mitmproxy 9: WireGuard Mode and Raw UDP Support
https://ift.tt/XQzgtjN
Submitted October 29, 2022 at 06:19PM by mhils
via reddit https://ift.tt/JPeFUbX
https://ift.tt/XQzgtjN
Submitted October 29, 2022 at 06:19PM by mhils
via reddit https://ift.tt/JPeFUbX
GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across all your GitHub assets
https://ift.tt/qUeDjhs
Submitted October 30, 2022 at 01:30AM by roy_6472
via reddit https://ift.tt/WRzi3Y4
https://ift.tt/qUeDjhs
Submitted October 30, 2022 at 01:30AM by roy_6472
via reddit https://ift.tt/WRzi3Y4
GitHub
GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets - GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across a...
Urgent: Patch OpenSSL on November 1 to avoid “Critical” Security Vulnerability - GlobalSign
https://ift.tt/NwXKhz7
Submitted October 30, 2022 at 04:07AM by c0r0n3r
via reddit https://ift.tt/tgKV3Ni
https://ift.tt/NwXKhz7
Submitted October 30, 2022 at 04:07AM by c0r0n3r
via reddit https://ift.tt/tgKV3Ni
GlobalSign
OpenSSL Release Patches Critical Vulnerability - GlobalSign
A critical vulnerability has been discovered in current versions of OpenSSL and will need to be patched immediately.
The Automated Penetration Testing Reporting System (APTRS). Pentester can easily maintain projects, customers, and vulnerabilities, and create PDF reports without needing to use traditional DOC files. The tool allows you to maintain a vulnerability database, so you won't need to repeat yourself.
https://ift.tt/6DSTFel
Submitted October 30, 2022 at 12:59PM by Ano_F
via reddit https://ift.tt/wIUzWdO
https://ift.tt/6DSTFel
Submitted October 30, 2022 at 12:59PM by Ano_F
via reddit https://ift.tt/wIUzWdO
GitHub
GitHub - APTRS/APTRS: Automated pentest reporting with custom Word templates, project tracking, and client management tools. Streamline…
Automated pentest reporting with custom Word templates, project tracking, and client management tools. Streamline your security workflows effortlessly! - APTRS/APTRS
Watch the Top 50 Security Conferences of 2022
https://ift.tt/EqsV1d2
Submitted October 30, 2022 at 04:23PM by mymalema
via reddit https://ift.tt/WCeif72
https://ift.tt/EqsV1d2
Submitted October 30, 2022 at 04:23PM by mymalema
via reddit https://ift.tt/WCeif72
GitHub
GitHub - TalEliyahu/awesome-cybersecurity-conferences: Watch the latest awesome security talks around the globe
Watch the latest awesome security talks around the globe - GitHub - TalEliyahu/awesome-cybersecurity-conferences: Watch the latest awesome security talks around the globe
Part 3 of Lord Of The Ring0 - Sailing to the land of the user (and debugging the ship)
https://ift.tt/L3wUOHo
Submitted October 30, 2022 at 05:39PM by Idov31
via reddit https://ift.tt/5AK9NJD
https://ift.tt/L3wUOHo
Submitted October 30, 2022 at 05:39PM by Idov31
via reddit https://ift.tt/5AK9NJD
idov31.github.io
Lord Of The Ring0 - Part 3 | Sailing to the land of the user (and debugging the ship) - Ido Veltzman - Security Blog
PrologueIn the last blog post, we understood what it is a callback routine, how to get basic information from user mode and for the finale created a driver t...
