Shellcode for IoT: A Password-Protected Reverse Shell (Linux/ARM) - @syscall59
http://bit.ly/2VYM8rv
Submitted April 22, 2019 at 08:59PM by h41zum
via reddit http://bit.ly/2IzGYPW
http://bit.ly/2VYM8rv
Submitted April 22, 2019 at 08:59PM by h41zum
via reddit http://bit.ly/2IzGYPW
Medium
Writing shellcode for IoT: Password-Protected Reverse Shell (Linux/ARM)
It’s time to write some shellcode!
How to obtain Office 365 credentials on Mac OS
http://bit.ly/2VhQQ6x
Submitted April 22, 2019 at 11:39PM by pentest4life
via reddit http://bit.ly/2KVLzhj
http://bit.ly/2VhQQ6x
Submitted April 22, 2019 at 11:39PM by pentest4life
via reddit http://bit.ly/2KVLzhj
Medium
How to obtain Office 365 credentials on Mac OS
In this article we’ll discuss how to get clear text credentials from Outlook 2016 using Responder on Mac OS High Sierra. From password…
What goes wrong if I have your SNMP RW string for a Cisco Device?
http://bit.ly/2Gpozlc
Submitted April 22, 2019 at 02:05AM by msarmad
via reddit http://bit.ly/2XtK0s4
http://bit.ly/2Gpozlc
Submitted April 22, 2019 at 02:05AM by msarmad
via reddit http://bit.ly/2XtK0s4
Medium
What goes wrong if I have your SNMP RW string for a Cisco Device?
I am assuming that ,we know that what SNMP is for and with the help of community strings ,one can query change configurations remotely…
Behavioral Analysis of Obfuscated Code
http://bit.ly/2UyaO8G
Submitted April 23, 2019 at 11:59AM by jeandrew
via reddit http://bit.ly/2Zsni5x
http://bit.ly/2UyaO8G
Submitted April 23, 2019 at 11:59AM by jeandrew
via reddit http://bit.ly/2Zsni5x
How I found 5 ReDOS vulnerabilities in Mod Security CRS
http://bit.ly/2XuOe2S
Submitted April 23, 2019 at 01:06PM by s0md3v
via reddit http://bit.ly/2XFo9hJ
http://bit.ly/2XuOe2S
Submitted April 23, 2019 at 01:06PM by s0md3v
via reddit http://bit.ly/2XFo9hJ
Medium
How I found 5 ReDOS Vulnerabilities in Mod Security CRS
This write-up assumes that the reader has intermediate (or higher) knowledge of regular expressions. If you are not very familiar with…
Ignoring Atlassian Confluence Security Advisories? A report...
http://bit.ly/2W7cvvL
Submitted April 23, 2019 at 02:26PM by b4d17
via reddit http://bit.ly/2IBHL2N
http://bit.ly/2W7cvvL
Submitted April 23, 2019 at 02:26PM by b4d17
via reddit http://bit.ly/2IBHL2N
reddit
r/netsec - Ignoring Atlassian Confluence Security Advisories? A report...
