If you’re not peppering your passwords, you are irresponsible.
https://ift.tt/2NFow7X
Submitted March 03, 2019 at 01:44PM by neverforgetdream
via reddit https://ift.tt/2UkfkbK
https://ift.tt/2NFow7X
Submitted March 03, 2019 at 01:44PM by neverforgetdream
via reddit https://ift.tt/2UkfkbK
reddit
r/netsec - If you’re not peppering your passwords, you are irresponsible.
0 votes and 3 comments so far on Reddit
Windows Exploit Suggester - Next Generation
https://ift.tt/2H8qa0R
Submitted March 04, 2019 at 03:32AM by fuckup1337
via reddit https://ift.tt/2SFVmGA
https://ift.tt/2H8qa0R
Submitted March 04, 2019 at 03:32AM by fuckup1337
via reddit https://ift.tt/2SFVmGA
GitHub
bitsadmin/wesng
Windows Exploit Suggester - Next Generation. Contribute to bitsadmin/wesng development by creating an account on GitHub.
What online radicalisation can teach us about cybersecurity
https://ift.tt/2NHxEsE
Submitted March 04, 2019 at 05:00PM by WhoopDeFreakinDo
via reddit https://ift.tt/2NFqGo8
https://ift.tt/2NHxEsE
Submitted March 04, 2019 at 05:00PM by WhoopDeFreakinDo
via reddit https://ift.tt/2NFqGo8
Digit
What online radicalisation can teach us about cybersecurity
Lisa Forte of Red Goat Cyber Security discusses the similarity between social engineering tactics employed by Islamic State recruiters and cybercriminals.
Hacking a BLE smartlock using bettercap and a kudu knife
https://ift.tt/2VAyb2u
Submitted March 04, 2019 at 10:19PM by s0pas
via reddit https://ift.tt/2IRg3A0
https://ift.tt/2VAyb2u
Submitted March 04, 2019 at 10:19PM by s0pas
via reddit https://ift.tt/2IRg3A0
Eye Oh Tee .cheap
Don't worry about being locked with Loccess
Loccess smart lock is promoted has being a lock to be used in luggage, bicycles and lockers. Besides opening with a keypad on the bottom of the device, this smart lock is able to be opened with your smart phone using BLE. I was able to get this smart lock
ITAG device tracks your keys and let others track and beep you.
https://ift.tt/2IU71lI
Submitted March 04, 2019 at 10:37PM by s0pas
via reddit https://ift.tt/2C3HeS2
https://ift.tt/2IU71lI
Submitted March 04, 2019 at 10:37PM by s0pas
via reddit https://ift.tt/2C3HeS2
Eye Oh Tee .cheap
ITAG - it tracks your keys and let others track you
This device sells for about $2 to $4 on AliExpress and is basically for tracking your keys, phone and comes with a special feature which is a button that when pressed, takes a selfie or record audio using your phone.It arrived like this:The seller announces…
Don't use Bcrypt
https://ift.tt/2Tgw7QF
Submitted March 05, 2019 at 02:53AM by neverforgetdream
via reddit https://ift.tt/2Ul31vU
https://ift.tt/2Tgw7QF
Submitted March 05, 2019 at 02:53AM by neverforgetdream
via reddit https://ift.tt/2Ul31vU
Unlimitednovelty
Don't use bcrypt
(Edit: Some numbers for you people who like numbers) If you're already using bcrypt, relax, you're fine, probably. However, if you're ...
