🚀AWSAttacks: Your Resource for AWS Security Monitoring! 🛡️
https://ift.tt/Jl60Uxc
Submitted December 13, 2023 at 03:56PM by unknownhad
via reddit https://ift.tt/0LibuxJ
https://ift.tt/Jl60Uxc
Submitted December 13, 2023 at 03:56PM by unknownhad
via reddit https://ift.tt/0LibuxJ
GitHub
GitHub - unknownhad/CloudIntel: This repo contains IOC, malware and malware analysis associated with Public cloud
This repo contains IOC, malware and malware analysis associated with Public cloud - unknownhad/CloudIntel
Nmap Peek - View your Nmap files in VSCode
https://ift.tt/DAE02d6
Submitted December 13, 2023 at 06:05PM by marduc812
via reddit https://ift.tt/6c297GO
https://ift.tt/DAE02d6
Submitted December 13, 2023 at 06:05PM by marduc812
via reddit https://ift.tt/6c297GO
Visualstudio
Nmap Peek - Visual Studio Marketplace
Extension for Visual Studio Code - View your nmap output inside VS Code, in a nice clean GUI
CryptoLyzer 0.12 ~= SSLyze + testssl.sh + ssh-audit + Mozilla observatory
https://cryptolyzer.readthedocs.io/en/latest/features/
Submitted December 13, 2023 at 08:48PM by c0r0n3r
via reddit https://ift.tt/8ukSTo6
https://cryptolyzer.readthedocs.io/en/latest/features/
Submitted December 13, 2023 at 08:48PM by c0r0n3r
via reddit https://ift.tt/8ukSTo6
Reddit
From the netsec community on Reddit: CryptoLyzer 0.12 ~= SSLyze + testssl.sh + ssh-audit + Mozilla observatory
Posted by c0r0n3r - 6 votes and 2 comments
Routers Roasting on an Open Firewall: the KV-botnet Investigation
https://ift.tt/Cngj5Di
Submitted December 13, 2023 at 11:43PM by wheelfoot
via reddit https://ift.tt/pL8qFT2
https://ift.tt/Cngj5Di
Submitted December 13, 2023 at 11:43PM by wheelfoot
via reddit https://ift.tt/pL8qFT2
Lumen Blog
Routers Roasting on an Open Firewall: the KV-botnet Investigation
Understand how this small and home office router botnet can impact your business and how to combat the threat.
Remote Code Execution vs. OPC UA Clients
https://ift.tt/675UbuQ
Submitted December 14, 2023 at 02:54AM by derp6996
via reddit https://ift.tt/1EdGJtp
https://ift.tt/675UbuQ
Submitted December 14, 2023 at 02:54AM by derp6996
via reddit https://ift.tt/1EdGJtp
Claroty
OPC UA Deep Dive Series (Part 8): Gaining Client-Side Remote Code Execution
Nim implementation of Old Dll Unlinking Technique
https://ift.tt/1YgMflX
Submitted December 14, 2023 at 04:06PM by DarkGrejuva
via reddit https://ift.tt/zF1Ds8U
https://ift.tt/1YgMflX
Submitted December 14, 2023 at 04:06PM by DarkGrejuva
via reddit https://ift.tt/zF1Ds8U
GitHub
GitHub - frkngksl/UnlinkDLL: DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList…
DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable - frkngksl/UnlinkDLL
New Methodology for Bluetooth Security Assessment
https://ift.tt/ObcWLod
Submitted December 14, 2023 at 05:06PM by jaimeff
via reddit https://ift.tt/6Sp2N8m
https://ift.tt/ObcWLod
Submitted December 14, 2023 at 05:06PM by jaimeff
via reddit https://ift.tt/6Sp2N8m
BSAM
Bluetooth Security Assessment Methodology
The BSAM methodology is a guide for security evaluation in devices with Bluetooth capabilities.
de4py: toolkit for python reverse engineering
https://ift.tt/ug5jDvZ
Submitted December 14, 2023 at 10:16PM by AhmedMinegames
via reddit https://ift.tt/ceTmonS
https://ift.tt/ug5jDvZ
Submitted December 14, 2023 at 10:16PM by AhmedMinegames
via reddit https://ift.tt/ceTmonS
GitHub
GitHub - Fadi002/de4py: toolkit for python reverse engineering
toolkit for python reverse engineering. Contribute to Fadi002/de4py development by creating an account on GitHub.
