Hack the JWT Token
http://bit.ly/2ZWiA05
Submitted May 06, 2019 at 06:03PM by atomlib_com
via reddit http://bit.ly/2ZWla6k
http://bit.ly/2ZWiA05
Submitted May 06, 2019 at 06:03PM by atomlib_com
via reddit http://bit.ly/2ZWla6k
Habr
Hack the JWT Token
For Educational Purposes Only! Intended for Hackers Penetration testers. Issue The algorithm HS256 uses the secret key to sign and verify each message. The...
Optimizing Elasticsearch for security log collection – part 1: reducing the number of shards
http://bit.ly/2VMc50K
Submitted May 06, 2019 at 08:25PM by daanraman
via reddit http://bit.ly/2Y34yrU
http://bit.ly/2VMc50K
Submitted May 06, 2019 at 08:25PM by daanraman
via reddit http://bit.ly/2Y34yrU
NVISO Labs
Optimizing Elasticsearch for security log collection – part 1: reducing the number of shards
Nowadays, logs collection for security monitoring is about indexing, searching and datalakes; this is why at NVISO we use Elasticsearch for our threat hunting activities. Collecting, aggregating an…
Evil Clippy: MS Office maldoc assistant | Outflank Blog
http://bit.ly/300yzdx
Submitted May 06, 2019 at 09:41PM by lowdee
via reddit http://bit.ly/2LthMN2
http://bit.ly/300yzdx
Submitted May 06, 2019 at 09:41PM by lowdee
via reddit http://bit.ly/2LthMN2
outflank.nl
Evil Clippy: MS Office maldoc assistant | Outflank Blog
At BlackHat Asia we released Evil Clippy, a tool which assists red teamers and security testers in creating malicious MS Office documents. Amongst others, Evil Clippy can hide VBA macros, stomp VBA code (via p-code) and confuse popular macro analysis tools.…
OSINT Recon Great? - Unique Usernames Are Better Than Unique Passwords
http://curtbraz.com
Submitted May 06, 2019 at 10:36PM by IndySecMan
via reddit http://bit.ly/2J2uO21
http://curtbraz.com
Submitted May 06, 2019 at 10:36PM by IndySecMan
via reddit http://bit.ly/2J2uO21
reddit
r/netsec - OSINT Recon Great? - Unique Usernames Are Better Than Unique Passwords
0 votes and 0 comments so far on Reddit
WordPress 5.2: Mitigating Supply-Chain Attacks Against 33% of the Internet
http://bit.ly/2Vl9go0
Submitted May 07, 2019 at 06:04AM by sarciszewski
via reddit http://bit.ly/2VRxdmf
http://bit.ly/2Vl9go0
Submitted May 07, 2019 at 06:04AM by sarciszewski
via reddit http://bit.ly/2VRxdmf
Paragonie
WordPress 5.2: Mitigating Supply-Chain Attacks Against 33% of the Internet - Paragon Initiative Enterprises Blog
We wrote a cryptography library entirely in PHP to make your WordPress site secure against supply-chain attacks.
Legacy Outage: Why AS721 Experienced BGP Issues on May 5
http://bit.ly/2Jnq5HA
Submitted May 07, 2019 at 06:17PM by atomlib_com
via reddit http://bit.ly/2V68xlz
http://bit.ly/2Jnq5HA
Submitted May 07, 2019 at 06:17PM by atomlib_com
via reddit http://bit.ly/2V68xlz
Habr
Legacy Outage
Two days ago, May 5 of the year 2019 we saw a peculiar BGP outage, affecting autonomous systems in the customer cone of one very specific AS with the number 721...
MITM and XSS in Counter-Strike: Global Offensive
http://bit.ly/2V0WVQV
Submitted May 06, 2019 at 03:32PM by kkthxbye-
via reddit http://bit.ly/2LufkGh
http://bit.ly/2V0WVQV
Submitted May 06, 2019 at 03:32PM by kkthxbye-
via reddit http://bit.ly/2LufkGh
GitHub
csgo_bugs/README.md at master · kkthxbye-code/csgo_bugs
Random CSGO stuff. Contribute to kkthxbye-code/csgo_bugs development by creating an account on GitHub.
SSH Honey Keys
http://bit.ly/2Wv5ox0
Submitted May 07, 2019 at 09:05PM by kulinacs
via reddit http://bit.ly/2H6xPfs
http://bit.ly/2Wv5ox0
Submitted May 07, 2019 at 09:05PM by kulinacs
via reddit http://bit.ly/2H6xPfs
kulinacs.com
SSH Honey Keys
command="/usr/local/bin/honeykey kulinacs@honeypot",restrict ssh-rsa AAAAB3NzaCB6iakD kulinacs@honeypot
HostHunter: A Recon Tool for Hostname Discovery
http://bit.ly/2Lu8wZe
Submitted May 07, 2019 at 09:20PM by greenwolf247
via reddit http://bit.ly/302lKzn
http://bit.ly/2Lu8wZe
Submitted May 07, 2019 at 09:20PM by greenwolf247
via reddit http://bit.ly/302lKzn
GitHub
SpiderLabs/HostHunter
HostHunter a recon tool for discovering hostnames using OSINT techniques. - SpiderLabs/HostHunter
Looking into gandcrabs evasive infection chain
http://bit.ly/2H9DUYV
Submitted May 07, 2019 at 10:00PM by hackerxbella
via reddit http://bit.ly/305sHA2
http://bit.ly/2H9DUYV
Submitted May 07, 2019 at 10:00PM by hackerxbella
via reddit http://bit.ly/305sHA2
Cybereason
GandCrab's new Evasive Infection Chain
Ransomware is not a new form of attack, but GandCrab has upgraded it to be more dynamic and harder to resolve.
