Introducing: KatzKatz a python tool to parse text files containing output from Mimikatz
https://ift.tt/2CPOvWa
Submitted April 03, 2019 at 12:24AM by GelosSnake
via reddit https://ift.tt/2OKojBa
https://ift.tt/2CPOvWa
Submitted April 03, 2019 at 12:24AM by GelosSnake
via reddit https://ift.tt/2OKojBa
GitHub
GitHub - xFreed0m/KatzKatz: Python3 noscript to parse txt files containing Mimikatz output
Python3 noscript to parse txt files containing Mimikatz output - GitHub - xFreed0m/KatzKatz: Python3 noscript to parse txt files containing Mimikatz output
Wizard Labs - Devlife Write-up by 0xRick
https://ift.tt/2VdQhrl
Submitted April 03, 2019 at 12:17AM by Ahm3d_H3sham
via reddit https://ift.tt/2FTqxv9
https://ift.tt/2VdQhrl
Submitted April 03, 2019 at 12:17AM by Ahm3d_H3sham
via reddit https://ift.tt/2FTqxv9
0xRick Owned Root !
Wizard Labs - Devlife
Quick Summary Hey guys this is my write-up about Devlife from Wizard Labs which is their second box to retire. Just like dummy it’s another easy box (Difficulty : 2/10) , It’s a linux box and its ip is 10.1.1.20 so let’s jump right in ! Nmap We will start…
A One-two Punch of Emotet, TrickBot, and Ryuk Stealing and Ransoming Data
https://ift.tt/2TOPPyd
Submitted April 03, 2019 at 01:26AM by hackerxbella
via reddit https://ift.tt/2WNAO1J
https://ift.tt/2TOPPyd
Submitted April 03, 2019 at 01:26AM by hackerxbella
via reddit https://ift.tt/2WNAO1J
Cybereason
A One-two Punch of Emotet, TrickBot, & Ryuk Stealing & Ransoming Data
The Cybereason team has identified a campaign that incorporates Emotet, TrickBot, and the Ryuk ransomware. This malware adapts Emotet to drop TrickBot, and adapts TrickBot to not only steal data but also download the Ryuk ransomware.
DiffAIv3: diffai can now provably protect extremely deep residual neural networks against adversarial attack
https://ift.tt/2FSVRtP
Submitted April 03, 2019 at 02:13AM by mmirman
via reddit https://ift.tt/2UbPvOV
https://ift.tt/2FSVRtP
Submitted April 03, 2019 at 02:13AM by mmirman
via reddit https://ift.tt/2UbPvOV
GitHub
Release DiffAI Version 3 · eth-sri/diffai
Version from the Arxiv paper https://arxiv.org/abs/1903.12519
Updates
Added DSL to specify complex objectives and complex training scheduling.
Added abstract layers for increasing precision in dee...
Updates
Added DSL to specify complex objectives and complex training scheduling.
Added abstract layers for increasing precision in dee...
Sqreen launches ASM platform to bridge the gap between security and developers
https://ift.tt/2HRjhC7
Submitted April 03, 2019 at 03:46AM by paulble83
via reddit https://ift.tt/2K1DJCk
https://ift.tt/2HRjhC7
Submitted April 03, 2019 at 03:46AM by paulble83
via reddit https://ift.tt/2K1DJCk
TechCrunch
Sqreen raises $14 million for its application security management service
Sqreen has raised a Series A round of $14 million. Greylock Partners is leading the round, existing investors Y Combinator, Alven and Point Nine are also participating. The startup wants to improve security when it comes to web applications and cloud infrastructure.…
Most likely an attempted USB Drop Attack at the highest level. Chinese woman carrying ‘malware’ arrested at Mar-a-Lago heading to a Cindy Yang event
https://ift.tt/2HRKVik
Submitted April 03, 2019 at 06:47AM by LinearFluid
via reddit https://ift.tt/2I9AlTs
https://ift.tt/2HRKVik
Submitted April 03, 2019 at 06:47AM by LinearFluid
via reddit https://ift.tt/2I9AlTs
Miami Herald
Chinese woman carrying ‘malware’ arrested at Mar-a-Lago heading to a Cindy Yang event
A Chinese woman carrying a thumb drive loaded with malware was detained at Mar-a-Lago Saturday after trying to gain access to events advertised on Chinese-language social media by Li “Cindy” Yang, the South Florida massage parlor entrepreneur who also ran…
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
https://ift.tt/2Ew4ewf
Submitted April 03, 2019 at 06:39AM by androshka
via reddit https://ift.tt/2WJCpW5
https://ift.tt/2Ew4ewf
Submitted April 03, 2019 at 06:39AM by androshka
via reddit https://ift.tt/2WJCpW5
GitHub
GitHub - trimstray/the-book-of-secret-knowledge: A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners…
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more. - GitHub - trimstray/the-book-of-secret-knowledge: A collection of inspiring lists, manuals,...