Vulnerability and Exploit feeds
https://ift.tt/fco9ldS
Submitted October 31, 2022 at 01:33PM by AnyYak5018
via reddit https://ift.tt/yXSkYvL
https://ift.tt/fco9ldS
Submitted October 31, 2022 at 01:33PM by AnyYak5018
via reddit https://ift.tt/yXSkYvL
Baby steps into MITRE Stix/Taxii, Pandas, Graphs & Jupyter notebooks
https://ift.tt/mT1SwZb
Submitted October 31, 2022 at 01:14PM by DiabloHorn
via reddit https://ift.tt/bPuLfZE
https://ift.tt/mT1SwZb
Submitted October 31, 2022 at 01:14PM by DiabloHorn
via reddit https://ift.tt/bPuLfZE
DiabloHorn
Baby steps into MITRE Stix/Taxii, Pandas, Graphs & Jupyter notebooks
So there I was preparing a presentation with some pretty pictures and then I thought…after I give this presentation: How will the audience play with the data and see for themselves how these …
What I learnt from reading 217 subdomain takeover bug reports.
https://ift.tt/7pqBdVM
Submitted October 31, 2022 at 07:34PM by _nynan
via reddit https://ift.tt/Lp38EmU
https://ift.tt/7pqBdVM
Submitted October 31, 2022 at 07:34PM by _nynan
via reddit https://ift.tt/Lp38EmU
Medium
What I learnt from reading 217* Subdomain Takeover bug reports.
A comprehensive analysis of Subdomain Takeovers (SDTO), DNS Hijacking, Dangling DNS, CNAME misconfigurations…
A technical analysis of Pegasus for Android – Part 3
https://ift.tt/3RFySB1
Submitted October 31, 2022 at 07:32PM by CyberMasterV
via reddit https://ift.tt/6zqX7dZ
https://ift.tt/3RFySB1
Submitted October 31, 2022 at 07:32PM by CyberMasterV
via reddit https://ift.tt/6zqX7dZ
Abusing windows’ tokens to compromise active directory without touching lsass
https://ift.tt/T8LXEQH
Submitted October 31, 2022 at 11:22PM by sanitybit
via reddit https://ift.tt/Tfhql5n
https://ift.tt/T8LXEQH
Submitted October 31, 2022 at 11:22PM by sanitybit
via reddit https://ift.tt/Tfhql5n
Sensepost
SensePost | Abusing windows’ tokens to compromise active directory without touching lsass
Leaders in Information Security
New Microcorruption Challenges - Embedded Hardware Security CTF
https://ift.tt/CaBd2Io
Submitted October 31, 2022 at 11:17PM by sanitybit
via reddit https://ift.tt/jvBHcW2
https://ift.tt/CaBd2Io
Submitted October 31, 2022 at 11:17PM by sanitybit
via reddit https://ift.tt/jvBHcW2
NCC Group Research
Check out our new Microcorruption challenges!
Today we are releasing several new challenges for the embedded security CTF, Microcorruption. These challenges highlight types of vulnerabilities that NCC Group’s Hardware and Embedded Systems practice have discovered in real products. The new challenges…
A tale of a simple Apple kernel bug
https://ift.tt/fybPOeZ
Submitted November 01, 2022 at 12:45AM by JordyZomer
via reddit https://ift.tt/DNg0WXS
https://ift.tt/fybPOeZ
Submitted November 01, 2022 at 12:45AM by JordyZomer
via reddit https://ift.tt/DNg0WXS
pwning.systems
A tale of a simple Apple kernel bug
Earlier this year, I discovered a flaw in XNU, which is the kernel that Apple uses on both macOS and iOS. While it's not a particularly complicated flaw, I wanted to explain how I discovered it and how it works, both so that I can motivate others and so that…
Fugu15 - a semi-untethered permasigned jailbreak for iOS 15
https://ift.tt/Llk1IWA
Submitted November 01, 2022 at 01:39AM by _rs
via reddit https://ift.tt/eaIlHry
https://ift.tt/Llk1IWA
