fatt /fingerprintAllTheThings - a pyshark based noscript for extracting network metadata and fingerprints from pcap files and live network traffic
http://bit.ly/2HGDXf1
Submitted May 28, 2019 at 07:33PM by fo0
via reddit http://bit.ly/2QwhtQl
http://bit.ly/2HGDXf1
Submitted May 28, 2019 at 07:33PM by fo0
via reddit http://bit.ly/2QwhtQl
GitHub
0x4D31/fatt
fatt /fingerprintAllTheThings - a pyshark based noscript for extracting network metadata and fingerprints from pcap files and live network traffic - 0x4D31/fatt
Ad Fraud Makes it's way to Twitter's Promoted Content (Social engineering, Ad fraud, Fake News)
http://bit.ly/2whrMPe
Submitted May 28, 2019 at 09:37PM by DEVCON3PJS
via reddit http://bit.ly/2YMSUlc
http://bit.ly/2whrMPe
Submitted May 28, 2019 at 09:37PM by DEVCON3PJS
via reddit http://bit.ly/2YMSUlc
BuzzFeed News
Twitter Is Showing More Ads, And People Are Seeing Lots Of Weird Crap As A Result
One malicious campaign used false articles about Drake and the Weeknd to promote casinos.
Almost One Million Vulnerable to BlueKeep Vuln (CVE-2019-0708)
http://bit.ly/2wprAgQ
Submitted May 28, 2019 at 10:04PM by zexterio
via reddit http://bit.ly/2VRqpkt
http://bit.ly/2wprAgQ
Submitted May 28, 2019 at 10:04PM by zexterio
via reddit http://bit.ly/2VRqpkt
Erratasec
Almost One Million Vulnerable to BlueKeep Vuln (CVE-2019-0708)
Microsoft announced a vulnerability in it's "Remote Desktop" product that can lead to robust, wormable exploits. I scanned the Internet to a...
Post-Exploitation with Leprechaun (finding interesting systems and connections)
http://bit.ly/2X9oqJK
Submitted May 28, 2019 at 10:00PM by altjx
via reddit http://bit.ly/2HGyWCS
http://bit.ly/2X9oqJK
Submitted May 28, 2019 at 10:00PM by altjx
via reddit http://bit.ly/2HGyWCS
Vonahi Security's Blog
Post-Exploitation with Leprechaun
Finding valuable data during post-exploitation can be a challenge. Leprechaun helps solve this problem.
Analysis of a 1day (cve-2019-0547) and discovery of a forgotten condition in the patch (cve-2019-0726) 1/2
http://bit.ly/2JEmXs1
Submitted May 29, 2019 at 03:53AM by h3ku
via reddit http://bit.ly/2WsbIJ3
http://bit.ly/2JEmXs1
Submitted May 29, 2019 at 03:53AM by h3ku
via reddit http://bit.ly/2WsbIJ3
Sensepost
SensePost | Analysis of a 1day (cve-2019-0547) and discovery of a forgotten condition in the patch (cve-2019-0726) – part 1 of…
Leaders in Information Security
Check End of Life of php, python, ubuntu, alpine, laravel etc at one place. Verify whether your application needs an update, or if you need to upgrade your device.
https://endoflife.date/
Submitted May 29, 2019 at 07:13AM by Gallus
via reddit http://bit.ly/2MenQJW
https://endoflife.date/
Submitted May 29, 2019 at 07:13AM by Gallus
via reddit http://bit.ly/2MenQJW
reddit
r/netsec - Check End of Life of php, python, ubuntu, alpine, laravel etc at one place. Verify whether your application needs an…
0 votes and 0 comments so far on Reddit
Complete Course: Zero to Hero Network Pentesting
http://bit.ly/2DHEb2N
Submitted May 29, 2019 at 09:01AM by DorkNowitzki41
via reddit http://bit.ly/2EEByPI
http://bit.ly/2DHEb2N
Submitted May 29, 2019 at 09:01AM by DorkNowitzki41
via reddit http://bit.ly/2EEByPI
Cybersecurity Training | The Cyber Mentor
Zero to Hero Pentesting | Cybersecurity Training | The Cyber Mentor
The Cyber Mentor provides cybersecurity and penetration testing training via Twitch, YouTube, and more.
