Forwarded from 卩ro 爪Cracker
DroneSploit
Easily pentest drones!
This CLI framework is based on sploitkit and is an attempt to gather hacking techniques and exploits especially focused on drone hacking. For the ease of use, the interface has a layout that looks like Metasploit.
https://github.com/dhondta/dronesploit
Details:
https://hakin9.org/dronesploit-a-pentesting-console-framework-dedicated-to-drones/
Easily pentest drones!
This CLI framework is based on sploitkit and is an attempt to gather hacking techniques and exploits especially focused on drone hacking. For the ease of use, the interface has a layout that looks like Metasploit.
https://github.com/dhondta/dronesploit
Details:
https://hakin9.org/dronesploit-a-pentesting-console-framework-dedicated-to-drones/
Forwarded from 卩ro 爪Cracker
Stealing passwords from infosec Mastodon - without bypassing CSP
https://ift.tt/hRDE0m7
Submitted November 15, 2022 at 08:17PM by albinowax
via reddit https://ift.tt/voIhqLH
https://ift.tt/hRDE0m7
Submitted November 15, 2022 at 08:17PM by albinowax
via reddit https://ift.tt/voIhqLH
PortSwigger Research
Stealing passwords from infosec Mastodon - without bypassing CSP
The story of how I could steal credentials on Infosec Mastodon with a HTML injection vulnerability, without needing to bypass CSP. Everybody on our Twitter feed seemed to be jumping ship to the infose
#hacker_bano_chutiya_nhe 👾👾
Here’s 15 FREE cybersecurity University courses:
Network Security - Advanced Topics (New York University)
Cybersecurity Fundamentals (Rochester Institute of Technology)
Penetration Testing - Exploitation (New York University)
Introduction to Cybersecurity (University of Washington)
Cybersecurity Risk Management (Rochester Institute of Technology)
Network Security (Rochester Institute of Technology)
CS50's Introduction to Computer Science (Harvard University)
CS50's Introduction to Programming with Python (Harvard University)
Network and Security Foundations (Western Governors University)
Computer Forensics (Rochester Institute of Technology)
Information Security (The Open University)
Network Security (The Open University)
Digital Forensics (The Open University)
Risk Management (The Open University)
Computer Systems Security (MIT)
Some of these courses have scheduled start dates so you may need to check back periodically if you’ve already missed the start date!
Remember, utilise the FREE resources out there before paying for anything!
Here’s 15 FREE cybersecurity University courses:
Network Security - Advanced Topics (New York University)
Cybersecurity Fundamentals (Rochester Institute of Technology)
Penetration Testing - Exploitation (New York University)
Introduction to Cybersecurity (University of Washington)
Cybersecurity Risk Management (Rochester Institute of Technology)
Network Security (Rochester Institute of Technology)
CS50's Introduction to Computer Science (Harvard University)
CS50's Introduction to Programming with Python (Harvard University)
Network and Security Foundations (Western Governors University)
Computer Forensics (Rochester Institute of Technology)
Information Security (The Open University)
Network Security (The Open University)
Digital Forensics (The Open University)
Risk Management (The Open University)
Computer Systems Security (MIT)
Some of these courses have scheduled start dates so you may need to check back periodically if you’ve already missed the start date!
Remember, utilise the FREE resources out there before paying for anything!
❤1👍1
Forwarded from 卩ro 爪Cracker
New Tool: Orpheus - Bypasses most Kerberoast Detections
https://ift.tt/SdGhaQT
Submitted November 17, 2022 at 07:47PM by ben0xa
via reddit https://ift.tt/Mnwmp9f
https://ift.tt/SdGhaQT
Submitted November 17, 2022 at 07:47PM by ben0xa
via reddit https://ift.tt/Mnwmp9f
TrustedSec
The Art of Bypassing Kerberoast Detections with Orpheus
Forwarded from 卩ro 爪Cracker
cve-2022-31898.py
2.8 KB
🔥Exploit POC code for CVE-2022-31898, a command injection for GL-iNet routers with firmware below 3.215
Usage:
Usage:
cve-2022-31898.py [-h] -R RHOST [-P RPORT] -L LHOST [-l LPORT] [-p PWD] [-t]Forwarded from [ʟᴏʀᴅ ʜᴀʏᴘᴇʀ]
#tools
#Blue_Team_Techniques
1. Invisible Backdoor Detector - Python script to spot the usage of Unicode Bidi (bidirectional) characters that could lead to an Invisible Backdoor
https://github.com/cybersecsi/invisible-backdoor-detector
2. NetLlix - Emulate and test exfiltration of data over different network protocols
https://github.com/advanced-threat-research/NetLlix
#Blue_Team_Techniques
1. Invisible Backdoor Detector - Python script to spot the usage of Unicode Bidi (bidirectional) characters that could lead to an Invisible Backdoor
https://github.com/cybersecsi/invisible-backdoor-detector
2. NetLlix - Emulate and test exfiltration of data over different network protocols
https://github.com/advanced-threat-research/NetLlix
GitHub
GitHub - cybersecsi/invisible-backdoor-detector: A quick script to spot the usage of Unicode Bidi (bidirectional) characters that…
A quick script to spot the usage of Unicode Bidi (bidirectional) characters that could lead to an Invisible Backdoor - cybersecsi/invisible-backdoor-detector
Forwarded from [ʟᴏʀᴅ ʜᴀʏᴘᴇʀ]
CVE_2022_41622.zip
3 MB
2. CVE-2022-41622:
CSRF in F5 Big-IP that leads to RCE
https://github.com/rbowes-r7/refreshing-soap-exploit
CSRF in F5 Big-IP that leads to RCE
https://github.com/rbowes-r7/refreshing-soap-exploit
Forwarded from [ʟᴏʀᴅ ʜᴀʏᴘᴇʀ]
CVE_2022_32899.zip
5.5 MB
Forwarded from 卩ro 爪Cracker
Data breach search engine.
1) leak check.
https://leakcheck.io/
2) intel
https://intelx.io
3) leak peek
https://leakpeek.com
4) snusbase
https://snusbase.com/
5) monitor_firefox
https://monitor.firefox.com/
6) haveibeenpwned
https://haveibeenpwned.com/
7) scattered secrets
https://scatteredsecrets.com/
8) amibreached
https://amibreached.com/
9) leak lookup
https://leak-lookup.com/
10) rslookup
https://rslookup.com/terms
1) leak check.
https://leakcheck.io/
2) intel
https://intelx.io
3) leak peek
https://leakpeek.com
4) snusbase
https://snusbase.com/
5) monitor_firefox
https://monitor.firefox.com/
6) haveibeenpwned
https://haveibeenpwned.com/
7) scattered secrets
https://scatteredsecrets.com/
8) amibreached
https://amibreached.com/
9) leak lookup
https://leak-lookup.com/
10) rslookup
https://rslookup.com/terms
leakcheck.io
LeakCheck - Find out if your credentials have been compromised
Data breach search engine, low price starting from $2.99/day, unlimited API, 7B+ records
👍1