Certificate Transparency is now enforced in Firefox on desktop platforms starting with version 135
https://ift.tt/suLqtiO
Submitted February 05, 2025 at 09:17AM by Soatok
via reddit https://ift.tt/hGObDqP
https://ift.tt/suLqtiO
Submitted February 05, 2025 at 09:17AM by Soatok
via reddit https://ift.tt/hGObDqP
ArgFuscator.net - generate obfuscated command lines
https://ift.tt/PmVFYcK
Submitted February 07, 2025 at 01:52AM by Wietze-
via reddit https://ift.tt/mr0hXd4
https://ift.tt/PmVFYcK
Submitted February 07, 2025 at 01:52AM by Wietze-
via reddit https://ift.tt/mr0hXd4
ArgFuscator
Generate obfuscated command-line arguments for common system-native executables now with ArgFuscator.
How to prove false statements? (Part 2)
https://ift.tt/B7eTO5f
Submitted February 07, 2025 at 04:16AM by feross
via reddit https://ift.tt/JtBhsWS
https://ift.tt/B7eTO5f
Submitted February 07, 2025 at 04:16AM by feross
via reddit https://ift.tt/JtBhsWS
A Few Thoughts on Cryptographic Engineering
How to prove false statements? (Part 2)
This is the second part of a two three four-part series, which covers some recent results on “verifiable computation” and possible pitfalls that could occur there. This post won’t…
CVE-2024-55957: Local Privilege Escalation Vulnerability in Thermo Scientific™ Xcalibur™ and Foundation software
https://ift.tt/yQWDPuq
Submitted February 07, 2025 at 08:16AM by clod81
via reddit https://ift.tt/1v6w3Mp
https://ift.tt/yQWDPuq
Submitted February 07, 2025 at 08:16AM by clod81
via reddit https://ift.tt/1v6w3Mp
Tier Zero Security
Information Security Services. Offensive Security, Penetration Testing, Mobile and Application, Purple Team, Red Team
Windows Telephony Services: 2025 Patch Diffing & Analysis
https://ift.tt/mHLCMvy
Submitted February 07, 2025 at 06:37PM by SL7reach
via reddit https://ift.tt/QKXSZ7z
https://ift.tt/mHLCMvy
Submitted February 07, 2025 at 06:37PM by SL7reach
via reddit https://ift.tt/QKXSZ7z
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Windows Telephony Services: 2025 Patch Diffing & Analysis Part 1
Introduction At the start of 2025, on January 14th, Microsoft released over 20+ CVEs addressing Remote Code Execution (RCE) vulnerabilities in Microsoft Telephony Services,...
Certificate Ripper v2.4.0 released - tool to extract server certificates
https://ift.tt/gEQAPKm
Submitted February 06, 2025 at 04:46AM by Hakky54
via reddit https://ift.tt/o6pezPU
https://ift.tt/gEQAPKm
Submitted February 06, 2025 at 04:46AM by Hakky54
via reddit https://ift.tt/o6pezPU
GitHub
GitHub - Hakky54/certificate-ripper: 🔐 A CLI tool to extract server certificates
🔐 A CLI tool to extract server certificates. Contribute to Hakky54/certificate-ripper development by creating an account on GitHub.
Nosey Parker Explorer, an interactive TUI app for triaging secret exposures, is now Apache 2-licensed. It has helped on hundreds of offensive security engagements to quickly comb through thousands of potential findings.
