Free SMTP
mail.lifechangingfaith.com:587 angeliapelham@lifechangingfaith.com pelham
iamcigar.com:587 info@iamcigar.com ebxuo3Kb
dsprecision.net:587 hr@dsprecision.net dongsung123
smtp.netvigator.com:465(SSL) man1704@netvigator.com co386038
sidehustleapps.com:587 martin@sidehustleapps.com PukeHigh@18
rems.edu.gh:587 beatrice.atanga@rems.edu.gh atanga1
ingoanews.com:587 advertisement@ingoanews.com Anil$4959
joystickmd.com:587 sgalvez@joystickmd.com sejoco1970
agenciacamaleao.com:587 11bets@agenciacamaleao.com lucro123
webmail.rednosefoundation.org:587 dedi@rednosefoundation.org dedi123
webdesign.com.py:587 lisa@webdesign.com.py lzfg2501
wisecowconsultants.com:587 kartik@wisecowconsultants.com Wisecow!23
brandm3dia.com:587 alex@brandm3dia.com brandmedia
onwardpaper.com:587 chikamadu@onwardpaper.com chika2017
smtp.rucapanel.com.ar:587 presupuestos@rucapanel.com.ar Presupuestos12019
akc.mx:587 juridico@akc.mx Akc.2021
eaaconsultores.cl:587 fbarros@eaaconsultores.cl Francisca2022
gospectrumweb.com:587 support@gospectrumweb.com Gsw28844$
smtp.terra.com.br:587 tataisant@terra.com.br 250289
amgesolar.com.br:587 rhuan@amgesolar.com.br amg123
cetaenergy.com:587 t.thompson@cetaenergy.com t.thompson
smtp.kingwoodcable.com:587 collins3@kingwoodcable.com 12345
smtp.kingwoodcable.net:587 kmljersey@kingwoodcable.net Fatala1
mail.lifechangingfaith.com:587 angeliapelham@lifechangingfaith.com pelham
iamcigar.com:587 info@iamcigar.com ebxuo3Kb
dsprecision.net:587 hr@dsprecision.net dongsung123
smtp.netvigator.com:465(SSL) man1704@netvigator.com co386038
sidehustleapps.com:587 martin@sidehustleapps.com PukeHigh@18
rems.edu.gh:587 beatrice.atanga@rems.edu.gh atanga1
ingoanews.com:587 advertisement@ingoanews.com Anil$4959
joystickmd.com:587 sgalvez@joystickmd.com sejoco1970
agenciacamaleao.com:587 11bets@agenciacamaleao.com lucro123
webmail.rednosefoundation.org:587 dedi@rednosefoundation.org dedi123
webdesign.com.py:587 lisa@webdesign.com.py lzfg2501
wisecowconsultants.com:587 kartik@wisecowconsultants.com Wisecow!23
brandm3dia.com:587 alex@brandm3dia.com brandmedia
onwardpaper.com:587 chikamadu@onwardpaper.com chika2017
smtp.rucapanel.com.ar:587 presupuestos@rucapanel.com.ar Presupuestos12019
akc.mx:587 juridico@akc.mx Akc.2021
eaaconsultores.cl:587 fbarros@eaaconsultores.cl Francisca2022
gospectrumweb.com:587 support@gospectrumweb.com Gsw28844$
smtp.terra.com.br:587 tataisant@terra.com.br 250289
amgesolar.com.br:587 rhuan@amgesolar.com.br amg123
cetaenergy.com:587 t.thompson@cetaenergy.com t.thompson
smtp.kingwoodcable.com:587 collins3@kingwoodcable.com 12345
smtp.kingwoodcable.net:587 kmljersey@kingwoodcable.net Fatala1
Dragnmove.zip
271 KB
🔥Dragnmove is a post-exploitaition tool that infects files shared between users in order to move from one system to another. Dragnmove can detect actions like dropping a file into the browser window or attaching a file to an email client. After Dragnmove detects the action, it hooks CreateFile API calls to modify handles.
