TLS is better without STARTTLS A Security Analysis of STARTTLS in the Email Context
https://ift.tt/3lK6CnA
Submitted August 09, 2021 at 09:24PM by moviuro
via reddit https://ift.tt/2Vvu4ul
https://ift.tt/3lK6CnA
Submitted August 09, 2021 at 09:24PM by moviuro
via reddit https://ift.tt/2Vvu4ul
nostarttls.secvuln.info
NO STARTTLS
We present multiple vulnerabilities related to the use of STARTTLS
Linux Privilege Escalation via package managers. Different ways you can gain a root shell when you have sudo permissions to run a package manager.
https://ift.tt/3jE9sIf
Submitted August 09, 2021 at 10:09PM by ikuamike
via reddit https://ift.tt/2VAYvii
https://ift.tt/3jE9sIf
Submitted August 09, 2021 at 10:09PM by ikuamike
via reddit https://ift.tt/2VAYvii
ikuamike
Linux Privilege Escalation - Package Managers
Learn to create malicious admission controller
https://ift.tt/3s3HN7c
Submitted August 09, 2021 at 10:25PM by Rewanth_Tammana
via reddit https://ift.tt/3jyx5BY
https://ift.tt/3s3HN7c
Submitted August 09, 2021 at 10:25PM by Rewanth_Tammana
via reddit https://ift.tt/3jyx5BY
Rewanth Tammana's Blog
Creating Malicious Admission Controllers
In this article, we will create a malicious admission controller, understand the technicalities, and analyze its impact.
You're Doing IoT RNG
https://ift.tt/3itEoLT
Submitted August 10, 2021 at 01:05AM by breach_house
via reddit https://ift.tt/3lMJFjD
https://ift.tt/3itEoLT
Submitted August 10, 2021 at 01:05AM by breach_house
via reddit https://ift.tt/3lMJFjD
Bishopfox
You're Doing IoT RNG
Learn why hardware random number generators (RNG) used by billions of IoT devices to create encryption keys don't always generate random numbers.
CVE-2021-31162 In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics.
https://ift.tt/3abJLe9
Submitted August 10, 2021 at 02:16AM by dmyrelot
via reddit https://ift.tt/3jIOt7d
https://ift.tt/3abJLe9
Submitted August 10, 2021 at 02:16AM by dmyrelot
via reddit https://ift.tt/3jIOt7d
Existing WordPress Security Plugins Fail to Provide Non-Bypassble Protection Against Easy to Stop WordPress Plugin Vulnerability
https://ift.tt/2Vzxz2W
Submitted August 10, 2021 at 03:36AM by PluginVulns
via reddit https://ift.tt/2Xhclr7
https://ift.tt/2Vzxz2W
Submitted August 10, 2021 at 03:36AM by PluginVulns
via reddit https://ift.tt/2Xhclr7
Pluginvulnerabilities
Existing WordPress Security Plugins Fail to Provide Non-Bypassble Protection Against Easy to Stop WordPress Plugin Vulnerability
When we did testing several years back to see if WordPress security plugins could prevent the exploitation of vulnerabilities in other WordPress plugins, the results were not good. In one test, we fou
Multiple vulnerabilities found in Cpanel/WHM
https://ift.tt/3s3o1ZN
Submitted August 10, 2021 at 12:55PM by adrian_rt
via reddit https://ift.tt/3AscNRp
https://ift.tt/3s3o1ZN
Submitted August 10, 2021 at 12:55PM by adrian_rt
via reddit https://ift.tt/3AscNRp
Cyber Security Services - London
Multiple vulnerabilities in cPanel/WHM - Cyber Security Services - London
Multiple vulnerabilities in cPanel/WHM. Privilege Escalation via stored XSS. Cross-Site WebSocket Hijacking.CSRF bypass
Permission issue in Facebook for Android allows an intruder to accept friend request from a victim phone without unlocking it [Unpatched]
https://ift.tt/2VHavie
Submitted August 10, 2021 at 12:35PM by staz0t
via reddit https://ift.tt/2VKMFCu
https://ift.tt/2VHavie
Submitted August 10, 2021 at 12:35PM by staz0t
via reddit https://ift.tt/2VKMFCu
reddit
Permission issue in Facebook for Android allows an intruder to...
Posted in r/netsec by u/staz0t • 9 points and 3 comments
Christmas tree packet
https://ift.tt/37xA2xa
Submitted August 10, 2021 at 03:51PM by dontbenebby
via reddit https://ift.tt/2VJs5SU
https://ift.tt/37xA2xa
Submitted August 10, 2021 at 03:51PM by dontbenebby
via reddit https://ift.tt/2VJs5SU
Wikipedia
Christmas tree packet
unit of data used in information technology
How to Hack APIs in 2021
https://ift.tt/3g887bV
Submitted August 10, 2021 at 06:00PM by intheclairdelune
via reddit https://ift.tt/2VCWodQ
https://ift.tt/3g887bV
Submitted August 10, 2021 at 06:00PM by intheclairdelune
via reddit https://ift.tt/2VCWodQ
Detectify Labs
How to Hack APIs in 2021
APIs are essential for modern web app development. Learning how to hack APIs can help with security testing them.