Passive hostname, domain and IP lookup tool for non-robots - GitHub - pirxthepilot/wtfis: Passive hostname, domain and IP lookup tool for non-robots

Identifying software vulnerabilities in Zyxel IP cameras to remotely gain a root shell

Summary In the article, I will show you how you can use Empire and execute the Mimikatz module to dump the logged in user password hashes.

DEFCON 30 Mainframe buffer overlow workshop container - GitHub - mainframed/DC30_Workshop: DEFCON 30 Mainframe buffer overlow workshop container

If you have created a new macOS app with Xcode 13.2, you may noticed this new method in the template:
- (BOOL)applicationSupportsSecureRestorableState:(NSApplication *)app { return YES; } This was added to the Xcode template to address a process injection…

nthLink API client. Contribute to Snawoot/nth-dump development by creating an account on GitHub.

A DTrace on Windows Reimplementation. Contribute to mandiant/STrace development by creating an account on GitHub.

Posted in r/netsec by u/sanitybit • 3 points and 0 comments

The Evil PLC Attack uses weaponized PLCs to compromise engineering workstations and move laterally on the OT network to infect other PLCs and systems.

Why Action Bias Is Damaging Your Cyber Security Response (And How To Fix it) - Technology Talk - Information Security Newspaper | Hacking News

Today I want to present additional big feature to my long time project - Kamerka. From now on you can access statistics about Internet exposed Industrial Control System and Internet of Things devices via comfortable GUI

Kamerka Lite

Kamerka Lite by Offensive…

Hello everybody, I hope you’ve been enjoying this summer after two years of Covid and lockdowns :D In this post I’m going to describe how to use eBPF syscall tracing in a creative way in order to dete

SOVA, a new Android Banking Trojan, is spreading across Europe. Already appeared in different versions, this malware is now evolving, and it is targeting more than 200 mobile applications, ranging from banking apps to crypto exchanges/wallets. Here's the…

Contribute to IAIK/AEPIC development by creating an account on GitHub.

The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM in campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft.

I decided to carry out research on a real casino game in search of new vulnerabilities and exploit techniques. In case of success, I planned to share the results with the affected vendor and afterwards with the community. While I was looking for a target…