Freeway for Network Pentesting
https://ift.tt/yNdGc6u
Submitted May 18, 2024 at 04:15PM by Material-Tonight8924
via reddit https://ift.tt/3wgTWhP
https://ift.tt/yNdGc6u
Submitted May 18, 2024 at 04:15PM by Material-Tonight8924
via reddit https://ift.tt/3wgTWhP
GitHub
GitHub - FLOCK4H/Freeway: WiFi Penetration Testing & Auditing Tool
WiFi Penetration Testing & Auditing Tool. Contribute to FLOCK4H/Freeway development by creating an account on GitHub.
A Basic Guide to Discovering Attack Surface with Ghidra and GDB
https://ift.tt/htzF10v
Submitted May 18, 2024 at 07:48PM by cy1337
via reddit https://ift.tt/N9SWMrT
https://ift.tt/htzF10v
Submitted May 18, 2024 at 07:48PM by cy1337
via reddit https://ift.tt/N9SWMrT
Medium
A Basic Guide to Discovering Attack Surface with Ghidra and GDB
In this article I will introduce how to generate GDB Python code to trace a program being analyzed in Ghidra.
RomHack CFP Closes May 31!
https://ift.tt/VLOQ1Um
Submitted May 19, 2024 at 12:37AM by smaury
via reddit https://ift.tt/XK8pyPn
https://ift.tt/VLOQ1Um
Submitted May 19, 2024 at 12:37AM by smaury
via reddit https://ift.tt/XK8pyPn
RomHack Security Conference
RomHack Conference, Training and Camp
RomHack is a format made by the non-profit association Cyber Saiyan and composed by a Conference a Training session and a Hacker Camp.
Threat Detection Engineering and Incident Response with AuditD and Sentinel along how to understand and use AuditD
https://ift.tt/OVTdMPm
Submitted May 19, 2024 at 04:54PM by thattechkitten
via reddit https://ift.tt/qv3ghA2
https://ift.tt/OVTdMPm
Submitted May 19, 2024 at 04:54PM by thattechkitten
via reddit https://ift.tt/qv3ghA2
Medium
Part 1 : Threat Detection Engineering and Incident Response with AuditD and Sentinel — along how to…
NOTE: This article is based off the following and should be followed first:
The WAF Swiss-Knife
https://ift.tt/JpmGkAP
Submitted May 20, 2024 at 03:09AM by lacioffi
via reddit https://ift.tt/Cz5r6Ai
https://ift.tt/JpmGkAP
Submitted May 20, 2024 at 03:09AM by lacioffi
via reddit https://ift.tt/Cz5r6Ai
CVE-2023-34992: Fortinet FortiSIEM Command Injection Deep-Dive, IOCs, and Exploit
https://ift.tt/9xOZKnH
Submitted May 20, 2024 at 05:42PM by scopedsecurity
via reddit https://ift.tt/A095XSm
https://ift.tt/9xOZKnH
Submitted May 20, 2024 at 05:42PM by scopedsecurity
via reddit https://ift.tt/A095XSm
Horizon3.ai
CVE-2023-34992: Fortinet FortiSIEM Command Injection Deep-Dive
CVE-2023-34992 Fortinet FortiSIEM Command Injection Deep-Dive and Indicators of Compromise. This blog details a command injection vulnerability which allows an unauthenticated attacker to access the FortiSIEM server as root to execute arbitrary commands.
