Web Application Penetration Testing Cheat Sheet
https://ift.tt/2Gizuzg
Submitted April 01, 2018 at 08:31PM by liranbh
via reddit https://ift.tt/2H0hOpK
https://ift.tt/2Gizuzg
Submitted April 01, 2018 at 08:31PM by liranbh
via reddit https://ift.tt/2H0hOpK
JDow.io
Web Application Penetration Testing Cheat Sheet
This cheatsheet is intended to run down the typical steps performed when conducting a web application penetration test. I will break these steps down into sub-tasks and describe the tools I recommend using at each level.
Cloudflare launches 1.1.1.1 DNS service that will speed up your internet
https://ift.tt/2Ih8ayD
Submitted April 01, 2018 at 08:13PM by Boceeho
via reddit https://ift.tt/2H0hR4U
https://ift.tt/2Ih8ayD
Submitted April 01, 2018 at 08:13PM by Boceeho
via reddit https://ift.tt/2H0hR4U
The Verge
Cloudflare launches 1.1.1.1 DNS service that will speed up your internet
Not an April Fools’ prank
whonow: A malicious DNS server for experimenting with DNS Rebinding attacks
https://ift.tt/2IiODO9
Submitted April 01, 2018 at 11:49PM by brannondorsey
via reddit https://ift.tt/2uGkeaN
https://ift.tt/2IiODO9
Submitted April 01, 2018 at 11:49PM by brannondorsey
via reddit https://ift.tt/2uGkeaN
GitHub
brannondorsey/whonow
A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53) - brannondorsey/whonow
The Wonderful World of MIPS
https://ift.tt/2pWE4cb
Submitted April 01, 2018 at 11:41PM by majorllama
via reddit https://ift.tt/2Grs11u
https://ift.tt/2pWE4cb
Submitted April 01, 2018 at 11:41PM by majorllama
via reddit https://ift.tt/2Grs11u
Ringzerolabs
The Wonderful World of MIPS
The ever growing Internet of Things (IOT) brings with it a new wave of malware geared toward unfamiliar architectures. Today we take a look at how to compile, analyze, and debug MIPS based binaries.
The Wonderful World of MIPS
https://ift.tt/2pWE4cb
Submitted April 01, 2018 at 11:38PM by majorllama
via reddit https://ift.tt/2H1xh9g
https://ift.tt/2pWE4cb
Submitted April 01, 2018 at 11:38PM by majorllama
via reddit https://ift.tt/2H1xh9g
Ringzerolabs
The Wonderful World of MIPS
The ever growing Internet of Things (IOT) brings with it a new wave of malware geared toward unfamiliar architectures. Today we take a look at how to compile, analyze, and debug MIPS based binaries.
The Wonderful World of MIPS
https://ift.tt/2pWE4cb
Submitted April 01, 2018 at 11:38PM by majorllama
via reddit https://ift.tt/2H1xh9g
https://ift.tt/2pWE4cb
Submitted April 01, 2018 at 11:38PM by majorllama
via reddit https://ift.tt/2H1xh9g
Ringzerolabs
The Wonderful World of MIPS
The ever growing Internet of Things (IOT) brings with it a new wave of malware geared toward unfamiliar architectures. Today we take a look at how to compile, analyze, and debug MIPS based binaries.
Does this abstract nonsense make sense to anyone?
https://ift.tt/2pYb9o7
Submitted April 02, 2018 at 12:40AM by ApatheticSaiyan
via reddit https://ift.tt/2GqhfJ3
https://ift.tt/2pYb9o7
Submitted April 02, 2018 at 12:40AM by ApatheticSaiyan
via reddit https://ift.tt/2GqhfJ3
USB Malware
Hey fellow redditors, I'm a very paranoid person so please be easy on me.My uncle bought this device, he plugged in the device, I opened a video file which he recorded using the device and I'm questioning if it could have had a virus preloaded onto it?
Submitted April 02, 2018 at 12:28AM by yAmW1lO4aKNv
via reddit https://ift.tt/2q0b9DQ
Hey fellow redditors, I'm a very paranoid person so please be easy on me.My uncle bought this device, he plugged in the device, I opened a video file which he recorded using the device and I'm questioning if it could have had a virus preloaded onto it?
