Bruteforcing United Club's WiFi password
https://ift.tt/2A2a4Sg
Submitted October 10, 2018 at 10:25PM by westondeboer
via reddit https://ift.tt/2OUwSvu
https://ift.tt/2A2a4Sg
Submitted October 10, 2018 at 10:25PM by westondeboer
via reddit https://ift.tt/2OUwSvu
reddit
r/netsec - Bruteforcing United Club's WiFi password
3 votes and 0 comments so far on Reddit
Application Security Wiki
https://appsecwiki.com
Submitted October 10, 2018 at 11:10PM by infocentric
via reddit https://ift.tt/2pP05d3
https://appsecwiki.com
Submitted October 10, 2018 at 11:10PM by infocentric
via reddit https://ift.tt/2pP05d3
Appsecwiki
Application Security Wiki
Application Security Wiki is an initiative to provide all Application security related resources to Security Researchers and developers at one place.
Multiple Severe Vulnerabilities Reported in Juniper Networks Hardware
https://ift.tt/2bUBZZe
Submitted October 11, 2018 at 01:01AM by lgats
via reddit https://ift.tt/2RIpzWD
https://ift.tt/2bUBZZe
Submitted October 11, 2018 at 01:01AM by lgats
via reddit https://ift.tt/2RIpzWD
reddit
r/netsec - Multiple Severe Vulnerabilities Reported in Juniper Networks Hardware
1 vote and 1 comment so far on Reddit
CVE-2018-8265 | Microsoft Exchange Remote Code Execution Vulnerability
https://ift.tt/2C47qwK
Submitted October 11, 2018 at 02:34PM by someniak
via reddit https://ift.tt/2PrI6EX
https://ift.tt/2C47qwK
Submitted October 11, 2018 at 02:34PM by someniak
via reddit https://ift.tt/2PrI6EX
Recordings from this year's Camp++
https://ift.tt/2ycaS5F
Submitted October 11, 2018 at 06:05PM by dn3t
via reddit https://ift.tt/2A53fzq
https://ift.tt/2ycaS5F
Submitted October 11, 2018 at 06:05PM by dn3t
via reddit https://ift.tt/2A53fzq
reddit
r/netsec - Recordings from this year's Camp++
5 votes and 0 comments so far on Reddit
Renaming the Bro Project
https://ift.tt/2A4SY6A
Submitted October 11, 2018 at 08:36PM by mmguero
via reddit https://ift.tt/2yc177S
https://ift.tt/2A4SY6A
Submitted October 11, 2018 at 08:36PM by mmguero
via reddit https://ift.tt/2yc177S
blog.bro.org
Renaming the Bro Project
More than 20 years ago I chose the name "Bro" as "an Orwellian reminder that monitoring comes hand in hand with the potential for privacy vi...
Top 10 Web Hacking Techniques of 2017 - The Final Verdict
https://ift.tt/2yAHvcG
Submitted October 11, 2018 at 08:32PM by 0xdea
via reddit https://ift.tt/2pN7M3u
https://ift.tt/2yAHvcG
Submitted October 11, 2018 at 08:32PM by 0xdea
via reddit https://ift.tt/2pN7M3u
Web Security Blog | PortSwigger
Top 10 Web Hacking Techniques of 2017
The verdict is in! Following 37 nominations whittled down to a shortlist of 15 by a community vote, our panel of experts has conferred and selected the top 10 web hacking techniques of 2017 (and 2016)
SILENTTRINITY: A post-exploitation agent powered by Python, IronPython, C#/.NET
https://ift.tt/2pBgC4p
Submitted October 11, 2018 at 08:16PM by byt3bl33d3r
via reddit https://ift.tt/2pNN2bT
https://ift.tt/2pBgC4p
Submitted October 11, 2018 at 08:16PM by byt3bl33d3r
via reddit https://ift.tt/2pNN2bT
GitHub
GitHub - byt3bl33d3r/SILENTTRINITY: An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR - GitHub - byt3bl33d3r/SILENTTRINITY: An asynchronous, collaborative post-exploitation agent powered ...
Manual reverse engineering of WebAssembly: static code analysis
https://ift.tt/2pPeB4K
Submitted October 11, 2018 at 07:25PM by CyberBullets
via reddit https://ift.tt/2A6lIvw
https://ift.tt/2pPeB4K
Submitted October 11, 2018 at 07:25PM by CyberBullets
via reddit https://ift.tt/2A6lIvw
Forcepoint
Manual reverse engineering of WebAssembly: static code analysis
In our last blog about WebAssembly (Wasm), we got an initial feel for an unknown Wasm binary, and did some behavioral analysis on it. Today we will continue looking at the same Wasm sample, but going deeper. We will manually analyze it by looking at the Wasm…
Zero-day exploit (CVE-2018-8453) used in targeted attacks
https://ift.tt/2QDiuoE
Submitted October 11, 2018 at 11:51AM by f00l
via reddit https://ift.tt/2EgJfOu
https://ift.tt/2QDiuoE
Submitted October 11, 2018 at 11:51AM by f00l
via reddit https://ift.tt/2EgJfOu
Securelist
Zero-day exploit (CVE-2018-8453) used in targeted attacks | Securelist
Yesterday, Microsoft published their security bulletin, which patches CVE-2018-8453, among others. It is a vulnerability in win32k.sys discovered by Kaspersky Lab in August.