0 votes and 1 comment so far on Reddit
Analysis of false positive on beian.gov.cn requests in regards to Huawei P30 Pro traffic research
http://bit.ly/2GzJumW
Submitted April 23, 2019 at 03:09PM by pe3zx
via reddit http://bit.ly/2GylfUL
http://bit.ly/2GzJumW
Submitted April 23, 2019 at 03:09PM by pe3zx
via reddit http://bit.ly/2GylfUL
GitHub
pe3zx/huawei-block-list
Captured DNS requests from Huawei P30 Pro to a block list - pe3zx/huawei-block-list
GitHub - Cuckoo Sandbox plugin for extracts configuration data of known malware
http://bit.ly/2GtIsru
Submitted April 23, 2019 at 07:22PM by oil_sardine
via reddit http://bit.ly/2VZ3ILX
http://bit.ly/2GtIsru
Submitted April 23, 2019 at 07:22PM by oil_sardine
via reddit http://bit.ly/2VZ3ILX
GitHub
GitHub - JPCERTCC/MalConfScan-with-Cuckoo: Cuckoo Sandbox plugin for extracts configuration data of known malware
Cuckoo Sandbox plugin for extracts configuration data of known malware - GitHub - JPCERTCC/MalConfScan-with-Cuckoo: Cuckoo Sandbox plugin for extracts configuration data of known malware
Getting access to Zendesk’s Google Cloud and Artifactory from GitHub dotfile repos
http://bit.ly/2IQJPTD
Submitted April 23, 2019 at 08:22PM by Mempodipper
via reddit http://bit.ly/2GCDYA3
http://bit.ly/2IQJPTD
Submitted April 23, 2019 at 08:22PM by Mempodipper
via reddit http://bit.ly/2GCDYA3
reddit
r/netsec - Getting access to Zendesk’s Google Cloud and Artifactory from GitHub dotfile repos
0 votes and 0 comments so far on Reddit
Vulnerability Management ZeroOne Release
We at Firo Solutions recently went live with out new Vulnerability Management platform.Check us out and let us know what think:https://firosolutions.com | https://watchers.firosolutions.com
Submitted April 23, 2019 at 08:39PM by FiroSolutions
via reddit http://bit.ly/2UOv6jk
We at Firo Solutions recently went live with out new Vulnerability Management platform.Check us out and let us know what think:https://firosolutions.com | https://watchers.firosolutions.com
Submitted April 23, 2019 at 08:39PM by FiroSolutions
via reddit http://bit.ly/2UOv6jk
Firo Solutions
Vulnerability Management by SaaS
Termshark - a terminal UI for tshark inspired by Wireshark
https://termshark.io/
Submitted April 23, 2019 at 11:57PM by DreamlessMojo
via reddit http://bit.ly/2XHlJz9
https://termshark.io/
Submitted April 23, 2019 at 11:57PM by DreamlessMojo
via reddit http://bit.ly/2XHlJz9
A terminal UI for tshark, inspired by Wireshark
GitHub Gist Recon - The art of finding information leaks in GitHub Gists and elsewhere
http://bit.ly/2L1KzIq
Submitted April 24, 2019 at 03:22AM by _pdp_
via reddit http://bit.ly/2PpUB4C
http://bit.ly/2L1KzIq
Submitted April 24, 2019 at 03:22AM by _pdp_
via reddit http://bit.ly/2PpUB4C
Secapps
GitHub Gist Recon
carbanak source leaked and added to github
http://bit.ly/2GtLprT
Submitted April 24, 2019 at 04:18AM by d4nk1st
via reddit http://bit.ly/2IQdvQV
http://bit.ly/2GtLprT
Submitted April 24, 2019 at 04:18AM by d4nk1st
via reddit http://bit.ly/2IQdvQV
GitHub
Aekras1a/Updated-Carbanak-Source-with-Plugins
https://twitter.com/itsreallynick/status/1120410950430089224 - Aekras1a/Updated-Carbanak-Source-with-Plugins
A quick TLDR of the attacks mentioned in the infamous Mueller report
http://bit.ly/2USDxu3
Submitted April 24, 2019 at 08:33AM by kangsterizer
via reddit http://bit.ly/2XGtLYL
http://bit.ly/2USDxu3
Submitted April 24, 2019 at 08:33AM by kangsterizer
via reddit http://bit.ly/2XGtLYL
reddit
r/netsec - A quick TLDR of the attacks mentioned in the infamous Mueller report
0 votes and 3 comments so far on Reddit
The most common OAuth 2.0 Hacks
http://bit.ly/2Dwd0rQ
Submitted April 24, 2019 at 03:25PM by atomlib_com
via reddit http://bit.ly/2DzOdTH
http://bit.ly/2Dwd0rQ
Submitted April 24, 2019 at 03:25PM by atomlib_com
via reddit http://bit.ly/2DzOdTH
Habr
The most common OAuth 2.0 Hacks
OAuth 2 overview This article assumes that readers are familiar with OAuth 2. However, below a brief denoscription of it is presented below. The application...