CVE-2019-0539 Exploitation
https://ift.tt/2TyeYRy
Submitted March 05, 2019 at 03:52AM by v0yAgEr
via reddit https://ift.tt/2SJ6lzk
https://ift.tt/2TyeYRy
Submitted March 05, 2019 at 03:52AM by v0yAgEr
via reddit https://ift.tt/2SJ6lzk
Perception Point
CVE-2019-0539 Exploitation | Perception Point
Achieving full R\W primitive with CVE-2019-0539
Tracking 20,000 skiers and listening to their walkie talkie chats!
https://ift.tt/2Ev1IUl
Submitted March 05, 2019 at 03:48AM by almonie
via reddit https://ift.tt/2XDm6vh
https://ift.tt/2Ev1IUl
Submitted March 05, 2019 at 03:48AM by almonie
via reddit https://ift.tt/2XDm6vh
Pentestpartners
Hacking ski helmet audio | Pen Test Partners
I love snow sports, and I also like my tunes, so purchasing the Outdoor Tech CHIPS smart headphones was a no-brainer. They fit into audio-equipped helmets and
MouseJack: From Mouse to Shell - Part 1 - This blog post describes what is MouseJack, what to do if you are affected, and how to get a reverse shell using JackIt and Unicorn
https://ift.tt/2UjWzVZ
Submitted March 05, 2019 at 03:41AM by InfoSecJim
via reddit https://ift.tt/2SEec12
https://ift.tt/2UjWzVZ
Submitted March 05, 2019 at 03:41AM by InfoSecJim
via reddit https://ift.tt/2SEec12
Jim Wilbur's Blog
MouseJack: From Mouse to Shell - Part 1
MouseJack was publicly disclosed February 23rd 2016 and in 2017 an exploit for this vulnerability was released named JackIt.
Combining NTLM Relaying and Kerberos delegation
https://ift.tt/2H0lhaC
Submitted March 05, 2019 at 08:14AM by got_nations
via reddit https://ift.tt/2EAxBuy
https://ift.tt/2H0lhaC
Submitted March 05, 2019 at 08:14AM by got_nations
via reddit https://ift.tt/2EAxBuy
dirkjanm.io
The worst of both worlds: Combining NTLM Relaying and Kerberos delegation
After my in-depth post last month about unconstrained delegation, this post will discuss a different type of Kerberos delegation: resource-based constrained delegation. The content in this post is based on Elad Shamir’s Kerberos research and combined with…
Automated/declarative "pen testing as code"
https://ift.tt/2Tsi75H
Submitted March 05, 2019 at 12:47PM by DeviantJuiceBox
via reddit https://ift.tt/2XFDejR
https://ift.tt/2Tsi75H
Submitted March 05, 2019 at 12:47PM by DeviantJuiceBox
via reddit https://ift.tt/2XFDejR
reddit
r/blackhat - Automated/declarative "pen testing as code"
24 votes and 6 comments so far on Reddit
Facebook exploit – Confirm website visitor identities
https://ift.tt/2XDsh2z
Submitted March 05, 2019 at 02:38PM by TomAnthony
via reddit https://ift.tt/2HeL3Yc
https://ift.tt/2XDsh2z
Submitted March 05, 2019 at 02:38PM by TomAnthony
via reddit https://ift.tt/2HeL3Yc
www.tomanthony.co.uk
Facebook Information Leak - Webpages can confirm a user's ID
I discovered a Facebook bug which allows me to identify whether a visitor is logged in to a specific Facebook account. It can check hundreds of identities per second.
Windows 7 may insecurely load Dynamic Link Libraries (CVE-2019-5921)
https://ift.tt/2HgNAAY
Submitted March 05, 2019 at 05:27PM by Dormidera
via reddit https://ift.tt/2C3FKr4
https://ift.tt/2HgNAAY
Submitted March 05, 2019 at 05:27PM by Dormidera
via reddit https://ift.tt/2C3FKr4
jvn.jp
JVN#69181574: Windows 7 may insecurely load Dynamic Link Libraries
Japan Vulnerability Notes
Preview Pain: Malware Triggers in Outlook Preview Without User Opening Word Document
https://ift.tt/2SnmNVx
Submitted March 05, 2019 at 04:18PM by RedPacketSecurity
via reddit https://ift.tt/2BZpdVd
https://ift.tt/2SnmNVx
Submitted March 05, 2019 at 04:18PM by RedPacketSecurity
via reddit https://ift.tt/2BZpdVd
Bromium
Preview Pane: Malware launches in preview without opening MS Word doc
New malware triggers from preview pane, without the user opening the Microsoft Word document. Bromium VP Engineering unravels the threat in the blog.
