Docker container for creating the phishing sites using Blackeye
https://ift.tt/2HuE5OY
Submitted March 14, 2019 at 12:20AM by vishnudxb
via reddit https://ift.tt/2Hjdllc
https://ift.tt/2HuE5OY
Submitted March 14, 2019 at 12:20AM by vishnudxb
via reddit https://ift.tt/2Hjdllc
GitHub
vishnudxb/docker-blackeye
Docker container for creating the phishing sites using Blackeye - vishnudxb/docker-blackeye
Extracting BitLocker keys from a TPM
https://ift.tt/2Uz4U8n
Submitted March 14, 2019 at 04:04AM by fuckup1337
via reddit https://ift.tt/2F8xS9z
https://ift.tt/2Uz4U8n
Submitted March 14, 2019 at 04:04AM by fuckup1337
via reddit https://ift.tt/2F8xS9z
reddit
r/netsec - Extracting BitLocker keys from a TPM
0 votes and 1 comment so far on Reddit
Amazon CloudWatch suspicious behavior 2019
https://ift.tt/2Falsye
Submitted March 14, 2019 at 01:43PM by gorblefork
via reddit https://ift.tt/2THEiVz
https://ift.tt/2Falsye
Submitted March 14, 2019 at 01:43PM by gorblefork
via reddit https://ift.tt/2THEiVz
reddit
r/aws - Amazon CloudWatch suspicious behavior 2019
0 votes and 3 comments so far on Reddit
More than 300 plugins could be used to exploit Wordpress Phar injection
https://ift.tt/2Jbwpna
Submitted March 14, 2019 at 02:27PM by shin2903
via reddit https://ift.tt/2O58d4u
https://ift.tt/2Jbwpna
Submitted March 14, 2019 at 02:27PM by shin2903
via reddit https://ift.tt/2O58d4u
CyStack Security Blog
Further attack surface of Wordpress PHAR injection
SummaryIn August 2018, Sam Thomas presented a new vulnerability of Wordpress at Black Hat USA 2018. The PHP object injection vulnerability is not new, but the way attacker can trigger this error is worth mentioning. In this article, I will go over the detail…
SimBad: A Rogue Adware Campaign On Google Play
https://ift.tt/2UAnNHO
Submitted March 14, 2019 at 04:12PM by Titokhan
via reddit https://ift.tt/2u7MnUQ
https://ift.tt/2UAnNHO
Submitted March 14, 2019 at 04:12PM by Titokhan
via reddit https://ift.tt/2u7MnUQ
Check Point Research
SimBad: A Rogue Adware Campaign On Google Play - Check Point Research
Research by: Elena Root and Andrey Polkovnichenko Check Point researchers from the Mobile Threat Team have discovered a new adware campaign on the Google Play Store. This particular strain of Adware was found in 206 applications, and the combined download…
Generic Windows 7,8,10 SMEP, KASLR & DEP Bypass Using the Page Table's Self-reference Entry
https://ift.tt/2XZP9Ju
Submitted March 14, 2019 at 07:50PM by scalys7
via reddit https://ift.tt/2Co5j6p
https://ift.tt/2XZP9Ju
Submitted March 14, 2019 at 07:50PM by scalys7
via reddit https://ift.tt/2Co5j6p
GitHub
scalys7/Privilege-Escalation-Framework
Privilege Escilation training project, with an emphasis on the distinction between vulnerability research & it's exposure and exploitation methods(which are CVE-independent.) - scalys7/Priv...
pypykatz agent
https://ift.tt/2O1Y8p0
Submitted March 15, 2019 at 12:31AM by fuckup1337
via reddit https://ift.tt/2TLBZAK
https://ift.tt/2O1Y8p0
Submitted March 15, 2019 at 12:31AM by fuckup1337
via reddit https://ift.tt/2TLBZAK
GitHub
skelsec/pypykatz_agent_dn
Pypykatz agent implemented in .NET. Contribute to skelsec/pypykatz_agent_dn development by creating an account on GitHub.
