There are Two Types of Hackers
http://bit.ly/2I6cDJ2
Submitted February 13, 2019 at 01:01AM by neverforgetdream
via reddit http://bit.ly/2GCVfcO
http://bit.ly/2I6cDJ2
Submitted February 13, 2019 at 01:01AM by neverforgetdream
via reddit http://bit.ly/2GCVfcO
reddit
r/netsec - There are Two Types of Hackers
1 vote and 2 comments so far on Reddit
Hacking Laws are Silly, Don’t click this link.
https://breakthelaw.xyz
Submitted February 13, 2019 at 04:02AM by Evil1337
via reddit http://bit.ly/2TS3FAV
https://breakthelaw.xyz
Submitted February 13, 2019 at 04:02AM by Evil1337
via reddit http://bit.ly/2TS3FAV
breakthelaw.xyz
Hacking Laws are Silly. Seriously. Don't view this page.
As somebody who is in the Infosec/Cybersecurity industry, it is common knowledge that the laws relating to Hacking and Cybersecurity are laughably out-of-date, and as a result, it is technically prosecute somebody just for visiting a website and clicking…
Tracking Google Chrome From its PID
http://bit.ly/2TMXYDZ
Submitted February 13, 2019 at 04:51AM by lawandordercandidate
via reddit http://bit.ly/2X1hIWP
http://bit.ly/2TMXYDZ
Submitted February 13, 2019 at 04:51AM by lawandordercandidate
via reddit http://bit.ly/2X1hIWP
menz-o-matic.com
Tracking Google Chrome From its PID
Get more control over your browser with these tips.
Security.txt: a proposal for publishing channels for vulnerability disclosure
http://bit.ly/2fWIVt2
Submitted February 13, 2019 at 04:48PM by pimterry
via reddit http://bit.ly/2GF71U0
http://bit.ly/2fWIVt2
Submitted February 13, 2019 at 04:48PM by pimterry
via reddit http://bit.ly/2GF71U0
security.txt
A proposed standard which allows websites to define security policies.
Tool to export an image of an EC2 volume outside of AWS (for forensic work or archiving)
http://bit.ly/2SOHs9n
Submitted February 13, 2019 at 06:10PM by layertwo
via reddit http://bit.ly/2GFsITV
http://bit.ly/2SOHs9n
Submitted February 13, 2019 at 06:10PM by layertwo
via reddit http://bit.ly/2GFsITV
GitHub
ericpskl/exportEC2VolumeImage
A Bash noscript which uses AWS CLI to create an image of an AWS EC2 volume - ericpskl/exportEC2VolumeImage
Access to everyone in Puerto Rico's CESCO database through an Insecure Direct Object Reference
http://bit.ly/2IaE98y
Submitted February 13, 2019 at 08:57PM by rramgattie
via reddit http://bit.ly/2SzP809
http://bit.ly/2IaE98y
Submitted February 13, 2019 at 08:57PM by rramgattie
via reddit http://bit.ly/2SzP809
CVE-2019-0539 Root Cause Analysis
http://bit.ly/2tlsbP6
Submitted February 13, 2019 at 09:39PM by shleimeleh
via reddit http://bit.ly/2GpEzGo
http://bit.ly/2tlsbP6
Submitted February 13, 2019 at 09:39PM by shleimeleh
via reddit http://bit.ly/2GpEzGo
Perception Point
CVE-2019-0539 - Root Cause & Analysis | Perception Point
CVE-2019-0539 may have been recently resolved by Microsoft but are you still impacted? Learn about the root cause of CVE-2019-0539 and how it can be used to exploit.
DarkSpiritz Pentesting Framework - Updated with Bug Fixes and new features. On a new repository as well.
http://bit.ly/2tmiLCP
Submitted February 14, 2019 at 11:44AM by maxbridgland
via reddit http://bit.ly/2GJtCyD
http://bit.ly/2tmiLCP
Submitted February 14, 2019 at 11:44AM by maxbridgland
via reddit http://bit.ly/2GJtCyD
GitHub
M4cs/DarkSpiritz
Official Repository for DarkSpiritz Penetration Framework | Written in Python - M4cs/DarkSpiritz
Pwning WPA/WPA2 Networks With Bettercap and the PMKID Client-Less Attack
http://bit.ly/2N4sA1k
Submitted February 14, 2019 at 02:22PM by evilsocket
via reddit http://bit.ly/2SOIcLF
http://bit.ly/2N4sA1k
Submitted February 14, 2019 at 02:22PM by evilsocket
via reddit http://bit.ly/2SOIcLF
evilsocket
Pwning WPA/WPA2 Networks With Bettercap and the PMKID Client-Less Attack
In this post, I’ll talk about the new WiFi related features that have been recently implemented into bettercap, starting from how the EAPOL 4-way handshake capturing has been automated, to a whole new
Multi stage malicious LNK dropper analysis
http://bit.ly/2SOsX5v
Submitted February 14, 2019 at 05:04PM by ThisIsLibra
via reddit http://bit.ly/2Ea0zCD
http://bit.ly/2SOsX5v
Submitted February 14, 2019 at 05:04PM by ThisIsLibra
via reddit http://bit.ly/2Ea0zCD
Unauthenticated SSRF in Oracle EBS
http://bit.ly/2DCjyV9
Submitted February 14, 2019 at 05:32PM by albinowax
via reddit http://bit.ly/2E8YHu2
http://bit.ly/2DCjyV9
Submitted February 14, 2019 at 05:32PM by albinowax
via reddit http://bit.ly/2E8YHu2
Medium
Unauthenticated Blind SSRF in Oracle EBS
CVE-2018-3167
NordVPN Dominates VPN Market Share, and That Will Likely Continue | News & Opinion
http://bit.ly/2URwmhc
Submitted February 14, 2019 at 09:34PM by AsleepBiscotti
via reddit http://bit.ly/2GvJ4PR
http://bit.ly/2URwmhc
Submitted February 14, 2019 at 09:34PM by AsleepBiscotti
via reddit http://bit.ly/2GvJ4PR
PCMAG
NordVPN Dominates VPN Market Share, and That Will Likely Continue
Research by VPN review site VPNpro based on publicly available info puts NordVPN either ahead or poised to jump ahead of the competition in most marketing metrics.
