Netsec – Telegram
Netsec
@RNetsec
7.43K subscribers
22.4K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.43K subscribers
Netsec
Bootkit samples
https://ift.tt/3qxOazv

Submitted December 30, 2021 at 02:53PM by hardenedvault
via reddit https://ift.tt/3z8LXhU
GitHub
GitHub - hardenedvault/bootkit-samples: Bootkit sample for firmware attack
Bootkit sample for firmware attack. Contribute to hardenedvault/bootkit-samples development by creating an account on GitHub.
431 views
Netsec
I wrote a replacement for Pyrasite to inject code into Python processes on Kubernetes
https://ift.tt/33Zd8jy

Submitted December 30, 2021 at 08:26PM by nyellin
via reddit https://ift.tt/3FILYvd
GitHub
GitHub - robusta-dev/debug-toolkit: A modern code-injection framework for Python. Like Pyrasite but Kubernetes-aware.
A modern code-injection framework for Python. Like Pyrasite but Kubernetes-aware. - GitHub - robusta-dev/debug-toolkit: A modern code-injection framework for Python. Like Pyrasite but Kubernetes-aw...
425 views
Netsec
441K RedLine Malware affected accounts are included by Have I Been Pwned
https://ift.tt/32S6I5r

Submitted December 31, 2021 at 02:20PM by IT_band
via reddit https://ift.tt/32KGtxE
The Cybersecurity Times
441K RedLine Malware affected accounts are included by Have I Been Pwned - The Cybersecurity Times
If you're wondering whether your email account is compromised by RedLine malware, you can check the same with 'Have I Been Pwned' website as RedLine malware has now 441,000 accounts that are compromised.
430 views
Netsec
New year, new password habit
https://ift.tt/3JzWJme

Submitted December 31, 2021 at 08:07PM by Novel_Author
via reddit https://ift.tt/3mOa4xr
reddit
New year, new password habit
Posted in r/netsec by u/Novel_Author • 0 points and 3 comments
391 views
Netsec
New year, new password habit
https://ift.tt/3JuSM1W

Submitted December 31, 2021 at 08:05PM by Novel_Author
via reddit https://ift.tt/3mO9PCx
GitHub
GitHub - eddiechu/passbox: Compose your complex password
Compose your complex password. Contribute to eddiechu/passbox development by creating an account on GitHub.
404 views
Netsec
serpentine - C++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends
https://ift.tt/3cMxbjX

Submitted December 31, 2021 at 11:50PM by jafarlihi
via reddit https://ift.tt/3zgYLm9
GitHub
GitHub - jafarlihi/serpentine: C++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful…
C++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends - GitHub - jafarlihi/serpentine: C++/Win32/Boost Windows RAT (R...
464 views
Netsec
Build your own reconnaissance system with Osmedeus Next Generation
https://ift.tt/3JzF7a0

Submitted January 01, 2022 at 02:30PM by j3ssiejjj
via reddit https://ift.tt/3Jqptxs
reddit
Build your own reconnaissance system with Osmedeus Next Generation
Posted in r/netsec by u/j3ssiejjj • 54 points and 5 comments
404 views
Netsec
Fixing the Unfixable: Story of a Google Cloud SSRF
https://ift.tt/3EIw0zW

Submitted January 01, 2022 at 07:52PM by xdavidhu
via reddit https://ift.tt/3pHMq7B
bugs.xdavidhu.me
Fixing the Unfixable: Story of a Google Cloud SSRF
David Schütz's bug bounty writeups
430 views
Netsec
I found and fixed a vulnerability in Python's source code
https://ift.tt/3EtHasa

Submitted January 01, 2022 at 11:07PM by sn1pr0s
via reddit https://ift.tt/3mNvE5g
ExpiredDomains.com
tldr.engineering is for sale! Check it out on ExpiredDomains.com
tldr.engineering is available for sale! Check it out on ExpiredDomains.com. tldr.engineering is in high demand, secure it today!
437 views
Netsec
How to Detect DNS Tunneling in the Network
https://ift.tt/3xTwrpA

Submitted January 02, 2022 at 02:59PM by whyisvan
via reddit https://ift.tt/3pLu19P
Cato Networks
How to Detect DNS Tunneling in the Network?
In the past several years, we have seen multiple malware samples using DNS tunneling to exfiltrate data. In June, Microsoft Security Intelligence warned about BazarCall (or BazaLoader), a scam infecting victims with malware to get them to call a phony call…
442 views
Netsec
Kickstop the Blind Ego (BlindEagle writeup by sn0wmonster from 2016)
https://ift.tt/3eN6xL6

