GitHub - jafarlihi/rconn: rconn is a multiplatform program for creating generic reverse connections. Lets you consume services that are behind firewall or NAT without opening ports or port-forwarding.
https://ift.tt/ZIO95VE
Submitted October 02, 2022 at 08:12PM by jafarlihi
via reddit https://ift.tt/YTlO1PV
https://ift.tt/ZIO95VE
Submitted October 02, 2022 at 08:12PM by jafarlihi
via reddit https://ift.tt/YTlO1PV
GitHub
GitHub - jafarlihi/rconn: rconn is a multiplatform program for creating generic reverse connections. Lets you consume services…
rconn is a multiplatform program for creating generic reverse connections. Lets you consume services that are behind firewall or NAT without opening ports or port-forwarding. - GitHub - jafarlihi/r...
BSides San Francisco 2022 Conference Recordings
https://www.youtube.com/playlist?list=PLbZzXF2qC3RtbIyOKsjYzAN6rIjsKiZCt
Submitted October 03, 2022 at 03:15AM by sanitybit
via reddit https://ift.tt/AOMZdHo
https://www.youtube.com/playlist?list=PLbZzXF2qC3RtbIyOKsjYzAN6rIjsKiZCt
Submitted October 03, 2022 at 03:15AM by sanitybit
via reddit https://ift.tt/AOMZdHo
YouTube
BSidesSF 2022 - YouTube
Passkeys feat. Adam Langley [audio]
https://ift.tt/GpiCwar
Submitted October 03, 2022 at 01:16AM by self
via reddit https://ift.tt/qdQNYGn
https://ift.tt/GpiCwar
Submitted October 03, 2022 at 01:16AM by self
via reddit https://ift.tt/qdQNYGn
Buzzsprout
Passkeys with Adam Langley - Security Cryptography Whatever
Adam Langley (Google) comes on the podcast to talk about the evolution of WebAuthN and Passkeys!David's audio was a little finicky in this one. Believe us, it sounded worse before we edited it. Also, we occasionally accidentally refer to U2F as UTF. That's…
Dank: The greatest encoder you've never heard of
https://ift.tt/Vj8zDox
Submitted October 02, 2022 at 11:10PM by Quick-Ingenuity-7024
via reddit https://ift.tt/P7QuLtZ
https://ift.tt/Vj8zDox
Submitted October 02, 2022 at 11:10PM by Quick-Ingenuity-7024
via reddit https://ift.tt/P7QuLtZ
PS5-4.03-Kernel-Exploit: An experimental webkit-based kernel exploit (Arbitrary R/W) for the PS5 on 4.03FW
https://ift.tt/uF4xLBU
Submitted October 03, 2022 at 05:20AM by sanitybit
via reddit https://ift.tt/Pcz3lwk
https://ift.tt/uF4xLBU
Submitted October 03, 2022 at 05:20AM by sanitybit
via reddit https://ift.tt/Pcz3lwk
GitHub
GitHub - Cryptogenic/PS5-IPV6-Kernel-Exploit: An experimental webkit-based kernel exploit (Arb. R/W) for the PS5 on <= 4.51FW
An experimental webkit-based kernel exploit (Arb. R/W) for the PS5 on <= 4.51FW - GitHub - Cryptogenic/PS5-IPV6-Kernel-Exploit: An experimental webkit-based kernel exploit (Arb. R/W) for the...
SCORES (Seconize Contextual Risk Enumeration System) is a free risk scoring tool for vulnerabilities.
https://riskscore.info/
Submitted October 03, 2022 at 12:58PM by sashankdvk
via reddit https://ift.tt/k6QyFJD
https://riskscore.info/
Submitted October 03, 2022 at 12:58PM by sashankdvk
via reddit https://ift.tt/k6QyFJD
riskscore.info
SCORES: Seconize Contextual Risk Enumeration System
A free cyber risk scoring tool for vulnerabilities
spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.
https://ift.tt/E9vhkMr
Submitted October 03, 2022 at 02:55AM by BananaBounty
via reddit https://ift.tt/U9zPpjK
https://ift.tt/E9vhkMr
Submitted October 03, 2022 at 02:55AM by BananaBounty
via reddit https://ift.tt/U9zPpjK
GitHub
GitHub - dhn/spk: spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.
spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization. - GitHub - dhn/spk: spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong t...
