Adblock Plus filter lists may execute arbitrary code in web pages
http://bit.ly/2V1lst0
Submitted April 16, 2019 at 02:05AM by iamapizza
via reddit http://bit.ly/2v8Ry7M
http://bit.ly/2V1lst0
Submitted April 16, 2019 at 02:05AM by iamapizza
via reddit http://bit.ly/2v8Ry7M
armin.dev
Adblock Plus filter lists may execute arbitrary code in web pages
A new version of Adblock Plus was released on July 17, 2018. Version 3.2 introduced a new filter option for rewriting requests. A day later AdBlock followed suit and released support for the new filter option. uBlock, being owned by AdBlock, also implemented…
How does Tor really work? An in-depth guide
http://bit.ly/2XgLFRP
Submitted April 16, 2019 at 04:14AM by bbno3
via reddit http://bit.ly/2IpUFRg
http://bit.ly/2XgLFRP
Submitted April 16, 2019 at 04:14AM by bbno3
via reddit http://bit.ly/2IpUFRg
Brandon Skerritt
How does Tor really work?
An introduction to every aspect of how TOR works, from hidden onion addresses to the nodes that make up TOR.
CVE-2019-0841: Windows Local Privilege Escalation through Windows Apps
http://bit.ly/2D6Drnw
Submitted April 16, 2019 at 12:53PM by gquere
via reddit http://bit.ly/2v7Ev6A
http://bit.ly/2D6Drnw
Submitted April 16, 2019 at 12:53PM by gquere
via reddit http://bit.ly/2v7Ev6A
reddit
r/netsec - CVE-2019-0841: Windows Local Privilege Escalation through Windows Apps
0 votes and 0 comments so far on Reddit
Privilege Escalation in ManageEngine ADManager Plus 6.6
http://bit.ly/2DgGv0N
Submitted April 16, 2019 at 03:10PM by digitalinterruption
via reddit http://bit.ly/2Git80I
http://bit.ly/2DgGv0N
Submitted April 16, 2019 at 03:10PM by digitalinterruption
via reddit http://bit.ly/2Git80I
Digitalinterruption
Privilege Escalation in ManageEngine ADManager Plus 6.6 | Digital Interruption Research
During a recent review of the ADManager Plus software offered by Zoho, we were able to identify a privilege escalation vulnerability which would allow authen...
Malware creators convicted of hijacking 400,000 computers
http://bit.ly/2GjSSJT
Submitted April 16, 2019 at 03:29PM by _LET_
via reddit http://bit.ly/2DhrpYN
http://bit.ly/2GjSSJT
Submitted April 16, 2019 at 03:29PM by _LET_
via reddit http://bit.ly/2DhrpYN
Norton.com/Setup
Malware creators convicted of hijacking 400,000 computers
Two culprits named Nicolescu and Miclaus found guilty of their criminal battle in 2007 with the making of malware. The US government finally convicts both
GitHub - HA71/pywhatcms: Unofficial WhatCMS API package
http://bit.ly/2Ir4Tkm
Submitted April 16, 2019 at 04:08PM by BISH4
via reddit http://bit.ly/2V27FT2
http://bit.ly/2Ir4Tkm
Submitted April 16, 2019 at 04:08PM by BISH4
via reddit http://bit.ly/2V27FT2
GitHub
HA71/pywhatcms
Unofficial WhatCMS API package. Contribute to HA71/pywhatcms development by creating an account on GitHub.