https://ift.tt/4TPeWzU
Submitted February 06, 2025 at 03:59AM by exploding_nun
via reddit https://ift.tt/a5VMELm
https://ift.tt/4TPeWzU
Submitted February 06, 2025 at 03:59AM by exploding_nun
via reddit https://ift.tt/a5VMELm
GitHub
GitHub - praetorian-inc/noseyparker-explorer: Interactive results explorer and annotation tool for Nosey Parker
Interactive results explorer and annotation tool for Nosey Parker - praetorian-inc/noseyparker-explorer
Making Ghost-Servers that appear to have Unconstrained Kerberos Delegation (but alert on access attempts)
https://ift.tt/53mxhzy
Submitted February 07, 2025 at 07:51PM by ranok
via reddit https://ift.tt/wadnlTU
https://ift.tt/53mxhzy
Submitted February 07, 2025 at 07:51PM by ranok
via reddit https://ift.tt/wadnlTU
Thinkst Thoughts
Almost famous: behind the scenes of a feature that didn’t make the cut
Introduction A counterintuitive truth is that great products are defined by both the features they include, as well as those they don’t. We spend a lot of time pondering potential new features for …
ROPing our way to "Yay, RCE" - follow Michaels journey of developing an ARM ROP chain to exploit a buffer overflow in uc-http. Dive into the process of reverse engineering, gadget hunting, and crafting a working exploit.
https://ift.tt/cSPTozU
Submitted February 08, 2025 at 09:59PM by Mean-Ant5928
via reddit https://ift.tt/9ueHZdJ
https://ift.tt/cSPTozU
Submitted February 08, 2025 at 09:59PM by Mean-Ant5928
via reddit https://ift.tt/9ueHZdJ
Modzero
ROPing our way to RCE / modzero
Security analysis of the Wi-Fi Easy Connect
https://rdcu.be/d84dW
Submitted February 08, 2025 at 09:50PM by sophron_
via reddit https://ift.tt/w6OMX8s
https://rdcu.be/d84dW
Submitted February 08, 2025 at 09:50PM by sophron_
via reddit https://ift.tt/w6OMX8s
SpringerLink
Security analysis of the Wi-Fi Easy Connect
International Journal of Information Security - Wi-Fi Easy Connect is a protocol introduced by the Wi-Fi Alliance, as the core replacement of the Wi-Fi Protected Setup (WPS). It aims to facilitate...
New Hacking Book – No Certifications, No Corporate BS. Just Real-World Hacking Knowledge.
https://ift.tt/A8Hjx6L
Submitted February 09, 2025 at 09:10AM by Efficient-Ad-953
via reddit https://ift.tt/Eu0nrPA
https://ift.tt/A8Hjx6L
Submitted February 09, 2025 at 09:10AM by Efficient-Ad-953
via reddit https://ift.tt/Eu0nrPA
Leanpub
Ghost in the Wires: The Making of a Modern Hacker
A raw, no-bullshit guide to hacking—from anonymity to exploitation. Learn how real hackers think, break systems, and stay untouchable. Are you ready?
NanoCore RAT Malware Analysis
https://ift.tt/xWE763N
Submitted February 10, 2025 at 01:11AM by anuraggawande
via reddit https://ift.tt/H4y2kfC
https://ift.tt/xWE763N
Submitted February 10, 2025 at 01:11AM by anuraggawande
via reddit https://ift.tt/H4y2kfC
Malware Analysis, Phishing, and Email Scams
NanoCore RAT Malware Analysis
NanoCore is a well-known Remote Access Trojan (RAT) used by threat actors for espionage, data theft, and system control. In this post, I will analyze a NanoCore RAT sample with the hash 18B476D3724…
Jooki - Taking Control of a Forgotten Device
https://ift.tt/3bCYQaf
Submitted February 10, 2025 at 03:58AM by nv1t
via reddit https://ift.tt/WJad2iA
https://ift.tt/3bCYQaf
Submitted February 10, 2025 at 03:58AM by nv1t
via reddit https://ift.tt/WJad2iA
Blog
Jooki - Taking Control of a Forgotten Device
