Detecting PowerShell Empire using the tools from the Sysinternals suite.
https://ift.tt/2SwCg5T
Submitted March 01, 2019 at 03:15AM by digicat
via reddit https://ift.tt/2EE8Lva
https://ift.tt/2SwCg5T
Submitted March 01, 2019 at 03:15AM by digicat
via reddit https://ift.tt/2EE8Lva
reddit
r/netsec - Detecting PowerShell Empire using the tools from the Sysinternals suite.
0 votes and 0 comments so far on Reddit
Wireshark 3.0.0 Released!
https://ift.tt/2VmUecI
Submitted March 01, 2019 at 02:41AM by CaptMeelo
via reddit https://ift.tt/2EE0048
https://ift.tt/2VmUecI
Submitted March 01, 2019 at 02:41AM by CaptMeelo
via reddit https://ift.tt/2EE0048
reddit
r/netsec - Wireshark 3.0.0 Released!
0 votes and 13 comments so far on Reddit
Broken cryptographic trust model for provider distribution
https://ift.tt/2IHwyhP
Submitted March 01, 2019 at 10:47AM by _conn
via reddit https://ift.tt/2TqN61G
https://ift.tt/2IHwyhP
Submitted March 01, 2019 at 10:47AM by _conn
via reddit https://ift.tt/2TqN61G
reddit
r/Terraform - Broken cryptographic trust model for provider distribution
0 votes and 1 comment so far on Reddit
The /r/netsec Monthly Discussion Thread - March 2019
OverviewQuestions regarding netsec and discussion related directly to netsec are welcome here.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on /r/netsec.As always, the content & discussion guidelines should also be observed on /r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted March 01, 2019 at 10:06AM by AutoModerator
via reddit https://ift.tt/2Nzf4D6
OverviewQuestions regarding netsec and discussion related directly to netsec are welcome here.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on /r/netsec.As always, the content & discussion guidelines should also be observed on /r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted March 01, 2019 at 10:06AM by AutoModerator
via reddit https://ift.tt/2Nzf4D6
Reddit
Technical Information Security Content & Discussion
/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to provide value to security practitioners, students, researchers, and hackers everywhere.
Horizontal Privilege Escalation in Quora leading to User Account Compromise
https://ift.tt/2Xx8Fgc
Submitted March 01, 2019 at 12:01PM by payloadartist
via reddit https://ift.tt/2SvzaPv
https://ift.tt/2Xx8Fgc
Submitted March 01, 2019 at 12:01PM by payloadartist
via reddit https://ift.tt/2SvzaPv
SpyClub
Horizontal Privilege Escalation on Quora which can compromise all users on Quora
Hey, I am SpyD3r(@TarunkantG) and in this blog, I will be discussing the bug I have found in Quora which can compromise all users on Quora due to Horizontal Privilege Escalation. I worked more than
Abusing Docker API: Sockets
https://ift.tt/2SyOTgI
Submitted March 01, 2019 at 11:57AM by payloadartist
via reddit https://ift.tt/2XtVbSx
https://ift.tt/2SyOTgI
Submitted March 01, 2019 at 11:57AM by payloadartist
via reddit https://ift.tt/2XtVbSx
Attackresearch
Abusing Docker API | Socket
Notes on abusing open Docker sockets This wont cover breaking out of docker containers Ports: usually 2375 & 2376 but can be anything ...
Decrypting credentials.xml in Jenkins
https://ift.tt/2El3cAx
Submitted March 01, 2019 at 11:56AM by payloadartist
via reddit https://ift.tt/2SvzdLb
https://ift.tt/2El3cAx
Submitted March 01, 2019 at 11:56AM by payloadartist
via reddit https://ift.tt/2SvzdLb
Attackresearch
Jenkins - decrypting credentials.xml
If you find yourself on a Jenkins box with noscript console access you can decrypt the saved passwords in credentials.xml in the following way...
