Week of Evading Microsoft ATA - Day 3 - Constrained Delegation, Attacks across trusts, DCSync and DNSAdmins
http://ift.tt/2vP2nhx
Submitted August 09, 2017 at 09:43PM by SamratAsh0k
via reddit http://ift.tt/2vjG2r7
http://ift.tt/2vP2nhx
Submitted August 09, 2017 at 09:43PM by SamratAsh0k
via reddit http://ift.tt/2vjG2r7
Labofapenetrationtester
Week of Evading Microsoft ATA - Day 3 - Constrained Delegation, Attacks across trusts, DCSync and DNSAdmins
Home of Nikhil SamratAshok Mittal. Posts about Pen Testing.
Providing a Common Vulnerability score (CVSSv2) using neural network
http://ift.tt/2hGQMee
Submitted August 09, 2017 at 09:42PM by isox_xx
via reddit http://ift.tt/2wuiv5l
http://ift.tt/2hGQMee
Submitted August 09, 2017 at 09:42PM by isox_xx
via reddit http://ift.tt/2wuiv5l
Wallarm
New from Wallarm Research: First AI-based Tool to Predict Vulnerability Risk
Wallarm Inc., a leading developer of AI-based Web Application security solutions, and Vulners.com, the security database of software…
Secret Program to Offer Rewards up to $250K for VM Escape Vulnerabilities
http://ift.tt/2wuJ22j
Submitted August 10, 2017 at 02:00AM by breadtk
via reddit http://ift.tt/2vkdcXo
http://ift.tt/2wuJ22j
Submitted August 10, 2017 at 02:00AM by breadtk
via reddit http://ift.tt/2vkdcXo
Bugcrowd
Secret Program to Offer Rewards up to $250K
Casey Ellis discusses a new private bug bounty program set to launch with a top reward of $250K.
[TUTORIAL]x86 assembly shellcode with execve syscall
http://ift.tt/2uqY4EG
Submitted August 10, 2017 at 03:03AM by _____WINTERMUTE_____
via reddit http://ift.tt/2hKWawJ
http://ift.tt/2uqY4EG
Submitted August 10, 2017 at 03:03AM by _____WINTERMUTE_____
via reddit http://ift.tt/2hKWawJ
Sebastian Neef - 0day.work
Writing my first shellcode - iptables -P INPUT ACCEPT
I've recently started to look into basic application security concepts using the imho excellent material from OpenSecurityTraining.info. In this blogpost I'd like to share my first piece of shellcode executing iptables -P INPUT ACCEPT. Background After…
$10k Host header (Google Bug Bounty)
http://ift.tt/2uqBGQ8
Submitted August 10, 2017 at 03:45AM by epereiralopez
via reddit http://ift.tt/2vQCZYC
http://ift.tt/2uqBGQ8
Submitted August 10, 2017 at 03:45AM by epereiralopez
via reddit http://ift.tt/2vQCZYC
Google
$10k host header - Test
Testing
Windows 95 Bug Hunting
https://www.youtube.com/watch?v=Q9v8lQYitak
Submitted August 10, 2017 at 04:41AM by badbytesio
via reddit http://ift.tt/2uqX9nS
https://www.youtube.com/watch?v=Q9v8lQYitak
Submitted August 10, 2017 at 04:41AM by badbytesio
via reddit http://ift.tt/2uqX9nS
YouTube
Stream Recording: Windows 95 Bug Finding #2 - Testing IE 5.5
Now that we have a VM up and running, we're going to go after some old-school Windows 95 bugs, starting with landing an exploit for IE 5.5.
SHA2017 talks are up
http://ift.tt/2vfJd1i
Submitted August 10, 2017 at 04:18PM by pheexx
via reddit http://ift.tt/2uscu7P
http://ift.tt/2vfJd1i
Submitted August 10, 2017 at 04:18PM by pheexx
via reddit http://ift.tt/2uscu7P
media.ccc.de
media.ccc.de -
Still Hacking Anyway
Still Hacking Anyway
Video Streaming Portal des Chaos Computer Clubs
Using drone telemetry data to determine origin, operator, environment and flight path
http://ift.tt/2wwvi77
Submitted August 10, 2017 at 05:00PM by hp777us
via reddit http://ift.tt/2vI9ckn
http://ift.tt/2wwvi77
Submitted August 10, 2017 at 05:00PM by hp777us
via reddit http://ift.tt/2vI9ckn
Dronesec
Why UAV telemetry data is a cyber/physical security risk - Dronesec
Using the telemetry from the UAV you can determine a set of characteristics that indicate that a particular flight represents a counter-UAS test flight...
The Legacy Risk: How Outdated Systems Expose Your Data
http://ift.tt/2fuKWvD
Submitted August 10, 2017 at 05:38PM by InfoSecCrazy
via reddit http://ift.tt/2wLh5mb
http://ift.tt/2fuKWvD
Submitted August 10, 2017 at 05:38PM by InfoSecCrazy
via reddit http://ift.tt/2wLh5mb
itsecuritycentral.teramind.co
The Legacy Risk: How Outdated Systems Expose Your Data | IT Security Central
Outdated systems can actually expose an organisation's data, putting them at a higher risk of threat.
SAP Pentest: 3 zero-days to gain the SAP admin account
http://ift.tt/2wxb0dy
Submitted August 10, 2017 at 07:35PM by alexander_polyakov
via reddit http://ift.tt/2vSdntM
http://ift.tt/2wxb0dy
Submitted August 10, 2017 at 07:35PM by alexander_polyakov
via reddit http://ift.tt/2vSdntM
Man behind QNAP NAS botnet convicted
http://ift.tt/2ursivD
Submitted August 10, 2017 at 08:47PM by BoatWizard
via reddit http://ift.tt/2vSAbKx
http://ift.tt/2ursivD
Submitted August 10, 2017 at 08:47PM by BoatWizard
via reddit http://ift.tt/2vSAbKx
BleepingComputer
HackinItaly: The Story Behind the Takedown of a 2,500-Strong QNAP NAS Botnet
Last Friday, on August 4, a jury in the US found Fabio Gasperini, an Italian citizen, guilty of building a botnet that he used to hijack remote servers and surreptitiously click on ads for his personal profits.
