New variant in wp-gdpr-compliance vulnerability and fixing it with virtual patching
https://ift.tt/2Ps7Sgp
Submitted November 15, 2018 at 10:37PM by csalazars
via reddit https://ift.tt/2QFrx94
https://ift.tt/2Ps7Sgp
Submitted November 15, 2018 at 10:37PM by csalazars
via reddit https://ift.tt/2QFrx94
Medium
New variant in wp-gdpr-compliance vulnerability and fixing it with virtual patching
On Tuesday, I wrote about a serialization vulnerability fixed in the last version of wp-gdpr-compliance plugin.
Bettercap Using in Penetration Tests
https://ift.tt/2KaSGOZ
Submitted November 15, 2018 at 11:55PM by mstfknn
via reddit https://ift.tt/2QJh9gD
https://ift.tt/2KaSGOZ
Submitted November 15, 2018 at 11:55PM by mstfknn
via reddit https://ift.tt/2QJh9gD
PRISMA CSI
Bettercap Using in Penetration Tests • PRISMA CSI
Bettercap is a man-in-the-middle (MITM) attack tool developed to for users who are likely to be penetration testers to test and improve the security of networks or some devices connected to these networks.
A Tale of Three CVEs -- Multiple vulnerabilities in the SUSE linux Subnoscription Management Tool leads to an interesting case of RCE
https://ift.tt/2B9MdAA
Submitted November 15, 2018 at 11:44PM by ebx
via reddit https://ift.tt/2K570YX
https://ift.tt/2B9MdAA
Submitted November 15, 2018 at 11:44PM by ebx
via reddit https://ift.tt/2K570YX
netsequitur
~/netsequitur/research/reports/SUSE
I discovered multiple vulnerabilities in the RegistrationSharing module of the Subnoscription Management Tool provided by SUSE for enterprise customers that leads to unauthenticated RCE
A shellcoding tutorial I wrote.
https://ift.tt/2qQOZ7T
Submitted November 16, 2018 at 12:26AM by RayofLight-z
via reddit https://ift.tt/2OLJBwx
https://ift.tt/2qQOZ7T
Submitted November 16, 2018 at 12:26AM by RayofLight-z
via reddit https://ift.tt/2OLJBwx
wolfshirtz
Basic shellcoding for linux on x86
Beginning Writing shellcode is an excellent way to learn more about assembly language and how a program communicates with the underlying OS. Put simply shellcode is code that is injected into a running program to make it do something it was not made to do.…
ADBHoney - Low interaction honeypot designed for Android Debug Bridge over TCP/IP
https://ift.tt/2DoQW31
Submitted November 16, 2018 at 03:18PM by CosmoTheParrot
via reddit https://ift.tt/2qOolg1
https://ift.tt/2DoQW31
Submitted November 16, 2018 at 03:18PM by CosmoTheParrot
via reddit https://ift.tt/2qOolg1
GitHub
huuck/ADBHoney
Low interaction honeypot designed for Android Debug Bridge over TCP/IP - huuck/ADBHoney
Hacking Connected Home Alarm Systems – The Expensive [part 2]
https://ift.tt/2K5CCOa
Submitted November 16, 2018 at 03:46PM by daanraman
via reddit https://ift.tt/2TbXbwJ
https://ift.tt/2K5CCOa
Submitted November 16, 2018 at 03:46PM by daanraman
via reddit https://ift.tt/2TbXbwJ
NVISO Labs
Hacking Connected Home Alarm Systems – The Expensive [part 2]
TL;DR: We were wondering whether price affects the security of IoT appliances. So we verified the security of two differently priced connected home alarm systems. Both IoT alarms are marketed as an…
SaSSHimi: tool to bypass "AllowTcpForwarding no" and build dynamic tunnels
https://ift.tt/2K6aNoW
Submitted November 16, 2018 at 07:09PM by gid0rah
via reddit https://ift.tt/2BbdJ0J
https://ift.tt/2K6aNoW
