GitHub bug allows users to view private repos after access is revoked.
http://bit.ly/2FKKkhs
Submitted January 24, 2019 at 05:04AM by bicicleteando
via reddit http://bit.ly/2CEydOY
http://bit.ly/2FKKkhs
Submitted January 24, 2019 at 05:04AM by bicicleteando
via reddit http://bit.ly/2CEydOY
Gist
Some issues with GitHub Forks
Some issues with GitHub Forks. GitHub Gist: instantly share code, notes, and snippets.
WordPress Vulnerability Scanner - Google Chrome Extension
http://bit.ly/2SSTTxF
Submitted January 24, 2019 at 05:25AM by sourcingdenis
via reddit http://bit.ly/2T6R644
http://bit.ly/2SSTTxF
Submitted January 24, 2019 at 05:25AM by sourcingdenis
via reddit http://bit.ly/2T6R644
Google
WPintel - WordPress Vulnerability Scanner
WordPress Vulnerability Scanner - Scan for vulnerabilities, version, themes, plugins and much more!
Bugcrowd LevelUp 0x03 2019 YouTube Playlist
https://www.youtube.com/playlist?list=PLIK9nm3mu-S61oMP7pie5d2t1Aah41Fji
Submitted January 24, 2019 at 12:28PM by Cabbage-Guy
via reddit http://bit.ly/2WmoTIK
https://www.youtube.com/playlist?list=PLIK9nm3mu-S61oMP7pie5d2t1Aah41Fji
Submitted January 24, 2019 at 12:28PM by Cabbage-Guy
via reddit http://bit.ly/2WmoTIK
YouTube
LevelUp 0x03 2019 - YouTube
I wrote a blog post about how and why to play CTF challenges
http://bit.ly/2HvQ9B1
Submitted January 24, 2019 at 06:27PM by RayofLight-z
via reddit http://bit.ly/2Dvc8Ei
http://bit.ly/2HvQ9B1
Submitted January 24, 2019 at 06:27PM by RayofLight-z
via reddit http://bit.ly/2Dvc8Ei
wolfshirtz
Playing CTFs for fun and profit(but mostly fun)
Playing CTFs for fun and profit(but mostly fun) CTFs(or capture the flags) are competitions held to help hone and build upon skills in information security. CTFs come in all difficulty levels and some that are more difficult even have simpler versions of…
Magento 2.2.6 / 2.1.15 RCE and local file read
http://bit.ly/2RcFudY
Submitted January 24, 2019 at 11:02PM by Blaklis
via reddit http://bit.ly/2FXGSPV
http://bit.ly/2RcFudY
Submitted January 24, 2019 at 11:02PM by Blaklis
via reddit http://bit.ly/2FXGSPV
reddit
r/netsec - Magento 2.2.6 / 2.1.15 RCE and local file read
7 votes and 0 comments so far on Reddit
A brazilian academic researcher's BGP "research" triggered a bug in FRR twice (jan 8 and jan 23), knocking routers around the world offline
http://bit.ly/2DyC01Z
Submitted January 24, 2019 at 10:42PM by merreborn
via reddit http://bit.ly/2S9t5Ms
http://bit.ly/2DyC01Z
Submitted January 24, 2019 at 10:42PM by merreborn
via reddit http://bit.ly/2S9t5Ms
reddit
r/netsec - A brazilian academic researcher's BGP "research" triggered a bug in FRR twice (jan 8 and jan 23), knocking routers around…
12 votes and 4 comments so far on Reddit
Confiant & Malwarebytes Uncover Steganography Based Ad Payload That Drops Shlayer Trojan On Mac…
http://bit.ly/2Hsylqv
Submitted January 24, 2019 at 11:56PM by _vavkamil_
via reddit http://bit.ly/2Rbplpt
http://bit.ly/2Hsylqv
Submitted January 24, 2019 at 11:56PM by _vavkamil_
via reddit http://bit.ly/2Rbplpt
Confiant
Confiant & Malwarebytes Uncover Steganography Based Ad Payload That Drops Shlayer Trojan On Mac Users
Recent months have seen an uptick in reports of JavaScript malware that hides in image files. This is often referred to as “image based…
Local Admin Access and Group Policy Don't mix
http://bit.ly/2S6IahQ
Submitted January 25, 2019 at 01:31AM by oddvarmoe
via reddit http://bit.ly/2U9TqHy
http://bit.ly/2S6IahQ
Submitted January 25, 2019 at 01:31AM by oddvarmoe
via reddit http://bit.ly/2U9TqHy
TrustedSec
Local Admin Access and Group Policy Don’t Mix - TrustedSec
Having spent a career working with Group Policies, I thought now might be a good time to give an overview of it and I felt like doing a little writeup about Group Policies. I especially want to highlight why having admin access to clients can be really bad.…
Electronegativity - Electron security tool released
http://bit.ly/2S5vtE2
Submitted January 25, 2019 at 02:19AM by nibblesec
via reddit http://bit.ly/2B1at7R
http://bit.ly/2S5vtE2
Submitted January 25, 2019 at 02:19AM by nibblesec
via reddit http://bit.ly/2B1at7R
Doyensec
Electronegativity is finally out! · Doyensec's Blog
Doyensec's Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.