Submitted November 01, 2022 at 01:39AM by _rs
via reddit https://ift.tt/eaIlHry
GitHub
GitHub - pinauten/Fugu15: Fugu15 is a semi-untethered permasigned jailbreak for iOS 15
Fugu15 is a semi-untethered permasigned jailbreak for iOS 15 - GitHub - pinauten/Fugu15: Fugu15 is a semi-untethered permasigned jailbreak for iOS 15
No Hat 2022 Conference Recordings
https://www.youtube.com/playlist?list=PLHAChCRZgm7OIJwo5nse29UvrZu5Ow8Eu
Submitted November 01, 2022 at 03:45AM by Khryse
via reddit https://ift.tt/fpWMdgY
https://www.youtube.com/playlist?list=PLHAChCRZgm7OIJwo5nse29UvrZu5Ow8Eu
Submitted November 01, 2022 at 03:45AM by Khryse
via reddit https://ift.tt/fpWMdgY
YouTube
No Hat 2022 - YouTube
Exploiting Static Site Generators: When Static Is Not Actually Static
https://ift.tt/AseBfqY
Submitted November 01, 2022 at 12:43PM by Mempodipper
via reddit https://ift.tt/f6ljiFQ
https://ift.tt/AseBfqY
Submitted November 01, 2022 at 12:43PM by Mempodipper
via reddit https://ift.tt/f6ljiFQ
Assetnote
Exploiting Static Site Generators: When Static Is Not Actually Static
Application security issues found by Assetnote
List of (un)affected software OpenSSL vulnerability (still being updated)
https://ift.tt/yGNFJBE
Submitted November 01, 2022 at 05:31PM by Triyujin
via reddit https://ift.tt/4GwYUaf
https://ift.tt/yGNFJBE
Submitted November 01, 2022 at 05:31PM by Triyujin
via reddit https://ift.tt/4GwYUaf
GitHub
OpenSSL-2022/software at main · NCSC-NL/OpenSSL-2022
Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL 3 - NCSC-NL/OpenSSL-2022
OpenSSL Blog Post with FAQs - CVE-2022-3786 and CVE-2022-3602: X.509 Email Address Buffer Overflows
https://ift.tt/GHsuc57
Submitted November 01, 2022 at 09:41PM by Gallus
via reddit https://ift.tt/68OTAyo
https://ift.tt/GHsuc57
Submitted November 01, 2022 at 09:41PM by Gallus
via reddit https://ift.tt/68OTAyo
www.openssl.org
CVE-2022-3786 and CVE-2022-3602: X.509 Email Address Buffer Overflows - OpenSSL Blog
Today we published an
advisory about CVE-2022-3786
(“X.509 Email Address Variable Length Buffer Overflow”) and
CVE-2022-3602 (“X.509 Email Address 4- …
advisory about CVE-2022-3786
(“X.509 Email Address Variable Length Buffer Overflow”) and
CVE-2022-3602 (“X.509 Email Address 4- …
OpenSSL Security Advisory [01 November 2022] - CVE-2022-3786 CVE-2022-3602
https://ift.tt/VNy7WOM
Submitted November 01, 2022 at 09:37PM by Gallus
via reddit https://ift.tt/QypOUGl
https://ift.tt/VNy7WOM
Submitted November 01, 2022 at 09:37PM by Gallus
via reddit https://ift.tt/QypOUGl
OpenSSL version 3.0.7 published - Fixed two buffer overflows in punycode decoding functions
https://ift.tt/1w8zsrX
Submitted November 01, 2022 at 09:20PM by Gallus
via reddit https://ift.tt/9zkQANG
https://ift.tt/1w8zsrX
Submitted November 01, 2022 at 09:20PM by Gallus
via reddit https://ift.tt/9zkQANG
The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation | Datadog Security Labs
https://ift.tt/I6wP3xF
Submitted November 01, 2022 at 10:27PM by RedTermSession
via reddit https://ift.tt/i82ujZ7
https://ift.tt/I6wP3xF
Submitted November 01, 2022 at 10:27PM by RedTermSession
via reddit https://ift.tt/i82ujZ7
Datadoghq
The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation
Learn how the OpenSSL punycode vulnerability (CVE-2022-3602) works, how to detect it, and how it can be exploited.