0d1n - Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.
https://ift.tt/oSHXJGr
Submitted March 18, 2022 at 09:01PM by CoolerVoid
via reddit https://ift.tt/ibSPsu6
https://ift.tt/oSHXJGr
Submitted March 18, 2022 at 09:01PM by CoolerVoid
via reddit https://ift.tt/ibSPsu6
GitHub
GitHub - CoolerVoid/0d1n: Tool for automating customized attacks against web applications. Fully made in C language with pthreads…
Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance. - GitHub - CoolerVoid/0d1n: Tool for automating customized attacks...
Frelatage: A fuzzing library to find vulnerabilities and bugs in Python applications
https://ift.tt/zGvH5JR
Submitted March 20, 2022 at 02:06AM by FrenchFuzzer
via reddit https://ift.tt/Cc6OlFX
https://ift.tt/zGvH5JR
Submitted March 20, 2022 at 02:06AM by FrenchFuzzer
via reddit https://ift.tt/Cc6OlFX
GitHub
GitHub - Rog3rSm1th/frelatage: A Greybox and Coverage-based library to fuzz Python applications 🐍
A Greybox and Coverage-based library to fuzz Python applications 🐍 - GitHub - Rog3rSm1th/frelatage: A Greybox and Coverage-based library to fuzz Python applications 🐍
How to detect IMSI catchers
https://ift.tt/uEvcxVZ
Submitted March 20, 2022 at 07:16AM by knoy
via reddit https://ift.tt/zbCMXSd
https://ift.tt/uEvcxVZ
Submitted March 20, 2022 at 07:16AM by knoy
via reddit https://ift.tt/zbCMXSd
Armadillophone
How to detect IMSI catchers
Your phone is under constant attack from criminals, corporations and foreign governments.
Xepor: the web routing framework, brings the best of mitmproxy & Flask
https://ift.tt/DR2biPX
Submitted March 20, 2022 at 05:43PM by ttimasdf
via reddit https://ift.tt/Hg9WPQF
https://ift.tt/DR2biPX
Submitted March 20, 2022 at 05:43PM by ttimasdf
via reddit https://ift.tt/Hg9WPQF
GitHub
GitHub - xepor/xepor: Xepor, a web routing framework for reverse engineers and security researchers, brings the best of mitmproxy…
Xepor, a web routing framework for reverse engineers and security researchers, brings the best of mitmproxy & Flask - GitHub - xepor/xepor: Xepor, a web routing framework for reverse engine...
Xepor: the web routing framework, brings the best of mitmproxy & Flask
https://ift.tt/DR2biPX
Submitted March 20, 2022 at 05:43PM by ttimasdf
via reddit https://ift.tt/Hg9WPQF
https://ift.tt/DR2biPX
Submitted March 20, 2022 at 05:43PM by ttimasdf
via reddit https://ift.tt/Hg9WPQF
GitHub
GitHub - xepor/xepor: Xepor, a web routing framework for reverse engineers and security researchers, brings the best of mitmproxy…
Xepor, a web routing framework for reverse engineers and security researchers, brings the best of mitmproxy & Flask - GitHub - xepor/xepor: Xepor, a web routing framework for reverse engine...
Xepor: the web routing framework, brings the best of mitmproxy & Flask
https://ift.tt/DR2biPX
Submitted March 20, 2022 at 05:43PM by ttimasdf
via reddit https://ift.tt/Hg9WPQF
https://ift.tt/DR2biPX
Submitted March 20, 2022 at 05:43PM by ttimasdf
via reddit https://ift.tt/Hg9WPQF
GitHub
GitHub - xepor/xepor: Xepor, a web routing framework for reverse engineers and security researchers, brings the best of mitmproxy…
Xepor, a web routing framework for reverse engineers and security researchers, brings the best of mitmproxy & Flask - GitHub - xepor/xepor: Xepor, a web routing framework for reverse engine...
