Out of Band Exploitation (OOB) CheatSheet by NotSoSecure
https://ift.tt/2N7bSAI
Submitted September 01, 2018 at 02:20AM by anantshri
via reddit https://ift.tt/2PUoo5h
https://ift.tt/2N7bSAI
Submitted September 01, 2018 at 02:20AM by anantshri
via reddit https://ift.tt/2PUoo5h
NotSoSecure
Out of Band Exploitation (OOB) CheatSheet - NotSoSecure
This Cheatsheet covers large number of detection & exploitation scenarios around Out of Band Exploitation Techniques. Primarily targetting DNS and ICMP.
Microsoft introduces AI solution to detect mobile bank fraud in less than two seconds
https://ift.tt/2N7wGYT
Submitted September 01, 2018 at 02:08AM by myinnerbanjo
via reddit https://ift.tt/2NBxMct
https://ift.tt/2N7wGYT
Submitted September 01, 2018 at 02:08AM by myinnerbanjo
via reddit https://ift.tt/2NBxMct
Neowin
Microsoft introduces AI solution to detect mobile bank fraud in less than two seconds
In a new solution guide, Microsoft has explained how to create an Azure-based solution to detect mobile bank fraud within two seconds, helping mitigate fraudulent transactions and SIM swap attacks.
Pwned Together: Hacking dev.to
https://ift.tt/2wvruEJ
Submitted September 01, 2018 at 02:58AM by Anyny0
via reddit https://ift.tt/2MJCxo7
https://ift.tt/2wvruEJ
Submitted September 01, 2018 at 02:58AM by Anyny0
via reddit https://ift.tt/2MJCxo7
The Practical Dev
Pwned Together: Hacking dev.to
How I found a vulnerability in the application, and how you can too!
CFP opened for the first iteration of THREAT CON
https://ift.tt/2LK03Mr
Submitted September 01, 2018 at 08:37AM by nyoface
via reddit https://ift.tt/2MIqneU
https://ift.tt/2LK03Mr
Submitted September 01, 2018 at 08:37AM by nyoface
via reddit https://ift.tt/2MIqneU
reddit
r/netsec - CFP opened for the first iteration of THREAT CON
1 vote and 0 comments so far on Reddit
Remote Mac Exploitation Via Custom URL Schemes
https://ift.tt/2wvNyPw
Submitted September 01, 2018 at 09:28PM by rspeed
via reddit https://ift.tt/2PmjJIe
https://ift.tt/2wvNyPw
Submitted September 01, 2018 at 09:28PM by rspeed
via reddit https://ift.tt/2PmjJIe
reddit
Remote Mac Exploitation Via Custom URL Schemes • r/netsec
1 points and 1 comments so far on reddit
Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels
https://ift.tt/2wgbqWo
Submitted September 02, 2018 at 01:27AM by dezzion
via reddit https://ift.tt/2owgPp2
https://ift.tt/2wgbqWo
Submitted September 02, 2018 at 01:27AM by dezzion
via reddit https://ift.tt/2owgPp2
ACID Server VM Walkthrough
https://ift.tt/2uiTl8o
Submitted September 02, 2018 at 08:52AM by fireh7nter
via reddit https://ift.tt/2C7Ek18
https://ift.tt/2uiTl8o
Submitted September 02, 2018 at 08:52AM by fireh7nter
via reddit https://ift.tt/2C7Ek18
Secure Your Digital Life
ACID Server VM Walkthrough | Secure Your Digital Life
Acid Server is a web based vulnerable virtual machine which was designed like a CTF (Catch The Flag) for pentesters. If you are interested in web based exploits, then you are in a right place. The denoscription of ACID Server in Vulnhub is as follows : Welcome…
Collection of Botnet Source Codes for Educational Purpose (PoC) Only
https://ift.tt/2LOlE6q
Submitted September 02, 2018 at 02:10PM by Prav123
via reddit https://ift.tt/2LQzCo2
https://ift.tt/2LOlE6q
Submitted September 02, 2018 at 02:10PM by Prav123
via reddit https://ift.tt/2LQzCo2
GitHub
maestron/botnets
This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY - maestron/botnets
Uninitialized Bash variable to bypass WAF, tested on CloudFlare WAF and ModSecurity OWASP CRS
https://ift.tt/2PSWVB7
Submitted September 02, 2018 at 07:23PM by theMiddleBlue
via reddit https://ift.tt/2PuNg2n
https://ift.tt/2PSWVB7
Submitted September 02, 2018 at 07:23PM by theMiddleBlue
via reddit https://ift.tt/2PuNg2n
Secjuice.com
Web Application Firewall (WAF) Evasion Techniques #3
Join security researcher theMiddle and learn how to use an uninitialized Bash variable to bypass WAF regex based filters and pattern matching.
House panel rips CVE contracting and oversight policies
https://ift.tt/2BU9OrG
Submitted September 02, 2018 at 08:43PM by dokuhebi
via reddit https://ift.tt/2CaJE3Z
https://ift.tt/2BU9OrG
Submitted September 02, 2018 at 08:43PM by dokuhebi
via reddit https://ift.tt/2CaJE3Z
Cyberscoop
House panel rips CVE contracting and oversight policies - CyberScoop
The industry-wide program for documenting hardware and software vulnerabilities suffers from fluctuating funding and insufficient oversight, according to the House Energy and Commerce Committee.
