boringtools/git-alerts: A Public Git repository & misconfiguration detection tool
https://ift.tt/CVvOLhg
Submitted April 01, 2023 at 02:36AM by nicksthehacker_
via reddit https://ift.tt/p2Ehm0z
https://ift.tt/CVvOLhg
Submitted April 01, 2023 at 02:36AM by nicksthehacker_
via reddit https://ift.tt/p2Ehm0z
GitHub
GitHub - boringtools/git-alerts: A Public Git repository & misconfiguration detection tool
A Public Git repository & misconfiguration detection tool - GitHub - boringtools/git-alerts: A Public Git repository & misconfiguration detection tool
How to avoid the aCropalypse
https://ift.tt/mLH71Dl
Submitted April 01, 2023 at 10:19AM by Gallus
via reddit https://ift.tt/SljWyXK
https://ift.tt/mLH71Dl
Submitted April 01, 2023 at 10:19AM by Gallus
via reddit https://ift.tt/SljWyXK
Trail of Bits Blog
How to avoid the aCropalypse
By Henrik Brodin, Lead Security Engineer, Research The aCropalypse is upon us! Last week, news about CVE-2023-21036, nicknamed the “aCropalypse,” spread across Twitter and other media, and I quickl…
Leveraging LLMs for solving bounty hunting pain points
https://ift.tt/GPrzuOV
Submitted April 01, 2023 at 12:57PM by DebugDucky
via reddit https://ift.tt/wDNInRX
https://ift.tt/GPrzuOV
Submitted April 01, 2023 at 12:57PM by DebugDucky
via reddit https://ift.tt/wDNInRX
Charlie's blog
Leveraging LLMs for solving bounty hunting pain points
In 2022, I embarked on a journey with jswzl, believing that a single developer could deliver immense value without a team by focusing on high-value outputs and minimizing low-leverage work. As a so…
Exploiting Hibernate Injection in "Order by" Clause (Oracle database)
https://ift.tt/fwKDRTM
Submitted April 01, 2023 at 03:24PM by 1046ica
via reddit https://ift.tt/FQKidLU
https://ift.tt/fwKDRTM
Submitted April 01, 2023 at 03:24PM by 1046ica
via reddit https://ift.tt/FQKidLU
www.mannulinux.org
Exploiting Hibernate Injection in "Order by" Clause (Oracle database)
Learn Basic Concepts of Linux. Best site to learn Linux from beginner to Advanced.
The Defender's Guide to the 3CX Supply Chain Attack - How it happened, why it matters, and what's being done about it
https://ift.tt/rhLZSKT
Submitted April 01, 2023 at 04:03PM by SuaveHobo
via reddit https://ift.tt/1ydlLZ9
https://ift.tt/rhLZSKT
Submitted April 01, 2023 at 04:03PM by SuaveHobo
via reddit https://ift.tt/1ydlLZ9
Opalsec
The Defender's Guide to the 3CX Supply Chain Attack
How it happened, why it matters, and what's being done about it.
Developing a Robust Vulnerability Detection Tool for ink!
https://ift.tt/dxavLSi
Submitted April 01, 2023 at 07:12PM by kruksym
via reddit https://ift.tt/r7UnO21
https://ift.tt/dxavLSi
Submitted April 01, 2023 at 07:12PM by kruksym
via reddit https://ift.tt/r7UnO21
Medium
Developing a Robust Vulnerability Detection Tool for ink! Smart Contracts on Substrate-Based Blockchains
CoinFabrik received a grant from the Web3 Foundation to develop a proof-of-concept tool for detecting security vulnerabilities in Parity’s…
"Alexa, what is my wifi password?" by Daniel, a 14 year old developer
https://ift.tt/l2DhbMK
Submitted April 01, 2023 at 07:00PM by Gallus
via reddit https://ift.tt/2zrUbOZ
https://ift.tt/l2DhbMK
Submitted April 01, 2023 at 07:00PM by Gallus
via reddit https://ift.tt/2zrUbOZ
dragon863.github.io
Dragon863 - "Alexa, What is my Wifi Password?"
