ShoMon V2: Shodan Monitoring Integration for TheHive written in Golang
https://ift.tt/jJ1HDpG
Submitted June 22, 2022 at 12:35PM by KaanSK
via reddit https://ift.tt/Lv6IMcJ
https://ift.tt/jJ1HDpG
Submitted June 22, 2022 at 12:35PM by KaanSK
via reddit https://ift.tt/Lv6IMcJ
GitHub
GitHub - KaanSK/shomon: Shodan Monitoring integration for TheHive.
Shodan Monitoring integration for TheHive. Contribute to KaanSK/shomon development by creating an account on GitHub.
Semgrep rules for PHP security assessment
https://ift.tt/q6YZKLM
Submitted June 22, 2022 at 02:28PM by 0xdea
via reddit https://ift.tt/tfovmJC
https://ift.tt/q6YZKLM
Submitted June 22, 2022 at 02:28PM by 0xdea
via reddit https://ift.tt/tfovmJC
hn security
Semgrep rules for PHP security assessment - hn security
Hi! According to the official documentation, Semgrep […]
Understanding the Compound File Binary Format and OLE Structures to Mess with CVE-2022-30190
https://ift.tt/1soTcXN
Submitted June 23, 2022 at 02:46PM by canmaplap
via reddit https://ift.tt/C5IGtnm
https://ift.tt/1soTcXN
Submitted June 23, 2022 at 02:46PM by canmaplap
via reddit https://ift.tt/C5IGtnm
Cymulate
Messing with CVE-2022-30190 by Understanding Compound File Binary Format and OLE Structures
Gain an understanding of the Compound File Binary Format and OLE Structures to Mess with CVE-2022-30190 in this blog post by Cymulate.
fuzzuli is a fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
https://ift.tt/IG3vZcV
Submitted June 23, 2022 at 03:34PM by 0xmusana
via reddit https://ift.tt/WlRSwPG
https://ift.tt/IG3vZcV
Submitted June 23, 2022 at 03:34PM by 0xmusana
via reddit https://ift.tt/WlRSwPG
GitHub
GitHub - musana/fuzzuli: fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based…
fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain. - GitHub - musana/fuzzuli: fuzzuli is a url fuzzing tool that aims to find ...
Miracle - One Vulnerability To Rule Them All
https://ift.tt/eqcEtfu
Submitted June 23, 2022 at 04:44PM by scopedsecurity
via reddit https://ift.tt/eXSndL7
https://ift.tt/eqcEtfu
Submitted June 23, 2022 at 04:44PM by scopedsecurity
via reddit https://ift.tt/eXSndL7
Medium
Miracle - One Vulnerability To Rule Them All
# Introduction
This repo contains information about EDRs that can be useful during red team exercise.
https://ift.tt/roX3Qsf
Submitted June 23, 2022 at 09:39PM by M_Reza_Bakhtiyari
via reddit https://ift.tt/yhdswJO
https://ift.tt/roX3Qsf
Submitted June 23, 2022 at 09:39PM by M_Reza_Bakhtiyari
via reddit https://ift.tt/yhdswJO
GitHub
GitHub - Mr-Un1k0d3r/EDRs
Contribute to Mr-Un1k0d3r/EDRs development by creating an account on GitHub.
The Far Point of a Static Encounter
https://ift.tt/tr1Yxei
Submitted June 24, 2022 at 09:44AM by amirshk
via reddit https://ift.tt/Zd0SWlD
https://ift.tt/tr1Yxei
Submitted June 24, 2022 at 09:44AM by amirshk
via reddit https://ift.tt/Zd0SWlD
Medium
The Far Point of a Static Encounter
A breakdown of the Anti-VM skimmer and its variants from the earliest incarnation to the latest iteration served from staticounter.]net.
CookieMonsteRCE: Stored XSS to RCE in Zena
https://ift.tt/uoWMpdV
Submitted June 24, 2022 at 09:47AM by jibblz
via reddit https://ift.tt/8bKNPce
https://ift.tt/uoWMpdV
Submitted June 24, 2022 at 09:47AM by jibblz
via reddit https://ift.tt/8bKNPce
Playing Docker? Bad Containers and What They Teach Us
https://ift.tt/4e2Toxt
Submitted June 24, 2022 at 04:38PM by Illustrious_Yard_576
via reddit https://ift.tt/n9hoKwB
https://ift.tt/4e2Toxt
Submitted June 24, 2022 at 04:38PM by Illustrious_Yard_576
via reddit https://ift.tt/n9hoKwB
Medium
Playing Docker? Bad Containers and What They Teach Us
Ci/CD gets better, faster, and stronger with containers, but the security dilemma is still on the table. See what breaches can teach us.
Use SQL to query Have I Been Pwned breaches, pastes & passwords (new open source tool!)
https://ift.tt/cBHKPVe
Submitted June 24, 2022 at 06:28PM by bobtbot
via reddit https://ift.tt/wZmjr7F
https://ift.tt/cBHKPVe
Submitted June 24, 2022 at 06:28PM by bobtbot
via reddit https://ift.tt/wZmjr7F
Steampipe Hub
Have I Been Pwned Plugin for Steampipe
Query HIBP data with SQL! Open source CLI. No DB required.
The curious tale of a fake Carrier.app
https://ift.tt/AghiRGl
Submitted June 24, 2022 at 03:04PM by lormayna
via reddit https://ift.tt/hE2kGWj
https://ift.tt/AghiRGl
Submitted June 24, 2022 at 03:04PM by lormayna
via reddit https://ift.tt/hE2kGWj
Blogspot
The curious tale of a fake Carrier.app
Posted by Ian Beer, Google Project Zero NOTE: This issue was CVE-2021-30983 was fixed in iOS 15.2 in December 2021. Towards the ...