GitHub - fgsect/FitM: FitM, the Fuzzer in the Middle, can fuzz client and server binaries at the same time using userspace snapshot-fuzzing and network emulation. It's fast and comparably easy to set up.
https://ift.tt/YampMke
Submitted March 20, 2022 at 10:03PM by domenukk
via reddit https://ift.tt/uUhgSio
https://ift.tt/YampMke
Submitted March 20, 2022 at 10:03PM by domenukk
via reddit https://ift.tt/uUhgSio
GitHub
GitHub - fgsect/FitM: FitM, the Fuzzer in the Middle, can fuzz client and server binaries at the same time using userspace snapshot…
FitM, the Fuzzer in the Middle, can fuzz client and server binaries at the same time using userspace snapshot-fuzzing and network emulation. It's fast and comparably easy to set up. - GitHu...
Linux EDR testing: simple to extend but realistic initial access test case and ideas where to focus when testing
https://ift.tt/FfHzcxR
Submitted March 21, 2022 at 01:32AM by 4lreadytekken
via reddit https://ift.tt/BWoevug
https://ift.tt/FfHzcxR
Submitted March 21, 2022 at 01:32AM by 4lreadytekken
via reddit https://ift.tt/BWoevug
Medium
Testing EDRs for Linux — Things I wish I knew before getting started
Thoughts on how to simplify your tests while keeping it real and a realistic, easy to expand initial access case.
CVE-2022-0811 : New Vulnerability in CRI-O Engine Lets Attackers Escape Kubernetes Containers
https://ift.tt/cCVaX8b
Submitted March 21, 2022 at 07:15AM by Late_Ice_9288
via reddit https://ift.tt/8027Zwj
https://ift.tt/cCVaX8b
Submitted March 21, 2022 at 07:15AM by Late_Ice_9288
via reddit https://ift.tt/8027Zwj
GitHub
GitHub is where people build software. More than 83 million people use GitHub to discover, fork, and contribute to over 200 million projects.
Shielder - Reversing embedded device bootloader (U-Boot) - p.2
https://ift.tt/ftHDBTG
Submitted March 21, 2022 at 05:47PM by smaury
via reddit https://ift.tt/a3D7Ne5
https://ift.tt/ftHDBTG
Submitted March 21, 2022 at 05:47PM by smaury
via reddit https://ift.tt/a3D7Ne5
Shielder
Shielder - Reversing embedded device bootloader (U-Boot) - p.2
In the course of these two articles, we will share an analysis of some aspects of reversing a low-level binary.
Unconstrained Delegation
https://ift.tt/lpmiGuq
Submitted March 21, 2022 at 11:53PM by netbiosX
via reddit https://ift.tt/HiEnXze
https://ift.tt/lpmiGuq
Submitted March 21, 2022 at 11:53PM by netbiosX
via reddit https://ift.tt/HiEnXze
Penetration Testing Lab
Unconstrained Delegation
Microsoft to support scenarios where users authenticate via Kerberos to one system and information needs to be updated on another system implemented unconstrained delegation. This was implemented i…
LAPSUS group claims to have hacked Okta
https://ift.tt/2Pq0uRL
Submitted March 22, 2022 at 11:35AM by kanben
via reddit https://ift.tt/iwsvU6P
https://ift.tt/2Pq0uRL
Submitted March 22, 2022 at 11:35AM by kanben
via reddit https://ift.tt/iwsvU6P
Nitter
MG (@_MG_)
Oh man, if this it what it looks (Okta got popped)… Blue Team everywhere is gonna be crazy busy.
RomHack 2022 CFP is Open!
https://ift.tt/fCuTRjF
Submitted March 22, 2022 at 12:04PM by smaury
via reddit https://ift.tt/yLik9bC
https://ift.tt/fCuTRjF
Submitted March 22, 2022 at 12:04PM by smaury
via reddit https://ift.tt/yLik9bC
Multiple Vulnerabilities in GARO Wallbox
https://ift.tt/7yYJhe0
Submitted March 22, 2022 at 06:13PM by eddit__plus
via reddit https://ift.tt/N7EsojS
https://ift.tt/7yYJhe0
Submitted March 22, 2022 at 06:13PM by eddit__plus
via reddit https://ift.tt/N7EsojS
GitHub
advisory/GARO at main · delikely/advisory
Vulnerability Discloses . Contribute to delikely/advisory development by creating an account on GitHub.