Submitted November 16, 2018 at 07:09PM by gid0rah
via reddit https://ift.tt/2BbdJ0J
Tarlogic Security - Cyber Security and Ethical hacking
SaSSHimi: evading AllowTcpForwarding
OpenSSH AllowTcpForwarding configuration parameter is sometimes used as a measure of SSH servers hardening in order to complicate tunnel creation. This kind of restriction may complicate the task in those circumstances where it is necessary to use a hop machine…
Supposed hack of Protonmail. Archive link in case primary gets taken down
https://ift.tt/2K7IQgr
Submitted November 16, 2018 at 10:22PM by dadoftwins71309
via reddit https://ift.tt/2BczvBh
https://ift.tt/2K7IQgr
Submitted November 16, 2018 at 10:22PM by dadoftwins71309
via reddit https://ift.tt/2BczvBh
archive.fo
Protonmail Hacked - Pastebin.com
archived 16 Nov 2018 16:12:21 UTC
New Universal Android SSL Pinning Bypass based on Frida
https://ift.tt/2QKNXpq
Submitted November 16, 2018 at 10:48PM by 0xdea
via reddit https://ift.tt/2qRGtpo
https://ift.tt/2QKNXpq
Submitted November 16, 2018 at 10:48PM by 0xdea
via reddit https://ift.tt/2qRGtpo
CMSScan: On Demand and Periodic scans of WordPress, Drupal, Joomla and vBulletin with email reporting.
https://ift.tt/2BarMUb
Submitted November 17, 2018 at 01:56AM by ajinabraham
via reddit https://ift.tt/2PxNQRB
https://ift.tt/2BarMUb
Submitted November 17, 2018 at 01:56AM by ajinabraham
via reddit https://ift.tt/2PxNQRB
GitHub
ajinabraham/CMSScan
CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues - ajinabraham/CMSScan
SMS 2FA service leaked. 26 million texts and metadata.
https://ift.tt/2PwioTF
Submitted November 17, 2018 at 07:47AM by rcmaehl
via reddit https://ift.tt/2zZ8rnh
https://ift.tt/2PwioTF
Submitted November 17, 2018 at 07:47AM by rcmaehl
via reddit https://ift.tt/2zZ8rnh
TechCrunch
A leaky database of SMS text messages exposed password resets and two-factor codes
A security lapse has exposed a massive database containing tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more. The exposed server belongs to Voxox (formerly Telcentris), a San Diego, Calif.…
An Open CTF for the Community - Leap Security CTF 2018
https://ift.tt/2QP3HYF
Submitted November 17, 2018 at 09:20AM by moot3ch
via reddit https://ift.tt/2qRjqLf
https://ift.tt/2QP3HYF
Submitted November 17, 2018 at 09:20AM by moot3ch
via reddit https://ift.tt/2qRjqLf
reddit
r/netsec - An Open CTF for the Community - Leap Security CTF 2018
3 votes and 0 comments so far on Reddit
BabySploit - Easy To Use Pentesting Toolkit Written In Python
https://ift.tt/2PoHLXy
Submitted November 17, 2018 at 02:35PM by thecoderkiller
via reddit https://ift.tt/2FsbfiO
https://ift.tt/2PoHLXy
Submitted November 17, 2018 at 02:35PM by thecoderkiller
via reddit https://ift.tt/2FsbfiO
GitHub
M4cs/BabySploit
BabySplot Beginner Pentesting Framework. Contribute to M4cs/BabySploit development by creating an account on GitHub.
Intel Management Engine JTAG Proof of Concept
https://ift.tt/2Ns7CsN
Submitted November 17, 2018 at 03:52PM by snsmac
via reddit https://ift.tt/2qTabud
https://ift.tt/2Ns7CsN
Submitted November 17, 2018 at 03:52PM by snsmac
via reddit https://ift.tt/2qTabud
GitHub
ptresearch/IntelTXE-PoC
Intel Management Engine JTAG Proof of Concept . Contribute to ptresearch/IntelTXE-PoC development by creating an account on GitHub.
