Ghidra Golf: A Reverse Engineering CTF
https://ift.tt/kqCJSeZ
Submitted February 17, 2023 at 05:17PM by DLLCoolJ
via reddit https://ift.tt/Bxs2OEL
https://ift.tt/kqCJSeZ
Submitted February 17, 2023 at 05:17PM by DLLCoolJ
via reddit https://ift.tt/Bxs2OEL
GitHub
Ghidra Golf
OUSD R&E Sponsored Automated Reverse Engineering CTF - Ghidra Golf
Introducing Proxy Enriched Sequence Diagrams (PESD). New Burp Plugin.
https://ift.tt/c6Y0Oti
Submitted February 17, 2023 at 05:03PM by nibblesec
via reddit https://ift.tt/BuewIcL
https://ift.tt/c6Y0Oti
Submitted February 17, 2023 at 05:03PM by nibblesec
via reddit https://ift.tt/BuewIcL
Doyensec
Introducing Proxy Enriched Sequence Diagrams (PESD) · Doyensec's Blog
Doyensec's Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.
How we Hacked Apple Twice in one day for Fun (and Profit)
https://ift.tt/t18n6ZB
Submitted February 17, 2023 at 08:14PM by pectoral
via reddit https://ift.tt/gQ2lw6J
https://ift.tt/t18n6ZB
Submitted February 17, 2023 at 08:14PM by pectoral
via reddit https://ift.tt/gQ2lw6J
Medium
Hacking Apple: Two Successful Exploits and Positive Thoughts on their Bug Bounty Program
Hacking Apple is no easy feat. With some of the most talented security professionals working on protecting their systems, it’s hard to…
ICS and OT Vulnerabilities Analysis for 2022
https://ift.tt/1z8l52w
Submitted February 17, 2023 at 09:09PM by derp6996
via reddit https://ift.tt/3ZNMK1H
https://ift.tt/1z8l52w
Submitted February 17, 2023 at 09:09PM by derp6996
via reddit https://ift.tt/3ZNMK1H
Claroty
Report: State of XIoT Security: 2H 2022
Uncover the latest trends in the State of XIoT Security Report for 2H 2022. Discover the changing landscape of vulnerabilities in OT, IoT, and IoMT.
chvancooten/NimPlant: A light-weight first-stage C2 implant written in Nim.
https://ift.tt/tpmMDKW
Submitted February 18, 2023 at 08:33AM by Vegetable_Treat_5017
via reddit https://ift.tt/2cFd1G9
https://ift.tt/tpmMDKW
Submitted February 18, 2023 at 08:33AM by Vegetable_Treat_5017
via reddit https://ift.tt/2cFd1G9
GitHub
GitHub - chvancooten/NimPlant: A light-weight first-stage C2 implant written in Nim.
A light-weight first-stage C2 implant written in Nim. - GitHub - chvancooten/NimPlant: A light-weight first-stage C2 implant written in Nim.
Azure B2C Crypto Misuse and Account Compromise
https://ift.tt/rECKWDX
Submitted February 18, 2023 at 07:03PM by dlorenc
via reddit https://ift.tt/Y5lbgEs
https://ift.tt/rECKWDX
Submitted February 18, 2023 at 07:03PM by dlorenc
via reddit https://ift.tt/Y5lbgEs
Praetorian
Azure B2C Crypto Misuse and Account Compromise -
Microsoft’s Azure B2C service misused cryptography, which allowed an attacker to craft an OAuth refresh token to access a victim account.
Small utility to chunk up a large BloodHound JSON file into smaller files for faster importing.
https://ift.tt/KxLyd86
Submitted February 19, 2023 at 04:08AM by ustayready
via reddit https://ift.tt/C0uD57s
https://ift.tt/KxLyd86
Submitted February 19, 2023 at 04:08AM by ustayready
via reddit https://ift.tt/C0uD57s
GitHub
GitHub - ustayready/ShredHound: Small utility to chunk up a large BloodHound JSON file into smaller files for importing.