Analyzing a Windows DHCP Server Bug (CVE-2019-0626) - MalwareTech
https://ift.tt/2TqfnFC
Submitted March 01, 2019 at 02:12PM by payloadartist
via reddit https://ift.tt/2Tl3WiF
https://ift.tt/2TqfnFC
Submitted March 01, 2019 at 02:12PM by payloadartist
via reddit https://ift.tt/2Tl3WiF
MalwareTech
Analyzing a Windows DHCP Server Bug (CVE-2019-0626) - MalwareTech
Reverse engineering the latest Microsoft patch in order to extract and exploit a recently patched vulnerability in the Windows Server DHCP service.
Slides: The state of Malware from the eye of the tiger
https://ift.tt/2UbGEZC
Submitted March 01, 2019 at 01:36PM by payloadartist
via reddit https://ift.tt/2C0AowG
https://ift.tt/2UbGEZC
Submitted March 01, 2019 at 01:36PM by payloadartist
via reddit https://ift.tt/2C0AowG
reddit
r/netsec - Slides: The state of Malware from the eye of the tiger
0 votes and 0 comments so far on Reddit
Awesome Free Starter for Web App Pentesting: Their simulated labs include previously disclosed vulnerabilities on Hackerone
https://ift.tt/2NEQelu
Submitted March 01, 2019 at 07:13PM by payloadartist
via reddit https://ift.tt/2T5qAMF
https://ift.tt/2NEQelu
Submitted March 01, 2019 at 07:13PM by payloadartist
via reddit https://ift.tt/2T5qAMF
HackEDU
Interactive Cybersecurity Training | HackEDU
Interactive Cybersecurity Training. HackEDU offers comprehensive online Secure Development Training for your developers, engineers, and IT personnel to assist your organization in laying a foundation of security and application vulnerability prevention, assessment…
Eliminating opportunities for BGP accidents with traffic hijacking
https://ift.tt/2VnN9J8
Submitted March 01, 2019 at 06:55PM by atomlib_com
via reddit https://ift.tt/2H6gweW
https://ift.tt/2VnN9J8
Submitted March 01, 2019 at 06:55PM by atomlib_com
via reddit https://ift.tt/2H6gweW
Habr
Eliminating opportunities for traffic hijacking
Beatiful scheme for BGP connection to Qrator filtering network A little historical overview BGP hijacks — when an ISP originates an advertisement of address s...
Bypassing a restrictive JS sandox
https://ift.tt/2C1RD0E
Submitted March 02, 2019 at 04:49AM by EzequielTBH
via reddit https://ift.tt/2tMS6zg
https://ift.tt/2C1RD0E
Submitted March 02, 2019 at 04:49AM by EzequielTBH
via reddit https://ift.tt/2tMS6zg
Licencia para Hackear
Bypassing a restrictive JS sandbox
While participating in a bug bounty program, I found a site with a very
interesting functionality: it allowed me to filter some data based on a
user-controlled expression. I could put something like b
interesting functionality: it allowed me to filter some data based on a
user-controlled expression. I could put something like b
"Cheapest" sketchy hindi certs for sale
https://ift.tt/2VqLqmg
Submitted March 02, 2019 at 05:13AM by jonbonesjonesjohnson
via reddit https://ift.tt/2EtPStQ
https://ift.tt/2VqLqmg
Submitted March 02, 2019 at 05:13AM by jonbonesjonesjohnson
via reddit https://ift.tt/2EtPStQ
Inertia IT Solutions
512 Bit SSL Encryption- High Level of Encryption Technique
512 Bit SSL encryption integrates high-standard technology to ensure the security and safety of your website information.