When Athletic Abilities Just Aren't Enough - Scoreboard Hacking Part 3
https://ift.tt/PKhQpDW
Submitted October 03, 2022 at 08:13PM by mdulin2
via reddit https://ift.tt/r5QjGDk
https://ift.tt/PKhQpDW
Submitted October 03, 2022 at 08:13PM by mdulin2
via reddit https://ift.tt/r5QjGDk
Strikeout Security Blog
Scoreboard Hacking - Part 3 - Building a Controller
Scoreboard hacking. Creating our own wireless controller with GNU radio and Python.
Secure your machine learning with Semgrep
https://ift.tt/QM5WnHY
Submitted October 04, 2022 at 05:57AM by Khryse
via reddit https://ift.tt/LBKfgUx
https://ift.tt/QM5WnHY
Submitted October 04, 2022 at 05:57AM by Khryse
via reddit https://ift.tt/LBKfgUx
Trail of Bits Blog
Secure your machine learning with Semgrep
By Suha Hussain tl;dr: Our publicly available Semgrep ruleset now has 11 rules dedicated to the misuse of machine learning libraries. Try it out now! Picture this: You’ve spent months curating imag…
Matano - Open source cloud native security lake built with Arrow2 + Rust
http://matano.dev
Submitted October 04, 2022 at 04:54PM by shaeqahmed
via reddit https://ift.tt/3YnWFxs
http://matano.dev
Submitted October 04, 2022 at 04:54PM by shaeqahmed
via reddit https://ift.tt/3YnWFxs
Matano
Matano | Cloud native SIEM
Modern cloud native SIEM
pirebok - an adversarial fuzzer
https://ift.tt/gdpc9fB
Submitted October 04, 2022 at 08:11PM by c0daman
via reddit https://ift.tt/5fjB1mK
https://ift.tt/gdpc9fB
Submitted October 04, 2022 at 08:11PM by c0daman
via reddit https://ift.tt/5fjB1mK
GitHub
GitHub - dogancanbakir/pirebok: pîrebok (from Kurdish "witch") - a guided adversarial fuzzer
pîrebok (from Kurdish "witch") - a guided adversarial fuzzer - GitHub - dogancanbakir/pirebok: pîrebok (from Kurdish "witch") - a guided adversarial fuzzer
Dissect: An incident response game-changer
https://ift.tt/uRJ7tBY
Submitted October 05, 2022 at 01:57AM by CyberMasterV
via reddit https://ift.tt/eJKknHZ
https://ift.tt/uRJ7tBY
Submitted October 05, 2022 at 01:57AM by CyberMasterV
via reddit https://ift.tt/eJKknHZ
GitHub
GitHub - fox-it/dissect: Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access…
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fo...
A New Supply Chain Attack on PHP
https://ift.tt/KRJ7jVP
Submitted October 05, 2022 at 10:50AM by Gallus
via reddit https://ift.tt/ZaLuWhO
https://ift.tt/KRJ7jVP
Submitted October 05, 2022 at 10:50AM by Gallus
via reddit https://ift.tt/ZaLuWhO
Sonarsource
Securing Developer Tools: A New Supply Chain Attack on PHP
What is your worst supply chain nightmare and why is it somebody that could take over all the PHP packages at once? Let's deep dive into how we could demonstrate it!