Rethinking the inotify API as an offensive helper
https://ift.tt/2UuZhLx
Submitted April 03, 2019 at 12:05PM by gid0rah
via reddit https://ift.tt/2KbTmH8
https://ift.tt/2UuZhLx
Submitted April 03, 2019 at 12:05PM by gid0rah
via reddit https://ift.tt/2KbTmH8
x-c3ll.github.io
Rethinking the inotify API as an offensive helper ::
DoomsDay Vault
DoomsDay Vault
Examples of how the inotify API can be useful for the Red Team
Magento e-commerce sites urged to apply security update
https://ift.tt/2Oy4I6T
Submitted April 03, 2019 at 02:06PM by KeyDutch
via reddit https://ift.tt/2Ub3Xa6
https://ift.tt/2Oy4I6T
Submitted April 03, 2019 at 02:06PM by KeyDutch
via reddit https://ift.tt/2Ub3Xa6
ComputerWeekly.com
Magento e-commerce sites urged to apply security update
Security experts are urging companies using the Magento ecommerce site to apply security updates without delay to avoid a disastrous hacking campaign
CARPE (DIEM): CVE-2019-0211 Apache Root Privilege Escalation
https://ift.tt/2WD9RNO
Submitted April 03, 2019 at 02:31PM by cfambionics
via reddit https://ift.tt/2VlwHtr
https://ift.tt/2WD9RNO
Submitted April 03, 2019 at 02:31PM by cfambionics
via reddit https://ift.tt/2VlwHtr
Post Exploitation with KOADIC
https://ift.tt/2YL11Qb
Submitted April 03, 2019 at 03:01PM by mstfknn
via reddit https://ift.tt/2VaPk2Z
https://ift.tt/2YL11Qb
Submitted April 03, 2019 at 03:01PM by mstfknn
via reddit https://ift.tt/2VaPk2Z
PRISMA CSI
Post Exploitation with KOADIC • PRISMA CSI
Koadic as a tool can be used in any of the last two stages, an added advantage to the user. It is a Windows post-exploitation rootkit.
APC Injection with Parent Process Spoofing
https://ift.tt/2CU4oL8
Submitted April 03, 2019 at 05:18PM by hlldz
via reddit https://ift.tt/2VdRQFC
https://ift.tt/2CU4oL8
Submitted April 03, 2019 at 05:18PM by hlldz
via reddit https://ift.tt/2VdRQFC
GitHub
hlldz/APC-PPID
Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process. - hlldz/APC-PPID
Review of Pentesterlab.com
https://ift.tt/2HUbsvt
Submitted April 03, 2019 at 06:33PM by 9schoolboy
via reddit https://ift.tt/2YKtOUO
https://ift.tt/2HUbsvt
Submitted April 03, 2019 at 06:33PM by 9schoolboy
via reddit https://ift.tt/2YKtOUO
Medium
Review of Pentesterlab.com
Review of Pentesterlab.com
/r/netsec's Q2 2019 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere.Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted April 03, 2019 at 10:22PM by ranok
via reddit https://ift.tt/2K23XEx
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere.Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted April 03, 2019 at 10:22PM by ranok
via reddit https://ift.tt/2K23XEx
Manipulating your autosuggestion list on Google Search.
