Powershell noscript to forward local or remote tcp ports through smb pipes
http://ift.tt/2v4BXFh
Submitted August 14, 2017 at 08:39AM by p3nt4
via reddit http://ift.tt/2uF8Xmy
http://ift.tt/2v4BXFh
Submitted August 14, 2017 at 08:39AM by p3nt4
via reddit http://ift.tt/2uF8Xmy
GitHub
p3nt4/Piper
Piper - Creates a local or remote port forwarding through named pipes.
Breaking Instacart
http://ift.tt/2wWtDXT
Submitted August 14, 2017 at 12:32PM by lazykid07
via reddit http://ift.tt/2uB6nC2
http://ift.tt/2wWtDXT
Submitted August 14, 2017 at 12:32PM by lazykid07
via reddit http://ift.tt/2uB6nC2
what I'm breaking...
Breaking Instacart
Instacart is an American company that operates as a same-day grocery delivery service. Customers select groceries through a web application from various retailers and delivered by a personal shoppe…
The plugin dumps the array of functions pointers SrvTransaction2DispatchTable from the srv.sys driver and checks that all of them points to the binary address space.
http://ift.tt/2vBb3oN
Submitted August 14, 2017 at 06:17PM by bmerino
via reddit http://ift.tt/2wJkdj5
http://ift.tt/2vBb3oN
Submitted August 14, 2017 at 06:17PM by bmerino
via reddit http://ift.tt/2wJkdj5
Shelliscoming
DoublePulsar SMB implant detection from Volatility
In the last months there have been various groups of attackers as well as noscript kiddies that have been using the FuzzBunch Framework to co...
DoublePulsar SMB implant detection from Volatility
http://ift.tt/2vBb3oN
Submitted August 14, 2017 at 06:24PM by bmerino
via reddit http://ift.tt/2vUsW4s
http://ift.tt/2vBb3oN
Submitted August 14, 2017 at 06:24PM by bmerino
via reddit http://ift.tt/2vUsW4s
Shelliscoming
DoublePulsar SMB implant detection from Volatility
In the last months there have been various groups of attackers as well as noscript kiddies that have been using the FuzzBunch Framework to co...
Tutorial A2 Introduction to Glitch Attacks (including Glitch Explorer)
http://ift.tt/2uURHcp
Submitted August 14, 2017 at 06:21PM by maxxori
via reddit http://ift.tt/2vCfbF4
http://ift.tt/2uURHcp
Submitted August 14, 2017 at 06:21PM by maxxori
via reddit http://ift.tt/2vCfbF4
Splunk Spotlight - Alerting From Logs
http://ift.tt/2uCpP1e
Submitted August 14, 2017 at 07:08PM by MattHodge
via reddit http://ift.tt/2wWMzG2
http://ift.tt/2uCpP1e
Submitted August 14, 2017 at 07:08PM by MattHodge
via reddit http://ift.tt/2wWMzG2
hodgkins.io
Splunk Spotlight - Alerts
We take a close look at alerting in Splunk, including sending nice Slack notifications.
Checking for Breached Password Requests in Active Directory
http://ift.tt/2w3uDNI
Submitted August 14, 2017 at 08:25PM by General_Menace
via reddit http://ift.tt/2w3oi4H
http://ift.tt/2w3uDNI
Submitted August 14, 2017 at 08:25PM by General_Menace
via reddit http://ift.tt/2w3oi4H
dcrawl - Smart, multi-threaded web crawler for scraping huge lists of unique domain names (GO)
http://ift.tt/2uV0Kdp
Submitted August 14, 2017 at 09:33PM by kgretzky
via reddit http://ift.tt/2uHtKpo
http://ift.tt/2uV0Kdp
Submitted August 14, 2017 at 09:33PM by kgretzky
via reddit http://ift.tt/2uHtKpo
GitHub
kgretzky/dcrawl
dcrawl - Simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names.
Turning LFI into RFI on *nix systems
http://ift.tt/2uI4GyS
Submitted August 15, 2017 at 01:18AM by but_im_made_of_lava
via reddit http://ift.tt/2w7kWgp
http://ift.tt/2uI4GyS
Submitted August 15, 2017 at 01:18AM by but_im_made_of_lava
via reddit http://ift.tt/2w7kWgp
l.avala.mp's place
Turning LFI into RFI
Have you ever been testing a web application for vulnerabilities, found a local file include (LFI) that could pay serious dividends if you had the right file on the web server, but couldn’t f…
SpiderFoot 2.11 released
http://ift.tt/2wXSWZI
Submitted August 15, 2017 at 01:38AM by smicallef
via reddit http://ift.tt/2fF14Ln
http://ift.tt/2wXSWZI
Submitted August 15, 2017 at 01:38AM by smicallef
via reddit http://ift.tt/2fF14Ln
SpiderFoot
SpiderFoot 2.11 released
SpiderFoot is an open source intelligence automation tool. Use it to build intelligence about threats targeting your network, or gather information about your own network before the bad guys do.
