Domainim: A domain reconnaissance tool for organizational network scanning
https://ift.tt/EqfyGiW
Submitted December 28, 2023 at 03:42AM by pptx704
via reddit https://ift.tt/5QFo01X
https://ift.tt/EqfyGiW
Submitted December 28, 2023 at 03:42AM by pptx704
via reddit https://ift.tt/5QFo01X
GitHub
GitHub - pptx704/domainim: A fast and comprehensive tool for organizational network scanning
A fast and comprehensive tool for organizational network scanning - pptx704/domainim
A burn-after-download file service
https://meltr.io/
Submitted December 28, 2023 at 03:32AM by rythmiclizard
via reddit https://ift.tt/mF468bk
https://meltr.io/
Submitted December 28, 2023 at 03:32AM by rythmiclizard
via reddit https://ift.tt/mF468bk
Reddit
From the netsec community on Reddit: A burn-after-download file service
Posted by rythmiclizard - No votes and 6 comments
The Present Threat of Row Hammer Attacks
https://ift.tt/1CwKzv4
Submitted December 28, 2023 at 04:30PM by the_liberty
via reddit https://ift.tt/8CIGnpt
https://ift.tt/1CwKzv4
Submitted December 28, 2023 at 04:30PM by the_liberty
via reddit https://ift.tt/8CIGnpt
Medium
The Present Threat of Row Hammer Attacks
In 2014 Google researchers discovered strange interference between memory locations in DDR3, DDR4, and DDR5 Random Access Memory (RAM.) On…
New payloads to exploit Error-based SQL injection - PostgreSQL database
https://ift.tt/WXtac27
Submitted December 28, 2023 at 06:14PM by 1046ica
via reddit https://ift.tt/yMt1WQI
https://ift.tt/WXtac27
Submitted December 28, 2023 at 06:14PM by 1046ica
via reddit https://ift.tt/yMt1WQI
www.mannulinux.org
New payloads to exploit Error-based SQL injection - PostgreSQL database
Learn Basic Concepts of Linux. Best site to learn Linux from beginner to Advanced.
Breaking through the Infostealer Exploit and the Enigma of Cookie Restoration
https://ift.tt/oI6dQNH
Submitted December 29, 2023 at 08:30PM by Malwarebeasts
via reddit https://ift.tt/mo5xcQ1
https://ift.tt/oI6dQNH
Submitted December 29, 2023 at 08:30PM by Malwarebeasts
via reddit https://ift.tt/mo5xcQ1
InfoStealers
Breaking through the Infostealer Exploit and the Enigma of Cookie Restoration.
Lumma Infostealer’s cookie restoration method operates by leveraging a key from restore files, allowing the revival of expired Google cookies
Network Scanning Options
https://www.google.com
Submitted December 29, 2023 at 11:34PM by LevitatingGuru
via reddit https://ift.tt/K4rg8PB
https://www.google.com
Submitted December 29, 2023 at 11:34PM by LevitatingGuru
via reddit https://ift.tt/K4rg8PB
Reddit
[deleted by user] : r/netsec
514K subscribers in the netsec community. /r/netsec is a community-curated aggregator of technical information security content. Our mission is to…
Autorize – IDOR research tool - extension for Burp Suite
https://ift.tt/zJCfpik
Submitted December 30, 2023 at 06:14AM by quitten11
via reddit https://ift.tt/UEAlizg
https://ift.tt/zJCfpik
Submitted December 30, 2023 at 06:14AM by quitten11
via reddit https://ift.tt/UEAlizg
GitHub
GitHub - Quitten/Autorize: Automatic authorization enforcement detection extension for burp suite written in Jython developed by…
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automa...
