Emotet dropper analysis including server sided PHP code
https://ift.tt/2Tr3nng
Submitted February 28, 2019 at 04:52PM by ThisIsLibra
via reddit https://ift.tt/2tJzMHg
https://ift.tt/2Tr3nng
Submitted February 28, 2019 at 04:52PM by ThisIsLibra
via reddit https://ift.tt/2tJzMHg
reddit
r/netsec - Emotet dropper analysis including server sided PHP code
0 votes and 0 comments so far on Reddit
Siemens PLC JTAG Pinout Reverse Engineering (Reverse Engineering Architecture and Pinout of Custom ASICS)
https://ift.tt/2Had0Aj
Submitted February 28, 2019 at 08:09PM by dionas
via reddit https://ift.tt/2H7AQN8
https://ift.tt/2Had0Aj
Submitted February 28, 2019 at 08:09PM by dionas
via reddit https://ift.tt/2H7AQN8
SEC Consult
Reverse Engineering Architecture and Pinout of Custom ASICs - SEC Consult
Learn about the process of initial reverse engineering the pinout of unknown ASICs by using moderate methods. The two described ICs are good examples out of many industry-solutions and have been chosen to demonstrate how design decisions from vendors are…
Top 5 leading bug bounty platforms by now
https://ift.tt/2EiiVAl
Submitted February 28, 2019 at 08:22PM by KeyDutch
via reddit https://ift.tt/2TpGZdW
https://ift.tt/2EiiVAl
Submitted February 28, 2019 at 08:22PM by KeyDutch
via reddit https://ift.tt/2TpGZdW
Htbridge
Five of the Top Bug Bounty Platforms
Bug bounties are a form of results-based outsourced code checking. It is a cost-efficient and effective method of crowdsourcing a company’s code analysis, while paying only for results.
Thinking outside of the password manager box
https://ift.tt/2Eo7ZkL
Submitted March 01, 2019 at 12:48AM by zulln
via reddit https://ift.tt/2Tl0nc7
https://ift.tt/2Eo7ZkL
Submitted March 01, 2019 at 12:48AM by zulln
via reddit https://ift.tt/2Tl0nc7
Detectify Labs
Thinking outside of the password manager box
AltFS provides a virtual file system, over non-file artifacts, to demonstrate hidden storage techniques.
https://ift.tt/2SyoArc
Submitted March 01, 2019 at 03:16AM by ikotler
via reddit https://ift.tt/2IHcsUR
https://ift.tt/2SyoArc
Submitted March 01, 2019 at 03:16AM by ikotler
via reddit https://ift.tt/2IHcsUR
GitHub
SafeBreach-Labs/AltFS
The Alternative Fileless File System. Contribute to SafeBreach-Labs/AltFS development by creating an account on GitHub.
Detecting PowerShell Empire using the tools from the Sysinternals suite.
https://ift.tt/2SwCg5T
Submitted March 01, 2019 at 03:15AM by digicat
via reddit https://ift.tt/2EE8Lva
https://ift.tt/2SwCg5T
Submitted March 01, 2019 at 03:15AM by digicat
via reddit https://ift.tt/2EE8Lva
reddit
r/netsec - Detecting PowerShell Empire using the tools from the Sysinternals suite.
0 votes and 0 comments so far on Reddit
Wireshark 3.0.0 Released!
https://ift.tt/2VmUecI
Submitted March 01, 2019 at 02:41AM by CaptMeelo
via reddit https://ift.tt/2EE0048
https://ift.tt/2VmUecI
Submitted March 01, 2019 at 02:41AM by CaptMeelo
via reddit https://ift.tt/2EE0048
reddit
r/netsec - Wireshark 3.0.0 Released!