Small utility to chunk up a large BloodHound JSON file into smaller files for importing. - GitHub - ustayready/ShredHound: Small utility to chunk up a large BloodHound JSON file into smaller files ...
mast1c0re: Part 3 – Escaping the PS5 emulator
https://ift.tt/FS3V5Q7
Submitted February 19, 2023 at 04:06AM by ArbitraryWrite
via reddit https://ift.tt/e8N4fDL
https://ift.tt/FS3V5Q7
Submitted February 19, 2023 at 04:06AM by ArbitraryWrite
via reddit https://ift.tt/e8N4fDL
McCaulay
mast1c0re: Part 3 - Escaping the emulator
Introduction
In the previous post, we developed a traditional stack buffer overflow exploit in the Okage: Shadow King game which resulted in us being able to execute arbitrary code from within a PlayStation 2 ELF that was embedded inside the exploitable…
In the previous post, we developed a traditional stack buffer overflow exploit in the Okage: Shadow King game which resulted in us being able to execute arbitrary code from within a PlayStation 2 ELF that was embedded inside the exploitable…
Return of the 0ktapus? Coinbase fend of UNC3944/ScatteredSpider attack that used SMS Phishing and attempted MFA bypass
https://ift.tt/DNABcJh
Submitted February 19, 2023 at 09:41AM by SuaveHobo
via reddit https://ift.tt/H4l8xN1
https://ift.tt/DNABcJh
Submitted February 19, 2023 at 09:41AM by SuaveHobo
via reddit https://ift.tt/H4l8xN1
Opalsec
Return of the 0ktapus?
Coinbase seems to think so
New OpenSecurityTraining2 class, "Hardware 1101: Intel SPI Analysis"
https://ift.tt/R3KEaA5
Submitted February 20, 2023 at 08:13AM by OpenSecurityTraining
via reddit https://ift.tt/dTfDcyt
https://ift.tt/R3KEaA5
Submitted February 20, 2023 at 08:13AM by OpenSecurityTraining
via reddit https://ift.tt/dTfDcyt
p.ost2.fyi
Hardware 1101: Intel SPI Analysis
Mini-course on using a logic analyzer to view SPI flash transactions caused by Intel MMIO interface.
316ctf: Beginner CTF for Students and Anybody Else
https://316ctf.com/
Submitted February 20, 2023 at 06:43PM by 4NonOfficialUseOnly
via reddit https://ift.tt/fj5qpxO
https://316ctf.com/
Submitted February 20, 2023 at 06:43PM by 4NonOfficialUseOnly
via reddit https://ift.tt/fj5qpxO
316ctf
Cyber Challenges for Students! | 316ctf
316ctf - Cybersecurity CTF Challenges for High School and Middle School Students
Legitify added support for GPT-based security recommendations for GitHub & GitLab assets
https://ift.tt/PxVDpU6
Submitted February 20, 2023 at 09:05PM by dotanoam
via reddit https://ift.tt/khVlZjT
https://ift.tt/PxVDpU6
Submitted February 20, 2023 at 09:05PM by dotanoam
via reddit https://ift.tt/khVlZjT
GitHub
GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets - GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across a...
GitHub - zblurx/dploot: DPAPI looting remotely in Python
https://ift.tt/letY0rS
Submitted February 20, 2023 at 08:54PM by scopedsecurity
via reddit https://ift.tt/wJIcCgq
https://ift.tt/letY0rS
Submitted February 20, 2023 at 08:54PM by scopedsecurity
via reddit https://ift.tt/wJIcCgq
GitHub
GitHub - zblurx/dploot: DPAPI looting remotely in Python
DPAPI looting remotely in Python. Contribute to zblurx/dploot development by creating an account on GitHub.