https://ift.tt/2UcfvK4
Submitted April 03, 2019 at 10:59PM by terjanq
via reddit https://ift.tt/2WH8i1B
https://ift.tt/2UcfvK4
Submitted April 03, 2019 at 10:59PM by terjanq
via reddit https://ift.tt/2WH8i1B
Medium
How I am able to hijack you.
or rather: How I am able to hijack your autosuggestions in Google Search.
App Developers Left 540 Million Facebook Users' Records on the Public Internet
https://ift.tt/2D4L4v5
Submitted April 04, 2019 at 02:20AM by zen_rishi
via reddit https://ift.tt/2VkVH3I
https://ift.tt/2D4L4v5
Submitted April 04, 2019 at 02:20AM by zen_rishi
via reddit https://ift.tt/2VkVH3I
Motherboard
App Developers Left 540 Million Facebook Users' Records on the Public Internet
The exposures didn’t come from Facebook itself, but do show how data generated by one company can end up exposed thanks to another service.
Active Directory Visualization for Blue Teams and Threat Hunters
https://ift.tt/2HU7Jhq
Submitted April 04, 2019 at 02:50AM by myover
via reddit https://ift.tt/2IaYeKa
https://ift.tt/2HU7Jhq
Submitted April 04, 2019 at 02:50AM by myover
via reddit https://ift.tt/2IaYeKa
Praetorian
Active Directory Visualization for Blue Teams and Threat Hunters
As a network defender, it can be easy to attribute a certain degree of omnipotence to attackers. Advanced threats have an uncanny knack for figuring out how to move through an environment without regards for passwords, roles, permissions, or what “should”…
CVE-2019–5418: on WAF bypass and caching
https://ift.tt/2OTdo8p
Submitted April 04, 2019 at 03:41AM by ffyns
via reddit https://ift.tt/2ViEcRK
https://ift.tt/2OTdo8p
Submitted April 04, 2019 at 03:41AM by ffyns
via reddit https://ift.tt/2ViEcRK
PentesterLab
CVE-2019–5418: on WAF bypass and caching
If you follow PentesterLab on Twitter, you probably saw the following tweet:
Using a Yubikey as smartcard for SSH public key authentication
https://ift.tt/2EJzKph
Submitted April 04, 2019 at 04:52AM by ffyns
via reddit https://ift.tt/2uSuJoN
https://ift.tt/2EJzKph
Submitted April 04, 2019 at 04:52AM by ffyns
via reddit https://ift.tt/2uSuJoN
reddit
r/netsec - Using a Yubikey as smartcard for SSH public key authentication
0 votes and 0 comments so far on Reddit
Sending Glenn Greenwald A PGP Encrypted Message
https://ift.tt/2uKfMVu
Submitted April 04, 2019 at 07:50AM by lawandordercandidate
via reddit https://ift.tt/2YOUS5i
https://ift.tt/2uKfMVu
Submitted April 04, 2019 at 07:50AM by lawandordercandidate
via reddit https://ift.tt/2YOUS5i
menz-o-matic.com
Sending Glenn Greenwald A PGP Encrypted Message
Discovering New And Open-Source Software.
Assessing Unikernel Security | NCC Group Whitepaper
https://ift.tt/2UdQwX2
Submitted April 04, 2019 at 01:00PM by digicat
via reddit https://ift.tt/2K2Mo7q
https://ift.tt/2UdQwX2
Submitted April 04, 2019 at 01:00PM by digicat
via reddit https://ift.tt/2K2Mo7q
reddit
r/netsec - Assessing Unikernel Security | NCC Group Whitepaper
0 votes and 0 comments so far on Reddit