Quick WAF "paranoid" Doctor Evaluation (WAFPARAN01D3 Tool)
https://ift.tt/3DI6dZ1
Submitted November 22, 2021 at 02:55PM by alt3kx
via reddit https://ift.tt/30KYmvM
https://ift.tt/3DI6dZ1
Submitted November 22, 2021 at 02:55PM by alt3kx
via reddit https://ift.tt/30KYmvM
GitHub
GitHub - alt3kx/wafparan01d3: Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool
Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool - GitHub - alt3kx/wafparan01d3: Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool
Tor v2 Deprecation Shifts Darknet Landscape | DarkOwl
https://ift.tt/3cBw4pH
Submitted November 22, 2021 at 05:08PM by MiguelHzBz
via reddit https://ift.tt/3DL2Rob
https://ift.tt/3cBw4pH
Submitted November 22, 2021 at 05:08PM by MiguelHzBz
via reddit https://ift.tt/3DL2Rob
DarkOwl | Dark Web Search Engine
Tor v2 Deprecation Shifts Darknet Landscape | DarkOwl
Hear the latest from our engineers who have been tracking the progress of the Tor Project's v2 Onion Services deprecation timeline.
The UNIX malware landscape - Reviewing the goods at MALWAREbazaar
https://ift.tt/3oPhUXR
Submitted November 22, 2021 at 06:34PM by timb_machine
via reddit https://ift.tt/3cBYkbN
https://ift.tt/3oPhUXR
Submitted November 22, 2021 at 06:34PM by timb_machine
via reddit https://ift.tt/3cBYkbN
GitHub
presentations/The UNIX malware landscape - Reviewing the goods at MALWAREbazaar v5.pdf at master · CiscoCXSecurity/presentations
Presentations from the CX Security Labs team. Contribute to CiscoCXSecurity/presentations development by creating an account on GitHub.
Unlocking the Vault: Unauthenticated Remote Code Execution against CommVault Command Center
https://ift.tt/3HLxqN2
Submitted November 22, 2021 at 10:39PM by scopedsecurity
via reddit https://ift.tt/3xagB9E
https://ift.tt/3HLxqN2
Submitted November 22, 2021 at 10:39PM by scopedsecurity
via reddit https://ift.tt/3xagB9E
Godaddy hacked - including admin passwords for both WordPress sites hosted on the platform, as well as passwords for sFTPs, databases and SSL private keys.
https://ift.tt/3CCW3aN
Submitted November 22, 2021 at 10:11PM by digicat
via reddit https://ift.tt/30M8eFc
https://ift.tt/3CCW3aN
Submitted November 22, 2021 at 10:11PM by digicat
via reddit https://ift.tt/30M8eFc
reddit
Godaddy hacked - including admin passwords for both WordPress...
Posted in r/netsec by u/digicat • 2 points and 0 comments
Achieve RCE or lateral movement by abusing WSUS to perform NTLM relay attacks
https://ift.tt/3oJYGTm
Submitted November 23, 2021 at 07:56PM by obilodeau
via reddit https://ift.tt/3cDB3WU
https://ift.tt/3oJYGTm
Submitted November 23, 2021 at 07:56PM by obilodeau
via reddit https://ift.tt/3cDB3WU
GoSecure
GoSecure Investigates Abusing Windows Server Update Services (WSUS) to Enable NTLM Relaying Attacks - GoSecure
WSUS client automatically authenticates with NTLM as the current user or the machine account, allowing relay for remote code execution or lateral movement.