Provoking browser quirks with behavioural fuzzing
http://bit.ly/2YVMXTk
Submitted May 29, 2019 at 01:34PM by albinowax
via reddit http://bit.ly/2W0WXc5
http://bit.ly/2YVMXTk
Submitted May 29, 2019 at 01:34PM by albinowax
via reddit http://bit.ly/2W0WXc5
portswigger.net
Provoking browser quirks with behavioural fuzzing | Blog
In this post I'm going to walk you through how I used behavioural fuzzing to find multiple quirks in Firefox. Normally, when fuzzing the goal is to find a crash indicating memory corruption, but my go
Experience the security flaw in Whatsapp hands-on
http://bit.ly/2EDiIZC
Submitted May 29, 2019 at 05:08PM by DebugDucky
via reddit http://bit.ly/2XeWaFA
http://bit.ly/2EDiIZC
Submitted May 29, 2019 at 05:08PM by DebugDucky
via reddit http://bit.ly/2XeWaFA
blog.adversary.io
How WhatsApp Was Hacked By Exploiting a Buffer Overflow Security Flaw
1-click RCE with Skype Web Plugin and Qt apps
http://bit.ly/2WcAkWN
Submitted May 29, 2019 at 05:36PM by TheAndroidGeek
via reddit http://bit.ly/2KadCHH
http://bit.ly/2WcAkWN
Submitted May 29, 2019 at 05:36PM by TheAndroidGeek
via reddit http://bit.ly/2KadCHH
reddit
r/netsec - 1-click RCE with Skype Web Plugin and Qt apps
0 votes and 0 comments so far on Reddit
Free GDPR and PCI DSS compliance test - all in one
http://bit.ly/2Wc1ygb
Submitted May 29, 2019 at 07:11PM by KeyDutch
via reddit http://bit.ly/2Xba2R7
http://bit.ly/2Wc1ygb
Submitted May 29, 2019 at 07:11PM by KeyDutch
via reddit http://bit.ly/2Xba2R7
Immuniweb
ImmuniWeb launches free website security and GDPR compliance test
The non-intrusive online test quickly verifies relevant GDPR and PCI DSS requirements, checks CMS security and runs a privacy check.
Honeynet Project: Innsbruck Junior CTF
http://bit.ly/30TArp2
Submitted May 29, 2019 at 07:56PM by mhils
via reddit http://bit.ly/2X81hYd
http://bit.ly/30TArp2
Submitted May 29, 2019 at 07:56PM by mhils
via reddit http://bit.ly/2X81hYd
reddit
r/netsec - Honeynet Project: Innsbruck Junior CTF
0 votes and 0 comments so far on Reddit
The Nansh0u Campaign: signed rootkit, exposed infrastructure and PE exploits in a massive MS-SQL & PHPMyAdmin attack campaign
http://bit.ly/2EFN9xY
Submitted May 29, 2019 at 07:55PM by ophirharpaz
via reddit http://bit.ly/2XkTiY5
http://bit.ly/2EFN9xY
Submitted May 29, 2019 at 07:55PM by ophirharpaz
via reddit http://bit.ly/2XkTiY5
Guardicore - Data Center and Cloud Security
The Nansh0u Campaign: Hackers Arsenal Grows Stronger
Read how Guardicore Labs revealed an end-to-end attack campaign infrastructure, designed to scan, brute-force and infect tens of thousands of MS-SQL and PHPMyAdmin servers on the internet.
