TR Modsecurity with Web Application Security Installing, Usage and Rules
https://ift.tt/2EevTS9
Submitted December 04, 2018 at 05:50PM by berkdusunurx
via reddit https://ift.tt/2ri80jQ
https://ift.tt/2EevTS9
Submitted December 04, 2018 at 05:50PM by berkdusunurx
via reddit https://ift.tt/2ri80jQ
www.berkdusunur.net
ModSecurity ile Web Uygulama Güvenliği - Kurulum, Kullanım ve Kurallar
Herkese Selamlar, Bu yazı açık kaynak bir güvenlik duvarının kurulum, kullanım ve kuralları hakkında olacak. Mod Security WAF Web...
No Sql Injection Experiment Guide part-1.
https://ift.tt/2Sre3y7
Submitted December 04, 2018 at 05:27PM by beyonderdabas
via reddit https://ift.tt/2EcWhf0
https://ift.tt/2Sre3y7
Submitted December 04, 2018 at 05:27PM by beyonderdabas
via reddit https://ift.tt/2EcWhf0
Mohit Dabas's Blog
No Sql Injection Experiment Guide part-1.
So I started some little experiments on MongoDB to find out how can I execute few my own crafted queries in MongoDB query statements. It is not a how to do a manual to do NoSQL injection instead wh…
Hacking with a Heads Up Display
https://ift.tt/2Q9lHAw
Submitted December 04, 2018 at 07:21PM by psiinon
via reddit https://ift.tt/2E1Ku2r
https://ift.tt/2Q9lHAw
Submitted December 04, 2018 at 07:21PM by psiinon
via reddit https://ift.tt/2E1Ku2r
Segment
Hacking with a Heads Up Display
Kickstart your code obfuscation skills: obfuscation 10**2+(2*a+3)%2
https://ift.tt/2PlhF33
Submitted December 04, 2018 at 08:22PM by mabote
via reddit https://ift.tt/2zGagGi
https://ift.tt/2PlhF33
Submitted December 04, 2018 at 08:22PM by mabote
via reddit https://ift.tt/2zGagGi
ThunderDNS can forward TCP traffic over DNS protocol. Non-compile clients for linux/windows + socks5 support.
https://ift.tt/2E20KAb
Submitted December 04, 2018 at 09:22PM by cyberpunkych
via reddit https://ift.tt/2QxFWr6
https://ift.tt/2E20KAb
Submitted December 04, 2018 at 09:22PM by cyberpunkych
via reddit https://ift.tt/2QxFWr6
GitHub
fbkcs/ThunderDNS
This tool can forward TCP traffic over DNS protocol. Non-compile clients + socks5 support. - fbkcs/ThunderDNS
Created a small list of Digital Forensic tools based on their use cases
https://ift.tt/2SuH1gv
Submitted December 04, 2018 at 10:18PM by CaptainDevops
via reddit https://ift.tt/2ritHQO
https://ift.tt/2SuH1gv
Submitted December 04, 2018 at 10:18PM by CaptainDevops
via reddit https://ift.tt/2ritHQO
GitHub
Leo-G/DevopsWiki
A wiki of Devops Tools, Tutorials and Scripts. Contribute to Leo-G/DevopsWiki development by creating an account on GitHub.