Jooki was a dream come true for parents—an intuitive, screen-free audio player that let kids enjoy music and stories with the tap of a token. But that dream turned into frustration when the company behind Jooki went bankrupt, leaving countless devices bricked…
NVIDIA/Mellanox ConnectX-5: iRISC reverse engineering, finding SHA256
https://ift.tt/MGYzZRW
Submitted February 10, 2025 at 06:44PM by jonasrudloff
via reddit https://ift.tt/n1C094w
https://ift.tt/MGYzZRW
Submitted February 10, 2025 at 06:44PM by jonasrudloff
via reddit https://ift.tt/n1C094w
PLZ HELP ME SECURITY PPL
http://Google.com
Submitted February 11, 2025 at 08:54AM by RandomReema
via reddit https://ift.tt/V8pL7At
http://Google.com
Submitted February 11, 2025 at 08:54AM by RandomReema
via reddit https://ift.tt/V8pL7At
Reddit
From the netsec community on Reddit: PLZ HELP ME SECURITY PPL
Posted by RandomReema - 0 votes and 6 comments
Evil Crow RF: A Portable Radio Frequency Device compatible with Flipper Zero Sub-GHz file format
https://ift.tt/NZneulU
Submitted February 11, 2025 at 01:06PM by barakadua131
via reddit https://ift.tt/OBrzwQe
https://ift.tt/NZneulU
Submitted February 11, 2025 at 01:06PM by barakadua131
via reddit https://ift.tt/OBrzwQe
Mobile Hacker
Evil Crow RF: A Portable Radio Frequency Device
This tool expands your smartphone’s capabilities, allowing you to dive into RF analysis, penetration testing, and signal manipulation—bringing mobile hacking to a whole new level.
Build Your Own Offensive Security Lab A Step-by-Step Guide with Ludus
https://ift.tt/KNFd2eM
Submitted February 11, 2025 at 12:46PM by xkarezma
via reddit https://ift.tt/tGFkweo
https://ift.tt/KNFd2eM
Submitted February 11, 2025 at 12:46PM by xkarezma
via reddit https://ift.tt/tGFkweo
Ahmed Sherif
Build Your Own Offensive Security Lab A Step-by-Step Guide with Ludus
TL;DR:
Fault Injection – Looking for a Unicorn
https://ift.tt/vuTBinH
Submitted February 11, 2025 at 01:48PM by 0xdea
via reddit https://ift.tt/oUrIhE4
https://ift.tt/vuTBinH
Submitted February 11, 2025 at 01:48PM by 0xdea
via reddit https://ift.tt/oUrIhE4
hn security
Fault Injection – Looking for a Unicorn - hn security
Intro In our previous article Fault […]
Exploring a VPN Appliance: A Researcher’s Journey
https://ift.tt/4OTbNjt
Submitted February 11, 2025 at 09:29PM by Narrow_Rooster_630
via reddit https://ift.tt/kgKH3mY
https://ift.tt/4OTbNjt
Submitted February 11, 2025 at 09:29PM by Narrow_Rooster_630
via reddit https://ift.tt/kgKH3mY
Akamai
Exploring a VPN Appliance: A Researcher’s Journey | Akamai
Akamai researchers explore Fortinet FortiOS and discover multiple vulnerabilities that can lead to denial-of-service and remote code execution attacks.
PsExec’ing the right way and why zero trust is mandatory
https://ift.tt/Qwgln4I
Submitted February 11, 2025 at 09:19PM by AlmondOffSec
via reddit https://ift.tt/ph5TBIG
https://ift.tt/Qwgln4I
Submitted February 11, 2025 at 09:19PM by AlmondOffSec
via reddit https://ift.tt/ph5TBIG
Sensepost
SensePost | Psexec’ing the right way and why zero trust is mandatory
Leaders in Information Security
Tenda AC15 CVE-2020-13393 Exploit (!exploitable episode one)
https://ift.tt/opOYCBN
Submitted February 11, 2025 at 08:58PM by nibblesec
via reddit https://ift.tt/fx5eAJw
https://ift.tt/opOYCBN
Submitted February 11, 2025 at 08:58PM by nibblesec
via reddit https://ift.tt/fx5eAJw