CVE-2023-47271: Remote Code Execution Vulnerability in PKP-WAL <= 3.4.0-3
https://ift.tt/1L4jVkD
Submitted December 15, 2023 at 12:25AM by eg1x
via reddit https://ift.tt/ig2ejyZ
https://ift.tt/1L4jVkD
Submitted December 15, 2023 at 12:25AM by eg1x
via reddit https://ift.tt/ig2ejyZ
Karmainsecurity
PKP-WAL <= 3.4.0-3 (NativeImportExportPlugin) Remote Code Execution Vulnerability | Karma(In)Security
This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.
It's been 24 hours of users reporting that Ubiquiti is showing other people's consoles and cameras with limited access
https://ift.tt/z7sRNg5
Submitted December 15, 2023 at 12:21AM by supernetworks
via reddit https://ift.tt/OKIY9Du
https://ift.tt/z7sRNg5
Submitted December 15, 2023 at 12:21AM by supernetworks
via reddit https://ift.tt/OKIY9Du
OpalOPC 2.0.0.0 Adds Support for OPC UA Brute Force
https://ift.tt/il0xy9B
Submitted December 15, 2023 at 01:14AM by Salmiakkilakritsi
via reddit https://ift.tt/AC0cTPh
https://ift.tt/il0xy9B
Submitted December 15, 2023 at 01:14AM by Salmiakkilakritsi
via reddit https://ift.tt/AC0cTPh
Opalopc
Release 2.0.0.0 | OpalOPC
Privesc to RCE in “enterprise-grade” OpenNMS
https://ift.tt/PV6BLz2
Submitted December 15, 2023 at 02:29AM by kalibabka
via reddit https://ift.tt/HStK3MV
https://ift.tt/PV6BLz2
Submitted December 15, 2023 at 02:29AM by kalibabka
via reddit https://ift.tt/HStK3MV
Medium
Privesc to RCE in “enterprise-grade” OpenNMS
An analysis of CVE-2023–0872, CVE-2023–40315 & more
Ledger Wallets Attack
https://ift.tt/fmWCvLV
Submitted December 15, 2023 at 02:10AM by arrowflakes
via reddit https://ift.tt/G8Nl3gx
https://ift.tt/fmWCvLV
Submitted December 15, 2023 at 02:10AM by arrowflakes
via reddit https://ift.tt/G8Nl3gx
CoinFabrik
Attack on Ledger Wallets - What happened?
All information about Ledger's Connect Kit attack. This suspected “supply chain attack” may leave dapp users open to loss of funds.
IDA Pro Vulfi plugin UPDATE
https://ift.tt/M3d5GFh
Submitted December 15, 2023 at 02:56PM by Martypx00
via reddit https://ift.tt/LBlkXi6
https://ift.tt/M3d5GFh
Submitted December 15, 2023 at 02:56PM by Martypx00
via reddit https://ift.tt/LBlkXi6
GitHub
GitHub - Accenture/VulFi: IDA Pro plugin for query based searching within the binary useful mainly for vulnerability research.
IDA Pro plugin for query based searching within the binary useful mainly for vulnerability research. - Accenture/VulFi
npm search RCE? - Escape Sequence Injection
https://ift.tt/tuKNQlM
Submitted December 16, 2023 at 04:23AM by _solid_snail
via reddit https://ift.tt/wNUzXVj
https://ift.tt/tuKNQlM
Submitted December 16, 2023 at 04:23AM by _solid_snail
via reddit https://ift.tt/wNUzXVj
solid-snail blog
npm search RCE? - Escape Sequence Injection
How many programmers does it take to filter out 36 characters? You may think this is an opening to a joke, but it’s not.