Why CISA issued our first Emergency Directive
http://bit.ly/2FLhKMR
Submitted January 25, 2019 at 05:46AM by liotier
via reddit http://bit.ly/2B2XP8l
http://bit.ly/2FLhKMR
Submitted January 25, 2019 at 05:46AM by liotier
via reddit http://bit.ly/2B2XP8l
cyber.dhs.gov
cyber.dhs.gov - CISA blog
A site for cybersecurity directives and implementation guidance, from the Cybersecurity and Infrastructure Security Agency.
PrivExchange - Abusing Exchange: One API call away from Domain Admin
http://bit.ly/2DqEhMH
Submitted January 25, 2019 at 01:18PM by 2xyo
via reddit http://bit.ly/2sJBwQn
http://bit.ly/2DqEhMH
Submitted January 25, 2019 at 01:18PM by 2xyo
via reddit http://bit.ly/2sJBwQn
dirkjanm.io
Abusing Exchange: One API call away from Domain Admin
In most organisations using Active Directory and Exchange, Exchange servers have such high privileges that being an Administrator on an Exchange server is enough to escalate to Domain Admin. Recently I came across a blog from the ZDI, in which they detail…
mitaka: extract, refang and search/scan IoC!
http://bit.ly/2FNrs1i
Submitted January 25, 2019 at 12:42PM by ninoseki
via reddit http://bit.ly/2FXtECF
http://bit.ly/2FNrs1i
Submitted January 25, 2019 at 12:42PM by ninoseki
via reddit http://bit.ly/2FXtECF
HackMD
mitaka: extract, refang and search/scan IoC! - HackMD
# mitaka: extract, refang and search/scan IoC! ## TL;DR - [mitaka](https://github.com/ninoseki/mit
SSHtranger Things: OpenSSH scp arbitrary file write PoC (CVE-2019-6111)
Disclosure: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txtPoC Announcement: https://mobile.twitter.com/HyperionGray/status/1086011569417392129PoC Code: https://gist.github.com/mehaase/63e45c17bdbbd59e8e68d02ec58f4ca2Vulnerable versions of scp do not verify the filenames sent by the server, allowing a malicious server to overwrite unintended files. Scp also prints the server's stderr stream without any sanitization, allowing the server to send ANSI codes to cover up the transfer of the malicious file. This is unpatched in Ubuntu 18.04 LTS as well as other major distros. One user on Twitter says that it won't be fixed at all in RHEL 5/6.This demo shows a user requesting `file.txt` and the server sends `file.txt` followed by `exploit.txt`, then sends ANSI commands to move the cursor so that the transfer of `exploit.txt` is concealed.SSHtranger Things PoC DemoLet us know if you would be interested in a more detailed writeup!
Submitted January 23, 2019 at 11:37PM by hyperiongray
via reddit http://bit.ly/2FW0rrQ
Disclosure: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txtPoC Announcement: https://mobile.twitter.com/HyperionGray/status/1086011569417392129PoC Code: https://gist.github.com/mehaase/63e45c17bdbbd59e8e68d02ec58f4ca2Vulnerable versions of scp do not verify the filenames sent by the server, allowing a malicious server to overwrite unintended files. Scp also prints the server's stderr stream without any sanitization, allowing the server to send ANSI codes to cover up the transfer of the malicious file. This is unpatched in Ubuntu 18.04 LTS as well as other major distros. One user on Twitter says that it won't be fixed at all in RHEL 5/6.This demo shows a user requesting `file.txt` and the server sends `file.txt` followed by `exploit.txt`, then sends ANSI commands to move the cursor so that the transfer of `exploit.txt` is concealed.SSHtranger Things PoC DemoLet us know if you would be interested in a more detailed writeup!