Kubernetes' Minikube RCE & VM Escape
https://ift.tt/2pKJ3wW
Submitted October 12, 2018 at 01:29AM by alexksak
via reddit https://ift.tt/2pKIwuW
https://ift.tt/2pKJ3wW
Submitted October 12, 2018 at 01:29AM by alexksak
via reddit https://ift.tt/2pKIwuW
MWR Labs
Minikube RCE and VM escape
The Kubernetes dashboard service on Minikube is vulnerable to DNS rebinding attacks that can lead to remote code execution on the host.
DerbyCon 2018 CTF Write Up
https://ift.tt/2pPmIOK
Submitted October 12, 2018 at 12:49AM by eth_
via reddit https://ift.tt/2IPjSC6
https://ift.tt/2pPmIOK
Submitted October 12, 2018 at 12:49AM by eth_
via reddit https://ift.tt/2IPjSC6
Nettitude Labs
DerbyCon 2018 CTF Write Up
We have just returned from the always amazing DerbyCon 2018 conference. We competed in the 48 hour Capture the Flag competition under our usual team name of “Spicy Weasel” and are pleased to announ…
NCSAM/Hacktober Capture the Flag Competition
https://hostile.site
Submitted October 12, 2018 at 05:11AM by OverAllComa
via reddit https://ift.tt/2NDlW0z
https://hostile.site
Submitted October 12, 2018 at 05:11AM by OverAllComa
via reddit https://ift.tt/2NDlW0z
reddit
r/netsec - NCSAM/Hacktober Capture the Flag Competition
1 vote and 1 comment so far on Reddit
Fake Flash Updaters Push Cryptocurrency Miners
https://ift.tt/2QITjkz
Submitted October 12, 2018 at 02:41AM by EvanConover
via reddit https://ift.tt/2QM81Yh
https://ift.tt/2QITjkz
Submitted October 12, 2018 at 02:41AM by EvanConover
via reddit https://ift.tt/2QM81Yh
Palo Alto Networks Blog
Fake Flash Updaters Push Cryptocurrency Miners - Palo Alto Networks Blog
Unit 42 investigates a recent Fake Flash update pushing cryptocurrency mining software. Get the full report.
Chaining exploits for RCE on Microsoft Edge (CVE-2018-8495)
https://ift.tt/2ymxuAT
Submitted October 12, 2018 at 01:55PM by albinowax
via reddit https://ift.tt/2IPDqpJ
https://ift.tt/2ymxuAT
Submitted October 12, 2018 at 01:55PM by albinowax
via reddit https://ift.tt/2IPDqpJ
Leucosite
Edge RCE
(CVE-2018-8495) Chaining small bugs together to achieve RCE
unauth root RCE in Cisco Prime Infrastructure: how to root a data center with two lame vulns
https://ift.tt/2C9fJaN
Submitted October 12, 2018 at 04:54PM by jose_boneh
via reddit https://ift.tt/2CG28sI
https://ift.tt/2C9fJaN
Submitted October 12, 2018 at 04:54PM by jose_boneh
via reddit https://ift.tt/2CG28sI
seclists.org
Full Disclosure: [CVE-2018-15379] Unauth RCE as root in Cisco Prime
Infrastructure
Infrastructure
The Illustrated TLS Connection: Every Byte Explained
https://tls.ulfheim.net
Submitted October 12, 2018 at 06:47PM by syncsynchalt
via reddit https://ift.tt/2CF2qQp
https://tls.ulfheim.net
Submitted October 12, 2018 at 06:47PM by syncsynchalt
via reddit https://ift.tt/2CF2qQp
reddit
r/netsec - The Illustrated TLS Connection: Every Byte Explained
3 votes and 0 comments so far on Reddit
iOS 12 Safari Bug: Returned Array References Can Link To The Same Memory Address
https://ift.tt/2NUCbuG
Submitted October 13, 2018 at 12:00PM by fagnerbrack
via reddit https://ift.tt/2pSS3jD
https://ift.tt/2NUCbuG
Submitted October 13, 2018 at 12:00PM by fagnerbrack
via reddit https://ift.tt/2pSS3jD
Stack Overflow
Array state will be cached in iOS 12 Safari. Is it a bug or feature?
I found a problem with Array's value state in the newly released iOS 12 Safari, for example, code like this:
...
...
tcpbin: a simple tcp dumping server for pentesting
https://ift.tt/2NGmaUS
Submitted October 13, 2018 at 11:53AM by ret2got
via reddit https://ift.tt/2pQZg3L
https://ift.tt/2NGmaUS
Submitted October 13, 2018 at 11:53AM by ret2got
via reddit https://ift.tt/2pQZg3L
GitHub
ecx86/tcpbin
Very crude and poorly written HTTP(s) and SMTP bin - ecx86/tcpbin
Using Excel for Information Security
https://ift.tt/2ElCkUb
Submitted October 13, 2018 at 05:52PM by m_rothe
via reddit https://ift.tt/2yA7AZG
https://ift.tt/2ElCkUb
Submitted October 13, 2018 at 05:52PM by m_rothe
via reddit https://ift.tt/2yA7AZG
Martin's Blog
Excel for Infosec
Using Excel to manipulate and analyze security data and logs
How syncing your phone to vehicles could put your data at risk
https://ift.tt/2EjeGI4
Submitted October 13, 2018 at 08:40PM by mycall
via reddit https://ift.tt/2NFAcpF
https://ift.tt/2EjeGI4
Submitted October 13, 2018 at 08:40PM by mycall
via reddit https://ift.tt/2NFAcpF
Whio
Connected cars: How syncing your phone to vehicles could put your data at risk
— Syncing your phone to your vehicle is a convenient feature for music and phone calls, but it is also putting your personal information at risk.