Taking Down an Insider Threat: story of a failed pentest
https://ift.tt/2QQZu6A
Submitted November 17, 2018 at 10:20PM by _vavkamil_
via reddit https://ift.tt/2QOCp4D
https://ift.tt/2QQZu6A
Submitted November 17, 2018 at 10:20PM by _vavkamil_
via reddit https://ift.tt/2QOCp4D
threader.app
A thread written by @TinkerSec
Singing the Blues:
Taking Down an Insider Threat
"I had all of the advantages. I was already inside the network. No one suspected me. But they found my hack, kicked me off the network...
...and physically hunted me down." https://t.co/468Q6C4KR5
Taking Down an Insider Threat
"I had all of the advantages. I was already inside the network. No one suspected me. But they found my hack, kicked me off the network...
...and physically hunted me down." https://t.co/468Q6C4KR5
BYOB (Build Your Own Botnet) v0.4 Released - New Spreader Module For Worm-like Behavior
https://ift.tt/2o2lJKj
Submitted November 18, 2018 at 02:32AM by PoonSafari
via reddit https://ift.tt/2FrpVi7
https://ift.tt/2o2lJKj
Submitted November 18, 2018 at 02:32AM by PoonSafari
via reddit https://ift.tt/2FrpVi7
GitHub
GitHub - malwaredllc/byob: An open-source post-exploitation framework for students, researchers and developers.
An open-source post-exploitation framework for students, researchers and developers. - GitHub - malwaredllc/byob: An open-source post-exploitation framework for students, researchers and developers.
Compare: WebARX, MalCare, Sucuri, WordFence, iThemesSecurity, SiteLock, SecuPress and CloudFlare
https://ift.tt/2Q1IuxA
Submitted November 18, 2018 at 03:40AM by modelop
via reddit https://ift.tt/2qSkY7L
https://ift.tt/2Q1IuxA
Submitted November 18, 2018 at 03:40AM by modelop
via reddit https://ift.tt/2qSkY7L
Ghost Emails: Hacking Gmail’s UX to Hide the Sender
https://ift.tt/2OOFv6L
Submitted November 17, 2018 at 09:34AM by timcotten
via reddit https://ift.tt/2qRJ1nn
https://ift.tt/2OOFv6L
Submitted November 17, 2018 at 09:34AM by timcotten
via reddit https://ift.tt/2qRJ1nn
Cotten.IO
Ghost Emails: Hacking Gmail’s UX to Hide the Sender
Faking the Appearance of a System Message in Gmail
Huge Repository For Active Directory Kill Chain Attack & Defense
https://ift.tt/2PDkzov
Submitted November 19, 2018 at 07:24AM by Hemlck
via reddit https://ift.tt/2Q8ui5L
https://ift.tt/2PDkzov
Submitted November 19, 2018 at 07:24AM by Hemlck
via reddit https://ift.tt/2Q8ui5L
GitHub
infosecn1nja/AD-Attack-Defense
Active Directory Security For Red & Blue Team. Contribute to infosecn1nja/AD-Attack-Defense development by creating an account on GitHub.
Protecting 802.1X key in Secure Enclave
https://ift.tt/2qSzJYh
Submitted November 19, 2018 at 09:31AM by ivladdalvi
via reddit https://ift.tt/2FvLkGP
https://ift.tt/2qSzJYh
Submitted November 19, 2018 at 09:31AM by ivladdalvi
via reddit https://ift.tt/2FvLkGP
reddit
r/mac - Protecting 802.1X key in Secure Enclave
1 vote and 0 comments so far on Reddit
A comparison of Kubernetes container runtimes
https://ift.tt/2Toc9zS
Submitted November 19, 2018 at 04:04PM by stevenacreman
via reddit https://ift.tt/2QUI755
https://ift.tt/2Toc9zS
Submitted November 19, 2018 at 04:04PM by stevenacreman
via reddit https://ift.tt/2QUI755
kubedex.com
Kubernetes Container Runtimes - kubedex.com
Come and read Kubernetes Container Runtimes on Kubedex.com. The number one site to Discover, Compare and Share Kubernetes Applications.