Windows 7 may insecurely load Dynamic Link Libraries (CVE-2019-5921)
https://ift.tt/2HgNAAY
Submitted March 05, 2019 at 05:27PM by Dormidera
via reddit https://ift.tt/2C3FKr4
https://ift.tt/2HgNAAY
Submitted March 05, 2019 at 05:27PM by Dormidera
via reddit https://ift.tt/2C3FKr4
jvn.jp
JVN#69181574: Windows 7 may insecurely load Dynamic Link Libraries
Japan Vulnerability Notes
Speculative Load Hazards Boost Rowhammer and Cache Attacks (PDF)
https://ift.tt/2C3R4n4
Submitted March 05, 2019 at 07:31PM by visionviper
via reddit https://ift.tt/2EPKOBn
https://ift.tt/2C3R4n4
Submitted March 05, 2019 at 07:31PM by visionviper
via reddit https://ift.tt/2EPKOBn
Great Scott! Timing Attack Demo for the Everyday Webdev
https://ift.tt/2ITW1oB
Submitted March 05, 2019 at 07:45PM by abaldwin7302
via reddit https://ift.tt/2TfDaJp
https://ift.tt/2ITW1oB
Submitted March 05, 2019 at 07:45PM by abaldwin7302
via reddit https://ift.tt/2TfDaJp
Simple Thread
Great Scott! Timing Attack Demo for the Everyday Webdev - Simple Thread
A timing attack isn't the most % exciting attack vector for a web app, but there are still enough effective cases. Here's some suggestions on preventing them.
Automated Phishing Email Tool
https://ift.tt/2C718f5
Submitted March 05, 2019 at 09:50PM by IAintShootinMister
via reddit https://ift.tt/2NKi8MJ
https://ift.tt/2C718f5
Submitted March 05, 2019 at 09:50PM by IAintShootinMister
via reddit https://ift.tt/2NKi8MJ
reddit
r/HowToHack - Automated Phishing Email Tool
0 votes and 0 comments so far on Reddit
Auditing Github Repo Wikis
https://ift.tt/2C3tRBG
Submitted March 05, 2019 at 10:33PM by iphelix
via reddit https://ift.tt/2Ui9eIJ
https://ift.tt/2C3tRBG
Submitted March 05, 2019 at 10:33PM by iphelix
via reddit https://ift.tt/2Ui9eIJ
Smeegesec
Auditing GitHub Repo Wikis for Fun and Profit
Download github-wiki-auditor.py here The types of issues you see when managing a bug bounty program vary widely, but every now and then a...
Penetration Testing Active Directory, Part I
https://ift.tt/2VFuWqE
Submitted March 06, 2019 at 12:56AM by Hausec
via reddit https://ift.tt/2EN5IAP
https://ift.tt/2VFuWqE
Submitted March 06, 2019 at 12:56AM by Hausec
via reddit https://ift.tt/2EN5IAP
root@Hausec
Penetration Testing Active Directory, Part I
I’ve had several customers come to me before a pentest and say they think they’re in a good shape because their vulnerability scan shows no critical vulnerabilities and that they’…
Finding and exploiting CVE-2018–7445 (unauthenticated RCE in MikroTik’s RouterOS SMB)
https://ift.tt/2tR6mXP
Submitted March 06, 2019 at 02:18AM by maximilianov
via reddit https://ift.tt/2VFr9cN
https://ift.tt/2tR6mXP
Submitted March 06, 2019 at 02:18AM by maximilianov
via reddit https://ift.tt/2VFr9cN
Medium
Finding and exploiting CVE-2018–7445 (unauthenticated RCE in MikroTik’s RouterOS SMB)
Unauthenticated RCE in MikroTik’s RouterOS SMB