Submitted April 02, 2018 at 12:28AM by yAmW1lO4aKNv
via reddit https://ift.tt/2q0b9DQ
Amazon
Mini Portable Spy Hidden Camera-Conbrov 720P HD Pocket Digital Video Recorder Small Wearable Camcorder DV for Personal Body Security…
Features: ●This hidden camera is portable and is able to record and capture anything at any time ●This wearable body cam: pocket and handheld small covert camera ●HD mini body camera 1280 x 720P high definition camera with 75 degree wide ●Built-in high…
The 500M hashlist from haveibeenpwned.com is now fully available on Hashes.org with more than 99% cracked.
https://ift.tt/2J74XCR
Submitted April 02, 2018 at 01:16AM by s3inlc
via reddit https://ift.tt/2pVzoDm
https://ift.tt/2J74XCR
Submitted April 02, 2018 at 01:16AM by s3inlc
via reddit https://ift.tt/2pVzoDm
hashes.org
Hashes.org - Leak 'Have I been Pwned V2'
Hashes.org is a community recovering password from submitted hashes.
Executing Commands and Bypassing AppLocker with PowerShell Diagnostic Scripts
https://ift.tt/2mla6xm
Submitted April 02, 2018 at 03:00AM by TechLord2
via reddit https://ift.tt/2GpnPiJ
https://ift.tt/2mla6xm
Submitted April 02, 2018 at 03:00AM by TechLord2
via reddit https://ift.tt/2GpnPiJ
| bohops |
Executing Commands and Bypassing AppLocker with PowerShell Diagnostic Scripts
Introduction Last week, I was hunting around the Windows Operating System for interesting noscripts and binaries that may be useful for future penetration tests and Red Team engagements. With increa…
Looking For Security Guard Services London
https://ift.tt/2pUuV4C
Submitted April 02, 2018 at 04:45AM by guardsace07
via reddit https://ift.tt/2uHjcv4
https://ift.tt/2pUuV4C
Submitted April 02, 2018 at 04:45AM by guardsace07
via reddit https://ift.tt/2uHjcv4
Chinese smugglers use drones to transport $80M worth of iPhones - iParanoid
https://ift.tt/2Jb0q2c
Submitted April 02, 2018 at 04:49AM by majorllama
via reddit https://ift.tt/2uEE6Lb
https://ift.tt/2Jb0q2c
Submitted April 02, 2018 at 04:49AM by majorllama
via reddit https://ift.tt/2uEE6Lb
iParanoid
Chinese smugglers use drones to transport $80M worth of iPhones - iParanoid
Chinese smugglers were recently busted in Shenzhen after attempting to illegally transport $79.8 million worth of refurbished iPhones across the border using drones, the Legal Daily reported Friday. As reported by Reuters, some 26 suspects...
computer security and penetration testing 2nd edition pdf download [request]
computer security and penetration testing 2nd edition pdf download
Submitted April 02, 2018 at 08:37AM by rajwec
via reddit https://ift.tt/2H501O8
computer security and penetration testing 2nd edition pdf download
Submitted April 02, 2018 at 08:37AM by rajwec
via reddit https://ift.tt/2H501O8
reddit
computer security and penetration testing 2nd edition... • r/security
computer security and penetration testing 2nd edition pdf download
A new kind of email
I'm tired of having my email address sold/stolen from different sources. I'm wondering if it's not time to add revocable keys to email. Each recipient receives their own key. If someone other than recipient tries to send an email without a key I can revoke it and issue a new key. Would something like this work?
Submitted April 02, 2018 at 09:12AM by ImprobableIT
via reddit https://ift.tt/2GtB662
I'm tired of having my email address sold/stolen from different sources. I'm wondering if it's not time to add revocable keys to email. Each recipient receives their own key. If someone other than recipient tries to send an email without a key I can revoke it and issue a new key. Would something like this work?
Submitted April 02, 2018 at 09:12AM by ImprobableIT
via reddit https://ift.tt/2GtB662
reddit
A new kind of email • r/security
I'm tired of having my email address sold/stolen from different sources. I'm wondering if it's not time to add revocable keys to email. Each...
DNS Performance: Comparing CloudFlare's 1.1.1.1 x Google's 8.8.8.8 x Quad9's 9.9.9.9 and others.