Submitted January 23, 2019 at 11:37PM by hyperiongray
via reddit http://bit.ly/2FW0rrQ
Twitter
Hyperion Gray
We wrote up a proof-of-concept for the SCP file write vulnerability CVE-2019-6111. We like to call it SSHtranger Things because it is soooooo old school 😀 Currently unpatched on Ubuntu 18.04.1 LTS and other major distros. #sshtrangerthings 1/2 https://t.co/cpuY1KPdhc
Bash post-exploitation tool for Linux
http://bit.ly/2SEuqI5
Submitted January 24, 2019 at 09:53PM by bellthief
via reddit http://bit.ly/2RKNubr
http://bit.ly/2SEuqI5
Submitted January 24, 2019 at 09:53PM by bellthief
via reddit http://bit.ly/2RKNubr
GitHub
zMarch/Orc
Orc is a post-exploitation framework for Linux written in Bash - zMarch/Orc
NZ 2019 Top 10 critical controls released
http://bit.ly/2Wg8QMp
Submitted January 25, 2019 at 11:17AM by svotso
via reddit http://bit.ly/2RfIrL0
http://bit.ly/2Wg8QMp
Submitted January 25, 2019 at 11:17AM by svotso
via reddit http://bit.ly/2RfIrL0
CERT NZ
CERT NZ's critical controls 2019 | CERT NZ
CERT NZ’s ten critical controls would mitigate, or better contain, the majority of attacks we’ve seen.
Top application security news of the week.
http://bit.ly/2SbDsPQ
Submitted January 25, 2019 at 03:34PM by KeyDutch
via reddit http://bit.ly/2CIRO0s
http://bit.ly/2SbDsPQ
Submitted January 25, 2019 at 03:34PM by KeyDutch
via reddit http://bit.ly/2CIRO0s
Htbridge
Application Security Weekly Review, Week 4 2019
Mysterious attack on PHP PEAR website, hack of popular WordPress plugin maker, and privacy risks of top free VPN Android apps.
How I abused 2FA to maintain persistence after a password change (Google, Microsoft, Instagram…
http://bit.ly/2MvBu7M
Submitted January 25, 2019 at 03:31PM by lukeberner
via reddit http://bit.ly/2RTpfrO
http://bit.ly/2MvBu7M
Submitted January 25, 2019 at 03:31PM by lukeberner
via reddit http://bit.ly/2RTpfrO
Medium
How I abused 2FA to maintain persistence after a password change (Google, Microsoft, Instagram, Cloudflare, etc)
TL;DR: Waiting in the 2FA page could allow you to log in without knowing the current password in many major websites.
Turbo Intruder: Embracing the billion-request attack
http://bit.ly/2DyPvyM
Submitted January 25, 2019 at 04:51PM by albinowax
via reddit http://bit.ly/2FVSxPf
http://bit.ly/2DyPvyM
Submitted January 25, 2019 at 04:51PM by albinowax
via reddit http://bit.ly/2FVSxPf
portswigger.net
Turbo Intruder: Embracing the billion-request attack | Blog
Automated web application attacks are terminally limited by the number of HTTP requests they can send. It's impossible to know how many hacks have gone off the rails because you didn't quite manage to
A tool to find subdomains and interesting things like secrets hidden inside, external Javanoscript files of page, and Github.
http://bit.ly/2V085Xf
Submitted January 25, 2019 at 06:54PM by nsonaniya2010
via reddit http://bit.ly/2S6Jj9c
http://bit.ly/2V085Xf
Submitted January 25, 2019 at 06:54PM by nsonaniya2010
via reddit http://bit.ly/2S6Jj9c
GitHub
nsonaniya2010/SubDomainizer
A tool to find subdomains and interesting things hidden inside, external Javanoscript files of page, and Github. - nsonaniya2010/SubDomainizer
From Evil Printers to Parent Domain Controllers
http://bit.ly/2B1T1jC
Submitted January 25, 2019 at 08:52PM by CaptMeelo
via reddit http://bit.ly/2TgQfxS
http://bit.ly/2B1T1jC
Submitted January 25, 2019 at 08:52PM by CaptMeelo
via reddit http://bit.ly/2TgQfxS
Checkmate
Intrusion Testing – From Evil Printers to Parent Domain Controllers
Intrusion testing Recently I was engaged in a project where I was supposed to breach an organization and exfiltrate data from within the perimeter of the organization without alerting their SOC. I …
Magento – RCE & Local File Read with low privilege admin rights
http://bit.ly/2RcFudY
Submitted January 25, 2019 at 07:58PM by cbolat
via reddit http://bit.ly/2MvHqO4
http://bit.ly/2RcFudY
Submitted January 25, 2019 at 07:58PM by cbolat
via reddit http://bit.ly/2MvHqO4
reddit
r/netsec - Magento – RCE & Local File Read with low privilege admin rights
1 vote and 0 comments so far on Reddit