Kernel shellcode injector
https://ift.tt/3ADvUs0
Submitted August 12, 2021 at 10:08PM by w1n11
via reddit https://ift.tt/3lWBwJw
https://ift.tt/3ADvUs0
Submitted August 12, 2021 at 10:08PM by w1n11
via reddit https://ift.tt/3lWBwJw
Kernel file/process/object tool
https://ift.tt/3ADom8t
Submitted August 12, 2021 at 10:06PM by w1n11
via reddit https://ift.tt/3ggUAyP
https://ift.tt/3ADom8t
Submitted August 12, 2021 at 10:06PM by w1n11
via reddit https://ift.tt/3ggUAyP
Unlocking Serverless Computing to Assess Security Controls
https://ift.tt/3Ag805o
Submitted August 13, 2021 at 11:08AM by Lb6k7xnoKaeA8Mk
via reddit https://ift.tt/3jNWoAd
https://ift.tt/3Ag805o
Submitted August 13, 2021 at 11:08AM by Lb6k7xnoKaeA8Mk
via reddit https://ift.tt/3jNWoAd
GitHub
GitHub - Azure/Cloud-Katana: Unlocking Serverless Computing to Assess Security Controls
Unlocking Serverless Computing to Assess Security Controls - GitHub - Azure/Cloud-Katana: Unlocking Serverless Computing to Assess Security Controls
A neat XSS trick: Gareth Heyes (@garethheyes) special
https://ift.tt/3sd3UZ0
Submitted August 12, 2021 at 06:21PM by _SecurityGOAT
via reddit https://ift.tt/37FoS9B
https://ift.tt/3sd3UZ0
Submitted August 12, 2021 at 06:21PM by _SecurityGOAT
via reddit https://ift.tt/37FoS9B
Medium
Neat XSS trick from a G.O.A.T — Gareth Heyes special
Let’s discuss about this interesting XSS challenge, that was shared yesterday by Gareth Heyes! Read on to learn a neat Javanoscript trick :)
GitHub - RossGeerlings/webstor: A noscript to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.
https://ift.tt/3scBTB0
Submitted August 12, 2021 at 12:15AM by RossGeerlings
via reddit https://ift.tt/3sgAtoQ
https://ift.tt/3scBTB0
Submitted August 12, 2021 at 12:15AM by RossGeerlings
via reddit https://ift.tt/3sgAtoQ
GitHub
GitHub - RossGeerlings/webstor: WebStor efficiently enumerates all websites across your organization’s networks and those in your…
WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and l...
Intigriti’s Flask Challenge Breakdown
https://ift.tt/2VRmDx6
Submitted August 13, 2021 at 10:36PM by _SecurityGOAT
via reddit https://ift.tt/2VQZL0O
https://ift.tt/2VRmDx6
Submitted August 13, 2021 at 10:36PM by _SecurityGOAT
via reddit https://ift.tt/2VQZL0O
Medium
Intigriti’s Flask Challenge Breakdown
Let’s see what the dev’s have cooked up at Intigriti today! A damn vulnerable & broken Flask application. Let’s hack it for Fun & Learning!
my new blog in GitHub about security
https://ift.tt/3xMrA7V
Submitted August 14, 2021 at 05:57AM by Novel_Author
via reddit https://ift.tt/3CJCiQ9
https://ift.tt/3xMrA7V
Submitted August 14, 2021 at 05:57AM by Novel_Author
via reddit https://ift.tt/3CJCiQ9
GitHub
GitHub - eddiechu/Encrypt-Delete-Test: Really can protect from ransomware encryption?
Really can protect from ransomware encryption? Contribute to eddiechu/Encrypt-Delete-Test development by creating an account on GitHub.
e9afl: AFL binary instrumentation
https://ift.tt/3AAIwzZ
Submitted August 14, 2021 at 01:25PM by 0xdea
via reddit https://ift.tt/3g2M4Dh
https://ift.tt/3AAIwzZ
Submitted August 14, 2021 at 01:25PM by 0xdea
via reddit https://ift.tt/3g2M4Dh
GitHub
GitHub - GJDuck/e9afl: AFL binary instrumentation
AFL binary instrumentation. Contribute to GJDuck/e9afl development by creating an account on GitHub.
Security by Obscurity: You don’t know it!
https://ift.tt/3jRugfC
Submitted August 14, 2021 at 06:27PM by _SecurityGOAT
via reddit https://ift.tt/3CPKpLa
https://ift.tt/3jRugfC
Submitted August 14, 2021 at 06:27PM by _SecurityGOAT
via reddit https://ift.tt/3CPKpLa
Medium
Security by Obscurity: You don’t know it!
Let’s talk about the term Security by Obscurity and I can bet that you don’t understand it fully! And I will help you clear your…
Weaponizing Middleboxes for TCP Reflected Amplification
https://ift.tt/3CRHd1I
Submitted August 14, 2021 at 10:11PM by dml-at-umd
via reddit https://ift.tt/3jTSHc8
https://ift.tt/3CRHd1I
Submitted August 14, 2021 at 10:11PM by dml-at-umd
via reddit https://ift.tt/3jTSHc8
censorship.ai
Weaponizing Middleboxes for TCP Reflected Amplification
Censors pose a threat to the entire Internet.