🔥You’ve Crossed the Line — Disturbing a Host’s Rest
Akamai Security Research dove deeply into MS-RPC research this past year. For a protocol that does so much, MS-RPC is largely under-researched, and it can have real-world effects. One of those effects is that vulnerabilities in an RPC interface become exposed. This is what we are focusing on in this blog post: vulnerabilities within the Local Session Manager (LSM) RPC interface.
🔥cve-2022-37973 PoC Exploit
🔥cve-2022-37998 PoC Exploit
🧰RPC Toolkit(set of tools, articles, blog posts and links to help security researchers drive their RPC research)
Akamai Security Research dove deeply into MS-RPC research this past year. For a protocol that does so much, MS-RPC is largely under-researched, and it can have real-world effects. One of those effects is that vulnerabilities in an RPC interface become exposed. This is what we are focusing on in this blog post: vulnerabilities within the Local Session Manager (LSM) RPC interface.
🔥cve-2022-37973 PoC Exploit
🔥cve-2022-37998 PoC Exploit
🧰RPC Toolkit(set of tools, articles, blog posts and links to help security researchers drive their RPC research)
🔥Windows Contacts(примеры использования Windows Contact API ) RCE vuln(CVE-2022-44666)
⚠️Проблема(эта уязвимость покрывает не полностью проблему) не до конца исправлена, так что и подробности в виде рецензии от мелкомягких отложена на неопределенный срок!
⚠️Проблема(эта уязвимость покрывает не полностью проблему) не до конца исправлена, так что и подробности в виде рецензии от мелкомягких отложена на неопределенный срок!
#reversing
#IoT_Security
How to Identify a Microcontroller Model Using Firmware Analysis
https://www.apriorit.com/dev-blog/787-reverse-engineering-microcontroller-model-identification
#IoT_Security
How to Identify a Microcontroller Model Using Firmware Analysis
https://www.apriorit.com/dev-blog/787-reverse-engineering-microcontroller-model-identification
Apriorit
How to Identify a Microcontroller Model Using Firmware Analysis - Apriorit
Use the firmware analysis process to automatically identify a microcontroller model you need to work with by analyzing the firmware source code.
#info
#Analytics
The Most Popular & Fastest Growing Open Source Security Projects on GitHub
https://opensourcesecurityindex.io
#Analytics
The Most Popular & Fastest Growing Open Source Security Projects on GitHub
https://opensourcesecurityindex.io
opensourcesecurityindex.io
Open Source Security Index
The Most Popular & Fastest Growing Open Source Security Projects on GitHub
#exploit
1. CVE-2022-45771:
Pwndoc LFI to RCE
https://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE
2. Discord Image Token Password Grabber Exploit
https://github.com/bluewolf2778/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022
1. CVE-2022-45771:
Pwndoc LFI to RCE
https://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE
2. Discord Image Token Password Grabber Exploit
https://github.com/bluewolf2778/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022
GitHub
GitHub - p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE: Pwndoc local file inclusion to remote code execution of Node.js code on the…
Pwndoc local file inclusion to remote code execution of Node.js code on the server - p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE
#tools
#Offensive_security
1. udhcpc process crash on BusyBox 1.24.2
https://research.nccgroup.com/2022/12/12/klee-for-the-cve
2. Signing-key abuse and update exploitation framework
https://github.com/kpcyrd/sh4d0wup
3. A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods
https://github.com/p0dalirius/Coercer
#Offensive_security
1. udhcpc process crash on BusyBox 1.24.2
https://research.nccgroup.com/2022/12/12/klee-for-the-cve
2. Signing-key abuse and update exploitation framework
https://github.com/kpcyrd/sh4d0wup
3. A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods
https://github.com/p0dalirius/Coercer
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
#Threat_Research
1. Driving Through Defenses: Targeted Attacks Leverage Signed Malicious Microsoft Drivers
https://www.sentinelone.com/labs/driving-through-defenses-targeted-attacks-leverage-signed-malicious-microsoft-drivers
2. Analysis of Royal Ransomware
https://www.cybereason.com/blog/royal-ransomware-analysis
1. Driving Through Defenses: Targeted Attacks Leverage Signed Malicious Microsoft Drivers
https://www.sentinelone.com/labs/driving-through-defenses-targeted-attacks-leverage-signed-malicious-microsoft-drivers
2. Analysis of Royal Ransomware
https://www.cybereason.com/blog/royal-ransomware-analysis
SentinelOne
Driving Through Defenses | Targeted Attacks Leverage Signed Malicious Microsoft Drivers
Threat actors are abusing legitimately signed Microsoft drivers in active intrusions into telecommunication, BPO, MSSP, and financial services businesses.