How Domain Fronting helped the most at-risk users on Tor, Telegram and Signal and Why It's Dying
http://bit.ly/2IE8UB4
Submitted April 16, 2019 at 08:20PM by HeapAllocator
via reddit http://bit.ly/2DipaEv
http://bit.ly/2IE8UB4
Submitted April 16, 2019 at 08:20PM by HeapAllocator
via reddit http://bit.ly/2DipaEv
SentinelOne
Privacy 2019: Tor, Meek & The Rise And Fall Of Domain Fronting
Censorship and state-sponsored surveillance is a daily reality around the world. Join us as we explore the state of privacy, anonymity and security in 2019
Massive eGobbler Malvertising Campaign Leverages Chrome Vulnerability To Target iOS Users [r/adops x-post]
http://bit.ly/2XhW4fY
Submitted April 16, 2019 at 08:19PM by eliya_confiant
via reddit http://bit.ly/2ImjIEN
http://bit.ly/2XhW4fY
Submitted April 16, 2019 at 08:19PM by eliya_confiant
via reddit http://bit.ly/2ImjIEN
Confiant
Massive eGobbler Malvertising Campaign Leverages Chrome Vulnerability To Target iOS Users
As publishers have become increasingly aware over the last week, there’s a series of rampant malvertising campaigns on the loose…
My Personal OSINT Techniques, Part 1 of 2: Key & Layer, Contingency Seeding
http://bit.ly/2PgixY7
Submitted April 16, 2019 at 10:19PM by Evil1337
via reddit http://bit.ly/2DepyUI
http://bit.ly/2PgixY7
Submitted April 16, 2019 at 10:19PM by Evil1337
via reddit http://bit.ly/2DepyUI
Attacking Hardware Root of Trust from UEFI Firmware
https://www.youtube.com/watch?v=Ap-2CnoyBek
Submitted April 16, 2019 at 07:09AM by citypw
via reddit http://bit.ly/2VMVM0h
https://www.youtube.com/watch?v=Ap-2CnoyBek
Submitted April 16, 2019 at 07:09AM by citypw
via reddit http://bit.ly/2VMVM0h
YouTube
OffensiveCon19 - Alex Matrosov - Attacking Hardware Root of Trust from UEFI Firmware
GitHub - MITRE ATT&CK™ TTP Automation for Metasploit Framework
http://bit.ly/2KJFF2K
Submitted April 16, 2019 at 11:32PM by myover
via reddit http://bit.ly/2V20utV
http://bit.ly/2KJFF2K
Submitted April 16, 2019 at 11:32PM by myover
via reddit http://bit.ly/2V20utV
GitHub
praetorian-inc/purple-team-attack-automation
Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs - praetorian-inc/purple-team-attack-automation
DHCP security in Windows 10: critical vulnerability CVE-2019-0726
http://bit.ly/2IopGFa
Submitted April 17, 2019 at 06:49AM by Gallus
via reddit http://bit.ly/2XfuakP
http://bit.ly/2IopGFa
Submitted April 17, 2019 at 06:49AM by Gallus
via reddit http://bit.ly/2XfuakP
Habr
Безопасность DHCP в Windows 10: разбираем критическую уязвимость CVE-2019-0726
Изображение: Pexels С выходом январских обновлений для Windows новость о критически опасной уязвимости CVE-2019-0547 в DHCP-клиентах всколыхнула общественност...
Arjun : API Testing Tool (Finds HTTP Parameters)
http://bit.ly/2Ge2So0
Submitted April 17, 2019 at 02:36PM by s0md3v
via reddit http://bit.ly/2UqvvDu
http://bit.ly/2Ge2So0
Submitted April 17, 2019 at 02:36PM by s0md3v
via reddit http://bit.ly/2UqvvDu
GitHub
s0md3v/Arjun
HTTP parameter discovery suite. Contribute to s0md3v/Arjun development by creating an account on GitHub.