OSINT tool to search 1.4 Billion clear text credentials from Email
https://ift.tt/GyIqx54
Submitted December 31, 2023 at 07:59AM by UpstairsWord4042
via reddit https://ift.tt/EyA05pC
https://ift.tt/GyIqx54
Submitted December 31, 2023 at 07:59AM by UpstairsWord4042
via reddit https://ift.tt/EyA05pC
Leet
OSINT tool to search 1.4 Billion clear text credentials from Email
This tool allows you to perform OSINT and reconnaissance on an organisation or an individual. It allows one to search 1.4 Billion clear text credentials which was dumped as part of...
How to install Nessus Tenable on Linux
https://ift.tt/HyPFskS
Submitted December 31, 2023 at 07:49AM by UpstairsWord4042
via reddit https://ift.tt/X8xB5iZ
https://ift.tt/HyPFskS
Submitted December 31, 2023 at 07:49AM by UpstairsWord4042
via reddit https://ift.tt/X8xB5iZ
🗂️Keep in Mind - Why so many hackers prefer C#
https://ift.tt/jTWfauq
Submitted December 31, 2023 at 04:48PM by UpstairsWord4042
via reddit https://ift.tt/rzYfj0X
https://ift.tt/jTWfauq
Submitted December 31, 2023 at 04:48PM by UpstairsWord4042
via reddit https://ift.tt/rzYfj0X
Leet.lat
🗂️Keep in Mind - Why so many hackers prefer C#
Hey there, fellow leet geeks!
I hope you're all having a fantastic day on this last day of the year and are ready to dive into the fascinating world of red teamers and one of their their secret...
I hope you're all having a fantastic day on this last day of the year and are ready to dive into the fascinating world of red teamers and one of their their secret...
🗂️Keep in Mind - How Open Source Software is Transforming Web Application Security & Top 10 Open Source Hacking Tools
https://ift.tt/R4ufqE5
Submitted December 31, 2023 at 09:51PM by UpstairsWord4042
via reddit https://ift.tt/8KdbIz3
https://ift.tt/R4ufqE5
Submitted December 31, 2023 at 09:51PM by UpstairsWord4042
via reddit https://ift.tt/8KdbIz3
Leet
🗂️Keep in Mind - How Open Source Software is Transforming Web...
Open source software, with its transparency and collaborative nature, has revolutionized the way we approach cybersecurity. It has become an invaluable tool in the arsenal of every ethical hacker...
Unmasking RedLine Stealer
https://ift.tt/5mH9nMQ
Submitted January 01, 2024 at 02:34PM by Malwarebeasts
via reddit https://ift.tt/o8jWCJa
https://ift.tt/5mH9nMQ
Submitted January 01, 2024 at 02:34PM by Malwarebeasts
via reddit https://ift.tt/o8jWCJa
InfoStealers
Unmasking RedLine Stealer
RedLine Stealer is a dangerous type of malware that can cause serious harm to both individuals and organizations.
Hide and Seek in Windows' Closet: Unmasking the WinSxS Hijacking Hideout
https://ift.tt/2ZElpzo
Submitted January 01, 2024 at 09:27PM by thewatcher_
via reddit https://ift.tt/9UqnihK
https://ift.tt/2ZElpzo
Submitted January 01, 2024 at 09:27PM by thewatcher_
via reddit https://ift.tt/9UqnihK
Security Joes
Hide and Seek in Windows' Closet: Unmasking the WinSxS Hijacking Hideout
Our investigation has revealed an innovative approach that leverages executables commonly found in the trusted WinSxS folder and exploits them via the classic DLL Search Order Hijacking technique. This method allows threat actors to circumvent high privilege…
Thoughts Scatr.it Zero Trust Network (maybe like a scaler?)