Omnipresence on the web: browse through many locations concurrently with Docker, VPN & Squid
http://bit.ly/2GB71Eo
Submitted February 14, 2019 at 10:23PM by eloquinees_husband
via reddit http://bit.ly/2X1uXGG
http://bit.ly/2GB71Eo
Submitted February 14, 2019 at 10:23PM by eloquinees_husband
via reddit http://bit.ly/2X1uXGG
reddit
r/netsec - Omnipresence on the web: browse through many locations concurrently with Docker, VPN & Squid
2 votes and 1 comment so far on Reddit
Point of No C3 - Linux Kernel Exploitation - Part 0
http://bit.ly/2UZ2LT7
Submitted February 14, 2019 at 11:26PM by Evil1337
via reddit http://bit.ly/2Gpa839
http://bit.ly/2UZ2LT7
Submitted February 14, 2019 at 11:26PM by Evil1337
via reddit http://bit.ly/2Gpa839
reddit
r/netsec - Point of No C3 - Linux Kernel Exploitation - Part 0
2 votes and 0 comments so far on Reddit
[fosdem 2019 recording] Handling Security Flaws in an Open Source Project (Jeremy Allison)
http://bit.ly/2EcaEiF
Submitted February 14, 2019 at 11:08PM by the_gnarts
via reddit http://bit.ly/2DD5tXr
http://bit.ly/2EcaEiF
Submitted February 14, 2019 at 11:08PM by the_gnarts
via reddit http://bit.ly/2DD5tXr
reddit
r/netsec - [fosdem 2019 recording] Handling Security Flaws in an Open Source Project (Jeremy Allison)
1 vote and 1 comment so far on Reddit
New Ovidiy Stealer Password Stealing Malware Priced to Boost Sales
http://bit.ly/2tpRGP2
Submitted February 15, 2019 at 01:12AM by sdsfjrl123
via reddit http://bit.ly/2DGsJE0
http://bit.ly/2tpRGP2
Submitted February 15, 2019 at 01:12AM by sdsfjrl123
via reddit http://bit.ly/2DGsJE0
ArcTitan
New Ovidiy Stealer Password Stealing Malware Priced to Boost Sales - ArcTitan
The malware known as ‘Ovidiy Stealer’ is password stealing software that will capture login details and send the information to the hacker’s C2 server. As with most other password stealers, information is captured as it is entered into websites such as banking…
Actual high-level network security roles and skillsets
http://bit.ly/2TQV5SC
Submitted February 15, 2019 at 09:02AM by ahazred8vt
via reddit http://bit.ly/2GHPMkR
http://bit.ly/2TQV5SC
Submitted February 15, 2019 at 09:02AM by ahazred8vt
via reddit http://bit.ly/2GHPMkR
Innovative Phishing Campaign Uses Google Translate to Serve Phishing Webpage
http://bit.ly/2EcJQ1M
Submitted February 15, 2019 at 11:39AM by kotmana456
via reddit http://bit.ly/2V1xLC1
http://bit.ly/2EcJQ1M
Submitted February 15, 2019 at 11:39AM by kotmana456
via reddit http://bit.ly/2V1xLC1
WebTitan
Innovative Phishing Campaign Uses Google Translate to Serve Phishing Webpage - WebTitan
A new phishing campaign has been detected that uses Google Translate to mask the URL of the phishing web page on mobile devices. The tactic makes it appear that users are on an official Google website.
Facebook CSRF protection bypass which leads to Account Takeover.
http://bit.ly/2SxCizm
Submitted February 15, 2019 at 03:03PM by albinowax
via reddit http://bit.ly/2DLVpv8
http://bit.ly/2SxCizm
Submitted February 15, 2019 at 03:03PM by albinowax
via reddit http://bit.ly/2DLVpv8
Bug Bounty Write-ups
Facebook CSRF protection bypass which leads to Account Takeover.
Chashell, a Go reverse shell, cross-platform and communicating over DNS.
http://bit.ly/2Gt8hdC
Submitted February 15, 2019 at 08:58PM by phocean
via reddit http://bit.ly/2IcMSXL
http://bit.ly/2Gt8hdC
Submitted February 15, 2019 at 08:58PM by phocean
via reddit http://bit.ly/2IcMSXL
Sysdream
Sysdream, Chashell, a reverse shell over DNS
Sysdream, audits et formations en sécurité informatique Ethical Hacking PCI DSS Test d'intrusion
I just completed the Bandit wargame at Overthewire, here are my takeaways.
http://bit.ly/2SZnJno
Submitted February 15, 2019 at 09:19PM by SkullTech101
via reddit http://bit.ly/2GqALon
http://bit.ly/2SZnJno
Submitted February 15, 2019 at 09:19PM by SkullTech101
via reddit http://bit.ly/2GqALon
Musings of Sumit Ghosh
Notes from Overthewire Bandit
I solved the Bandit wargame by Overthewire over the last few days, and noted down anything new // interesting I learned. This is not a writeup in any way, you’re not likely to find solutions to specific questions here. This is more like study notes, mostly…