MemITM: Tool to make in memory man in the middle
https://ift.tt/2pSz2xT
Submitted October 10, 2018 at 01:56PM by EpicBananaIsEpic
via reddit https://ift.tt/2ycAkZ7
https://ift.tt/2pSz2xT
Submitted October 10, 2018 at 01:56PM by EpicBananaIsEpic
via reddit https://ift.tt/2ycAkZ7
GitHub
AMOSSYS/MemITM
Tool to make in memory man in the middle. Contribute to AMOSSYS/MemITM development by creating an account on GitHub.
Firefox AUS (Application Update Service) Security Audit Report By German X41 D-SEC GMBH
https://ift.tt/2OU9HkW
Submitted October 10, 2018 at 03:05PM by Calcd
via reddit https://ift.tt/2NyYAcw
https://ift.tt/2OU9HkW
Submitted October 10, 2018 at 03:05PM by Calcd
via reddit https://ift.tt/2NyYAcw
Google Docs
X41-Balrog-Review-2018-Final-Report-Private.pdf
Bypassing WAFs and cracking XOR with Hackvertor
https://ift.tt/2pLnsUW
Submitted October 10, 2018 at 04:16PM by albinowax
via reddit https://ift.tt/2pIThOh
https://ift.tt/2pLnsUW
Submitted October 10, 2018 at 04:16PM by albinowax
via reddit https://ift.tt/2pIThOh
Web Security Blog | PortSwigger
Bypassing WAFs and cracking XOR with Hackvertor
You might not be aware of the Hackvertor extension I've been working on lately. It features tag based conversion that is far more powerful than the inbuilt decoder in Burp. The idea behind tag based c
Using Wasabi to solve a WebAssembly Crackme
https://ift.tt/2CBiHWI
Submitted October 10, 2018 at 07:38PM by thebarbershopper
via reddit https://ift.tt/2RFz34M
https://ift.tt/2CBiHWI
Submitted October 10, 2018 at 07:38PM by thebarbershopper
via reddit https://ift.tt/2RFz34M
reddit
r/netsec - Using Wasabi to solve a WebAssembly Crackme
3 votes and 0 comments so far on Reddit
WEAPON SYSTEMS CYBERSECURITY: DOD Just Beginning to Grapple with Scale of Vulnerabilities (pdf)
https://ift.tt/2y5GSZp
Submitted October 10, 2018 at 08:47PM by QuirkySpiceBush
via reddit https://ift.tt/2yuzoyB
https://ift.tt/2y5GSZp
Submitted October 10, 2018 at 08:47PM by QuirkySpiceBush
via reddit https://ift.tt/2yuzoyB
Symantec Messaging Gateway authentication bypass
https://ift.tt/2NxLBrC
Submitted October 10, 2018 at 09:35PM by kavmax
via reddit https://ift.tt/2OQUz87
https://ift.tt/2NxLBrC
Submitted October 10, 2018 at 09:35PM by kavmax
via reddit https://ift.tt/2OQUz87
Artem Kondratenko
Symantec Messaging Gateway authentication bypass
A tale of discovering a critical vulnerability in Symantec Messaging Gateway during a pentest engagement
Book Study: The Practice of Cloud System Administration — Part 1
https://ift.tt/2yvHdUv
Submitted October 10, 2018 at 09:12PM by shehackspurple
via reddit https://ift.tt/2OfmsHs
https://ift.tt/2yvHdUv
Submitted October 10, 2018 at 09:12PM by shehackspurple
via reddit https://ift.tt/2OfmsHs
Medium
Book Study: The Practice of Cloud System Administration — Part 1
The Practice of Cloud System Administration was written by Thomas A. Limoncelli, Strata R. Chalup, Christina J. Hogan.
Bruteforcing United Club's WiFi password
https://ift.tt/2A2a4Sg
Submitted October 10, 2018 at 10:25PM by westondeboer
via reddit https://ift.tt/2OUwSvu
https://ift.tt/2A2a4Sg
Submitted October 10, 2018 at 10:25PM by westondeboer
via reddit https://ift.tt/2OUwSvu
reddit
r/netsec - Bruteforcing United Club's WiFi password
3 votes and 0 comments so far on Reddit
Application Security Wiki
https://appsecwiki.com
Submitted October 10, 2018 at 11:10PM by infocentric
via reddit https://ift.tt/2pP05d3
https://appsecwiki.com
Submitted October 10, 2018 at 11:10PM by infocentric
via reddit https://ift.tt/2pP05d3
Appsecwiki
Application Security Wiki
Application Security Wiki is an initiative to provide all Application security related resources to Security Researchers and developers at one place.
Multiple Severe Vulnerabilities Reported in Juniper Networks Hardware
https://ift.tt/2bUBZZe
Submitted October 11, 2018 at 01:01AM by lgats
via reddit https://ift.tt/2RIpzWD
https://ift.tt/2bUBZZe
Submitted October 11, 2018 at 01:01AM by lgats
via reddit https://ift.tt/2RIpzWD
reddit
r/netsec - Multiple Severe Vulnerabilities Reported in Juniper Networks Hardware
1 vote and 1 comment so far on Reddit
CVE-2018-8265 | Microsoft Exchange Remote Code Execution Vulnerability
https://ift.tt/2C47qwK
Submitted October 11, 2018 at 02:34PM by someniak
via reddit https://ift.tt/2PrI6EX
https://ift.tt/2C47qwK
Submitted October 11, 2018 at 02:34PM by someniak
via reddit https://ift.tt/2PrI6EX
Recordings from this year's Camp++
https://ift.tt/2ycaS5F
Submitted October 11, 2018 at 06:05PM by dn3t
via reddit https://ift.tt/2A53fzq
https://ift.tt/2ycaS5F
Submitted October 11, 2018 at 06:05PM by dn3t
via reddit https://ift.tt/2A53fzq
reddit
r/netsec - Recordings from this year's Camp++
5 votes and 0 comments so far on Reddit
Renaming the Bro Project
https://ift.tt/2A4SY6A
Submitted October 11, 2018 at 08:36PM by mmguero
via reddit https://ift.tt/2yc177S
https://ift.tt/2A4SY6A
Submitted October 11, 2018 at 08:36PM by mmguero
via reddit https://ift.tt/2yc177S
blog.bro.org
Renaming the Bro Project
More than 20 years ago I chose the name "Bro" as "an Orwellian reminder that monitoring comes hand in hand with the potential for privacy vi...
