[Github] Fast Multi-threaded FTP Scanner
http://bit.ly/2D3Pdz4
Submitted April 07, 2019 at 03:30PM by Quick_Stick
via reddit http://bit.ly/2VoXVzi
http://bit.ly/2D3Pdz4
Submitted April 07, 2019 at 03:30PM by Quick_Stick
via reddit http://bit.ly/2VoXVzi
Gist
Fast Multi-threaded FTP Scanner
Fast Multi-threaded FTP Scanner. GitHub Gist: instantly share code, notes, and snippets.
Tricks used in Anubis Malware
http://bit.ly/2KfNEEu
Submitted April 07, 2019 at 08:13PM by eybisi_
via reddit http://bit.ly/2UEXmnG
http://bit.ly/2KfNEEu
Submitted April 07, 2019 at 08:13PM by eybisi_
via reddit http://bit.ly/2UEXmnG
Ahmet Bilal Can
Mobile Malware Analysis : Tricks used in Anubis
Anubis Anubis is my first case of complicated android malware and taught me so much about android malware. I want to share these learnings in this post. Anubis is almost one year old but its impact is
On Eggs and Egg-hunters (Linux/x64) - @syscall59
http://bit.ly/2I5Q5Hy
Submitted April 07, 2019 at 09:16PM by h41zum
via reddit http://bit.ly/2D1YyaV
http://bit.ly/2I5Q5Hy
Submitted April 07, 2019 at 09:16PM by h41zum
via reddit http://bit.ly/2D1YyaV
Medium
On Eggs and Egg-hunters (Linux/x64)
Writing and testing of an egg-hunter shellcode for Linux/x64
GitHub - PowerShell based Active Directory Honey User Account Management with Universal Dashboards
http://bit.ly/2G2pR5E
Submitted April 07, 2019 at 09:52PM by l33t_d0nut
via reddit http://bit.ly/2UnH6rK
http://bit.ly/2G2pR5E
Submitted April 07, 2019 at 09:52PM by l33t_d0nut
via reddit http://bit.ly/2UnH6rK
GitHub
leeberg/BlueHive
PowerShell based Active Directory Honey User Account Management with Universal Dashboards - leeberg/BlueHive
My first POC: Gaining root access to a kubernetes node with a "bad" container. Comments welcome
http://bit.ly/2VnvDFb
Submitted April 07, 2019 at 09:49PM by audscias
via reddit http://bit.ly/2G5F07g
http://bit.ly/2VnvDFb
Submitted April 07, 2019 at 09:49PM by audscias
via reddit http://bit.ly/2G5F07g
GitHub
jmg87/redteam-gkpown
Reverse shell container for k8s deployments. Contribute to jmg87/redteam-gkpown development by creating an account on GitHub.
Funnel: a lightweight yara-based feed scraper
http://bit.ly/2IhZUlh
Submitted April 08, 2019 at 11:34AM by amusciano
via reddit http://bit.ly/2CX8bYj
http://bit.ly/2IhZUlh
Submitted April 08, 2019 at 11:34AM by amusciano
via reddit http://bit.ly/2CX8bYj
GitHub
needmorecowbell/Funnel
Funnel is a lightweight yara-based feed scraper. Contribute to needmorecowbell/Funnel development by creating an account on GitHub.
Computer Security Materials
http://bit.ly/2X1VCDc
Submitted April 08, 2019 at 09:28AM by gabrielfelippe90
via reddit http://bit.ly/2Im24QH
http://bit.ly/2X1VCDc
Submitted April 08, 2019 at 09:28AM by gabrielfelippe90
via reddit http://bit.ly/2Im24QH
GitHub
the-akira/Computer_Science_Web_Resources
A curated list of important computer science multi-languages resources found on the Web. - the-akira/Computer_Science_Web_Resources
EXPLOIT for CVE-2019-0211 Apache Root Privilege Escalation
http://bit.ly/2FWwlCR
Submitted April 08, 2019 at 03:49PM by cfambionics
via reddit http://bit.ly/2Umkk3D
http://bit.ly/2FWwlCR
Submitted April 08, 2019 at 03:49PM by cfambionics
via reddit http://bit.ly/2Umkk3D
GitHub
cfreal/exploits
Some of my exploits. Contribute to cfreal/exploits development by creating an account on GitHub.