pypykatz Server
https://ift.tt/2O4bdhL
Submitted March 15, 2019 at 12:30AM by fuckup1337
via reddit https://ift.tt/2JcEtUL
https://ift.tt/2O4bdhL
Submitted March 15, 2019 at 12:30AM by fuckup1337
via reddit https://ift.tt/2JcEtUL
GitHub
skelsec/pypykatz_server
Pypykatz server. Contribute to skelsec/pypykatz_server development by creating an account on GitHub.
Never miss a single call for papers for security conferences!
http://cfptime.org
Submitted March 15, 2019 at 12:20AM by PaulSec
via reddit https://ift.tt/2T6YjjZ
http://cfptime.org
Submitted March 15, 2019 at 12:20AM by PaulSec
via reddit https://ift.tt/2T6YjjZ
reddit
r/netsec - Never miss a single call for papers for security conferences!
0 votes and 0 comments so far on Reddit
Pypykatz Server - With this you won't need to run mimikatz/pypykatz on the target machine, only a tiny agent (13kB) that takes the info from the server on what parts of the lsass process to read.
https://ift.tt/2O4bdhL
Submitted March 15, 2019 at 01:44AM by fuckup1337
via reddit https://ift.tt/2UC2OEH
https://ift.tt/2O4bdhL
Submitted March 15, 2019 at 01:44AM by fuckup1337
via reddit https://ift.tt/2UC2OEH
GitHub
skelsec/pypykatz_server
Pypykatz server. Contribute to skelsec/pypykatz_server development by creating an account on GitHub.
Email-Enum: Check if an email is registered on mainstream websites!
https://ift.tt/2O6tMSe
Submitted March 15, 2019 at 02:34AM by Banqu
via reddit https://ift.tt/2CfasxF
https://ift.tt/2O6tMSe
Submitted March 15, 2019 at 02:34AM by Banqu
via reddit https://ift.tt/2CfasxF
GitHub
Frint0/email-enum
Email-Enum searches mainstream websites and tells you if an email is registered! - Frint0/email-enum
The Definitive 2019 Guide to Cryptographic Key Sizes and Algorithm Recommendations
https://ift.tt/2JrszGP
Submitted March 15, 2019 at 04:36AM by sarciszewski
via reddit https://ift.tt/2Y2kJGu
https://ift.tt/2JrszGP
Submitted March 15, 2019 at 04:36AM by sarciszewski
via reddit https://ift.tt/2Y2kJGu
Paragonie
The Definitive 2019 Guide to Cryptographic Key Sizes and Algorithm Recommendations - Paragon Initiative Enterprises Blog
A simple, accessible recommendation for key sizes and recommended algorithms for various cryptographic algorithms.
GEARBEST HACK: Hundreds of Thousands Affected Daily by Huge Data Breach
https://ift.tt/2CnelAw
Submitted March 15, 2019 at 04:18PM by Dormidera
via reddit https://ift.tt/2T4bxOo
https://ift.tt/2CnelAw
Submitted March 15, 2019 at 04:18PM by Dormidera
via reddit https://ift.tt/2T4bxOo
vpnMentor
Report - Gearbest Hack: Hundreds of Thousands Affected Daily by Huge Data Breach
Led by Noam Rotem, a well-known white hat hacker and activist, VPNMentor’s research team discovered a major security breach in Gearbest. With hundreds ...
AndroidProjectCreator 1.2-stable release notes: more user feedback and support for the JEB3 decompiler!
https://ift.tt/2Hlt2rU
Submitted March 15, 2019 at 06:30PM by ThisIsLibra
via reddit https://ift.tt/2W1mMZM
https://ift.tt/2Hlt2rU
Submitted March 15, 2019 at 06:30PM by ThisIsLibra
via reddit https://ift.tt/2W1mMZM
reddit
r/netsec - AndroidProjectCreator 1.2-stable release notes: more user feedback and support for the JEB3 decompiler!