Compile Your Own Type Confusions: Exploiting Logic Bugs in JavaScript JIT Engines
http://bit.ly/2LqwSTD
Submitted May 07, 2019 at 09:44PM by overflowingInt
via reddit http://bit.ly/2VOetnv
http://bit.ly/2LqwSTD
Submitted May 07, 2019 at 09:44PM by overflowingInt
via reddit http://bit.ly/2VOetnv
phrack.org
.:: Phrack Magazine ::.
Phrack staff website.
Jalesc - Small Bash noscript for Locally Enumerating a Compromised Linux Machine
http://bit.ly/2PTkfPw
Submitted May 08, 2019 at 06:57AM by kindredsec
via reddit http://bit.ly/2VL2jvS
http://bit.ly/2PTkfPw
Submitted May 08, 2019 at 06:57AM by kindredsec
via reddit http://bit.ly/2VL2jvS
GitHub
itsKindred/jalesc
Just Another Linux Enumeration Script: A Bash noscript for locally enumerating a compromised Linux box - itsKindred/jalesc
Looking inside the (Drop-)box
http://bit.ly/2JqN0lA
Submitted May 08, 2019 at 01:41PM by anvilventures
via reddit http://bit.ly/2VkEADk
http://bit.ly/2JqN0lA
Submitted May 08, 2019 at 01:41PM by anvilventures
via reddit http://bit.ly/2VkEADk
TURLA LIGHTNEURON - One email away from remote code execution (ESET Research White paper)
http://bit.ly/2vMllU8
Submitted May 08, 2019 at 09:01PM by Lokanansi
via reddit http://bit.ly/2DR5dVJ
http://bit.ly/2vMllU8
Submitted May 08, 2019 at 09:01PM by Lokanansi
via reddit http://bit.ly/2DR5dVJ
Breaking News! Google AdWords Exploit Seen in the Wild! Yikes!
http://bit.ly/2PPMs9W
Submitted May 08, 2019 at 10:29PM by entelechy_
via reddit http://bit.ly/2WuN7jH
http://bit.ly/2PPMs9W
Submitted May 08, 2019 at 10:29PM by entelechy_
via reddit http://bit.ly/2WuN7jH
josh.com
Breaking News! Google AdWords Exploit Seen in the Wild! Yikes!
Today, my aunt Sue did a google search for “ebay” and got this… See the ad for ebay at the top of the results? Not particularly interesting, right?…
Falconry Hood Blinds Crowdstrike EDR
http://bit.ly/2V9YbkO
Submitted May 09, 2019 at 01:48AM by photo_sorif
via reddit http://bit.ly/3088XeM
http://bit.ly/2V9YbkO
Submitted May 09, 2019 at 01:48AM by photo_sorif
via reddit http://bit.ly/3088XeM
reddit
r/pentest - Falconry Hood Blinds Crowdstrike EDR
0 votes and 12 comments so far on Reddit
Hijacking browser TLS traffic through Client Domain Hooking, HSTS survey
http://bit.ly/2H4NWsU
Submitted May 09, 2019 at 02:30AM by nibblesec
via reddit http://bit.ly/2Lv9jca
http://bit.ly/2H4NWsU
Submitted May 09, 2019 at 02:30AM by nibblesec
via reddit http://bit.ly/2Lv9jca
blog.duszynski.eu
Hijacking browser TLS traffic through Client Domain Hooking
I am releasing a paper that describes a new variation of a man-in-the-middle (MITM) technique which, under certain circumstances, allows to permanently hijack browsers encrypted HTTP communication channel flow and compromise its confidentiality and integrity.
What I Learned After a Year as a Cybersecurity Mentor
http://bit.ly/2Pyt7d2
Submitted May 09, 2019 at 03:44AM by DorkNowitzki41
via reddit http://bit.ly/2LxFRT7
http://bit.ly/2Pyt7d2
Submitted May 09, 2019 at 03:44AM by DorkNowitzki41
via reddit http://bit.ly/2LxFRT7
VeteranSec
What I Learned After a Year as a Cybersecurity Mentor
When I
EarlyBird nabs CrowdStrike's worm
http://bit.ly/2H91tAQ
Submitted May 09, 2019 at 03:05AM by cook_log
via reddit http://bit.ly/2LusPFR
http://bit.ly/2H91tAQ
Submitted May 09, 2019 at 03:05AM by cook_log
via reddit http://bit.ly/2LusPFR
reddit
EarlyBird nabs CrowdStrike's worm
Posted in r/pentest by u/cook_log • 0 points and 21 comments
Alpine Linux Docker Image root User Hard-Coded Credential Vulnerability
http://bit.ly/2WsMZ42
Submitted May 09, 2019 at 01:40PM by ultrahkr
via reddit http://bit.ly/2V8KEtv
http://bit.ly/2WsMZ42
Submitted May 09, 2019 at 01:40PM by ultrahkr
via reddit http://bit.ly/2V8KEtv
reddit
r/selfhosted - Alpine Linux Docker Image root User Hard-Coded Credential Vulnerability
0 votes and 2 comments so far on Reddit
Queue the Hardening Enhancements
http://bit.ly/2vPkWQA
Submitted May 09, 2019 at 10:30PM by zexterio
via reddit http://bit.ly/2PUlbTL
http://bit.ly/2vPkWQA
Submitted May 09, 2019 at 10:30PM by zexterio
via reddit http://bit.ly/2PUlbTL
Google Online Security Blog
Queue the Hardening Enhancements
Posted by Jeff Vander Stoep, Android Security & Privacy Team and Chong Zhang, Android Media Team [Cross-posted from the Android Develo...