master_librarian
A simple tool to audit Linux system libraries to find public security vulnerabilities.
https://github.com/CoolerVoid/master_librarian
A simple tool to audit Linux system libraries to find public security vulnerabilities.
https://github.com/CoolerVoid/master_librarian
Ansible Roles - An Ultimate Way To Solve Your Confusion With Playbooks
https://medium.com/edureka/ansible-roles-78d48578aca1
https://medium.com/edureka/ansible-roles-78d48578aca1
Medium
Ansible Roles - An Ultimate Way To Solve Your Confusion With Playbooks
This Ansible Roles blog talks about how roles are used to make complex playbooks readable and reusable with a demonstration.
Kali Linux 2022.1 Release (Visual Updates, Kali Everything ISOs, Legacy SSH)
https://www.kali.org/blog/kali-linux-2022-1-release/#visual-refresh-theme-updates
https://www.kali.org/blog/kali-linux-2022-1-release/#visual-refresh-theme-updates
Kali Linux
Kali Linux 2022.1 Release (Visual Updates, Kali Everything ISOs, Legacy SSH) | Kali Linux Blog
Today we are pushing out the first Kali Linux release of the new year with Kali Linux 2022.1, and just in time for Valentine’s Day! This release brings various visual updates and tweaks to existing features, and is ready to be downloaded or upgraded if you…
Understand Typenoscript in 5 minutes - Je suis un dev
https://www.jesuisundev.com/en/understand-typenoscript-in-5-minutes/
https://www.jesuisundev.com/en/understand-typenoscript-in-5-minutes/
Je suis un dev
Understand Typenoscript in 5 minutes
Typenoscript exploded in popularity in 2019 and continues its crazy run in 2020. The first language to hit the top 10 in less than 5 years. Unbelievable.
Forwarded from Sys-Admin InfoSec
/ Windows RDP Event IDs Cheatsheet
It is becoming more and more common for bad actors to manipulate or clear the security event logs on compromised machines, and sometimes RDP sessions don’t even register as just a type 10 logon, depending on the circumstance. RDP activities will leave events in several different logs as action is taken and various processes are involved.
https://www.socinvestigation.com/windows-rdp-event-ids-cheatsheet/
It is becoming more and more common for bad actors to manipulate or clear the security event logs on compromised machines, and sometimes RDP sessions don’t even register as just a type 10 logon, depending on the circumstance. RDP activities will leave events in several different logs as action is taken and various processes are involved.
https://www.socinvestigation.com/windows-rdp-event-ids-cheatsheet/
Security Investigation - Be the first to investigate
Windows RDP Event IDs Cheatsheet - Security Investigation
It is becoming more and more common for bad actors to manipulate or clear the security event logs on compromised machines, and sometimes RDP sessions don’t even register as just a type 10 logon, depending on the circumstance. RDP activities will leave events…
A technique to semi-automatically discover new vulnerabilities in WordPress plugins
https://kazet.cc/2022/02/03/fuzzing-wordpress-plugins.html
https://kazet.cc/2022/02/03/fuzzing-wordpress-plugins.html
kazet.cc
A technique to semi-automatically discover new vulnerabilities in WordPress plugins
How to semi-automatically find vulnerabilities in WordPress plugins installed on about 15 million websites.
Stealing and faking Azure AD device identities
How to steal identities of existing Azure AD joined devices, and how to fake identies of non-AAD joined Windows devices with AADInternals v0.6.6:
https://o365blog.com/post/deviceidentity/?s=09
How to steal identities of existing Azure AD joined devices, and how to fake identies of non-AAD joined Windows devices with AADInternals v0.6.6:
https://o365blog.com/post/deviceidentity/?s=09
O365Blog
Stealing and faking Azure AD device identities
In my previous blog posts I’ve covered details on PRTs, BPRTs, device compliance, and Azure AD device join.
In this blog, I’ll show how to steal identities of existing Azure AD joined devices, and how to fake identies of non-AAD joined Windows devices with…
In this blog, I’ll show how to steal identities of existing Azure AD joined devices, and how to fake identies of non-AAD joined Windows devices with…
The Ultimate Hacker's Roadmap 2022
https://github.com/0xTRAW/Cybersecurity-Roadmap
and from the same category - The Ultimate Hacker Roadmap
https://github.com/Kennyslaboratory/Ultimate-Hacker-Roadmap
https://github.com/0xTRAW/Cybersecurity-Roadmap
and from the same category - The Ultimate Hacker Roadmap
https://github.com/Kennyslaboratory/Ultimate-Hacker-Roadmap
GitHub
GitHub - thatstraw/Cybersecurity-Roadmap
Contribute to thatstraw/Cybersecurity-Roadmap development by creating an account on GitHub.