Taking a look at the (in)security of the amazon echo dot.
"Dissecting redis CVE-2023-28425 with chatGPT as assistant" blog post
https://ift.tt/eTt7AKF
Submitted April 03, 2023 at 01:29AM by NoPaleontologist7419
via reddit https://ift.tt/ZDvH3WQ
https://ift.tt/eTt7AKF
Submitted April 03, 2023 at 01:29AM by NoPaleontologist7419
via reddit https://ift.tt/ZDvH3WQ
Lambda driver blog
Dissecting redis CVE-2023-28425 with chatGPT as assistant
Intro
Malicious ISO File Leads to Domain Wide Ransomware
https://ift.tt/Pq5biFo
Submitted April 03, 2023 at 07:04AM by TheDFIRReport
via reddit https://ift.tt/B7UF0db
https://ift.tt/Pq5biFo
Submitted April 03, 2023 at 07:04AM by TheDFIRReport
via reddit https://ift.tt/B7UF0db
The DFIR Report
Malicious ISO File Leads to Domain Wide Ransomware - The DFIR Report
IcedID continues to deliver malspam emails to facilitate a compromise. This case covers the activity from a campaign in late September of 2022. Post exploitation activities detail some familiar and … Read More
Need help installing hackazon
https://ift.tt/KOEbzWP
Submitted April 03, 2023 at 09:05AM by wolfweaver98
via reddit https://ift.tt/ENMStXQ
https://ift.tt/KOEbzWP
Submitted April 03, 2023 at 09:05AM by wolfweaver98
via reddit https://ift.tt/ENMStXQ
Multiple vulnerabilities in Aten PE8108 power distribution unit - There is no security firmware update, yet.
https://ift.tt/h5yRk1l
Submitted April 03, 2023 at 04:05PM by fr0r
via reddit https://ift.tt/hmlXHby
https://ift.tt/h5yRk1l
Submitted April 03, 2023 at 04:05PM by fr0r
via reddit https://ift.tt/hmlXHby
Pentagrid AG
Multiple vulnerabilities in Aten PE8108 power distribution unit
A Pentagrid security advisory about multiple vulnerabilities in the Aten PE8108 PDU remote power outlet control.
Argument Injection Cheatsheet
https://ift.tt/bAJsBWU
Submitted April 03, 2023 at 06:33PM by monoimpact
via reddit https://ift.tt/SlpoXcA
https://ift.tt/bAJsBWU
Submitted April 03, 2023 at 06:33PM by monoimpact
via reddit https://ift.tt/SlpoXcA
GTFOArgs: A Curated List Of Binaries For Argument Injection.
https://ift.tt/XSJbted
Submitted April 03, 2023 at 07:45PM by MegaManSec2
via reddit https://ift.tt/QpbaD9c
https://ift.tt/XSJbted
Submitted April 03, 2023 at 07:45PM by MegaManSec2
via reddit https://ift.tt/QpbaD9c
Bypassing Amazon Kids+ Parental Controls
https://ift.tt/akpuQMS
Submitted April 03, 2023 at 07:51PM by n00py
via reddit https://ift.tt/H1SvYLM
https://ift.tt/akpuQMS
Submitted April 03, 2023 at 07:51PM by n00py
via reddit https://ift.tt/H1SvYLM
www.n00py.io
Bypassing Amazon Kids+ Parental Controls
Recently for Christmas my 4 year old daughter got an Amazon Kids tablet. So far the tablet has been great and Kids+ seems like a pretty decent value for what you get. I'm very wary of the types of content available on the internet, and as a parent it's my…
The Bug Bounty Radar - The latest Bug Bounty programs from various platforms
https://bbradar.io
Submitted April 03, 2023 at 11:33PM by SyntifyTech
via reddit https://ift.tt/vSgL6sc
https://bbradar.io
Submitted April 03, 2023 at 11:33PM by SyntifyTech
via reddit https://ift.tt/vSgL6sc
bbradar.io
The Bug Bounty Radar - The Latest Public Bug Bounty Programs | The Bug Bounty Radar
The Bug Bounty Radar - Discover and explore the latest public bug bounty programs from top platforms. Find security research opportunities, compare rewards, and access the most comprehensive bug bounty database. 6 new programs added recently.