Exposing Signal & Dust Messaging Applications.
https://ift.tt/2LPRtQU
Submitted September 03, 2018 at 12:51AM by DonnieFielding
via reddit https://ift.tt/2Ncz2Wu
https://ift.tt/2LPRtQU
Submitted September 03, 2018 at 12:51AM by DonnieFielding
via reddit https://ift.tt/2Ncz2Wu
Medium
Messengers’ Terms of Service: Signal and Dust
As part of the “Data Rights” series, today we decided to consider products that are more interesting in terms of privacy and user…
Active Directory Leaks via Azure
https://ift.tt/2NGlIXG
Submitted September 03, 2018 at 02:11PM by CyberBullets
via reddit https://ift.tt/2N9zEw3
https://ift.tt/2NGlIXG
Submitted September 03, 2018 at 02:11PM by CyberBullets
via reddit https://ift.tt/2N9zEw3
Black Hills Information Security
Red Teaming Microsoft: Part 1 - Active Directory Leaks via Azure - Black Hills Information Security
Mike Felch// With so many Microsoft technologies, services, integrations, applications, and configurations it can create a great deal of difficulty just to manage everything. Now imagine trying to secure an environment that goes well beyond the perimeter.…
Reverse Engineering The Medium Android App And Making All Stories In It Free
https://ift.tt/2Na9bP4
Submitted September 03, 2018 at 08:06PM by HUCK45
via reddit https://ift.tt/2PxmZAy
https://ift.tt/2Na9bP4
Submitted September 03, 2018 at 08:06PM by HUCK45
via reddit https://ift.tt/2PxmZAy
Hacker Noon
Reverse Engineering The Medium App (and making all stories in it free)
Last week I realized it’s been a year since my last post here.
Probably the most outrageous recruitment process I've ever came across
https://ift.tt/2CerLkL
Submitted September 03, 2018 at 11:52PM by b93b3de72036584e4054
via reddit https://ift.tt/2NeLy7U
https://ift.tt/2CerLkL
Submitted September 03, 2018 at 11:52PM by b93b3de72036584e4054
via reddit https://ift.tt/2NeLy7U
A Pentesting Company | Fluid Attacks
Careers | A Pentesting Company | Fluid Attacks
Fluid Attacks is always looking for young talents with a passion for programming and Information Technology. This page is meant to inform everyone interested in being part of the Fluid Attacks team about the selection process and the various stages that it…
PoC of how someone can grab db settings from config files, if they are edited in Vim on a server (for example, if an admin user edits WordPress' wp-config.php file, an attacker can just download the .swp file and get the credentials)
https://ift.tt/2CeG8pd
Submitted September 04, 2018 at 12:59AM by web_dev_etc
via reddit https://ift.tt/2LTIERw
https://ift.tt/2CeG8pd
Submitted September 04, 2018 at 12:59AM by web_dev_etc
via reddit https://ift.tt/2LTIERw
How I did not get a shell
https://ift.tt/2wjChRv
Submitted September 03, 2018 at 10:13PM by eqarmada2
via reddit https://ift.tt/2MHBjtk
https://ift.tt/2wjChRv
Submitted September 03, 2018 at 10:13PM by eqarmada2
via reddit https://ift.tt/2MHBjtk
Protection: Defending Assets, Information & Yourself in the Modern Age
https://ift.tt/2NLcMQP
Submitted September 04, 2018 at 09:27AM by darksim905
via reddit https://ift.tt/2LQN5MQ
https://ift.tt/2NLcMQP
Submitted September 04, 2018 at 09:27AM by darksim905
via reddit https://ift.tt/2LQN5MQ
reddit
r/netsec - Protection: Defending Assets, Information & Yourself in the Modern Age
3 votes and 1 comment so far on Reddit
Multiple Vulnerabilities on Kerui Endoscope Camera
https://ift.tt/2NRfZOs
Submitted September 04, 2018 at 02:49PM by utku1337
via reddit https://ift.tt/2Crhm5B
https://ift.tt/2NRfZOs
Submitted September 04, 2018 at 02:49PM by utku1337
via reddit https://ift.tt/2Crhm5B
Utkusen
Multiple Vulnerabilities on Kerui Endoscope Camera
Recently, I bought a device named Kerui Endoscope Camera (Model:YPC99) from Aliexpress. It’s a very popular device which is sold more than 5000 via different stores.
The package contains: Endoscope camera, Wifi device and a small user manual
Problem 1…
The package contains: Endoscope camera, Wifi device and a small user manual
Problem 1…
XIP - IP addresses mutation
https://ift.tt/2wGPcNF
Submitted September 04, 2018 at 04:54PM by Nitr4x
via reddit https://ift.tt/2Q4NAWG
https://ift.tt/2wGPcNF
Submitted September 04, 2018 at 04:54PM by Nitr4x
via reddit https://ift.tt/2Q4NAWG
Using AWS Account ID’s for IAM User Enumeration
https://ift.tt/2CfX4vF
Submitted September 04, 2018 at 06:53PM by hackers_and_builders
via reddit https://ift.tt/2oBFzfo
https://ift.tt/2CfX4vF
Submitted September 04, 2018 at 06:53PM by hackers_and_builders
via reddit https://ift.tt/2oBFzfo
Fuzzing Counter-Strike: Global Offensive maps files with AFL
https://ift.tt/2PBxMcX
Submitted September 04, 2018 at 08:01PM by 0x4a616e
via reddit https://ift.tt/2LVhSrZ
https://ift.tt/2PBxMcX
Submitted September 04, 2018 at 08:01PM by 0x4a616e
via reddit https://ift.tt/2LVhSrZ
reddit
r/netsec - Fuzzing Counter-Strike: Global Offensive maps files with AFL
20 votes and 1 comment so far on Reddit