CVE-2022-24942 Heap-based buffer overflow in Silicon Labs Gecko SDK
https://ift.tt/mtPIqAC
Submitted February 21, 2023 at 12:48AM by attilaszia
via reddit https://ift.tt/v6V3WxN
https://ift.tt/mtPIqAC
Submitted February 21, 2023 at 12:48AM by attilaszia
via reddit https://ift.tt/v6V3WxN
Bugprove
CVE-2022-24942 Heap-based buffer overflow in Silicon Labs Gecko SDK
Heap-based buffer overflow vulnerabilities were found by BugProve in Silicon Lab’s Gecko SDK.
New OSCP Reporting Tool (SysReptor)
https://ift.tt/cfMkHvh
Submitted February 21, 2023 at 12:24PM by Pleasant-Drawer729
via reddit https://ift.tt/sbIZyY0
https://ift.tt/cfMkHvh
Submitted February 21, 2023 at 12:24PM by Pleasant-Drawer729
via reddit https://ift.tt/sbIZyY0
Sysreptor
Free OSCP Reporting - SysReptor Docs
None
Fortinet FortiNAC CVE-2022-39952 Deep-Dive, IOCs, and POC
https://ift.tt/wH6o0Fv
Submitted February 21, 2023 at 06:22PM by scopedsecurity
via reddit https://ift.tt/mPojJW4
https://ift.tt/wH6o0Fv
Submitted February 21, 2023 at 06:22PM by scopedsecurity
via reddit https://ift.tt/mPojJW4
Horizon3.ai
Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs
Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs. This vulnerability allows remote code execution as the root user.
ClamAV Critical Patch Review
https://ift.tt/aU2jHKu
Submitted February 21, 2023 at 08:32PM by g_e_r_h_a_r_d
via reddit https://ift.tt/g7FhPZS
https://ift.tt/aU2jHKu
Submitted February 21, 2023 at 08:32PM by g_e_r_h_a_r_d
via reddit https://ift.tt/g7FhPZS
ONEKEY
ClamAV Critical Patch Review
Explore issues resolved by ClamAV's recent critical patch in technical deep dive.
A Deep Dive Into a PoshC2 Implant
https://ift.tt/ZXC31Eo
Submitted February 21, 2023 at 08:32PM by CyberMasterV
via reddit https://ift.tt/UYRiqj5
https://ift.tt/ZXC31Eo
Submitted February 21, 2023 at 08:32PM by CyberMasterV
via reddit https://ift.tt/UYRiqj5
SecurityScorecard
Resources
Explore cybersecurity white papers, data sheets, webinars, videos, informative blogs, and more with SecurityScorecard.
OWASP Kubernetes Top 10 - Tools & Techniques
https://ift.tt/nw3fX7C
Submitted February 21, 2023 at 09:15PM by MiguelHzBz
via reddit https://ift.tt/YBCr0lQ
https://ift.tt/nw3fX7C
Submitted February 21, 2023 at 09:15PM by MiguelHzBz
via reddit https://ift.tt/YBCr0lQ
Sysdig
OWASP Kubernetes Top 10 – Sysdig
OWASP has created the OWASP Kubernetes Top 10, which helps identify the most likely risks.
Introducing Sublime: A new, open approach to email security
https://ift.tt/M4AnyGu
Submitted February 22, 2023 at 03:23AM by Glomar-Response
via reddit https://ift.tt/UrQBP2M
https://ift.tt/M4AnyGu
Submitted February 22, 2023 at 03:23AM by Glomar-Response
via reddit https://ift.tt/UrQBP2M
sublime.security
Introducing Sublime: A new, open approach to email security
The detection and response platform for securing email.
Let's build a Chrome extension that steals everything
https://ift.tt/fUlTB7M
Submitted February 22, 2023 at 07:23AM by ScottContini
via reddit https://ift.tt/UqfE8Ah
https://ift.tt/fUlTB7M
Submitted February 22, 2023 at 07:23AM by ScottContini
via reddit https://ift.tt/UqfE8Ah
Building Browser Extensions
Let's build a Chrome extension that steals everything
Today's adventure: DIY whole hog data exfiltration