Submitted January 02, 2022 at 04:25PM by sn0wm0nster
via reddit https://ift.tt/3EMVU5y
Gist
Kickstop the Blind Ego (BlindEagle writeup)
Kickstop the Blind Ego (BlindEagle writeup). GitHub Gist: instantly share code, notes, and snippets.
406 views
Netsec
A simple, high-level framework on how & when to effectively use WAFs
https://ift.tt/3EM632s

Submitted January 02, 2022 at 05:21PM by jubbaonjeans
via reddit https://ift.tt/3zkzNSV
Substack
Edition 14: To WAF or not to WAF
Effectiveness of WAFs are a hotly debated subject in AppSec circles. This editions tries to bring a structure to that discussion.
438 views
Netsec
Turning off Wi-Fi & Bluetooth interfaces automatically in iOS
https://ift.tt/3mOMLUh

Submitted January 03, 2022 at 01:20AM by hoytva
via reddit https://ift.tt/3G3D9g1
Medium
Using iOS Shortcut Automations to Automatically Turn Off Wi-Fi & Bluetooth Interfaces
Automatically disable Wi-Fi & Bluetooth on iOS Based on Triggers
423 views
Netsec
C++ Memory Corruption (std::vector) - part 2
https://ift.tt/3zhCrZX

Submitted January 03, 2022 at 11:08AM by Gallus
via reddit https://ift.tt/3qFwamR
blog.infosectcbr.com.au
C++ Memory Corruption (std::vector) - part 2
Summary This is the 2nd part of the C++ memory corruption series*. In this post, we'll look at corrupting the std::vector class in Linux and...
463 views
Netsec
google/log4jscanner: A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.
https://ift.tt/3JzNwdw

Submitted January 03, 2022 at 01:39PM by maryetan
via reddit https://ift.tt/3HpiyTo
GitHub
GitHub - google/log4jscanner: A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.
A log4j vulnerability filesystem scanner and Go package for analyzing JAR files. - GitHub - google/log4jscanner: A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.
442 views
Netsec
/r/netsec's Q1 2022 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)

Submitted January 03, 2022 at 08:45PM by ranok
via reddit https://ift.tt/3qCOqgs
422 views
Netsec
Malicious Telegram Installer Drops Purple Fox Rootkit
https://ift.tt/3zkRceo

Submitted January 03, 2022 at 08:09PM by woja111
via reddit https://ift.tt/31lR9CD
Minerva-Labs
Malicious Telegram Installer Drops Purple Fox Rootkit
A new malware which drops a Purple Fox rootkit is spreading through a malicious Telegram installer.
534 views
Netsec
Vulnerability in log4j 2.17.0 more hype than substance | LunaSec
https://ift.tt/3ELXhBF

Submitted January 03, 2022 at 09:58PM by breadchris
via reddit https://ift.tt/3pNy59C
www.lunasec.io
Vulnerability in log4j 2.17.0 more hype than substance | LunaSec
Understanding what is important to focus on when fixing Log4j vulnerabilities at your company.
433 views
Netsec
One of my better-documented exploits, CVE-2017-5816 whitepaper
https://ift.tt/3JDK6X5

Submitted January 03, 2022 at 11:53PM by oxagast
via reddit https://ift.tt/3qOiczf
oxagast.org oxasploits
CVE-2017-5816 Whitepaper
Background
478 views
Netsec
A Beginner's Story on How a Cheapo Standard Issue Router was hacked.
https://ift.tt/3zkg1XG

Submitted January 03, 2022 at 11:58PM by secnigma
via reddit https://ift.tt/3pOa8yZ
SecNigma
The Story of How I Hacked my ISP’s Cheapo Standard Issue Router
Prelude OptiLink is a company based on India that specializes in manufacturing Networking Devices. Two of the largest Internet Service Providers in this country have provided / still providing Opti…
466 views
Netsec
Domain Persistence - AdminSDHolder
https://ift.tt/3JDchpd

Submitted January 04, 2022 at 06:37PM by netbiosX
via reddit https://ift.tt/3mV28dw
Penetration Testing Lab
Domain Persistence – AdminSDHolder
Utilizing existing Microsoft features for offensive operations is very common during red team assessments as it provides the opportunity to blend in with the environment and stay undetected. Micros…
436 views