Попалось тут - гейм на разных языках, программируешь героя он ходит, собирает кристаллы, разные языки (pyhon, javanoscript, lua) https://codecombat.com/play
CodeCombat
CodeCombat: Learn to Code by Playing a Game
Learn programming with a multiplayer live coding strategy game for beginners. Learn Python or JavaScript as you defeat ogres, solve mazes, and level up. Open source HTML5 game!
Escaping VMware’s NSX Edge OS Jailed Shell
In this blog post we provide details about a CLI injection vulnerability that we discovered during a penetration testing engagement against VMware Cloud Director. The vulnerability was identified on NSX Edge OS version < 6.4.13:
https://www.secforce.com/blog/escaping-vmwares-nsx-edge-os-jailed-shell/
In this blog post we provide details about a CLI injection vulnerability that we discovered during a penetration testing engagement against VMware Cloud Director. The vulnerability was identified on NSX Edge OS version < 6.4.13:
https://www.secforce.com/blog/escaping-vmwares-nsx-edge-os-jailed-shell/
www.secforce.com
SECFORCE - Security without compromise
Cybersecurity consultancy specialized in offensive security helping top-tier organisations all over the world.
Tutorial: Kubernetes Vulnerability Scanning & Testing With Open Source
https://www.conjur.org/blog/tutorial-kubernetes-vulnerability-scanning-testing-with-open-source/
https://www.conjur.org/blog/tutorial-kubernetes-vulnerability-scanning-testing-with-open-source/
CyberArk Developer
Tutorial: Kubernetes Vulnerability Scanning & Testing With Open Source
Explore our CyberArk open-source tools, Kubesploit and KubiScan, that will help Kubernetes users maximize their security.
FREE CYBERSECURITY SERVICES AND TOOLS from CISA
https://www.cisa.gov/free-cybersecurity-services-and-tools
https://www.cisa.gov/free-cybersecurity-services-and-tools
Cybersecurity and Infrastructure Security Agency CISA
No Cost Cybersecurity Services & Tools | CISA
MicrosoftSecurity_Best_Practices.pdf
9.6 MB
MicrosoftSecurity Best Practices
Known as the AzureSecurity Compass or MicrosoftSecurity
Compass) is a collection of best practices that provideclear actionable guidancefor security related decisions.
This is designed to help you increaseyour security postureand reducerisk whether your environment is cloud-
only, or a hybrid enterprisespanning cloud(s) and on-premises data centers.This guidance was formerly
referred to as AzureSecurity Compass and is now increasing in scopeto encompass all Microsoft security
guidanceand capabilities, including Microsoft 365
Known as the AzureSecurity Compass or MicrosoftSecurity
Compass) is a collection of best practices that provideclear actionable guidancefor security related decisions.
This is designed to help you increaseyour security postureand reducerisk whether your environment is cloud-
only, or a hybrid enterprisespanning cloud(s) and on-premises data centers.This guidance was formerly
referred to as AzureSecurity Compass and is now increasing in scopeto encompass all Microsoft security
guidanceand capabilities, including Microsoft 365
Node.js Tutorial for Beginners: Learn Step by Step in 3 Days
https://www.guru99.com/node-js-tutorial.html
https://www.guru99.com/node-js-tutorial.html
Guru99
Node.js Tutorial for Beginners: Learn Step by Step in 3 Days
Learn Node js Tutorial for Beginners: This course cover various aspect of node.js like modules, express, promises, generators, MongoDB, etc.
Docker optimization guide: the 12 best tips to optimize Docker image security
https://www.augmentedmind.de/2022/02/20/optimize-docker-image-security/
https://www.augmentedmind.de/2022/02/20/optimize-docker-image-security/
AugmentedMind.de
Docker optimization guide: the 12 best tips to optimize Docker image security
Learn how to optimize your Docker image security with 12 useful tips. Understand the underlying attack vector, and the mitigation approaches.
OwnCloud with Raspberry PI: self host your private cloud
https://peppe8o.com/owncloud-with-raspberry-pi-self-host-your-private-cloud/amp/
https://peppe8o.com/owncloud-with-raspberry-pi-self-host-your-private-cloud/amp/
Peppe8O
OwnCloud with Raspberry PI: self host your private cloud
Install and setup OwnCloud on Raspberry PI by using docker to get a private cloud to share files and collaborate by keeping all files yours
A Method for Decrypting Data Infected with Hive Ransomware.pdf
3.6 MB
A Method for Decrypting Data Infected with Hive Ransomware