Subdomain Takeover: Microsoft loses control over Windows Tiles - Golem.de
http://bit.ly/2PhwtRS
Submitted April 17, 2019 at 02:09PM by 0xKaishakunin
via reddit http://bit.ly/2Xq3UVd
http://bit.ly/2PhwtRS
Submitted April 17, 2019 at 02:09PM by 0xKaishakunin
via reddit http://bit.ly/2Xq3UVd
www.golem.de
Microsoft loses control over Windows Tiles
A service from Microsoft used to allow web page owners to deliver news on Windows Tiles as so-called Windows Live Tiles. After the service has been disabled, we were able to take
Password Spraying- Common mistakes and how to avoid them
http://bit.ly/2XlsqX9
Submitted April 17, 2019 at 04:40PM by pentest4life
via reddit http://bit.ly/2Usmr1e
http://bit.ly/2XlsqX9
Submitted April 17, 2019 at 04:40PM by pentest4life
via reddit http://bit.ly/2Usmr1e
Medium
Password Spraying- Common mistakes and how to avoid them
When password spraying attacks are executed properly, coordinated and scoped properly during an authorized engagement — they can identify…
Microsoft Edge Uses a Secret Trick And Breaks Internet Explorer's Security
http://bit.ly/2UoVs6C
Submitted April 17, 2019 at 03:45PM by dielel
via reddit http://bit.ly/2UoUmb0
http://bit.ly/2UoVs6C
Submitted April 17, 2019 at 03:45PM by dielel
via reddit http://bit.ly/2UoUmb0
0Patch
Microsoft Edge Uses a Secret Trick And Breaks Internet Explorer's Security
Edge Decided To Use An Undocumented Security Feature. Internet Explorer Didn't Get The Memo. by Mitja Kolsek, the 0patch Team ...
Jailbreaking Subaru StarLink
http://bit.ly/2NdSkbS
Submitted April 17, 2019 at 07:18PM by technonerd
via reddit http://bit.ly/2ICWhXd
http://bit.ly/2NdSkbS
Submitted April 17, 2019 at 07:18PM by technonerd
via reddit http://bit.ly/2ICWhXd
GitHub
sgayou/subaru-starlink-research
Subaru StarLink persistent root code execution. Contribute to sgayou/subaru-starlink-research development by creating an account on GitHub.
How NOT to use the PAM trust - Leveraging Shadow Principals for Cross Forest Attacks
http://bit.ly/2IEwVrV
Submitted April 17, 2019 at 08:21PM by SamratAsh0k
via reddit http://bit.ly/2VPevs9
http://bit.ly/2IEwVrV
Submitted April 17, 2019 at 08:21PM by SamratAsh0k
via reddit http://bit.ly/2VPevs9
Labofapenetrationtester
How NOT to use the PAM trust - Leveraging Shadow Principals for Cross Forest Attacks
Home of Nikhil SamratAshok Mittal. Posts about Red Teaming, Offensive PowerShell, Active Directory and Pen Testing.
CERT Notice of VPN Vulns
http://bit.ly/2v6hil2
Submitted April 17, 2019 at 08:13PM by donnaber06
via reddit http://bit.ly/2KJXzSN
http://bit.ly/2v6hil2
Submitted April 17, 2019 at 08:13PM by donnaber06
via reddit http://bit.ly/2KJXzSN
reddit
r/networking - CERT Notice of VPN Vulnerabilities (Cisco, Palo Alto, F5, Pulse)
0 votes and 0 comments so far on Reddit
Reverse-engineering Broadcom wireless chipsets
http://bit.ly/2KKhOjl
Submitted April 18, 2019 at 01:13AM by shawn_webb
via reddit http://bit.ly/2Gvqzd3
http://bit.ly/2KKhOjl
Submitted April 18, 2019 at 01:13AM by shawn_webb
via reddit http://bit.ly/2Gvqzd3
Quarkslab
Reverse-engineering Broadcom wireless chipsets
PolyLogyx osquery Extension for Windows Extension to osquery that enhances it with real-time telemetry, log monitoring and other endpoint data collection
http://bit.ly/2UA8Fxo
Submitted April 18, 2019 at 12:23AM by digicat
via reddit http://bit.ly/2ZrNwVY
http://bit.ly/2UA8Fxo
Submitted April 18, 2019 at 12:23AM by digicat
via reddit http://bit.ly/2ZrNwVY
GitHub
polylogyx/osq-ext-bin
Extension to osquery windows that enhances it with real-time telemetry, log monitoring and other endpoint data collection - polylogyx/osq-ext-bin