Why We Use Crypto When Generating Coupon Codes At Scale
http://bit.ly/2KhNP1T
Submitted April 08, 2019 at 10:09PM by honoredb
via reddit http://bit.ly/2Ik8z6x
http://bit.ly/2KhNP1T
Submitted April 08, 2019 at 10:09PM by honoredb
via reddit http://bit.ly/2Ik8z6x
Grubhub Bytes
Why Grubhub uses crypto when generating coupon codes at scale
There’s usually no need to get fancy when implementing discount codes, but Grubhub’s scale has pushed us to go beyond random strings.
BSidesSF - Getting shells from Javanoscript: How Dangerous can clicking a Link be in 2019?
https://www.youtube.com/watch?v=HfpnloZM61I
Submitted April 08, 2019 at 09:11PM by wifihack
via reddit http://bit.ly/2I7XJkW
https://www.youtube.com/watch?v=HfpnloZM61I
Submitted April 08, 2019 at 09:11PM by wifihack
via reddit http://bit.ly/2I7XJkW
YouTube
BSidesSF 2019 - Offensive Javanoscript Techniques for Red Teamers (Dylan Ayrey • Christian Frichot)
AppSec is often very heavily focused on pre-exploitation. Frameworks like BeEF break this norm a little and can be used as tools to move laterally from the browser, to implant malware on adjacent machines. Unfortunately, performing network reconnaissance…
Scripts to execute enumeration via LFI
http://bit.ly/2VzSGNa
Submitted April 09, 2019 at 03:47AM by mthbernardes
via reddit http://bit.ly/2D4mKcK
http://bit.ly/2VzSGNa
Submitted April 09, 2019 at 03:47AM by mthbernardes
via reddit http://bit.ly/2D4mKcK
GitHub
mthbernardes/LFI-Enum
Scripts to execute enumeration via LFI. Contribute to mthbernardes/LFI-Enum development by creating an account on GitHub.
[oss-security] DLL injection in Go < 1.12.2 [CVE-2019-9634]
http://bit.ly/2KmImqF
Submitted April 09, 2019 at 04:26PM by the_gnarts
via reddit http://bit.ly/2WXwRYi
http://bit.ly/2KmImqF
Submitted April 09, 2019 at 04:26PM by the_gnarts
via reddit http://bit.ly/2WXwRYi
reddit
r/netsec - [oss-security] DLL injection in Go < 1.12.2 [CVE-2019-9634]
0 votes and 0 comments so far on Reddit
Intro into abusing and identifying WMI Event Subnoscriptions for persistence
http://bit.ly/2Z0oAVe
Submitted April 09, 2019 at 04:44PM by Griffnut
via reddit http://bit.ly/2U7Yfki
http://bit.ly/2Z0oAVe
Submitted April 09, 2019 at 04:44PM by Griffnut
via reddit http://bit.ly/2U7Yfki
In.security Cyber Security Technical Services & Training
An intro into abusing and identifying WMI Event Subnoscriptions for persistence | In.security Cyber Security Technical Services &…
CVE-2019-0227: Remote Code Execution in Apache Axis
http://bit.ly/2D5pjLD
Submitted April 09, 2019 at 07:35PM by hackers_and_builders
via reddit http://bit.ly/2YXd8JW
http://bit.ly/2D5pjLD
Submitted April 09, 2019 at 07:35PM by hackers_and_builders
via reddit http://bit.ly/2YXd8JW
Rhino Security Labs
CVE-2019-0227: Expired Domain to RCE in Apache Axis
CVE-2019-0227, a vulnerability where an insecure HTTP request or an expired hard coded domain can be used to achieve RCE in Apache Axis 1.4
5 Surprisingly Easy Ways We Let People Steal Our Identity.
http://bit.ly/2I8kVQ0
Submitted April 09, 2019 at 08:23PM by carloscancab
via reddit http://bit.ly/2WY2jWk
http://bit.ly/2I8kVQ0
Submitted April 09, 2019 at 08:23PM by carloscancab
via reddit http://bit.ly/2WY2jWk
Medium
“5 Surprisingly Easy Ways We Let People Steal Our Identity.”(From our Forums.)