Black Friday Deals 2021 - Compiled from Github Repo
https://ift.tt/2Zh5crX
Submitted November 23, 2021 at 09:19PM by halencarjunior
via reddit https://ift.tt/30OX2aH
https://ift.tt/2Zh5crX
Submitted November 23, 2021 at 09:19PM by halencarjunior
via reddit https://ift.tt/30OX2aH
bt0’s Security Blog
Black Friday Infosec Deals
Black Friday Deals - 2021 Deals Repository
Web Fundamentals for Hackers YouTube Series release! With Hand Made Animations!
https://www.youtube.com/playlist?list=PLwnDE0CN30Q9x3JMsHrRMGoLhpF8vZ1ka
Submitted November 24, 2021 at 01:43AM by SecAura
via reddit https://ift.tt/3DOldEL
https://www.youtube.com/playlist?list=PLwnDE0CN30Q9x3JMsHrRMGoLhpF8vZ1ka
Submitted November 24, 2021 at 01:43AM by SecAura
via reddit https://ift.tt/3DOldEL
YouTube
Web Fundamentals for Cyber Security Series
A Web series dedicated to teaching Web fundamentals, for aspriring Web Hackers! In these series I hand produce animations and demos to teach real concepts th...
Full key extraction of NVIDIA™ TSEC
https://ift.tt/30QAEO2
Submitted November 24, 2021 at 06:26AM by Gallus
via reddit https://ift.tt/3nIQZ0s
https://ift.tt/30QAEO2
Submitted November 24, 2021 at 06:26AM by Gallus
via reddit https://ift.tt/3nIQZ0s
Reddit
r/netsec on Reddit: Full key extraction of NVIDIA™ TSEC
Posted by u/Gallus - 297 votes and 23 comments
OffensiveAutoIt - Offensive tooling notes and experiments in AutoIt v3
https://ift.tt/3CZcu1z
Submitted November 24, 2021 at 12:26PM by hanbei-undying
via reddit https://ift.tt/3cIviaE
https://ift.tt/3CZcu1z
Submitted November 24, 2021 at 12:26PM by hanbei-undying
via reddit https://ift.tt/3cIviaE
GitHub
GitHub - V1V1/OffensiveAutoIt: Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitnoscript.com/site/autoit/)
Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitnoscript.com/site/autoit/) - GitHub - V1V1/OffensiveAutoIt: Offensive tooling notes and experiments in AutoIt v3 (https://www.a...
Brida 0.5 released for Hack In Paris 2021
https://ift.tt/3xioREw
Submitted November 24, 2021 at 03:14PM by 0xdea
via reddit https://ift.tt/3cFyrIa
https://ift.tt/3xioREw
Submitted November 24, 2021 at 03:14PM by 0xdea
via reddit https://ift.tt/3cFyrIa
hn security
Brida 0.5 released for Hack In Paris 2021! - hn security
Hi! Last Friday my colleague Piergiovanni […]
Hunting for Persistence in Linux: Auditd, Sysmon, Osquery, and Webshells
https://ift.tt/3xghCwU
Submitted November 24, 2021 at 07:04PM by dashboard_monkey
via reddit https://ift.tt/3cHYfTV
https://ift.tt/3xghCwU
Submitted November 24, 2021 at 07:04PM by dashboard_monkey
via reddit https://ift.tt/3cHYfTV
pepe berba
Hunting for Persistence in Linux (Part 1): Auditd, Sysmon, Osquery (and Webshells)
An introduction to monitoring and logging in linux to look for persistence.
Voice recordings can reveal sensitive information based on a speaker’s voice and way of talking (geographical origin, health, personality, etc). Most people, including IT experts, are not aware of the detailed information that companies can infer from voice commands/messages/calls, new study warns.
https://ift.tt/3CJEPIO
Submitted November 24, 2021 at 07:59PM by alyss0122
via reddit https://ift.tt/3CQyOKx
https://ift.tt/3CJEPIO
Submitted November 24, 2021 at 07:59PM by alyss0122
via reddit https://ift.tt/3CQyOKx
Implementing SAML Authentication in Enterprise SaaS Applications
https://ift.tt/3r5N3Zz
Submitted November 24, 2021 at 07:53PM by bidrawrob
via reddit https://ift.tt/3nMEnp2
https://ift.tt/3r5N3Zz
Submitted November 24, 2021 at 07:53PM by bidrawrob
via reddit https://ift.tt/3nMEnp2
Frontegg
Implementing SAML Authentication in Enterprise SaaS Applications | Frontegg
Learn about the benefits of SAML, how SAML authentication works, SAML use cases, and how to implement SAML on the Cloud.
