Человек из телевизора сказал "Своих не бросаем!". На днях, впервые года так за 3 пришлось обратится за содействием, сначала к одним потом к другим, далее к третьим, четвертым и везде вилы. Сначала, конечно, стало немного грустно, но потом осталась только улыбка! Ведь, эта ситуация как раз как лакмусовая бумажка показала кто есть кто, где п#здешь ради хайпа, а где деловой подход. Оценивая на трезвую голову все кто сейчас отвалились никогда друзьями и партнерами по настоящему и не были. Так что все идет только в благо, а мир полон возможностей и без этих "патриотов", мусор отсечен, на горизонте только те с кем можно "кашу сварить".
А что скажешь ты? - был ли у тебя подобный опыт, попадал ли в схожие ситуации, правда ли что своих не бросают или все зассано п#здешом?
А что скажешь ты? - был ли у тебя подобный опыт, попадал ли в схожие ситуации, правда ли что своих не бросают или все зассано п#здешом?
👍7
A Burp Suite extension that integrates OpenAI's GPT
Released BurpGPT, a Burp Suite (PortSwigger) extension that uses OpenAI's GPT models to add an extra layer of security to your passive scan.
With BurpGPT, you can easily interact with Open AI models to identify potential vulnerabilities in your web application using custom prompts.
GitHub
#web
Released BurpGPT, a Burp Suite (PortSwigger) extension that uses OpenAI's GPT models to add an extra layer of security to your passive scan.
With BurpGPT, you can easily interact with Open AI models to identify potential vulnerabilities in your web application using custom prompts.
GitHub
#web
👍6🤔1
Red Teaming Toolkit
This repository contains cutting-edge open-source security tools (OST) that will help you during adversary simulation and as information intended for threat hunter can make detection and prevention control easier.
The list of tools below that could be potentially misused by threat actors such as APT and Human-Operated Ransomware (HumOR). If you want to contribute to this list send me a pull request.
#pentest
This repository contains cutting-edge open-source security tools (OST) that will help you during adversary simulation and as information intended for threat hunter can make detection and prevention control easier.
The list of tools below that could be potentially misused by threat actors such as APT and Human-Operated Ransomware (HumOR). If you want to contribute to this list send me a pull request.
#pentest
👍7
Burp Suite Intro
Burp Suite, you might have heard about this great tool and even used it in a number of times in your bug hunting or the penetration testing projects. Though, after writing several articles on webapplication penetration testing, we’ve decided to write a few on the various options and methods provided by this amazing tool which thus could help our readers in their further penetration testing analyses.
Today, in this publication, you will experience the complete installation and configuration of thismPort Swigger’s product from its different editions to setting up proxies for web and androidmapplications.
#web
Burp Suite, you might have heard about this great tool and even used it in a number of times in your bug hunting or the penetration testing projects. Though, after writing several articles on webapplication penetration testing, we’ve decided to write a few on the various options and methods provided by this amazing tool which thus could help our readers in their further penetration testing analyses.
Today, in this publication, you will experience the complete installation and configuration of thismPort Swigger’s product from its different editions to setting up proxies for web and androidmapplications.
#web
😁4👍1
Detect Tactics, Techniques & Combat Threats, Latest version: 1.8.0
DeTT&CT aims to assist blue teams in using ATT&CK to score and compare data log source quality, visibility coverage, detection coverage and threat actor behaviours. All of which can help, in different ways, to get more resilient against attacks targeting your organisation.
The DeTT&CT framework consists of a Python tool (DeTT&CT CLI), YAML administration files, the DeTT&CT Editor (to create and edit the YAML administration files) and scoring tables for detections, data sources and visibility.
GitHub
#pentest #defensive
DeTT&CT aims to assist blue teams in using ATT&CK to score and compare data log source quality, visibility coverage, detection coverage and threat actor behaviours. All of which can help, in different ways, to get more resilient against attacks targeting your organisation.
The DeTT&CT framework consists of a Python tool (DeTT&CT CLI), YAML administration files, the DeTT&CT Editor (to create and edit the YAML administration files) and scoring tables for detections, data sources and visibility.
GitHub
#pentest #defensive
👍6
👍3
Metasploit MS SQL Server, 2023
Metasploit is an excellent framework developed by H. D. Moore. It is a free and lightweight tool for penetration testing. It is open-source and cross-platform and has a range of features. Its popularity rests primarily on the fact that it is a powerful tool for auditing security. While this is true, it also has many features that can help people protect themselves. Personally speaking, this is my go-to tool for testing as it encapsulates the exploit a pentester can ever need.
Through this article, we will learn how to use Metasploit to exploit MSSQL. Therefore, we will go through every exploit Metasploit has to offer step by step, from finding the MSSQL server in the network to retrieving the sensitive information from the database and gaining control. Without any further ado, let us begin.
#pentest
Metasploit is an excellent framework developed by H. D. Moore. It is a free and lightweight tool for penetration testing. It is open-source and cross-platform and has a range of features. Its popularity rests primarily on the fact that it is a powerful tool for auditing security. While this is true, it also has many features that can help people protect themselves. Personally speaking, this is my go-to tool for testing as it encapsulates the exploit a pentester can ever need.
Through this article, we will learn how to use Metasploit to exploit MSSQL. Therefore, we will go through every exploit Metasploit has to offer step by step, from finding the MSSQL server in the network to retrieving the sensitive information from the database and gaining control. Without any further ado, let us begin.
#pentest
👍4🔥1
Те самые ситуации, когда девушка тебе пишет первой, оставляет свой номер и готова на встречу, а потом бац и ghosted 😂😂😂
#fun
#fun
🤣5