0 votes and 0 comments so far on Reddit
DNS and The Bit 0x20
https://ift.tt/2Y1QRdp
Submitted March 15, 2019 at 09:10PM by xaocuc
via reddit https://ift.tt/2T4Gh1G
https://ift.tt/2Y1QRdp
Submitted March 15, 2019 at 09:10PM by xaocuc
via reddit https://ift.tt/2T4Gh1G
Hypothetical Me
DNS and The Bit 0x20 – Hypothetical Me
Short note on a clever hack that makes everyones DNS just a bit more secure.
Citrix Got Hacked
https://ift.tt/2TLjEnv
Submitted March 15, 2019 at 11:59PM by chexss
via reddit https://ift.tt/2XTLFZ4
https://ift.tt/2TLjEnv
Submitted March 15, 2019 at 11:59PM by chexss
via reddit https://ift.tt/2XTLFZ4
LinkedIn Hank
https://ift.tt/1sxqmMI
Submitted March 16, 2019 at 12:43AM by Xidium426
via reddit https://ift.tt/2Ob6Otu
https://ift.tt/1sxqmMI
Submitted March 16, 2019 at 12:43AM by Xidium426
via reddit https://ift.tt/2Ob6Otu
Motherboard
Another Day, Another Hack: 117 Million LinkedIn Emails And Passwords
Four years later, the 2012 LinkedIn breach just got way worse.
One-Way Shellcode for firewall evasion using Out Of Band data
https://ift.tt/2Y1f1ol
Submitted March 16, 2019 at 12:27AM by bmerino
via reddit https://ift.tt/2W0DJDB
https://ift.tt/2Y1f1ol
Submitted March 16, 2019 at 12:27AM by bmerino
via reddit https://ift.tt/2W0DJDB
Shelliscoming
One-Way Shellcode for firewall evasion using Out Of Band data
In a recent post I was talking about a shellcode technique to bypass firewalls based on the socket's lifetime which could be useful for ve...
RCE on Steam Client via buffer overflow in Server Info
https://ift.tt/2u9U2lB
Submitted March 16, 2019 at 07:01AM by eexiled
via reddit https://ift.tt/2UDhV0v
https://ift.tt/2u9U2lB
Submitted March 16, 2019 at 07:01AM by eexiled
via reddit https://ift.tt/2UDhV0v
HackerOne
Valve disclosed on HackerOne: RCE on Steam Client via buffer...
## Introduction
In Steam and other valve games (CSGO, Half-Life, TF2) there is a functionality to find game servers called the server browser. In order to retrieve the information about these...
In Steam and other valve games (CSGO, Half-Life, TF2) there is a functionality to find game servers called the server browser. In order to retrieve the information about these...
TIL: Beto O' Rourke not only was a founding member of the cDc but he also came up with the name
https://ift.tt/2F664l3
Submitted March 16, 2019 at 02:54PM by snatchington
via reddit https://ift.tt/2TFLIJr
https://ift.tt/2F664l3
Submitted March 16, 2019 at 02:54PM by snatchington
via reddit https://ift.tt/2TFLIJr
Hack The Box - Carrier write-up by 0xRick
https://ift.tt/2CoLhsr
Submitted March 16, 2019 at 07:54PM by Ahm3d_H3sham
via reddit https://ift.tt/2UF9qSK
https://ift.tt/2CoLhsr
Submitted March 16, 2019 at 07:54PM by Ahm3d_H3sham
via reddit https://ift.tt/2UF9qSK
0xRick Owned Root !
Hack The Box - Carrier
Quick Summary Hey guys today Carrier retired and here is my write-up about it. User on this box wasn’t hard to get , but for root it’s a different thing because we will go through some networking tricks and we will perform an attack called bgp hijacking.…