Я не люблю, когда наполовину, или когда прервали разговор.
Я не люблю, когда стреляют в спину, я также против выстрелов в упор.
Я не люблю себя, когда я трушу. Досадно мне, когда невинных бьют.
Я не люблю, когда мне лезут в душу, тем более, когда в нее плюют...
Я не люблю, когда стреляют в спину, я также против выстрелов в упор.
Я не люблю себя, когда я трушу. Досадно мне, когда невинных бьют.
Я не люблю, когда мне лезут в душу, тем более, когда в нее плюют...
CISA Stakeholder-Specific Vulnerability Categorization Guide
https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf
https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf
Configuring private vulnerability reporting for a repository
https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository
https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository
GitHub Docs
Configuring private vulnerability reporting for a repository - GitHub Docs
Owners and administrators of public repositories can allow security researchers to report vulnerabilities securely in the repository by enabling private vulnerability reporting.
How to speed up Ansible
https://www.toptechskills.com/ansible-tutorials-courses/speed-up-ansible-playbooks-pipelining-mitogen/
https://www.toptechskills.com/ansible-tutorials-courses/speed-up-ansible-playbooks-pipelining-mitogen/
TopTechSkills.com
How to Speed Up Your Ansible Playbooks Over 600%
Can Mitogen really give a 7x speed increase, and is it any faster than good ol' pipelining? Let's put these questions to the test.
Csi_software_memory_safety.pdf
316.2 KB
NSA Guidance on How to Protect Against Software Memory Safety Issues
SharpGmailC2
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
https://github.com/reveng007/SharpGmailC2
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
https://github.com/reveng007/SharpGmailC2
GitHub
GitHub - reveng007/SharpGmailC2: Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read…
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol - reveng007/SharpGmailC2
Phishing campaigns continue to grow more common globally, with over one million attacks observed in Q2 2022
They offer an easy and attractive way for cybercriminals to generate revenue, steal credentials and spread malware. Many sophisticated phishing kits have been developed. Some of these are sold on underground forums using a Malware-as-a-Service model, while others are used exclusively by a single threat actor group. Some cybercriminals also offer lead generation services, selling packages of clicks to fraudulent sites...
https://www.cyjax.com/app/uploads/2022/11/Fangxiao-a-Chinese-threat-actor.pdf
They offer an easy and attractive way for cybercriminals to generate revenue, steal credentials and spread malware. Many sophisticated phishing kits have been developed. Some of these are sold on underground forums using a Malware-as-a-Service model, while others are used exclusively by a single threat actor group. Some cybercriminals also offer lead generation services, selling packages of clicks to fraudulent sites...
https://www.cyjax.com/app/uploads/2022/11/Fangxiao-a-Chinese-threat-actor.pdf
Stealing passwords from infosec Mastodon - without bypassing CSP
https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
PortSwigger Research
Stealing passwords from infosec Mastodon - without bypassing CSP
The story of how I could steal credentials on Infosec Mastodon with a HTML injection vulnerability, without needing to bypass CSP. Everybody on our Twitter feed seemed to be jumping ship to the infose
Build Apps in Deno with Frameworks such as React, Vue, Express, and more.
https://deno.com/blog/frameworks-with-npm
https://deno.com/blog/frameworks-with-npm
Deno
Build Apps in Deno with Frameworks such as React, Vue, Express, and more. | Deno
Getting started with web frameworks in npm and Deno.
Build and Deploy a Node.js Microservices Application
https://dev.to/pavanbelagatti/build-and-deploy-a-nodejs-microservices-application-2966
https://dev.to/pavanbelagatti/build-and-deploy-a-nodejs-microservices-application-2966
DEV Community
Build and Deploy a Node.js Microservices Application
When it comes to modern software development, microservices are one of the hottest trends. These...
Home Grown Red Team: Lateral Movement With Havoc C2 And Microsoft EDR
https://assume-breach.medium.com/home-grown-red-team-lateral-movement-with-havoc-c2-and-microsoft-edr-300b7389b1f7
https://assume-breach.medium.com/home-grown-red-team-lateral-movement-with-havoc-c2-and-microsoft-edr-300b7389b1f7
Medium
Home Grown Red Team: Lateral Movement With Havoc C2 And Microsoft EDR
Lateral movement is extremely important for any red team engagement. Getting your initial shell is great, but if you can’t move off the box…
Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice
https://www.proofpoint.com/us/blog/threat-insight/nighthawk-and-coming-pentest-tool-likely-gain-threat-actor-notice
https://www.proofpoint.com/us/blog/threat-insight/nighthawk-and-coming-pentest-tool-likely-gain-threat-actor-notice
Proofpoint
What Is a Threat Actor? - Definition, Types & More | Proofpoint US
A threat actor is a term used to describe individuals whose purpose is to engage in cyber-related offenses. Learn the definition, types, motivations, and more.