0 votes and 13 comments so far on Reddit
Broken cryptographic trust model for provider distribution
https://ift.tt/2IHwyhP
Submitted March 01, 2019 at 10:47AM by _conn
via reddit https://ift.tt/2TqN61G
https://ift.tt/2IHwyhP
Submitted March 01, 2019 at 10:47AM by _conn
via reddit https://ift.tt/2TqN61G
reddit
r/Terraform - Broken cryptographic trust model for provider distribution
0 votes and 1 comment so far on Reddit
The /r/netsec Monthly Discussion Thread - March 2019
OverviewQuestions regarding netsec and discussion related directly to netsec are welcome here.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on /r/netsec.As always, the content & discussion guidelines should also be observed on /r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted March 01, 2019 at 10:06AM by AutoModerator
via reddit https://ift.tt/2Nzf4D6
OverviewQuestions regarding netsec and discussion related directly to netsec are welcome here.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on /r/netsec.As always, the content & discussion guidelines should also be observed on /r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted March 01, 2019 at 10:06AM by AutoModerator
via reddit https://ift.tt/2Nzf4D6
Reddit
Technical Information Security Content & Discussion
/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to provide value to security practitioners, students, researchers, and hackers everywhere.
Horizontal Privilege Escalation in Quora leading to User Account Compromise
https://ift.tt/2Xx8Fgc
Submitted March 01, 2019 at 12:01PM by payloadartist
via reddit https://ift.tt/2SvzaPv
https://ift.tt/2Xx8Fgc
Submitted March 01, 2019 at 12:01PM by payloadartist
via reddit https://ift.tt/2SvzaPv
SpyClub
Horizontal Privilege Escalation on Quora which can compromise all users on Quora
Hey, I am SpyD3r(@TarunkantG) and in this blog, I will be discussing the bug I have found in Quora which can compromise all users on Quora due to Horizontal Privilege Escalation. I worked more than
Abusing Docker API: Sockets
https://ift.tt/2SyOTgI
Submitted March 01, 2019 at 11:57AM by payloadartist
via reddit https://ift.tt/2XtVbSx
https://ift.tt/2SyOTgI
Submitted March 01, 2019 at 11:57AM by payloadartist
via reddit https://ift.tt/2XtVbSx
Attackresearch
Abusing Docker API | Socket
Notes on abusing open Docker sockets This wont cover breaking out of docker containers Ports: usually 2375 & 2376 but can be anything ...
Decrypting credentials.xml in Jenkins
https://ift.tt/2El3cAx
Submitted March 01, 2019 at 11:56AM by payloadartist
via reddit https://ift.tt/2SvzdLb
https://ift.tt/2El3cAx
Submitted March 01, 2019 at 11:56AM by payloadartist
via reddit https://ift.tt/2SvzdLb
Attackresearch
Jenkins - decrypting credentials.xml
If you find yourself on a Jenkins box with noscript console access you can decrypt the saved passwords in credentials.xml in the following way...
Analyzing a Windows DHCP Server Bug (CVE-2019-0626) - MalwareTech
https://ift.tt/2TqfnFC
Submitted March 01, 2019 at 02:12PM by payloadartist
via reddit https://ift.tt/2Tl3WiF
https://ift.tt/2TqfnFC
Submitted March 01, 2019 at 02:12PM by payloadartist
via reddit https://ift.tt/2Tl3WiF
MalwareTech
Analyzing a Windows DHCP Server Bug (CVE-2019-0626) - MalwareTech
Reverse engineering the latest Microsoft patch in order to extract and exploit a recently patched vulnerability in the Windows Server DHCP service.