Text originally published by Lyton Atinga on the Cyber Secure Central Forums.
Attacking exposed Selenium Grids (tool for enumeration + RCE in nodes)
http://bit.ly/2uVvBJ3
Submitted April 09, 2019 at 08:20PM by gid0rah
via reddit http://bit.ly/2I7keGL
http://bit.ly/2uVvBJ3
Submitted April 09, 2019 at 08:20PM by gid0rah
via reddit http://bit.ly/2I7keGL
Tarlogic Security - Cyber Security and Ethical hacking
Attacking QA platforms: Selenium Grid
During the course of a Red Team exercise serveral QA assets where discovered. In particular the usage of the Selenium Grid platform without authentication caught the team's attention.The aim for this article is to explain how a QA platform exposed to the…
RCE in Confluence via Widget connector
https://chybeta.github.io/2019/04/06/Analysis-for-%E3%80%90CVE-2019-3396%E3%80%91-SSTI-and-RCE-in-Confluence-Server-via-Widget-Connector/
Submitted April 09, 2019 at 04:46PM by bugdiscloseguy
via reddit http://bit.ly/2UvPMg9
https://chybeta.github.io/2019/04/06/Analysis-for-%E3%80%90CVE-2019-3396%E3%80%91-SSTI-and-RCE-in-Confluence-Server-via-Widget-Connector/
Submitted April 09, 2019 at 04:46PM by bugdiscloseguy
via reddit http://bit.ly/2UvPMg9
Chybeta
【CVE-2019-3396】:SSTI and RCE in Confluence Server via Widget Connector
Twitter: chybeta
Verizon FiOS Router Authenticated Command Injection
http://bit.ly/2UHKc9G
Submitted April 09, 2019 at 09:56PM by lynerc
via reddit http://bit.ly/2FZuv4i
http://bit.ly/2UHKc9G
Submitted April 09, 2019 at 09:56PM by lynerc
via reddit http://bit.ly/2FZuv4i
Medium
Verizon Fios Router Authenticated Command Injection
Rooting the Verizon Fios Quantum Gateway
Cuppa CMS unauthenticated RCE
http://bit.ly/2Z1Eyyb
Submitted April 09, 2019 at 10:28PM by mthbernardes
via reddit http://bit.ly/2Z0Nd43
http://bit.ly/2Z1Eyyb
Submitted April 09, 2019 at 10:28PM by mthbernardes
via reddit http://bit.ly/2Z0Nd43
GitHub
mthbernardes/CuppaCMS
Contribute to mthbernardes/CuppaCMS development by creating an account on GitHub.
How regular expression and fuzzing change my approach for finding vulnerabilities (Series part 1.)
http://bit.ly/2Kntmcd
Submitted April 10, 2019 at 12:52AM by beyonderdabas
via reddit http://bit.ly/2UFAV1R
http://bit.ly/2Kntmcd
Submitted April 10, 2019 at 12:52AM by beyonderdabas
via reddit http://bit.ly/2UFAV1R
securityviacode.in
How regular expression and fuzzing change my approach for finding vulnerabilities (Series part 1.)
So I m starting my blog with this technical writeup. I have tried to write this blog for a long time. but as I was coding and reading different books in Freetime. it took me a bit of time but here am I with this.
Running a .NET Assembly in Memory with Meterpreter
http://bit.ly/2U65idx
Submitted April 10, 2019 at 01:21AM by myover
via reddit http://bit.ly/2Z1fNlW
http://bit.ly/2U65idx
Submitted April 10, 2019 at 01:21AM by myover
via reddit http://bit.ly/2Z1fNlW
Praetorian
Running a .NET Assembly in Memory with Meterpreter
In this blog post I will discuss leveraging Meterpreter’s powershell module to execute .NET assemblies in-memory. Metasploit and Meterpreter are effective and useful tools, but occasionally one encounters a situation where they lack features. Cobalt Strike…