http://www.scatr.it
Submitted January 02, 2024 at 06:38AM by InTheHoney
via reddit https://ift.tt/IrnY0zD
http://www.scatr.it
Submitted January 02, 2024 at 06:38AM by InTheHoney
via reddit https://ift.tt/IrnY0zD
Reddit
[deleted by user] : r/netsec
508K subscribers in the netsec community. /r/netsec is a community-curated aggregator of technical information security content. Our mission is to…
Initial Access – search-ms URI Handler
https://ift.tt/hIJmcB8
Submitted January 02, 2024 at 02:03PM by netbiosX
via reddit https://ift.tt/DwONHTZ
https://ift.tt/hIJmcB8
Submitted January 02, 2024 at 02:03PM by netbiosX
via reddit https://ift.tt/DwONHTZ
Penetration Testing Lab
Initial Access – search-ms URI Handler
Microsoft search protocol enables clients to initiate connections against an enterprise search service such as SharePoint or WebDav. During these search connections the protocol server will respond…
BPF Memory Forensics with Volatility 3
https://ift.tt/tmzPU54
Submitted January 02, 2024 at 04:18PM by martinclauss
via reddit https://ift.tt/E14sk0g
https://ift.tt/tmzPU54
Submitted January 02, 2024 at 04:18PM by martinclauss
via reddit https://ift.tt/E14sk0g
lolcads tech blog
BPF Memory Forensics with Volatility 3
BPF Memory Forensics with Volatility 3 Introduction and Motivation Have you ever wondered how an eBPF rootkit looks like? Well, here’s one, have a good look:
Upon receiving a command and control (C2) request, this specimen can execute arbitrary commands on…
Upon receiving a command and control (C2) request, this specimen can execute arbitrary commands on…
The blind spots of automated web app assessments
https://ift.tt/juWIZVU
Submitted January 03, 2024 at 01:23PM by security_aaudit
via reddit https://ift.tt/qKm0yvo
https://ift.tt/juWIZVU
Submitted January 03, 2024 at 01:23PM by security_aaudit
via reddit https://ift.tt/qKm0yvo
baldur.dk
Showcasing why automated scanners might miss some very obvious bugs and how to deal with that.
Scheduled Task Tampering
https://ift.tt/k1h3EL6
Submitted January 03, 2024 at 12:44PM by netbiosX
via reddit https://ift.tt/WIJ8HuU
https://ift.tt/k1h3EL6
Submitted January 03, 2024 at 12:44PM by netbiosX
via reddit https://ift.tt/WIJ8HuU
Purple Team
Scheduled Task Tampering
The HAFNIUM threat actor is using an unconventional method to tamper scheduled tasks in order to establish persistence via modification of registry keys in their malware called Tarrask. The benefit…
Bitwarden Heist - How to Break into Password Vaults Without Using Passwords
https://ift.tt/J0PAyCQ
Submitted January 03, 2024 at 05:15PM by RedTeamPentesting
via reddit https://ift.tt/vQoSiCr
https://ift.tt/J0PAyCQ
Submitted January 03, 2024 at 05:15PM by RedTeamPentesting
via reddit https://ift.tt/vQoSiCr
RedTeam Pentesting - Blog
Bitwarden Heist - How to Break Into Password Vaults Without Using Passwords
Sometimes, making particular security design decisions can have unexpected consequences. For security-critical software, such as password managers, this can easily lead to catastrophic failure: In this blog post, we show how Bitwarden’s Windows Hello …
Lessons from securing FreeRDP
https://ift.tt/TDPw7Oy
Submitted January 01, 2024 at 08:48PM by eyalitki
via reddit https://ift.tt/qBTYihJ
https://ift.tt/TDPw7Oy
Submitted January 01, 2024 at 08:48PM by eyalitki
via reddit https://ift.tt/qBTYihJ
Eyal Itkin
Lessons from Securing FreeRDP
Introduction The story behind this 2-part blog series started quite a while ago, on September 2018, when I started a vulnerability research on a (then) novel attack vector: “Reverse RDP”…
/r/netsec's Q1 2024 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted January 03, 2024 at 08:24PM by netsec_burn
via reddit https://ift.tt/rWM91DJ
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted January 03, 2024 at 08:24PM by netsec_burn
via reddit https://ift.tt/rWM91DJ