https://ift.tt/2H2r4d7
Submitted April 02, 2018 at 10:48AM by nykzhang
via reddit https://ift.tt/2H3BtFz
https://ift.tt/2H2r4d7
Submitted April 02, 2018 at 10:48AM by nykzhang
via reddit https://ift.tt/2H3BtFz
Medium
DNS Resolvers Performance compared: CloudFlare x Google x Quad9 x OpenDNS
A couple of months ago I did a performance comparison between some of the top free DNS Resolvers available. It was just after Quad9 had…
DNS Performance compared: CloudFlare 1.1.1.1 x Google 8.8.8.8 x Quad9 x OpenDNS
https://ift.tt/2H2r4d7
Submitted April 02, 2018 at 10:54AM by nykzhang
via reddit https://ift.tt/2q21j4K
https://ift.tt/2H2r4d7
Submitted April 02, 2018 at 10:54AM by nykzhang
via reddit https://ift.tt/2q21j4K
Medium
DNS Resolvers Performance compared: CloudFlare x Google x Quad9 x OpenDNS
A couple of months ago I did a performance comparison between some of the top free DNS Resolvers available. It was just after Quad9 had…
PHPGGC: PHP Generic Gadget Chains
https://ift.tt/2sLT5Sj
Submitted April 02, 2018 at 10:20AM by tiger6700
via reddit https://ift.tt/2H2zZvd
https://ift.tt/2sLT5Sj
Submitted April 02, 2018 at 10:20AM by tiger6700
via reddit https://ift.tt/2H2zZvd
GitHub
ambionics/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically. - ambionics/phpggc
Dangers of Stray Flash Drives
https://ift.tt/2JbMfdf
Submitted April 02, 2018 at 09:54AM by saltmaster7
via reddit https://ift.tt/2Il4DiB
https://ift.tt/2JbMfdf
Submitted April 02, 2018 at 09:54AM by saltmaster7
via reddit https://ift.tt/2Il4DiB
www.docdroid.net
JJ Physical Security.pdf
MARCH 31 2018. The Dangers of Stray Flash Drives AN GLIMPSE INSIDE OF SCRIPTS. Joseph Jasper Imagine you are walking to your place of work and you spot a random flash drive on the ground. Curiosity gets the better of you and you take it back to your workstation…
Changing my Phone
I have an iPhone which I want to upgrade. Will my Google Authenticator app(Which have lot of my credentials) work with new phone or do I have to import my stored passwords from Authenticator app first before erasing my phone?
Submitted April 02, 2018 at 03:06PM by saqibcpe06
via reddit https://ift.tt/2GpID9L
I have an iPhone which I want to upgrade. Will my Google Authenticator app(Which have lot of my credentials) work with new phone or do I have to import my stored passwords from Authenticator app first before erasing my phone?
Submitted April 02, 2018 at 03:06PM by saqibcpe06
via reddit https://ift.tt/2GpID9L
reddit
Changing my Phone • r/security
I have an iPhone which I want to upgrade. Will my Google Authenticator app(Which have lot of my credentials) work with new phone or do I have to...
If the light is on
then the door is unlockedhttps://www.reddit.com/user/ApatheticSaiyan/
Submitted April 02, 2018 at 04:08PM by ApatheticSaiyan
via reddit https://ift.tt/2pZ4Sbx
then the door is unlockedhttps://www.reddit.com/user/ApatheticSaiyan/
Submitted April 02, 2018 at 04:08PM by ApatheticSaiyan
via reddit https://ift.tt/2pZ4Sbx
reddit
Takushi Eternal (u/ApatheticSaiyan) - Reddit
https://www.patreon.com/NateAndBry
Are other parts of physical memory accessed during a segfault ?
As part of a learning project, I've worked a bit on Spectre and Meltdown PoCs to get myself more confortable with the concept. I have managed to recover previously accessed data using the clock timers, but now I'm wondering how do they actually read physical memory from that point.Which leads to my question : in a lot of Spectre v1\v2 examples, you can read this piece of toy-code example:
Submitted April 02, 2018 at 05:37PM by thejuror8
via reddit https://ift.tt/2uFquj1
As part of a learning project, I've worked a bit on Spectre and Meltdown PoCs to get myself more confortable with the concept. I have managed to recover previously accessed data using the clock timers, but now I'm wondering how do they actually read physical memory from that point.Which leads to my question : in a lot of Spectre v1\v2 examples, you can read this piece of toy-code example:
if (x<y) { z = array[x]; } with x supposedly being equal to : attacked_adress - adress_of_array, which will effectively lead to z getting the value at attacked_adress.In the example it's quite easy to understand, but in reality how do they even know what attacked_adress looks like ? Is it a virtual address with an offset, or a physical address, and how do they manage to find where is the "important memory" located in the first place ?Submitted April 02, 2018 at 05:37PM by thejuror8
via reddit https://ift.tt/2uFquj1
reddit
Are other parts of physical memory accessed during a... • r/security
As part of a learning project, I've worked a bit on Spectre and Meltdown PoCs to get myself more confortable with the concept. I have managed to...