Post Exploitation, Domain Exploitation, Meterpreter, Crackmapexec, Empire, Local Privilege Escalation, Persistence, Pivoting

2019 commence par un record battu ! Des compilations de plusieurs centaines de Giga sont apparues, d’abord en vente sur le darknet puis échangées par torrents à partir de plusieurs forums, sous les noms :« Collection #1 à 5 » ou « bigDB ». Essayons de voir…

It is particularly on IoT security.. please ask your question and share your knowledge

WebARX researcher found a vulnerability in popular WordPress plugin Simple Social Buttons. Read more to find out what vulnerability allows.

This proof-of concept (PoC) is released for educational purposes and evaluation by researchers, and should not be used in any unintended way. Furthermore, this PoC and any other related material has been published only after disclosing it to Xiaomi Researcher:…

2 votes and 1 comment so far on Reddit

Not a Coinhive Writeup

1 vote and 1 comment so far on Reddit

Collection of PowerShell network security noscripts for system administrators. - thom-s/netsec-ps-noscripts

1 vote and 0 comments so far on Reddit

The Anchore Engine is an open source project that provides a centralized service for deep inspection, analysis and certification of container images. It is provided as a Docker container image that can be run standalone or on an orchestration platform such…

An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere. - smallstep/certificates

In January 2019, I discovered a privilege escalation vulnerability in default installations of Ubuntu Linux. This was due to a bug in the snapd API, a default service. Any local user could exploit this vulnerability to obtain immediate root access to the…

From IoT Pentesting to IoT Security . Contribute to V33RU/IoTSecurity101 development by creating an account on GitHub.

1 vote and 2 comments so far on Reddit

As somebody who is in the Infosec/Cybersecurity industry, it is common knowledge that the laws relating to Hacking and Cybersecurity are laughably out-of-date, and as a result, it is technically prosecute somebody just for visiting a website and clicking…

Get more control over your browser with these tips.

A proposed standard which allows websites to define security policies.

A Bash noscript which uses AWS CLI to create an image of an AWS EC2 volume - ericpskl/exportEC2VolumeImage