Good stuff for AFL fuzzer (intro guide)
http://bit.ly/2USXPDT
Submitted April 24, 2019 at 04:15PM by kerby_e
via reddit http://bit.ly/2IDA0t2
http://bit.ly/2USXPDT
Submitted April 24, 2019 at 04:15PM by kerby_e
via reddit http://bit.ly/2IDA0t2
Habr
Zoo AFL
In this article, we're going to talk about not the classical AFL itself but about utilities designed for it and its modifications, which, in our view, can...
Deobfuscating APT32 Flow Graphs with Cutter and Radare2
http://bit.ly/2DuuViI
Submitted April 24, 2019 at 04:58PM by Megabeets
via reddit http://bit.ly/2UBKMRY
http://bit.ly/2DuuViI
Submitted April 24, 2019 at 04:58PM by Megabeets
via reddit http://bit.ly/2UBKMRY
Check Point Research
Deobfuscating APT32 Flow Graphs with Cutter and Radare2 - Check Point Research
Research by: Itay Cohen The Ocean Lotus group, also known as APT32, is a threat actor which has been known to target East Asian countries such as Vietnam, Laos and the Philippines. The group strongly focuses on Vietnam, especially private sector companies…
Besder - An Investigative Journey Part 1
http://bit.ly/2Zy8JgI
Submitted April 24, 2019 at 07:43PM by redcodefinal
via reddit http://bit.ly/2UR7MBE
http://bit.ly/2Zy8JgI
Submitted April 24, 2019 at 07:43PM by redcodefinal
via reddit http://bit.ly/2UR7MBE
blog.0x42424242.in
Besder - An Investigative Journey Part 1
Hello everyone, and welcome to my investigative journey into the Besder IP20H1 network camera! Last time, ( Part 1 , Part 2 ), I covered the...
Ekaterina Khrustaleva, ImmuniWeb: There's No Silver Bullet for IoT Security
http://bit.ly/2PlcPnU
Submitted April 24, 2019 at 08:16PM by KeyDutch
via reddit http://bit.ly/2UVnjjI
http://bit.ly/2PlcPnU
Submitted April 24, 2019 at 08:16PM by KeyDutch
via reddit http://bit.ly/2UVnjjI
TechNadu
Ekaterina Khrustaleva, ImmuniWeb: There's No Silver Bullet for IoT Security
Immuniweb's Ekaterina Khrustaleva discusses in an interview for TechNadu the security landscape of today, IoT, and how ImmuniWeb can help.
On insecure zip handling, Rubyzip and Metasploit RCE (CVE-2019-5624)
http://bit.ly/2W5XuKr
Submitted April 24, 2019 at 08:29PM by nibblesec
via reddit http://bit.ly/2PoXBy4
http://bit.ly/2W5XuKr
Submitted April 24, 2019 at 08:29PM by nibblesec
via reddit http://bit.ly/2PoXBy4
Doyensec
On insecure zip handling, Rubyzip and Metasploit RCE (CVE-2019-5624) · Doyensec's Blog
Doyensec's Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.
DNS based threat hunting and DoH (DNS over HTTPS)
http://bit.ly/2UWTsHV
Submitted April 25, 2019 at 02:09AM by adamziaja_com
via reddit http://bit.ly/2ITyBxS
http://bit.ly/2UWTsHV
Submitted April 25, 2019 at 02:09AM by adamziaja_com
via reddit http://bit.ly/2ITyBxS
blog.redteam.pl
DNS based threat hunting and DoH (DNS over HTTPS)
Techblog o cyberbezpieczeństwie