LogSnare: A web application playground for testing, preventing, and logging IDOR vulnerabilities.
https://ift.tt/g23Tvpr
Submitted March 01, 2024 at 06:50PM by Seaerkin2
via reddit https://ift.tt/95duxiZ
https://ift.tt/g23Tvpr
Submitted March 01, 2024 at 06:50PM by Seaerkin2
via reddit https://ift.tt/95duxiZ
GitHub
GitHub - sea-erkin/log-snare: LogSnare: A playground for testing, preventing, and logging IDOR vulnerabilities.
LogSnare: A playground for testing, preventing, and logging IDOR vulnerabilities. - sea-erkin/log-snare
Google VRP: CSP bypass to email exfiltration via Bard
https://ift.tt/VL61KeD
Submitted March 01, 2024 at 08:25PM by poltess0
via reddit https://ift.tt/wfP19FY
https://ift.tt/VL61KeD
Submitted March 01, 2024 at 08:25PM by poltess0
via reddit https://ift.tt/wfP19FY
www.landh.tech
We Hacked Google A.I. for $50,000 - Lupin & Holmes
Phrack #71: Call For Paper
http://www.phrack.org
Submitted March 02, 2024 at 03:05PM by loselasso
via reddit https://ift.tt/qdLKfQp
http://www.phrack.org
Submitted March 02, 2024 at 03:05PM by loselasso
via reddit https://ift.tt/qdLKfQp
Phrack
Introduction
Click to read the article on phrack
LoFP - Living off the False Positive
https://ift.tt/yo8RdKl
Submitted March 02, 2024 at 08:38PM by adityatelange
via reddit https://ift.tt/pfIUx8K
https://ift.tt/yo8RdKl
Submitted March 02, 2024 at 08:38PM by adityatelange
via reddit https://ift.tt/pfIUx8K
Br0K3Nlab
LoFP
Living off the False Positive!
GitHub - teler-sh/sebel: a Go package that provides functionality for checking SSL/TLS certificates against malicious connections, by identifying and blacklisting certificates used by botnet command and control (C&C) servers.
https://ift.tt/zaWfmYj
Submitted March 02, 2024 at 07:34PM by dwisiswant0
via reddit https://ift.tt/4qsrCeD
https://ift.tt/zaWfmYj
Submitted March 02, 2024 at 07:34PM by dwisiswant0
via reddit https://ift.tt/4qsrCeD
GitHub
GitHub - teler-sh/sebel: Checks SSL/TLS certificates for potential malicious connections by detecting and blocking certificates…
Checks SSL/TLS certificates for potential malicious connections by detecting and blocking certificates used by botnet command and control (C&C) servers. - teler-sh/sebel
SubSeekerPro
https://ift.tt/AcsHC8P
Submitted March 03, 2024 at 12:14PM by TheArtHacker34
via reddit https://ift.tt/A4fBQo5
https://ift.tt/AcsHC8P
Submitted March 03, 2024 at 12:14PM by TheArtHacker34
via reddit https://ift.tt/A4fBQo5
GitHub
GitHub - SonfireOP68/SubSeekerPro
Contribute to SonfireOP68/SubSeekerPro development by creating an account on GitHub.