Week of Evading Microsoft ATA - Day 4 - Silver ticket, Kerberoast and SQL Servers
http://ift.tt/2wxzHH4
Submitted August 10, 2017 at 08:26PM by SamratAsh0k
via reddit http://ift.tt/2fvUaIl
http://ift.tt/2wxzHH4
Submitted August 10, 2017 at 08:26PM by SamratAsh0k
via reddit http://ift.tt/2fvUaIl
Labofapenetrationtester
Week of Evading Microsoft ATA - Day 4 - Silver ticket, Kerberoast and SQL Servers
Home of Nikhil SamratAshok Mittal. Posts about Pen Testing.
Developing an exploit to complete the Blue Frost Security Ekoparty challenge
http://ift.tt/2hNNbLg
Submitted August 10, 2017 at 08:21PM by RedmondSecGnome
via reddit http://ift.tt/2fvMFkq
http://ift.tt/2hNNbLg
Submitted August 10, 2017 at 08:21PM by RedmondSecGnome
via reddit http://ift.tt/2fvMFkq
reddit
Developing an exploit to complete the Blue Frost... • r/netsec
2 points and 0 comments so far on reddit
Plasma - an interactive disassembler for x86/ARM/MIPS.
http://ift.tt/2iu0fFh
Submitted August 10, 2017 at 08:27PM by voidMOSity
via reddit http://ift.tt/2wxBsUo
http://ift.tt/2iu0fFh
Submitted August 10, 2017 at 08:27PM by voidMOSity
via reddit http://ift.tt/2wxBsUo
GitHub
plasma-disassembler/plasma
plasma - Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
Blue Frost Security Ekoparty challenge #eko13 - top solution writeup
http://ift.tt/2utkNjK
Submitted August 10, 2017 at 09:34PM by evandrix
via reddit http://ift.tt/2uttnPo
http://ift.tt/2utkNjK
Submitted August 10, 2017 at 09:34PM by evandrix
via reddit http://ift.tt/2uttnPo
GitHub
esanfelix/writeup
writeup - Some random write-ups
PhishMe is now Free! (if you're a SMB!)
http://ift.tt/2wLgr88
Submitted August 10, 2017 at 09:15PM by aaronhigbee
via reddit http://ift.tt/2vmSl5J
http://ift.tt/2wLgr88
Submitted August 10, 2017 at 09:15PM by aaronhigbee
via reddit http://ift.tt/2vmSl5J
TechCrunch
PhishMe offers free phishing training tool to SMBs
There are lots of reasons scammers send a phishing email. They may want to get access to the company network or perhaps a quick payout with ransomware. Maybe it’s just a good old-fashioned con…
Compromise On Checkout - Vulnerabilities in SCM Tools
http://ift.tt/2uueKv6
Submitted August 11, 2017 at 12:50AM by joernchen
via reddit http://ift.tt/2utK7tX
http://ift.tt/2uueKv6
Submitted August 11, 2017 at 12:50AM by joernchen
via reddit http://ift.tt/2utK7tX
reddit
Compromise On Checkout - Vulnerabilities in SCM Tools • r/netsec
2 points and 0 comments so far on reddit
Playing in the Remote Sandbox: Adobe Flash Windows User Credentials Disclosure Vulnerability (CVE-2017-3085)
http://ift.tt/2vT244A
Submitted August 11, 2017 at 12:45AM by campuscodi
via reddit http://ift.tt/2utTHZA
http://ift.tt/2vT244A
Submitted August 11, 2017 at 12:45AM by campuscodi
via reddit http://ift.tt/2utTHZA
reddit
Playing in the Remote Sandbox: Adobe Flash Windows User... • r/netsec
12 points and 0 comments so far on reddit
[TUTORIAL] How to make USB Rubber Ducky using USB drive
http://ift.tt/1WCkdei
Submitted August 11, 2017 at 03:41AM by _____WINTERMUTE_____
via reddit http://ift.tt/2hORmq9
http://ift.tt/1WCkdei
Submitted August 11, 2017 at 03:41AM by _____WINTERMUTE_____
via reddit http://ift.tt/2hORmq9
reddit
[TUTORIAL] How to make USB Rubber Ducky using USB drive • r/netsec
1 points and 0 comments so far on reddit
Introducing (n+1)sec – a protocol for distributed multiparty chat encryption
http://ift.tt/2vU48ck
Submitted August 11, 2017 at 04:00AM by thewonderment
via reddit http://ift.tt/2wMT9Pm
http://ift.tt/2vU48ck
Submitted August 11, 2017 at 04:00AM by thewonderment
via reddit http://ift.tt/2wMT9Pm
reddit
Introducing (n+1)sec – a protocol for distributed... • r/netsec
1 points and 1 comments so far on reddit
Arbitrary code execution via crafted ssh:// in Git (CVE-2017-1000117)
http://ift.tt/2vrnGTq
Submitted August 11, 2017 at 04:36AM by nebs0n
via reddit http://ift.tt/2uuFaNg
http://ift.tt/2vrnGTq
Submitted August 11, 2017 at 04:36AM by nebs0n
via reddit http://ift.tt/2uuFaNg
reddit
Arbitrary code execution via crafted ssh:// in Git... • r/netsec
4 points and 0 comments so far on reddit