Wireshark 4.0.0 has been released
https://ift.tt/xABGiW4
Submitted October 05, 2022 at 10:06AM by Fugitif
via reddit https://ift.tt/yWtsQ7E
https://ift.tt/xABGiW4
Submitted October 05, 2022 at 10:06AM by Fugitif
via reddit https://ift.tt/yWtsQ7E
Pixel 6 bootloader: Emulation, ROP
https://ift.tt/Ink8s3m
Submitted October 05, 2022 at 11:05AM by jeandrew
via reddit https://ift.tt/0Rtdq2n
https://ift.tt/Ink8s3m
Submitted October 05, 2022 at 11:05AM by jeandrew
via reddit https://ift.tt/0Rtdq2n
dirsearch - release v0.4.3 - crawling supported
https://ift.tt/UzIFPqr
Submitted October 05, 2022 at 06:34PM by maurosoria
via reddit https://ift.tt/h0VOUKx
https://ift.tt/UzIFPqr
Submitted October 05, 2022 at 06:34PM by maurosoria
via reddit https://ift.tt/h0VOUKx
GitHub
Release v0.4.3 · maurosoria/dirsearch
Automatically detect the URI scheme (http or https) if no scheme is provided
SQLite report format
Option to overwrite unwanted extensions with selected extensions
Option to view redirects history w...
SQLite report format
Option to overwrite unwanted extensions with selected extensions
Option to view redirects history w...
Fuzzing Trackmania Nations Forever for RCE
https://ift.tt/VkUNbpD
Submitted October 05, 2022 at 07:23PM by rdjgr
via reddit https://ift.tt/yVhHtf6
https://ift.tt/VkUNbpD
Submitted October 05, 2022 at 07:23PM by rdjgr
via reddit https://ift.tt/yVhHtf6
blog.bricked.tech
Hacking TMNF: Part 1 - Fuzzing the game server
The first of a two-part series. This part will cover how I set up a grammar fuzzer with LibAFL and Nautilus in order to fuzz the game server for Trackmania Nations Forever.
MSSQL, meet Maggie - a novel backdoor for MSSQL servers.
https://ift.tt/otNAG7Y
Submitted October 04, 2022 at 06:05PM by OwnPreparation3424
via reddit https://ift.tt/KIvMqgw
https://ift.tt/otNAG7Y
Submitted October 04, 2022 at 06:05PM by OwnPreparation3424
via reddit https://ift.tt/KIvMqgw
Medium
MSSQL, meet Maggie
A novel backdoor for Microsoft SQL servers controlled using SQL queries
A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket)
https://ift.tt/iwHhPJN
Submitted October 06, 2022 at 06:10AM by csanders_
via reddit https://ift.tt/Act317l
https://ift.tt/iwHhPJN
Submitted October 06, 2022 at 06:10AM by csanders_
via reddit https://ift.tt/Act317l
Medium
A Deep Dive of CVE-2022–33987 (Got allows a redirect to a UNIX socket)
Every week, almost without fail, I come across one thing that confuses, entertains, or most commonly infuriates me. I’ve decided to keep a…
CVE-2022-41343 - RCE via Phar Deserialisation (Dompdf)
https://ift.tt/n2WRMwT
Submitted October 06, 2022 at 12:12PM by Gallus
via reddit https://ift.tt/DAVGlhs
https://ift.tt/n2WRMwT
Submitted October 06, 2022 at 12:12PM by Gallus
via reddit https://ift.tt/DAVGlhs
Tantosec
CVE-2022-41343 - RCE via Phar Deserialisation
A Remote Code Execution vulnerability on Dompdf <= v2.0.0
Introducing Campaigns to MITRE ATT&CK
https://ift.tt/hZTumnv
Submitted October 06, 2022 at 12:07PM by CyberMasterV
via reddit https://ift.tt/mdo6fBy
https://ift.tt/hZTumnv
Submitted October 06, 2022 at 12:07PM by CyberMasterV
via reddit https://ift.tt/mdo6fBy
Medium
Introducing Campaigns to MITRE ATT&CK
By: Amy Robertson, Jared Ondricek, and Matt Malone