How to effortlessly setup Yubikeys for SSH/GIT on WSL
https://ift.tt/gYlFfwP
Submitted March 03, 2024 at 12:53PM by KaanSK
via reddit https://ift.tt/wmE5yRl
https://ift.tt/gYlFfwP
Submitted March 03, 2024 at 12:53PM by KaanSK
via reddit https://ift.tt/wmE5yRl
Threatzer
Effortless SSH/GIT Security with Yubikey FIDO2 Interface on WSL | Threatzer OÜ
Yubikeys, FIDO2 and WSL Windows Subsystem for Linux (WSL), especially its second iteration (WSL2), offers a seamless way to run Linux distributions directly within Windows. This brings the familiar Linux environment and its powerful tools right to your fingertips…
An intro to automated evasion and compilation of .NET offensive tools
https://ift.tt/vkzC8e3
Submitted March 03, 2024 at 02:01PM by clod81
via reddit https://ift.tt/foTFqwx
https://ift.tt/vkzC8e3
Submitted March 03, 2024 at 02:01PM by clod81
via reddit https://ift.tt/foTFqwx
Tier Zero Security
Information Security Services. Offensive Security, Penetration Testing, Mobile and Application, Purple Team, Red Team
RattaGATTa: Scalable Bluetooth Low-Energy Survey
https://ift.tt/kYJgzxr
Submitted March 02, 2024 at 02:32AM by netsecfriends
via reddit https://ift.tt/LImEMTV
https://ift.tt/kYJgzxr
Submitted March 02, 2024 at 02:32AM by netsecfriends
via reddit https://ift.tt/LImEMTV
GreyNoise Labs
GreyNoise Labs - RattaGATTa: Scalable Bluetooth Low-Energy Survey
Phase 1: Using a pool of collectors to scan and connect to BTLE devices, shedding light on the intricacies of hardware, radio frequency challenges, and the importance of rate-limiting algorithms.
DUALITY: Advanced Red Team Persistence through Self-Reinfecting DLL Backdoors for Unyielding Control
https://ift.tt/1eP8NdR
Submitted March 01, 2024 at 07:51PM by b1x3r
via reddit https://ift.tt/SkKpdhl
https://ift.tt/1eP8NdR
Submitted March 01, 2024 at 07:51PM by b1x3r
via reddit https://ift.tt/SkKpdhl
AON
DUALITY - Part 1
DUALITY: Advanced Red Team Persistence through Self-Reinfecting DLL Backdoors for Unyielding Control
How to Make Nmap Recognize New Services
https://ift.tt/Ob563vq
Submitted March 04, 2024 at 12:52AM by Salmiakkilakritsi
via reddit https://ift.tt/t0Pi6hk
https://ift.tt/Ob563vq
Submitted March 04, 2024 at 12:52AM by Salmiakkilakritsi
via reddit https://ift.tt/t0Pi6hk
Shufflingbytes
How to Make Nmap Recognize New Services
Step-by-step instructions for extending nmap service detection capabilities
Dont Gamble With Risk - Quantitative Risk Modeling of Complex Event Chains
https://ift.tt/qiUKO9R
Submitted March 04, 2024 at 06:52AM by bcdefense
via reddit https://ift.tt/CPUdMFJ
https://ift.tt/qiUKO9R
Submitted March 04, 2024 at 06:52AM by bcdefense
via reddit https://ift.tt/CPUdMFJ
GitHub
GitHub - bcdannyboy/DGWR: Dont Gamble with Risk
Dont Gamble with Risk. Contribute to bcdannyboy/DGWR development by creating an account on GitHub.
BSidesSATX CFP is open
https://ift.tt/leN9GVq
Submitted March 04, 2024 at 11:22AM by SciaticNerd
via reddit https://ift.tt/QbgLBSD
https://ift.tt/leN9GVq
Submitted March 04, 2024 at 11:22AM by SciaticNerd
via reddit https://ift.tt/QbgLBSD
BSIDES SATX 2024
General information about BSides SATX 2023
HTTP 403 bypass tool
https://ift.tt/8GC1EUR
Submitted March 04, 2024 at 01:21PM by SmokeyShark_777
via reddit https://ift.tt/MkOezoF
https://ift.tt/8GC1EUR
Submitted March 04, 2024 at 01:21PM by SmokeyShark_777
via reddit https://ift.tt/MkOezoF
GitHub
GitHub - trap-bytes/403jump: HTTP 403 bypass tool
HTTP 403 bypass tool. Contribute to trap-bytes/403jump development by creating an account on GitHub.