Practice offensive and defensive security techniques with 5 real-world applications with real-world vulnerabilities - HackEDU and HackerOne
https://ift.tt/2UlC9fI
Submitted December 05, 2018 at 02:14AM by jrkjared3
via reddit https://ift.tt/2Pj8iAw
https://ift.tt/2UlC9fI
Submitted December 05, 2018 at 02:14AM by jrkjared3
via reddit https://ift.tt/2Pj8iAw
HackEDU
Interactive Cybersecurity Training | HackEDU
Interactive Cybersecurity Training. HackEDU offers comprehensive online Secure Development Training for your developers, engineers, and IT personnel to assist your organization in laying a foundation of security and application vulnerability prevention, assessment…
Digging in to SCP Command Injection
https://ift.tt/2AQjdwu
Submitted December 05, 2018 at 02:04AM by Plazmaz1
via reddit https://ift.tt/2RuqRE4
https://ift.tt/2AQjdwu
Submitted December 05, 2018 at 02:04AM by Plazmaz1
via reddit https://ift.tt/2RuqRE4
Dylan Katz
Digging in to SCP Command Injection
Jumping down the rabbit hole that is SCP
A look under the hood of a decentralized VPN Application
https://ift.tt/2FKnLdJ
Submitted December 05, 2018 at 05:41AM by MystCommunityManager
via reddit https://ift.tt/2RzyskN
https://ift.tt/2FKnLdJ
Submitted December 05, 2018 at 05:41AM by MystCommunityManager
via reddit https://ift.tt/2RzyskN
Medium
A look under the hood of a decentralised VPN Application.
Mysterium VPN is the client application of Mysterium Network, a Network focused on providing security and privacy to web 3 and beyond.
Adventures in Video Conferencing Part 1: The Wild World of WebRTC
https://ift.tt/2RwkShS
Submitted December 05, 2018 at 04:31AM by curteanu
via reddit https://ift.tt/2Ss7Emo
https://ift.tt/2RwkShS
Submitted December 05, 2018 at 04:31AM by curteanu
via reddit https://ift.tt/2Ss7Emo
reddit
r/netsec - Adventures in Video Conferencing Part 1: The Wild World of WebRTC
1 vote and 0 comments so far on Reddit
Free root access in PolicyKit for UIDs > INT_MAX
https://ift.tt/2PbTSCh
Submitted December 05, 2018 at 09:10AM by fridsun
via reddit https://ift.tt/2rlFxdi
https://ift.tt/2PbTSCh
Submitted December 05, 2018 at 09:10AM by fridsun
via reddit https://ift.tt/2rlFxdi
GitHub
unprivileged users with UID > INT_MAX can successfully execute any systemctl command #11026
Unprivileged users with UID > INT_MAX can execute any systemctl command due pkttyagent aborting with an assertion at https://github.com/freedesktop/polkit/blob/8c1bc8a/src/programs/pkttyagent.c#L156. systemd version the issue has been se...
Billion Laugh Attack in sites google com
https://ift.tt/2rnVNKs
Submitted December 05, 2018 at 08:02PM by asanso
via reddit https://ift.tt/2KWjbIe
https://ift.tt/2rnVNKs
Submitted December 05, 2018 at 08:02PM by asanso
via reddit https://ift.tt/2KWjbIe
Intothesymmetry
Billion Laugh Attack in https://sites.google.com
tl;dr https://sites.google.com suffered from a Billion Laugh Attack vulnerability that made the containerized environment to crash with a si...
Red and blue team tooling for AD joined UNIX boxes
https://ift.tt/2UifXmn
Submitted December 05, 2018 at 08:51PM by timb_machine
via reddit https://ift.tt/2BSJOuE
https://ift.tt/2UifXmn
Submitted December 05, 2018 at 08:51PM by timb_machine
via reddit https://ift.tt/2BSJOuE
GitHub
portcullislabs/linikatz
linikatz is a tool to attack AD on UNIX. Contribute to portcullislabs/linikatz development by creating an account on GitHub.
Uberducky - turn your Ubertooth into a wireless USB Rubber Ducky triggered via BLE
https://ift.tt/2QdOpAh
Submitted December 05, 2018 at 10:08PM by mpeg4codec
via reddit https://ift.tt/2KWwXKW
https://ift.tt/2QdOpAh
Submitted December 05, 2018 at 10:08PM by mpeg4codec
via reddit https://ift.tt/2KWwXKW
blog.ice9.us
Uberducky - a wireless USB Rubber Ducky triggered via BLE
I'm excited to announce a new tool: Uberducky , a wireless USB Rubber Ducky that can be triggered via BLE. If you have an Ubertooth One I ...
