NEW BOT Телеграм, страница

👍2

1.64K views19:54

⭕️ An Integration For IDA And VS Code Which Connects Both To Easily Execute And Debug IDAPython Scripts

https://github.com/ioncodes/idacode
#IDA #debug #idapython
@securation

1.6K views15:32

Security Analysis

https://github.com/RedTeamOperations/Advanced-Process-Injection-Workshop

GitHub

GitHub - RedTeamOperations/Advanced-Process-Injection-Workshop

Contribute to RedTeamOperations/Advanced-Process-Injection-Workshop development by creating an account on GitHub.

👍2

1.68K views21:11

Security Analysis

⭕️Permissions:
A Primer, or: DACL, SACL, Owner, SID and ACE Explained

https://helgeklein.com/blog/permissions-a-primer-or-dacl-sacl-owner-sid-and-ace-explained/
#SID #ACL #ACE
@securation

Helge Klein

Permissions: A Primer, or: DACL, SACL, Owner, SID and ACE Explained • Helge Klein

Tools & knowledge for IT pros

👍1

1.56K views11:55

Security Analysis

https://www.notion.so/IDOR-Attack-vectors-exploitation-bypasses-and-chains-0b73eb18e9b640ce8c337af83f397a6b

rural-tune-378 on Notion

IDOR: Attack vectors, exploitation, bypasses and chains | Notion

API12019: Testing for IDOR/Broken object level authorization:

👍1

1.58K views12:00

Security Analysis

Automatic string formatting deobfuscation

https://maxkersten.nl/binary-analysis-course/malware-analysis/automatic-string-formatting-deobfuscation/

👍1

1.55K views20:09

Security Analysis

⭕️ SpoolFool:
Windows Print Spooler Privilege Escalation
(CVE-2022–22718)

https://ift.tt/MLi8yKl

Medium

SpoolFool: Windows Print Spooler Privilege Escalation (CVE-2022-21999)

In this blog post, we’ll look at a Windows Print Spooler local privilege escalation vulnerability that I found and…

👍5

1.56K views21:56

Security Analysis

Attack Surface’s of Industrial Control Systems

https://medium.com/@berkdusunur/attack-surfaces-of-industrial-control-systems-47c78c35d7d8

Medium

Attack Surface’s of Industrial Control Systems

Hello everybody. I am so happy to announce you my first post of 2022 about Attack Surface’s of Industrial Control Systems. I will use ICS…

👍2

1.48K views11:27

Security Analysis

https://swarm.ptsecurity.com/fuzzing-for-xss-via-nested-parsers-condition/

PT SWARM

Fuzzing for XSS via nested parsers condition

When communicating online, we constantly use emoticons and put text in bold. Some of us encounter markdown on Telegram or GitHub, while forum-dwellers might be more familiar with BBCode. All this is made possible by parsers, which find a special string (…

👍7😁1

1.52K views17:20

Security Analysis

⭕️Critical Vulnerabilities in PHP Everywhere Allow Remote Code Execution

https://www.wordfence.com/blog/2022/02/critical-vulnerabilities-in-php-everywhere-allow-remote-code-execution/
#PHP #RCE
@securation

Wordfence

Critical Vulnerabilities in PHP Everywhere Allow Remote Code Execution

On January 4, 2022, the Wordfence Threat Intelligence team began the responsible disclosure process for several Remote Code Execution vulnerabilities in PHP Everywhere, a WordPress plugin installed on over 30,000 websites. One of these vulnerabilities allowed…

👍1

1.78K views22:02

Security Analysis

Remote Code Execution on Confluence Servers

https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md

GitHub

writeups/Confluence-RCE.md at main · httpvoid/writeups

Contribute to httpvoid/writeups development by creating an account on GitHub.

👍1

1.57K viewsedited 09:35

Security Analysis

https://gca.isa.org/blog/cybersecurity-using-ics-attck-strategies

gca.isa.org

Cybersecurity Using ICS ATT&CK Strategies

Protect smart manufacturing and IIoT systems using a security framework that presents information in matrices arranged by attack stages.

👍2

1.51K views18:41

Security Analysis

⭕️Windows Event Log Jam

https://www.hawk.io/blog/unicode-reflection-event-null-byte-injection
#evtx #blind #log #jam
@securation

👍3

1.5K views09:09

Security Analysis

https://wrongbaud.github.io/posts/stm-xbox-jtag/

Wrongbaud’s Blog

Hardware Debugging for Reverse Engineers Part 1: SWD, OpenOCD and Xbox One Controllers

A blog focusing on hardware and software reverse engineering

👍1

1.46K views15:23

Security Analysis

Reverse Engineering My Home Security System: Decompiling Firmware Updates

Conclusion:

Starting from a software update, and some critical thinking, I was able to decompile the firmware update for my Honeywell Tuxedo. As a result, I have access to the proprietary binaries, and additional components that make up the device. My next two approaches are:

1. Reverse engineer the binaries in an attempt to discovery exploitable vulnerabilities, and learn more about the device.
2. Set up a test environment to execute the binaries so I can actively identify the attack surface, fuzz where possible, and really dig into it.

https://markclayton.github.io/reverse-engineering-my-home-security-system-decompiling-firmware-updates.html
#Hardware #Electronic #Reverse_Engineering #Article
@securation

_bullz3ye

Reverse Engineering My Home Security System: Decompiling Firmware Updates

A few weeks ago I got a home security system installed in my home. The package included a 7-inch tablet called the Honeywell Tuxedo that...

👍2

1.56K views17:15

Security Analysis

چطوری اتومیشن خودمون رو با bash noscript بنویسیم تا توی recon به ما کمک کنه ؟

https://youtu.be/keK99avGLvQ
#bash #recon #bugbounty
@securation

YouTube

Automate Recon with Your Own Bash Script [Tutorial]

Get Our Premium Ethical Hacking Bundle (90% Off): https://nulb.app/cwlshop

How to Write a Bash Script to Automate Reconnaissance
Full Tutorial: https://nulb.app/x726n
Subscribe to Null Byte: https://goo.gl/J6wEnH
Nick's Twitter: https://twitter.com/nickgodshall…

👍6

1.77K views09:24