Chaining PHP Exploits with the help of Magic (and luck)
https://ift.tt/3iMToVn
Submitted August 15, 2021 at 12:32AM by _creosote
via reddit https://ift.tt/37PcLql
https://ift.tt/3iMToVn
Submitted August 15, 2021 at 12:32AM by _creosote
via reddit https://ift.tt/37PcLql
Slayer Labs – Cyber Range Platform
rConfig 3.9.6 - Magic Hash Auth Bypass to RCE
rConfig 3.9.6 chained exploits
PE Loader From a PE Section
https://ift.tt/37KY5ZE
Submitted August 13, 2021 at 11:25AM by Aruen2
via reddit https://ift.tt/37JWh32
https://ift.tt/37KY5ZE
Submitted August 13, 2021 at 11:25AM by Aruen2
via reddit https://ift.tt/37JWh32
GitHub
GitHub - frkngksl/Huan: Encrypted PE Loader Generator
Encrypted PE Loader Generator. Contribute to frkngksl/Huan development by creating an account on GitHub.
Red Teaming Gitbook Notes
https://ift.tt/3iL0eun
Submitted August 15, 2021 at 10:26AM by MajorAd1511
via reddit https://ift.tt/3iLtJw8
https://ift.tt/3iL0eun
Submitted August 15, 2021 at 10:26AM by MajorAd1511
via reddit https://ift.tt/3iLtJw8
Experience Diary: Doing Infosec Research the right way!
https://ift.tt/3m78uai
Submitted August 15, 2021 at 10:59PM by _SecurityGOAT
via reddit https://ift.tt/37IgtlR
https://ift.tt/3m78uai
Submitted August 15, 2021 at 10:59PM by _SecurityGOAT
via reddit https://ift.tt/37IgtlR
Medium
Experience Diary: Doing infosec research the right way
Let me share my experience on how I do research on a topic. I would be happy to know your methodology as well :)
Trickbot Deploys a Fake 1Password Installer - In this intrusion, we will take a look at a Trickbot infection, where soon after gaining access, the threat actor started to enumerate the target network and dump credential information.
https://ift.tt/3AOUy99
Submitted August 16, 2021 at 07:05AM by TheDFIRReport
via reddit https://ift.tt/2W0akPF
https://ift.tt/3AOUy99
Submitted August 16, 2021 at 07:05AM by TheDFIRReport
via reddit https://ift.tt/2W0akPF
The DFIR Report
Trickbot Leads Up to Fake 1Password Installation
In this intrusion, we will take a look at a Trickbot infection, where soon after gaining access, the threat actor started to enumerate the target network and dump credential information. A setup file, which attempted to masquerade as a legitimate software…
Researchers unveil new DDoS amplification attack... with technically infinite amplification. The attack weaponizes firewalls and censors for amplification.
https://ift.tt/3m2Zt20
Submitted August 16, 2021 at 09:50AM by Correcthorse121
via reddit https://ift.tt/3sl0lQG
https://ift.tt/3m2Zt20
Submitted August 16, 2021 at 09:50AM by Correcthorse121
via reddit https://ift.tt/3sl0lQG
censorship.ai
Weaponizing Middleboxes for TCP Reflected Amplification
Censors pose a threat to the entire Internet.
Advisory: Multiple Issues in Realtek SDK Affects Thousands of Devices Down the Supply Chain - IoT Inspector
https://ift.tt/3AHChKP
Submitted August 16, 2021 at 12:38PM by g_e_r_h_a_r_d
via reddit https://ift.tt/2VTBNlC
https://ift.tt/3AHChKP
Submitted August 16, 2021 at 12:38PM by g_e_r_h_a_r_d
via reddit https://ift.tt/2VTBNlC
IoT Inspector
Advisory: Multiple Issues in Realtek SDK Affects Hundreds of Thousands of Devices Down the Supply Chain - IoT Inspector
At least 65 vendors affected by severe vulnerabilities that enable unauthenticated attackers to fully compromise the target device.
HiveNightmare - Practical Use Cases
https://ift.tt/3k0oY15
Submitted August 16, 2021 at 01:02PM by netbiosX
via reddit https://ift.tt/3AMFuZq
https://ift.tt/3k0oY15
Submitted August 16, 2021 at 01:02PM by netbiosX
via reddit https://ift.tt/3AMFuZq
Penetration Testing Lab
HiveNightmare
The security account manager (SAM) file contains the password hashes of the users on a Windows system. Since it is considered a sensitive file SYSTEM level privileges are required to view its conte…
Guide to Prototype Pollution Vulnerabilities
https://ift.tt/2VVXJgc
Submitted August 16, 2021 at 01:45PM by atgemsip
via reddit https://ift.tt/2Ujc5GI
https://ift.tt/2VVXJgc
Submitted August 16, 2021 at 01:45PM by atgemsip
via reddit https://ift.tt/2Ujc5GI
WhiteSource
The Complete Guide to Prototype Pollution Vulnerabilities
An in-depth look at Prototype Pollution vulnerabilities and how to mitigate them.
Dan Kaminsky (discoverer of DNS cache poisining) fellowship is now accepting applications
https://ift.tt/2TRyzOR
Submitted August 16, 2021 at 07:28PM by wtbengdeg
via reddit https://ift.tt/3sywqEV
https://ift.tt/2TRyzOR
Submitted August 16, 2021 at 07:28PM by wtbengdeg
via reddit https://ift.tt/3sywqEV
Wodify - 3 Vulnerabilities Found in Popular Gym Management App
https://ift.tt/3yRdK5m
Submitted August 16, 2021 at 10:16PM by breach_house
via reddit https://ift.tt/3xMGUkJ
https://ift.tt/3yRdK5m
Submitted August 16, 2021 at 10:16PM by breach_house
via reddit https://ift.tt/3xMGUkJ
Bishopfox
Wodify
The Bishop Fox team discovered three vulnerabilities that could have a severe business and reputational risk for Wodify.