Slides: The state of Malware from the eye of the tiger
https://ift.tt/2UbGEZC
Submitted March 01, 2019 at 01:36PM by payloadartist
via reddit https://ift.tt/2C0AowG
https://ift.tt/2UbGEZC
Submitted March 01, 2019 at 01:36PM by payloadartist
via reddit https://ift.tt/2C0AowG
reddit
r/netsec - Slides: The state of Malware from the eye of the tiger
0 votes and 0 comments so far on Reddit
Awesome Free Starter for Web App Pentesting: Their simulated labs include previously disclosed vulnerabilities on Hackerone
https://ift.tt/2NEQelu
Submitted March 01, 2019 at 07:13PM by payloadartist
via reddit https://ift.tt/2T5qAMF
https://ift.tt/2NEQelu
Submitted March 01, 2019 at 07:13PM by payloadartist
via reddit https://ift.tt/2T5qAMF
HackEDU
Interactive Cybersecurity Training | HackEDU
Interactive Cybersecurity Training. HackEDU offers comprehensive online Secure Development Training for your developers, engineers, and IT personnel to assist your organization in laying a foundation of security and application vulnerability prevention, assessment…
Eliminating opportunities for BGP accidents with traffic hijacking
https://ift.tt/2VnN9J8
Submitted March 01, 2019 at 06:55PM by atomlib_com
via reddit https://ift.tt/2H6gweW
https://ift.tt/2VnN9J8
Submitted March 01, 2019 at 06:55PM by atomlib_com
via reddit https://ift.tt/2H6gweW
Habr
Eliminating opportunities for traffic hijacking
Beatiful scheme for BGP connection to Qrator filtering network A little historical overview BGP hijacks — when an ISP originates an advertisement of address s...
Bypassing a restrictive JS sandox
https://ift.tt/2C1RD0E
Submitted March 02, 2019 at 04:49AM by EzequielTBH
via reddit https://ift.tt/2tMS6zg
https://ift.tt/2C1RD0E
Submitted March 02, 2019 at 04:49AM by EzequielTBH
via reddit https://ift.tt/2tMS6zg
Licencia para Hackear
Bypassing a restrictive JS sandbox
While participating in a bug bounty program, I found a site with a very
interesting functionality: it allowed me to filter some data based on a
user-controlled expression. I could put something like b
interesting functionality: it allowed me to filter some data based on a
user-controlled expression. I could put something like b
"Cheapest" sketchy hindi certs for sale
https://ift.tt/2VqLqmg
Submitted March 02, 2019 at 05:13AM by jonbonesjonesjohnson
via reddit https://ift.tt/2EtPStQ
https://ift.tt/2VqLqmg
Submitted March 02, 2019 at 05:13AM by jonbonesjonesjohnson
via reddit https://ift.tt/2EtPStQ
Inertia IT Solutions
512 Bit SSL Encryption- High Level of Encryption Technique
512 Bit SSL encryption integrates high-standard technology to ensure the security and safety of your website information.
Universal RCE with Ruby YAML.load
https://ift.tt/2EIAdIh
Submitted March 02, 2019 at 05:13PM by Gallus
via reddit https://ift.tt/2VuFIQj
https://ift.tt/2EIAdIh
Submitted March 02, 2019 at 05:13PM by Gallus
via reddit https://ift.tt/2VuFIQj
reddit
r/netsec - Universal RCE with Ruby YAML.load
0 votes and 0 comments so far on Reddit
Hack The Box - Access Write-up by 0xRick
https://ift.tt/2H89HJQ
Submitted March 02, 2019 at 08:06PM by Ahm3d_H3sham
via reddit https://ift.tt/2EIHDLO
https://ift.tt/2H89HJQ
Submitted March 02, 2019 at 08:06PM by Ahm3d_H3sham
via reddit https://ift.tt/2EIHDLO
0xRick Owned Root !
Hack The Box - Access
Quick Summary Hey guys today Access retired and this is my write-up. I don’t have too much to say about this box , It was a nice easy windows box and a good example of using runas in windows , Which is like sudo in linux and doas in openbsd (we used doas…
Introducing Reactive Password Hashing
https://ift.tt/2Heemdl
Submitted March 02, 2019 at 10:12PM by neverforgetdream
via reddit https://ift.tt/2EpizId
https://ift.tt/2Heemdl
Submitted March 02, 2019 at 10:12PM by neverforgetdream
via reddit https://ift.tt/2EpizId
reddit
r/netsec - Introducing Reactive Password Hashing
0 votes and 0 comments so far on Reddit