Persistence – Visual Studio Code Extensions
https://ift.tt/r3xpOb2
Submitted March 04, 2024 at 07:30PM by netbiosX
via reddit https://ift.tt/vBfXE01
https://ift.tt/r3xpOb2
Submitted March 04, 2024 at 07:30PM by netbiosX
via reddit https://ift.tt/vBfXE01
Penetration Testing Lab
Persistence – Visual Studio Code Extensions
It is not uncommon developers or users responsible to write code (i.e. detection engineers using Sigma) to utilize Visual Studio Code as their code editor. The default capability of the product can…
Threat Brief: WordPress Exploit Leads to Godzilla Web Shell, Discovery & New CVE
https://ift.tt/0OrwcmY
Submitted March 04, 2024 at 07:15PM by TheDFIRReport
via reddit https://ift.tt/Vw1EWre
https://ift.tt/0OrwcmY
Submitted March 04, 2024 at 07:15PM by TheDFIRReport
via reddit https://ift.tt/Vw1EWre
The DFIR Report
Threat Brief: WordPress Plugin Exploit Leads to Godzilla Web Shell, Discovery & New CVE
Below is a recent Threat Brief that we shared with our customers. Each year, we produce over 20 detailed Threat Briefs, which follow a format similar to the below. Typically, these reports include …
On-Device Fraud on the rise: exposing a recent Copybara fraud campaign | Cleafy Labs
https://ift.tt/8PSjRAn
Submitted March 04, 2024 at 07:45PM by f3d_0x0
via reddit https://ift.tt/GLrPvtg
https://ift.tt/8PSjRAn
Submitted March 04, 2024 at 07:45PM by f3d_0x0
via reddit https://ift.tt/GLrPvtg
Cleafy
On-Device Fraud on the rise: exposing a recent Copybara fraud campaign | Cleafy Labs
Uncover the persistent threat of Account Takeover (ATO) and the emerging challenge of On-Device Fraud (ODF) in online banking. Learn how advanced Android banking trojans Copybara enable remote-controlled attacks and explore the tactics of threat actors, from…
Planes, Ferries and Automobiles – How I Hacked Free Travel Across Iceland
https://ift.tt/s1vgzmf
Submitted March 04, 2024 at 08:36PM by likezoidberg
via reddit https://ift.tt/4YD0cEh
https://ift.tt/s1vgzmf
Submitted March 04, 2024 at 08:36PM by likezoidberg
via reddit https://ift.tt/4YD0cEh
www.debug.is
Planes, Ferries and Automobiles - The Code Lab
Thoughts and experiments on software, security and better coding practises.
Have a look at the largest vulnerability database ever! Includes English translation of CNVD, CNNVD & BDU.
https://ift.tt/IL1qdXx
Submitted March 04, 2024 at 11:25PM by glatisantbeast
via reddit https://ift.tt/xBNiC8K
https://ift.tt/IL1qdXx
Submitted March 04, 2024 at 11:25PM by glatisantbeast
via reddit https://ift.tt/xBNiC8K
www.exploit.observer
The World's Largest Exploit & Vulnerability Database
Exploit Observer aggregates & interprets exploit/vulnerability data from all over the Internet. Consequently, it has evolved into The World's Largest Exploit & Vulnerability Intelligence Database and is freely accessible to all.
Getting Bored of Cyberwar: Exploring the Role of Low-level Cybercrime Actors in the Russia-Ukraine Conflict
https://ift.tt/S479Jwr
Submitted March 04, 2024 at 10:54PM by Nervous--Astronomer
via reddit https://ift.tt/2TkdI8o
https://ift.tt/S479Jwr
Submitted March 04, 2024 at 10:54PM by Nervous--Astronomer
via reddit https://ift.tt/2TkdI8o
Smishing with EvilGophish
https://ift.tt/KrlenCA
Submitted March 05, 2024 at 03:40AM by meterpretersession1
via reddit https://ift.tt/ODrMYA6
https://ift.tt/KrlenCA
Submitted March 05, 2024 at 03:40AM by meterpretersession1
via reddit https://ift.tt/ODrMYA6
fin3ss3g0d's Blog -
Smishing with EvilGophish - fin3ss3g0d's Blog
Introduction to Smishing: Understanding SMS Phishing Tactics In the evolving landscape of cybersecurity threats, smishing—or SMS phishing—stands out as a formidable technique employed by adversaries to exploit human vulnerabilities. Smishing operates on a…