GitHub Desktop RCE (OSX)
https://ift.tt/2AR93Mc
Submitted December 06, 2018 at 12:23AM by sxcurity
via reddit https://ift.tt/2UlB6Mu
https://ift.tt/2AR93Mc
Submitted December 06, 2018 at 12:23AM by sxcurity
via reddit https://ift.tt/2UlB6Mu
pwning.re
GitHub Desktop RCE (OSX) - André Baptista
André Baptista - Reverse engineer, exploitation researcher and bug bounty hunter.
Snoop on 3G and 5G using usrp B210
https://ift.tt/2APRpIG
Submitted December 06, 2018 at 01:13AM by redbit2020
via reddit https://ift.tt/2rm3lNX
https://ift.tt/2APRpIG
Submitted December 06, 2018 at 01:13AM by redbit2020
via reddit https://ift.tt/2rm3lNX
reddit
r/RTLSDR - Snoop on 3G and 5G using usrp B210
27 votes and 3 comments so far on Reddit
PoC For Recent Adobe Flash ZeroDay (CVE-2018-15982) | @smgoreli
https://ift.tt/2UhysaF
Submitted December 06, 2018 at 05:49AM by Hemlck
via reddit https://ift.tt/2PoqdG6
https://ift.tt/2UhysaF
Submitted December 06, 2018 at 05:49AM by Hemlck
via reddit https://ift.tt/2PoqdG6
GitHub
smgorelik/Windows-RCE-exploits
The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samples are uploaded for education purposes for red and blue tea...
PrestaShop Back Office Remote Code Execution (CVE-2018-19126)
https://ift.tt/2zK83tI
Submitted December 06, 2018 at 09:32PM by fariskhi
via reddit https://ift.tt/2L4dPuA
https://ift.tt/2zK83tI
Submitted December 06, 2018 at 09:32PM by fariskhi
via reddit https://ift.tt/2L4dPuA
GitHub
farisv/PrestaShop-CVE-2018-19126
PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4.) Back Office Remote Code Execution (CVE-2018-19126) - farisv/PrestaShop-CVE-2018-19126
Pwning JBoss Seam 2 like a boss
https://ift.tt/2Uldt6Z
Submitted December 06, 2018 at 09:11PM by bsilvascores
via reddit https://ift.tt/2PkpdTy
https://ift.tt/2Uldt6Z
Submitted December 06, 2018 at 09:11PM by bsilvascores
via reddit https://ift.tt/2PkpdTy
Medium
Pwning JBoss Seam 2 like a boss
I haven’t been writing for a long time, so I finally decided to write about a cool (old) story with JBoss.
HTTPS in the real world
https://ift.tt/2zSpZlZ
Submitted December 06, 2018 at 08:48PM by businesstrout
via reddit https://ift.tt/2rn6tsP
https://ift.tt/2zSpZlZ
Submitted December 06, 2018 at 08:48PM by businesstrout
via reddit https://ift.tt/2rn6tsP
Robert Heaton
HTTPS in the real world | Robert Heaton
In cryptography, trust is mathematically provable. Everything else is just faith.
Implementation of the OWASP Mobile TOP 10 methodology for testing Android applications
https://ift.tt/2REiB4j
Submitted December 06, 2018 at 10:56PM by _vavkamil_
via reddit https://ift.tt/2QgsLM0
https://ift.tt/2REiB4j
Submitted December 06, 2018 at 10:56PM by _vavkamil_
via reddit https://ift.tt/2QgsLM0
hub.hacken.io
Implementation of the OWASP Mobile TOP 10 methodology for testing Android applications
Mobile devices are subject to numerous security discussions. We at Hacken decided to address the OWASP Mobile TOP 10 methodology in order to demonstrate the process of conducting vulnerability analysis for mobile applications.