A Solution of the P versus NP Problem (Implies P != NP)
http://ift.tt/2fFsbpk
Submitted August 15, 2017 at 04:28AM by scourge101
via reddit http://ift.tt/2vyx7C0
http://ift.tt/2fFsbpk
Submitted August 15, 2017 at 04:28AM by scourge101
via reddit http://ift.tt/2vyx7C0
reddit
A Solution of the P versus NP Problem (Implies P != NP) • r/netsec
1 points and 0 comments so far on reddit
eidolon - a DNS server that load balances DNS queries across public nameservers (for DNS scanning tools)
http://ift.tt/2uIWSfW
Submitted August 15, 2017 at 05:00AM by cmeister2
via reddit http://ift.tt/2i0CHse
http://ift.tt/2uIWSfW
Submitted August 15, 2017 at 05:00AM by cmeister2
via reddit http://ift.tt/2i0CHse
GitHub
cmeister2/eidolon
eidolon - A DNS server that balances queries amongst a number of public DNS servers
rowhammer like attack on SSD
http://ift.tt/2vX5pQw
Submitted August 15, 2017 at 08:02AM by bb111189
via reddit http://ift.tt/2w8GKYT
http://ift.tt/2vX5pQw
Submitted August 15, 2017 at 08:02AM by bb111189
via reddit http://ift.tt/2w8GKYT
CSP Is Dead, Long Live CSP! - On the Insecurity of Whitelists and the Future of Content Security Policy by Lukas Weichselbaum et. al.
http://ift.tt/2w9kii9
Submitted August 15, 2017 at 03:10PM by 0xKaishakunin
via reddit http://ift.tt/2vEJlrn
http://ift.tt/2w9kii9
Submitted August 15, 2017 at 03:10PM by 0xKaishakunin
via reddit http://ift.tt/2vEJlrn
UAC bypass and loading DLL from Webdav - Research on CMSTP.exe binary
http://ift.tt/2uK437U
Submitted August 15, 2017 at 03:08PM by oddvarmoe
via reddit http://ift.tt/2vEJlYp
http://ift.tt/2uK437U
Submitted August 15, 2017 at 03:08PM by oddvarmoe
via reddit http://ift.tt/2vEJlYp
MSitPros Blog
Research on CMSTP.exe
Whenever I have a chance I use my time diving into Windows internal binaries to uncover hidden functionality. This blogpost is dedicated to things I have discovered with the CMSTP.exe binary file. …
Launch – Hello Amazon Macie: Automatically Discover, Classify, and Secure Content at Scale | Amazon Web Services
http://ift.tt/2wXMUrQ
Submitted August 15, 2017 at 05:20PM by lighthouserecipes
via reddit http://ift.tt/2w6yJnU
http://ift.tt/2wXMUrQ
Submitted August 15, 2017 at 05:20PM by lighthouserecipes
via reddit http://ift.tt/2w6yJnU
Amazon Web Services
Launch – Hello Amazon Macie: Automatically Discover, Classify, and Secure Content at Scale | Amazon Web Services
When Jeff and I heard about this service, we both were curious on the meaning of the name Macie. Of course, Jeff being a great researcher looked up the name Macie and found that the name Macie has two meanings. It has both French and English (UK) based origin…
Build a local copy of Security Tracker. Notify via E-mail/Slack if there is an update.
http://ift.tt/2i27yED
Submitted August 15, 2017 at 06:26PM by knqyf263
via reddit http://ift.tt/2fIi2Zk
http://ift.tt/2i27yED
Submitted August 15, 2017 at 06:26PM by knqyf263
via reddit http://ift.tt/2fIi2Zk
GitHub
knqyf263/gost
gost - Build a local copy of Security Tracker. Notify via E-mail/Slack if there is an update.
Finding Cyber Threats with ATT&CK™-Based Analytics
http://ift.tt/2x0X374
Submitted August 15, 2017 at 08:41AM by whatsamanual
via reddit http://ift.tt/2wMhdTc
http://ift.tt/2x0X374
Submitted August 15, 2017 at 08:41AM by whatsamanual
via reddit http://ift.tt/2wMhdTc
Live Windows 95 Bug Hunting
https://www.youtube.com/watch?v=hLGQYi8W5sw
Submitted August 15, 2017 at 04:35AM by badbytesio
via reddit http://ift.tt/2vAdKss
https://www.youtube.com/watch?v=hLGQYi8W5sw
Submitted August 15, 2017 at 04:35AM by badbytesio
via reddit http://ift.tt/2vAdKss
YouTube
Stream Recording: Windows 95 Bug Finding #3 - Crash Analysis
In this episode, we get ollydbg up and running, and take a look at the crash we have. Spoiler alert: unfortunately, at the end of the stream I come to the co...
How someone lost 130K USD from Bittrex Crypto Exchange
http://ift.tt/2wabitd
Submitted August 15, 2017 at 09:06PM by airhack87
via reddit http://ift.tt/2waz7Bd
http://ift.tt/2wabitd
Submitted August 15, 2017 at 09:06PM by airhack87
via reddit http://ift.tt/2waz7Bd
Medium
2FA won’t save you from Phishing — Here’s how
My RSS feeder popped up the below reddit link from the crypto currency subreddit. The poster explains his friend clicked on a phishing…
Password Not Provided - Compromising Any Flurry User's Account [Yahoo Bug Bounty]
http://ift.tt/2vYyfzP
Submitted August 15, 2017 at 09:40PM by cablej
via reddit http://ift.tt/2vAhCJZ
http://ift.tt/2vYyfzP
Submitted August 15, 2017 at 09:40PM by cablej
via reddit http://ift.tt/2vAhCJZ
lightningsecurity.io
Password Not Provided - Compromising Any Flurry User's Account [Yahoo Bug Bounty]