Video on how log4j works
https://youtu.be/7qoPDq41xhQ
https://www.youtube.com/watch?v=5-GkpxbZ9Zw
https://www.youtube.com/watch?v=iI9Dz3zN4d8
https://youtu.be/7qoPDq41xhQ
https://www.youtube.com/watch?v=5-GkpxbZ9Zw
https://www.youtube.com/watch?v=iI9Dz3zN4d8
YouTube
CVE-2021-44228 - Log4j - MINECRAFT VULNERABLE! (and SO MUCH MORE)
Timestamps (HUGE thanks to deetee in the comments for putting these together!!!):
0:00 - Introduction
0:49 - Tweet on gaining RCE via Minecraft
1:16 - Overview of topics covered in video
1:57 - Context surrounding Log4j exploit
3:08 - Blog posts & Github…
0:00 - Introduction
0:49 - Tweet on gaining RCE via Minecraft
1:16 - Overview of topics covered in video
1:57 - Context surrounding Log4j exploit
3:08 - Blog posts & Github…
introduction into rootkits
https://www.ptsecurity.com/ru-ru/research/analytics/rootkits-evolution-and-detection-methods/?utm_source=youtube&utm_medium=denoscription
https://www.ptsecurity.com/ru-ru/research/analytics/rootkits-evolution-and-detection-methods/?utm_source=youtube&utm_medium=denoscription
ptsecurity.com
Аналитические статьи
Руткиты встречаются в арсенале злоумышленников не так часто, как другие типы вредоносного ПО. К примеру, по данным компании Bitdefender, руткиты составляют менее 1% от общего числа выявляемых вредоносных программ. Однако все случаи обнаружения связаны с громкими…
django 4.0 release🥳
the main changes:
- full redis db support
- new password hasher
- template based form rendering
https://www.djangoproject.com/weblog/2021/dec/07/django-40-released/
the main changes:
- full redis db support
- new password hasher
- template based form rendering
https://www.djangoproject.com/weblog/2021/dec/07/django-40-released/
HTB Writer. Ломаем приложение на Django, чтобы захватить веб-сервер👀
https://telegra.ph/Haker---HTB-Writer-Lomaem-prilozhenie-na-Django-chtoby-zahvatit-veb-server-12-14
https://telegra.ph/Haker---HTB-Writer-Lomaem-prilozhenie-na-Django-chtoby-zahvatit-veb-server-12-14
cool article on how to protect your site from SSTI in general concept, was hard to find, so hope you love it
https://securityintelligence.com/posts/how-to-protect-server-side-template-injection/
https://securityintelligence.com/posts/how-to-protect-server-side-template-injection/
👍1
ways to perform SSTI in Django(if dev fucked up)
https://lifars.com/wp-content/uploads/2021/06/Django-Templates-Server-Side-Template-Injection-v1.0.pdf
https://lifars.com/wp-content/uploads/2021/06/Django-Templates-Server-Side-Template-Injection-v1.0.pdf
think it's perfect time to buy yourself a VPS in Europe and create your own VPN server
how to do it you can find here
how to do it you can find here
Welp, finally the channel reached 100 subs
that was a great time with all of you guys, there will be more useful posts and (perhaps) some write ups written by me and so on
Anyway thank you all for subscribing and reading my posts!
that was a great time with all of you guys, there will be more useful posts and (perhaps) some write ups written by me and so on
Anyway thank you all for subscribing and reading my posts!
sanspie's notes
kak_postroit_gugl.pdf
for those of you, who just joined, i recommend reading this page(warning brain melting)
Python Magic Methods(init, etc)
https://raw.githubusercontent.com/RafeKettler/magicmethods/master/magicmethods.pdf
https://raw.githubusercontent.com/RafeKettler/magicmethods/master/magicmethods.pdf