Universal RCE with Ruby YAML.load
https://ift.tt/2EIAdIh
Submitted March 02, 2019 at 05:13PM by Gallus
via reddit https://ift.tt/2VuFIQj
https://ift.tt/2EIAdIh
Submitted March 02, 2019 at 05:13PM by Gallus
via reddit https://ift.tt/2VuFIQj
reddit
r/netsec - Universal RCE with Ruby YAML.load
0 votes and 0 comments so far on Reddit
Hack The Box - Access Write-up by 0xRick
https://ift.tt/2H89HJQ
Submitted March 02, 2019 at 08:06PM by Ahm3d_H3sham
via reddit https://ift.tt/2EIHDLO
https://ift.tt/2H89HJQ
Submitted March 02, 2019 at 08:06PM by Ahm3d_H3sham
via reddit https://ift.tt/2EIHDLO
0xRick Owned Root !
Hack The Box - Access
Quick Summary Hey guys today Access retired and this is my write-up. I don’t have too much to say about this box , It was a nice easy windows box and a good example of using runas in windows , Which is like sudo in linux and doas in openbsd (we used doas…
Introducing Reactive Password Hashing
https://ift.tt/2Heemdl
Submitted March 02, 2019 at 10:12PM by neverforgetdream
via reddit https://ift.tt/2EpizId
https://ift.tt/2Heemdl
Submitted March 02, 2019 at 10:12PM by neverforgetdream
via reddit https://ift.tt/2EpizId
reddit
r/netsec - Introducing Reactive Password Hashing
0 votes and 0 comments so far on Reddit
The Windows Sandbox Paradox: Slides by James Forshaw @ Nullcon
https://ift.tt/2VwHEb4
Submitted March 02, 2019 at 09:55PM by payloadartist
via reddit https://ift.tt/2C0XyTT
https://ift.tt/2VwHEb4
Submitted March 02, 2019 at 09:55PM by payloadartist
via reddit https://ift.tt/2C0XyTT
From HackerOne: The 2019 Hacker Report (survey results & statistics)
https://ift.tt/2NDpiCt
Submitted March 03, 2019 at 04:30AM by clairegiordano
via reddit https://ift.tt/2T9Y7W4
https://ift.tt/2NDpiCt
Submitted March 03, 2019 at 04:30AM by clairegiordano
via reddit https://ift.tt/2T9Y7W4
HackerOne
The 2019 Hacker Report
The 2019 Hacker Report brings the HackerOne community to life with statistics, interviews, insights, from the individuals working to make the internet a safer place.
In the report, you’ll learn how hackers earned over $19 million in bounties last year, how…
In the report, you’ll learn how hackers earned over $19 million in bounties last year, how…
If you’re not peppering your passwords, you are irresponsible.
https://ift.tt/2NFow7X
Submitted March 03, 2019 at 01:44PM by neverforgetdream
via reddit https://ift.tt/2UkfkbK
https://ift.tt/2NFow7X
Submitted March 03, 2019 at 01:44PM by neverforgetdream
via reddit https://ift.tt/2UkfkbK
reddit
r/netsec - If you’re not peppering your passwords, you are irresponsible.
0 votes and 3 comments so far on Reddit
Windows Exploit Suggester - Next Generation
https://ift.tt/2H8qa0R
Submitted March 04, 2019 at 03:32AM by fuckup1337
via reddit https://ift.tt/2SFVmGA
https://ift.tt/2H8qa0R
Submitted March 04, 2019 at 03:32AM by fuckup1337
via reddit https://ift.tt/2SFVmGA
GitHub
bitsadmin/wesng
Windows Exploit Suggester - Next Generation. Contribute to bitsadmin/wesng development by creating an account on GitHub.
What online radicalisation can teach us about cybersecurity
https://ift.tt/2NHxEsE
Submitted March 04, 2019 at 05:00PM by WhoopDeFreakinDo
via reddit https://ift.tt/2NFqGo8
https://ift.tt/2NHxEsE
Submitted March 04, 2019 at 05:00PM by WhoopDeFreakinDo
via reddit https://ift.tt/2NFqGo8
Digit
What online radicalisation can teach us about cybersecurity
Lisa Forte of Red Goat Cyber Security discusses the similarity between social engineering tactics employed by Islamic State recruiters and cybercriminals.