#cryptography
Comparison of Symmetric Encryption Methods
https://soatok.blog/2020/07/12/comparison-of-symmetric-encryption-methods
Comparison of Symmetric Encryption Methods
https://soatok.blog/2020/07/12/comparison-of-symmetric-encryption-methods
Dhole Moments
Comparison of Symmetric Encryption Methods - Dhole Moments
There seems to be a lot of interest among software developers in the various cryptographic building blocks (block ciphers, hash functions, etc.), and more specifically how they stack up against eac…
#Sec_code_review
1. Tai-e - static analysis framework for Java
https://github.com/pascal-lab/Tai-e
2. OWASP Secure Code Review Guide
https://github.com/OWASP/www-project-code-review-guide
1. Tai-e - static analysis framework for Java
https://github.com/pascal-lab/Tai-e
2. OWASP Secure Code Review Guide
https://github.com/OWASP/www-project-code-review-guide
GitHub
GitHub - pascal-lab/Tai-e: An easy-to-learn/use static analysis framework for Java
An easy-to-learn/use static analysis framework for Java - pascal-lab/Tai-e
#tools
#Red_Team_Tactics
1. Talon - password guessing tool that targets the Kerberos/LDAP services within the Windows AD environment
https://github.com/optiv/Talon
2. Bypass Rails::Html::SafeListSanitizer filtering and perform an XSS attack
https://hackerone.com/reports/1656627
3. Tool which can help to get NT AUTHORITY\SYSTEM from arbitrary directory creation bugs
https://github.com/binderlabs/DirCreate2System
#Red_Team_Tactics
1. Talon - password guessing tool that targets the Kerberos/LDAP services within the Windows AD environment
https://github.com/optiv/Talon
2. Bypass Rails::Html::SafeListSanitizer filtering and perform an XSS attack
https://hackerone.com/reports/1656627
3. Tool which can help to get NT AUTHORITY\SYSTEM from arbitrary directory creation bugs
https://github.com/binderlabs/DirCreate2System
GitHub
GitHub - optiv/Talon: A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory…
A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment. - optiv/Talon
#exploit
1. CVE-2022-42895:
Linux Kernel: Infoleak in Bluetooth L2CAP Handling
https://seclists.org/oss-sec/2022/q4/190
2. CVE-2021-43444 - 43449:
Exploiting ONLYOFFICE Web Sockets for Unauth RCE
https://labs.nettitude.com/blog/exploiting-onlyoffice-web-sockets-for-unauthenticated-remote-code-execution
3. Exploiting SUID Binaries
https://medium.com/@tinopreter/linux-privesc-3-exploiting-suid-binaries-72ec5460c6a
1. CVE-2022-42895:
Linux Kernel: Infoleak in Bluetooth L2CAP Handling
https://seclists.org/oss-sec/2022/q4/190
2. CVE-2021-43444 - 43449:
Exploiting ONLYOFFICE Web Sockets for Unauth RCE
https://labs.nettitude.com/blog/exploiting-onlyoffice-web-sockets-for-unauthenticated-remote-code-execution
3. Exploiting SUID Binaries
https://medium.com/@tinopreter/linux-privesc-3-exploiting-suid-binaries-72ec5460c6a
seclists.org
oss-sec: Re: Linux Kernel: Infoleak in Bluetooth L2CAP Handling
👍2
DACLs_abuse.png
1.1 MB
#Infographics
#Offensive_security
DACLs (Active Directory Discretionary Access Control Lists) abuse
https://www.thehacker.recipes/ad/movement/dacl
#Offensive_security
DACLs (Active Directory Discretionary Access Control Lists) abuse
https://www.thehacker.recipes/ad/movement/dacl