A journey into IoT - Unknown Chinese alarm - Part 1 - Discover components and ports
https://ift.tt/PQoR4Dr
Submitted March 22, 2022 at 08:18PM by 0xdea
via reddit https://ift.tt/dvOaTYo
https://ift.tt/PQoR4Dr
Submitted March 22, 2022 at 08:18PM by 0xdea
via reddit https://ift.tt/dvOaTYo
hn security
A journey into IoT - Unknown Chinese alarm - Part 1 - Discover components and ports - hn security
DISCLAIMER: as many other security researchers […]
OpenSSH phishing FIDO token protected keys (PoC)
https://ift.tt/MSYfoRT
Submitted March 22, 2022 at 09:06PM by ssh-mitm
via reddit https://ift.tt/teGLkxU
https://ift.tt/MSYfoRT
Submitted March 22, 2022 at 09:06PM by ssh-mitm
via reddit https://ift.tt/teGLkxU
docs.ssh-mitm.at
SSH-MITM Docs - Trivial Authentication
[CFP] Call for paper/tools/workshop for THREAT CON 2022 is now live
https://ift.tt/RrhOLdE
Submitted March 22, 2022 at 10:13PM by nyoface
via reddit https://ift.tt/8Ov1XDb
https://ift.tt/RrhOLdE
Submitted March 22, 2022 at 10:13PM by nyoface
via reddit https://ift.tt/8Ov1XDb
threatcon.io
Call for Papers (CFP) - THREAT CON 2022
THREAT CON is an initiative that aims to facilitate a gateway to standard practices and create a new development within the field of cybersecurity- for developers, security practitioners, IT administrators or anyone interested.
Microsoft: DEV-0537 (LAPSUS$) criminal actor targeting organizations for data exfiltration and destruction
https://ift.tt/xHiQg86
Submitted March 23, 2022 at 10:02AM by momothereal
via reddit https://ift.tt/miBjRSM
https://ift.tt/xHiQg86
Submitted March 23, 2022 at 10:02AM by momothereal
via reddit https://ift.tt/miBjRSM
Microsoft News
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
The activity we have observed has been attributed to a threat group that Microsoft tracks as DEV-0537, also known as LAPSUS$. DEV-0537 is known for using a pure extortion and destruction model without deploying ransomware payloads.
Ricochet reborn: We are building a user friendly TORChat (Ricochet) for GNU/Linux, MacOS and Windows
https://ift.tt/7nzwNj4
Submitted March 23, 2022 at 04:54AM by SpeekSecure
via reddit https://ift.tt/iG6Adw5
https://ift.tt/7nzwNj4
Submitted March 23, 2022 at 04:54AM by SpeekSecure
via reddit https://ift.tt/iG6Adw5
GitHub
GitHub - Speek-App/Speek: Privacy focused messenger that doesn't trust anyone with your identity, your contact list, or your communications
Privacy focused messenger that doesn't trust anyone with your identity, your contact list, or your communications - Speek-App/Speek
LTrack: Stealthy Tracking of Mobile Phones in LTE
https://ift.tt/iz5vMPw
Submitted March 23, 2022 at 05:28PM by rbarkley
via reddit https://ift.tt/rl2ieST
https://ift.tt/iz5vMPw
Submitted March 23, 2022 at 05:28PM by rbarkley
via reddit https://ift.tt/rl2ieST
Reddit
From the netsec community on Reddit: LTrack: Stealthy Tracking of Mobile Phones in LTE
Posted by rbarkley - 17 votes and 4 comments
Large-scale npm attack targets Azure developers with malicious packages
https://ift.tt/KCe7JMy
Submitted March 23, 2022 at 11:21PM by SRMish3
via reddit https://ift.tt/XYrlU8C
https://ift.tt/KCe7JMy
Submitted March 23, 2022 at 11:21PM by SRMish3
via reddit https://ift.tt/XYrlU8C
JFrog
Large-scale npm attack targets Azure developers with malicious packages
JFrog discovers hundreds of npm malicious packages in a large-scale typosquatting attack designed to steal PII from Azure developers. Find out more >