How to Detect Azure Active Directory Backdoors: Identity Federation
https://ift.tt/3oUFO4a
Submitted November 24, 2021 at 08:59PM by ksr_malware
via reddit https://ift.tt/3DOnEav
https://ift.tt/3oUFO4a
Submitted November 24, 2021 at 08:59PM by ksr_malware
via reddit https://ift.tt/3DOnEav
Inversecos
How to Detect Azure Active Directory Backdoors: Identity Federation
RT @sectalks: Join us. We all need one! #Sydney https://t.co/RtyXXo1o1i
https://ift.tt/3oYUejF
Submitted November 25, 2021 at 11:53AM by pi3ch
via reddit https://ift.tt/3HQpH04
https://ift.tt/3oYUejF
Submitted November 25, 2021 at 11:53AM by pi3ch
via reddit https://ift.tt/3HQpH04
Meetup
Login to Meetup | Meetup
Not a Meetup member yet? Log in and find groups that host online or in person events and meet people in your local community who share your interests.
Android APT spyware, targeting Middle East victims, enhances evasiveness
https://ift.tt/3HK9d9R
Submitted November 24, 2021 at 12:38AM by ksr_malware
via reddit https://ift.tt/3DR92at
https://ift.tt/3HK9d9R
Submitted November 24, 2021 at 12:38AM by ksr_malware
via reddit https://ift.tt/3DR92at
Sophos News
Android APT spyware, targeting Middle East victims, enhances evasiveness
The phone spyware has new features that confer resistance to takedowns or manual removal
Blue Team - Black Friday Deals
https://ift.tt/3p7nhln
Submitted November 26, 2021 at 09:50PM by SnooGadgets2368
via reddit https://ift.tt/3xqD5Dm
https://ift.tt/3p7nhln
Submitted November 26, 2021 at 09:50PM by SnooGadgets2368
via reddit https://ift.tt/3xqD5Dm
GitHub
GitHub - lolnoscript/BlueTeam-BlackFriday-Deals
Contribute to lolnoscript/BlueTeam-BlackFriday-Deals development by creating an account on GitHub.
Vulnerability in the Insulet OmniPod Insulin Management System allows an attacker nearby to schedule or immediately inject insulin
https://ift.tt/3cS8chD
Submitted November 27, 2021 at 05:44PM by CommanderHutli
via reddit https://ift.tt/3xuL6ar
https://ift.tt/3cS8chD
Submitted November 27, 2021 at 05:44PM by CommanderHutli
via reddit https://ift.tt/3xuL6ar
Reddit
r/netsec on Reddit: Vulnerability in the Insulet OmniPod Insulin Management System allows an attacker nearby to schedule or immediately…
Posted by u/CommanderHutli - 543 votes and 62 comments
WordPress Plugin Confusion: How an update can get you pwned
https://ift.tt/3nPj5XK
Submitted November 25, 2021 at 09:38PM by _vavkamil_
via reddit https://ift.tt/3p6ba7Z
https://ift.tt/3nPj5XK
Submitted November 25, 2021 at 09:38PM by _vavkamil_
via reddit https://ift.tt/3p6ba7Z
Kamil Vavra @vavkamil
WordPress Plugin Confusion: How an update can get you pwned
tl;dr: Like the novel “Dependency Confusion” supply chain attack, it is possible to take over internally developed WordPress plugins unclaimed on the wordpress.org registry. Updating the plugin might result in the RCE or installing a PHP backdoor. You can…
Data Exfiltration via CSS + SVG Font
https://ift.tt/3cSjdQd
Submitted November 29, 2021 at 06:37AM by Gallus
via reddit https://ift.tt/319rvAS
https://ift.tt/3cSjdQd
Submitted November 29, 2021 at 06:37AM by Gallus
via reddit https://ift.tt/319rvAS
mksben.l0.cm
Data Exfiltration via CSS + SVG Font
This post will show that the SVG fonts and CSS can be used for reading the page's text contents. There are several known ways to read the pa...