A Data Wallet for secure 'Data Renting' of valuable and sensitive data sets
http://bit.ly/2VGW78S
Submitted May 29, 2019 at 08:51PM by blrm
via reddit http://bit.ly/2W1sIS0
http://bit.ly/2VGW78S
Submitted May 29, 2019 at 08:51PM by blrm
via reddit http://bit.ly/2W1sIS0
Medium
iExec V3: Data Wallet for Enterprises to Rent Data and AI Models Using Blockchain
Lyon, 15 May 2019: iExec has released its V3, which introduces a new Data Wallet feature that makes secure data renting possible. With…
Building Facebook's service encryption infrastructure
http://bit.ly/2I3m7la
Submitted May 29, 2019 at 08:00PM by npoole
via reddit http://bit.ly/2MgxwUh
http://bit.ly/2I3m7la
Submitted May 29, 2019 at 08:00PM by npoole
via reddit http://bit.ly/2MgxwUh
Facebook Code
Building Facebook's service encryption infrastructure - Facebook Code
How we built our service encryption infrastructure to optimize for operability and performance, while satisfying the right security model for each service.
Is this plausible? "SIM Port Hack"
http://bit.ly/2EokWM9
Submitted May 29, 2019 at 11:05PM by BusyWheel
via reddit http://bit.ly/2Qz6cPf
http://bit.ly/2EokWM9
Submitted May 29, 2019 at 11:05PM by BusyWheel
via reddit http://bit.ly/2Qz6cPf
Medium
The Most Expensive Lesson Of My Life: Details of SIM port hack
I lost north of $100,000 last Wednesday. It evaporated over a 24 hour timespan in a “SIM port attack” that drained my Coinbase account.
Interesting read on hash weakness (Not sure if this was shared before)
http://bit.ly/2MhNOfA
Submitted May 30, 2019 at 06:36AM by nyxx88
via reddit http://bit.ly/2Wv1tn7
http://bit.ly/2MhNOfA
Submitted May 30, 2019 at 06:36AM by nyxx88
via reddit http://bit.ly/2Wv1tn7
Medium
The moment when you realize every server in the world is vulnerable
The story of a major hash table vulnerability, and how it took a decade to uncover and resolve.
A Debugging Primer with CVE-2019-0708
http://bit.ly/2YWAuyE
Submitted May 30, 2019 at 05:24AM by pwnplusplus
via reddit http://bit.ly/2Mgzfsq
http://bit.ly/2YWAuyE
Submitted May 30, 2019 at 05:24AM by pwnplusplus
via reddit http://bit.ly/2Mgzfsq
Medium
A Debugging Primer with CVE-2019–0708
The purpose of this post is to share how one would use a debugger to identify the relevant code path that can trigger the crash. I hope…
I finally wrote up my notes on hacking iOS Xamarin apps with Frida!
http://bit.ly/2HLAyeL
Submitted May 30, 2019 at 03:58PM by fridgehead
via reddit http://bit.ly/2Z0aO4i
http://bit.ly/2HLAyeL
Submitted May 30, 2019 at 03:58PM by fridgehead
via reddit http://bit.ly/2Z0aO4i
reddit
r/netsec - I finally wrote up my notes on hacking iOS Xamarin apps with Frida!
0 votes and 3 comments so far on Reddit
My HackTheBox CTF Methodology - From fresh box to root! - 0x00sec
http://bit.ly/2JKdQ8U
Submitted May 30, 2019 at 06:16PM by Evil1337
via reddit http://bit.ly/2WAvkKY
http://bit.ly/2JKdQ8U
Submitted May 30, 2019 at 06:16PM by Evil1337
via reddit http://bit.ly/2WAvkKY
0x00sec - The Home of the Hacker
My HackTheBox CTF Methodology - From fresh box to root!
Hey 0x00ers! I’m so sorry that it’s been such a long time since I’ve dropped an article here! I’ve been writing for my current company navisec.io @ delta.navisec.io and I’ve not had the chance to drop a good article for 0x00sec for a little while. Today…
Windows-Based Exploitation —VulnServer TRUN Command Buffer Overflow
http://bit.ly/2QwTUHi
Submitted May 30, 2019 at 06:45PM by Eta-Meson
via reddit http://bit.ly/2Milv0u
http://bit.ly/2QwTUHi
Submitted May 30, 2019 at 06:45PM by Eta-Meson
via reddit http://bit.ly/2Milv0u
Medium
Windows-Based Exploitation —VulnServer TRUN Command Buffer Overflow
Reversing using IDA Pro and inject shellcode with Python