Why API Security Matters More Than You Think
https://ift.tt/bp3Cm8O
Submitted April 04, 2023 at 04:25AM by shrisukhani
via reddit https://ift.tt/LjhTvMr
https://ift.tt/bp3Cm8O
Submitted April 04, 2023 at 04:25AM by shrisukhani
via reddit https://ift.tt/LjhTvMr
Metlo
Why API Security Matters More Than You Think
What are APIs?
APIs are the glue that holds the modern world together. They allow different applications and services to communicate with each other, and they power everything from e-commerce to social media. However, with this ease of connectivity comes…
APIs are the glue that holds the modern world together. They allow different applications and services to communicate with each other, and they power everything from e-commerce to social media. However, with this ease of connectivity comes…
Smishing Protection - Robokiller
https://robokiller.com
Submitted April 04, 2023 at 08:39AM by evilmanbot
via reddit https://ift.tt/7nqP3VO
https://robokiller.com
Submitted April 04, 2023 at 08:39AM by evilmanbot
via reddit https://ift.tt/7nqP3VO
Robokiller
The Text & Spam Call Blocker App That Actually Works | Robokiller
Block 99% of spam calls and texts with the leading spam call blocker app. Create a world without spam calls and get some sweet revenge along the way!
Pentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server · Aura Research Division
https://ift.tt/Acj9kBI
Submitted April 04, 2023 at 11:11AM by Acceptable-Doubt-878
via reddit https://ift.tt/fAhMayQ
https://ift.tt/Acj9kBI
Submitted April 04, 2023 at 11:11AM by Acceptable-Doubt-878
via reddit https://ift.tt/fAhMayQ
Aura Research Division
Pentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server
Check that regex.
Proxyjacking - How attackers are monetizing internet bandwidth post exploitation
https://ift.tt/PjvWyXY
Submitted April 04, 2023 at 06:35PM by weseven
via reddit https://ift.tt/n03abJd
https://ift.tt/PjvWyXY
Submitted April 04, 2023 at 06:35PM by weseven
via reddit https://ift.tt/n03abJd
Sysdig
Proxyjacking has Entered the Chat – Sysdig
Did you know that you can effortlessly make a small passive income by simply letting an application run on your...
A fresh look at user enumeration in Microsoft Teams
https://ift.tt/ogP9z52
Submitted April 04, 2023 at 06:12PM by doitsukara
via reddit https://ift.tt/LcTktKV
https://ift.tt/ogP9z52
Submitted April 04, 2023 at 06:12PM by doitsukara
via reddit https://ift.tt/LcTktKV
www.securesystems.de
A fresh look at user enumeration in Microsoft Teams
User enumeration in Azure Active Directory environments is an important step in attack simulations. This blog post revisits how user enumeration can be performed for Microsoft Teams and introduces a new tool called TeamsEnum.
Suggestion needed to advance my career or learning something new
https://ift.tt/n59MiDU
Submitted April 04, 2023 at 08:35PM by Nithissh
via reddit https://ift.tt/uYNUEOF
https://ift.tt/n59MiDU
Submitted April 04, 2023 at 08:35PM by Nithissh
via reddit https://ift.tt/uYNUEOF
Practical DevSecOps
learning-path - Practical DevSecOps
Want to become an expert in DevSecOps? Our customised learning paths will help you learn DevSecOps and get certified. Learn more today!