OSTE META SCANNER
https://ift.tt/KTh8mHW
Submitted December 16, 2023 at 05:18AM by OSTEsayed
via reddit https://ift.tt/zA0VM82
https://ift.tt/KTh8mHW
Submitted December 16, 2023 at 05:18AM by OSTEsayed
via reddit https://ift.tt/zA0VM82
GitHub
GitHub - OSTEsayed/OSTE-Meta-Scan: The OSTE meta scanner is a comprehensive web vulnerability scanner that combines multiple DAST…
The OSTE meta scanner is a comprehensive web vulnerability scanner that combines multiple DAST scanners, including Nikto Scanner, ZAP, Nuclei, SkipFish, and Wapiti. - OSTEsayed/OSTE-Meta-Scan
Google Oauth is Broken (sort of)
https://ift.tt/Fdfl8im
Submitted December 16, 2023 at 11:17PM by wifihack
via reddit https://ift.tt/9GtHl2w
https://ift.tt/Fdfl8im
Submitted December 16, 2023 at 11:17PM by wifihack
via reddit https://ift.tt/9GtHl2w
Trufflesecurity
Google OAuth is Broken (Sort Of) ◆ Truffle Security Co.
Today I’m publicizing a Google OAuth vulnerability that allows employees at companies to retain indefinite access to applications like Slack and Zoom, after they’re off-boarded and removed from their company’s Google organization. The vulnerability is easy…
GitHub - dwisiswant0/cve-2023-50164-poc: Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")
https://ift.tt/fjF0ObL
Submitted December 17, 2023 at 09:28PM by dwisiswant0
via reddit https://ift.tt/0LSiMKN
https://ift.tt/fjF0ObL
Submitted December 17, 2023 at 09:28PM by dwisiswant0
via reddit https://ift.tt/0LSiMKN
GitHub
GitHub - dwisiswant0/cve-2023-50164-poc: Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")
Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164") - dwisiswant0/cve-2023-50164-poc
Advisory and PoC for CVE-2021-21480 (9.1/10) from BH MEA 23
https://ift.tt/hID5Esu
Submitted December 18, 2023 at 09:40AM by vah_13
via reddit https://ift.tt/1fviqVD
https://ift.tt/hID5Esu
Submitted December 18, 2023 at 09:40AM by vah_13
via reddit https://ift.tt/1fviqVD
RedRays - Your SAP Security Solution
Advisory for SAP Security Note 3022622 - [CVE-2021-21480][PoC]
Introducing SMTP Smuggling: A novel technique for spoofing e-mails
https://ift.tt/3rPMl4L
Submitted December 18, 2023 at 03:31PM by The_Login
via reddit https://ift.tt/8ZrKnLD
https://ift.tt/3rPMl4L
Submitted December 18, 2023 at 03:31PM by The_Login
via reddit https://ift.tt/8ZrKnLD
SEC Consult
SMTP Smuggling - Spoofing E-Mails Worldwide
Introducing a novel technique for e-mail spoofing
Lets Open(Dir) Some Presents: An Analysis of a Persistent Actor’s Activity
https://ift.tt/CouOGYU
Submitted December 18, 2023 at 05:11PM by TheDFIRReport
via reddit https://ift.tt/nqNPstQ
https://ift.tt/CouOGYU
Submitted December 18, 2023 at 05:11PM by TheDFIRReport
via reddit https://ift.tt/nqNPstQ
The DFIR Report
Lets Open(Dir) Some Presents: An Analysis of a Persistent Actor’s Activity
This report is a little different than our typical content. We were able to analyze data from a perspective we typically don’t get to see… a threat actor’s host! In early November…