Arbitrary JavaScript execution in PDF.js
https://ift.tt/D92P5MN
Submitted May 20, 2024 at 08:16PM by albinowax
via reddit https://ift.tt/8c6RoI4
https://ift.tt/D92P5MN
Submitted May 20, 2024 at 08:16PM by albinowax
via reddit https://ift.tt/8c6RoI4
codeanlabs
CVE-2024-4367 - Arbitrary JavaScript execution in PDF.js - Codean Labs
A vulnerability in PDF.js found by Codean Labs. PDF.js is a JavaScript-based PDF viewer maintained by Mozilla. This bug allows an attacker to execute arbitrary JavaScript code as soon as a malicious PDF file is opened. This affects all Firefox users (
Honeywell Patches Multiple Vulnerabilities in its Virtual Controllers
https://ift.tt/HsMPYtF
Submitted May 20, 2024 at 10:37PM by derp6996
via reddit https://ift.tt/VQ7PDiR
https://ift.tt/HsMPYtF
Submitted May 20, 2024 at 10:37PM by derp6996
via reddit https://ift.tt/VQ7PDiR
Claroty
Exploiting Honeywell ControlEdge VirtualUOC
Team82 found multiple vulnerabilities in the EpicMo protocol implementation within Honeywell ControlEdge Virtual UOC instances. These vulnerabilities are exploitable and can lead to unauthenticated remote code execution.
Black Basta ransomware is targeting critical infrastructure sectors
https://ift.tt/3uIhldq
Submitted May 20, 2024 at 10:58PM by moonlock_security
via reddit https://ift.tt/tplQXaL
https://ift.tt/3uIhldq
Submitted May 20, 2024 at 10:58PM by moonlock_security
via reddit https://ift.tt/tplQXaL
Moonlock
Black Basta ransomware is targeting critical infrastructure
CISA and the FBI have issued a warning.
Memory Corruption Vulnerability in Fluent Bit (CVE-2024-4323)
https://ift.tt/XfY8lb7
Submitted May 20, 2024 at 10:42PM by dinobyt3s
via reddit https://ift.tt/v17wzq5
https://ift.tt/XfY8lb7
Submitted May 20, 2024 at 10:42PM by dinobyt3s
via reddit https://ift.tt/v17wzq5
Tenable®
Linguistic Lumberjack: Attacking Cloud Services via Logging Endpoints (Fluent Bit - CVE-2024-4323)
Tenable Research has discovered a critical memory corruption vulnerability dubbed Linguistic Lumberjack in Fluent Bit, a core component in the monitoring infrastructure of many cloud services.
Microsoft Entra Connect: Connect Sync vs Cloud Sync
https://ift.tt/jSEsxre
Submitted May 21, 2024 at 02:04AM by clod81
via reddit https://ift.tt/jIGTyni
https://ift.tt/jSEsxre
Submitted May 21, 2024 at 02:04AM by clod81
via reddit https://ift.tt/jIGTyni
Tier Zero Security
Information Security Services. Offensive Security, Penetration Testing, Mobile and Application, Purple Team, Red Team
New SamsStealer Malware Targets Passwords in Windows Systems
https://ift.tt/Jw2E9AZ
Submitted May 21, 2024 at 03:28AM by miso25
via reddit https://ift.tt/SzWGO6K
https://ift.tt/Jw2E9AZ
Submitted May 21, 2024 at 03:28AM by miso25
via reddit https://ift.tt/SzWGO6K
CyberInsider
New SamsStealer Malware Targets Passwords in Windows Systems
CYFIRMA researchers have identified a new information-stealing malware named "SamsStealer" that targets Windows systems.
Hacking MS Entra Connect: Connect Sync vs Cloud Sync from a hacker’s perspective
https://ift.tt/jSEsxre
Submitted May 21, 2024 at 08:07AM by eitot8
via reddit https://ift.tt/3o5jAPa
https://ift.tt/jSEsxre
Submitted May 21, 2024 at 08:07AM by eitot8
via reddit https://ift.tt/3o5jAPa
Tier Zero Security
Information Security Services. Offensive Security, Penetration Testing, Mobile and Application, Purple Team, Red Team
*Technical blog post alert* In this post we share our considerations behind the Vault architecture. The architecture uses the principle of separating control and data functionality to support enhanced scalability and high throughput, high data volume, and low latency
https://ift.tt/w9sHvxa
Submitted May 21, 2024 at 12:42PM by Piiano_sec
via reddit https://ift.tt/YjIlmpi
https://ift.tt/w9sHvxa
Submitted May 21, 2024 at 12:42PM by Piiano_sec
via reddit https://ift.tt/YjIlmpi
MCPTotal
Secure MCP Cloud for Enterprises
MCP Made Easy and secure - Onboard AI tools in a click.
Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule
https://ift.tt/HRLfJWD
Submitted May 21, 2024 at 12:34PM by albinowax
via reddit https://ift.tt/x8ojq2F
https://ift.tt/HRLfJWD
Submitted May 21, 2024 at 12:34PM by albinowax
via reddit https://ift.tt/x8ojq2F
Sicuranext Blog
Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule
TL;DR: Basically, if a target website is protected by a WAF using the OWASP Core Rule Set or Comodo Rule Set or Atomicorp Rule Set, you can send the string ORA-1234 or OracleDrive or ASL-CONFIG-FILE in a comment, product review, registration form, e-commerce…
Abusing url handling in iTerm2 and Hyper for code execution
https://ift.tt/3y8eul7
Submitted May 21, 2024 at 06:45PM by nex25519
via reddit https://ift.tt/QjrL5Os
https://ift.tt/3y8eul7
Submitted May 21, 2024 at 06:45PM by nex25519
via reddit https://ift.tt/QjrL5Os
Vin01’s Blog
Abusing url handling in iTerm2 and Hyper for code execution
What are escape sequences
TrollUAC
https://ift.tt/LYFG5Nv
Submitted May 21, 2024 at 08:23PM by cybersectroll
via reddit https://ift.tt/H1M5D4U
https://ift.tt/LYFG5Nv
Submitted May 21, 2024 at 08:23PM by cybersectroll
via reddit https://ift.tt/H1M5D4U
GitHub
GitHub - cybersectroll/TrollUAC
Contribute to cybersectroll/TrollUAC development by creating an account on GitHub.
Using HTTPS certificates to sign/encrypt arbitrary data
https://ift.tt/YysBgCD
Submitted May 21, 2024 at 10:56PM by yurichev
via reddit https://ift.tt/jR6LwWY
https://ift.tt/YysBgCD
Submitted May 21, 2024 at 10:56PM by yurichev
via reddit https://ift.tt/jR6LwWY
GitHub - thiagopeixoto/mystique-self-injection: An improvement and a different approach to Mockingjay Self-Injection.
https://ift.tt/b1X08Lw
Submitted May 21, 2024 at 10:46PM by thewatcher_
via reddit https://ift.tt/sK8lTVf
https://ift.tt/b1X08Lw
Submitted May 21, 2024 at 10:46PM by thewatcher_
via reddit https://ift.tt/sK8lTVf
GitHub
GitHub - thiagopeixoto/mystique-self-injection: An improvement and a different approach to Mockingjay Self-Injection.
An improvement and a different approach to Mockingjay Self-Injection. - thiagopeixoto/mystique-self-injection
Network Pentesting - Full Guide
https://ift.tt/CR86VEj
Submitted May 22, 2024 at 02:30AM by Material-Tonight8924
via reddit https://ift.tt/5aLMmjs
https://ift.tt/CR86VEj
Submitted May 22, 2024 at 02:30AM by Material-Tonight8924
via reddit https://ift.tt/5aLMmjs
Medium
Freeway for Network Pentesting
In this article we will focus on exploiting vulnerabilities in the WiFi protocol (IEEE 802.XX) using Freeway.
Local Nmap Dashboard with Grafana
https://ift.tt/DLxJHbP
Submitted May 22, 2024 at 05:22AM by Advanced_Echo7951
via reddit https://ift.tt/OPLbugZ
https://ift.tt/DLxJHbP
Submitted May 22, 2024 at 05:22AM by Advanced_Echo7951
via reddit https://ift.tt/OPLbugZ
HackerTarget.com
Nmap Dashboard Using Grafana | HackerTarget.com
Visualise Nmap Results with a detailed Dashboard built using the powerful Open Source Grafana Analytics Software.