Top 10 Web Hacking Techniques of 2017 - The Final Verdict
https://ift.tt/2yAHvcG
Submitted October 11, 2018 at 08:32PM by 0xdea
via reddit https://ift.tt/2pN7M3u
https://ift.tt/2yAHvcG
Submitted October 11, 2018 at 08:32PM by 0xdea
via reddit https://ift.tt/2pN7M3u
Web Security Blog | PortSwigger
Top 10 Web Hacking Techniques of 2017
The verdict is in! Following 37 nominations whittled down to a shortlist of 15 by a community vote, our panel of experts has conferred and selected the top 10 web hacking techniques of 2017 (and 2016)
SILENTTRINITY: A post-exploitation agent powered by Python, IronPython, C#/.NET
https://ift.tt/2pBgC4p
Submitted October 11, 2018 at 08:16PM by byt3bl33d3r
via reddit https://ift.tt/2pNN2bT
https://ift.tt/2pBgC4p
Submitted October 11, 2018 at 08:16PM by byt3bl33d3r
via reddit https://ift.tt/2pNN2bT
GitHub
GitHub - byt3bl33d3r/SILENTTRINITY: An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR - GitHub - byt3bl33d3r/SILENTTRINITY: An asynchronous, collaborative post-exploitation agent powered ...
Manual reverse engineering of WebAssembly: static code analysis
https://ift.tt/2pPeB4K
Submitted October 11, 2018 at 07:25PM by CyberBullets
via reddit https://ift.tt/2A6lIvw
https://ift.tt/2pPeB4K
Submitted October 11, 2018 at 07:25PM by CyberBullets
via reddit https://ift.tt/2A6lIvw
Forcepoint
Manual reverse engineering of WebAssembly: static code analysis
In our last blog about WebAssembly (Wasm), we got an initial feel for an unknown Wasm binary, and did some behavioral analysis on it. Today we will continue looking at the same Wasm sample, but going deeper. We will manually analyze it by looking at the Wasm…
Zero-day exploit (CVE-2018-8453) used in targeted attacks
https://ift.tt/2QDiuoE
Submitted October 11, 2018 at 11:51AM by f00l
via reddit https://ift.tt/2EgJfOu
https://ift.tt/2QDiuoE
Submitted October 11, 2018 at 11:51AM by f00l
via reddit https://ift.tt/2EgJfOu
Securelist
Zero-day exploit (CVE-2018-8453) used in targeted attacks | Securelist
Yesterday, Microsoft published their security bulletin, which patches CVE-2018-8453, among others. It is a vulnerability in win32k.sys discovered by Kaspersky Lab in August.
Kubernetes' Minikube RCE & VM Escape
https://ift.tt/2pKJ3wW
Submitted October 12, 2018 at 01:29AM by alexksak
via reddit https://ift.tt/2pKIwuW
https://ift.tt/2pKJ3wW
Submitted October 12, 2018 at 01:29AM by alexksak
via reddit https://ift.tt/2pKIwuW
MWR Labs
Minikube RCE and VM escape
The Kubernetes dashboard service on Minikube is vulnerable to DNS rebinding attacks that can lead to remote code execution on the host.
DerbyCon 2018 CTF Write Up
https://ift.tt/2pPmIOK
Submitted October 12, 2018 at 12:49AM by eth_
via reddit https://ift.tt/2IPjSC6
https://ift.tt/2pPmIOK
Submitted October 12, 2018 at 12:49AM by eth_
via reddit https://ift.tt/2IPjSC6
Nettitude Labs
DerbyCon 2018 CTF Write Up
We have just returned from the always amazing DerbyCon 2018 conference. We competed in the 48 hour Capture the Flag competition under our usual team name of “Spicy Weasel” and are pleased to announ…
NCSAM/Hacktober Capture the Flag Competition
https://hostile.site
Submitted October 12, 2018 at 05:11AM by OverAllComa
via reddit https://ift.tt/2NDlW0z
https://hostile.site
Submitted October 12, 2018 at 05:11AM by OverAllComa
via reddit https://ift.tt/2NDlW0z
reddit
r/netsec - NCSAM/Hacktober Capture the Flag Competition
1 vote and 1 comment so far on Reddit
Fake Flash Updaters Push Cryptocurrency Miners
https://ift.tt/2QITjkz
Submitted October 12, 2018 at 02:41AM by EvanConover
via reddit https://ift.tt/2QM81Yh
https://ift.tt/2QITjkz
Submitted October 12, 2018 at 02:41AM by EvanConover
via reddit https://ift.tt/2QM81Yh
Palo Alto Networks Blog
Fake Flash Updaters Push Cryptocurrency Miners - Palo Alto Networks Blog
Unit 42 investigates a recent Fake Flash update pushing cryptocurrency mining software. Get the full report.