Hagana - A novel approach to runtime protection for NodeJS to prevent supply chain attacks
https://ift.tt/n7TAKGu
Submitted June 24, 2022 at 06:58PM by beckerman_jacob
via reddit https://ift.tt/TQSf1Mt
https://ift.tt/n7TAKGu
Submitted June 24, 2022 at 06:58PM by beckerman_jacob
via reddit https://ift.tt/TQSf1Mt
GitHub
GitHub - yaakov123/hagana: NodeJS runtime protection for supply chain attacks
NodeJS runtime protection for supply chain attacks - GitHub - yaakov123/hagana: NodeJS runtime protection for supply chain attacks
Netsec Goggle for Brave Search
https://ift.tt/CEjdMVn
Submitted June 24, 2022 at 11:42PM by alxjsn
via reddit https://ift.tt/Jzmx2Cy
https://ift.tt/CEjdMVn
Submitted June 24, 2022 at 11:42PM by alxjsn
via reddit https://ift.tt/Jzmx2Cy
GitHub
GitHub - forcesunseen/netsec-goggle: High signal information security sources Goggle.
High signal information security sources Goggle. Contribute to forcesunseen/netsec-goggle development by creating an account on GitHub.
Basic WebAssembly buffer overflow exploitation
https://ift.tt/zZLto4q
Submitted June 26, 2022 at 01:33AM by chaplja
via reddit https://ift.tt/PjcMAzm
https://ift.tt/zZLto4q
Submitted June 26, 2022 at 01:33AM by chaplja
via reddit https://ift.tt/PjcMAzm
Protekkt
Basic WebAssembly buffer overflow exploitation | protekkt blog
Grav is an easy to use, yet powerful, open source flat-file CMS
linx - Reveals invisible links within JavaScript files
https://ift.tt/zkMZfFH
Submitted June 27, 2022 at 04:10AM by rjz4
via reddit https://ift.tt/84mA0d7
https://ift.tt/zkMZfFH
Submitted June 27, 2022 at 04:10AM by rjz4
via reddit https://ift.tt/84mA0d7
GitHub
GitHub - riza/linx: Reveals invisible links within JavaScript files
Reveals invisible links within JavaScript files. Contribute to riza/linx development by creating an account on GitHub.
Notes on OpenSSL remote memory corruption
https://ift.tt/d1mJinU
Submitted June 27, 2022 at 11:32AM by Gallus
via reddit https://ift.tt/AO5HID3
https://ift.tt/d1mJinU
Submitted June 27, 2022 at 11:32AM by Gallus
via reddit https://ift.tt/AO5HID3
Guido Vranken
Notes on OpenSSL remote memory corruption
OpenSSL version 3.0.4, released on June 21th 2022, is susceptible to remote memory corruption which can be triggered trivially by an attacker. BoringSSL, LibreSSL and the OpenSSL 1.1.1 branch are n…
VaultBoot: remote attestation
https://ift.tt/T84Nhwc
Submitted June 27, 2022 at 04:59PM by hardenedvault
via reddit https://ift.tt/ZHuBvro
https://ift.tt/T84Nhwc
Submitted June 27, 2022 at 04:59PM by hardenedvault
via reddit https://ift.tt/ZHuBvro
GitHub
GitHub - hardenedvault/vaultboot
Contribute to hardenedvault/vaultboot development by creating an account on GitHub.
Revive: from spyware to Android banking trojan | Cleafy Labs
https://ift.tt/iY4KW0c
Submitted June 27, 2022 at 07:19PM by f3d_0x0
via reddit https://ift.tt/DapCOl9
https://ift.tt/iY4KW0c
Submitted June 27, 2022 at 07:19PM by f3d_0x0
via reddit https://ift.tt/DapCOl9
Cleafy
Revive: from spyware to android banking trojan | Cleafy Labs
A new banking trojan targeting Europe has been discovered by Cleafy's Threat Intelligence Team. We dubbed it Revive and it is an evolution of simple spyware into a banking trojan, with the key capability of conducting Account Takeover attacks: here's the…
Intune hacking: when is a "wipe" not a wipe
https://ift.tt/RKern59
Submitted June 28, 2022 at 01:30PM by nopslider
via reddit https://ift.tt/Uc7nIVg
https://ift.tt/RKern59
Submitted June 28, 2022 at 01:30PM by nopslider
via reddit https://ift.tt/Uc7nIVg
Cyberis Limited
Intune hacking: when is a "wipe" not a wipe
In this blog post we explore privilege escalation to SYSTEM with Intune managed devices, and how an Intune "Wipe" is not really a wipe at all.
Hive Ransomware Decrypter Tool - KISA
https://ift.tt/YudXyOl
Submitted June 28, 2022 at 11:25PM by CyberMasterV
via reddit https://ift.tt/UPqjiCI
https://ift.tt/YudXyOl
Submitted June 28, 2022 at 11:25PM by CyberMasterV
via reddit https://ift.tt/UPqjiCI
CVE-2022-30522 - Apache httpd "mod_sed" DoS vulnerability
https://ift.tt/jYKB8L0
Submitted June 28, 2022 at 10:57PM by SRMish3
via reddit https://ift.tt/iLr9Ceq
https://ift.tt/jYKB8L0
Submitted June 28, 2022 at 10:57PM by SRMish3
via reddit https://ift.tt/iLr9Ceq
JFrog
CVE-2022-30522 - Apache httpd Denial of Service (DoS) vulnerability
CVE-2022-30522 is an Apache httpd vulnerability found by JFrog Security Research when analyzing the impact of a recent vulnerability patch. Read our analysis and guidance >