Vulnerabilidad en el cliente de Zoom para Windows
https://unaaldia.hispasec.com/2020/04/vulnerabilidad-en-el-cliente-de-zoom-para-windows.html
https://unaaldia.hispasec.com/2020/04/vulnerabilidad-en-el-cliente-de-zoom-para-windows.html
Una al Día
Vulnerabilidad en el cliente de Zoom para Windows
El cliente de Zoom para Windows es vulnerable a ‘UNC path injection’, lo que en última instancia, permitiría a un atacante recibir las credenciales de usuario de Windows de la víctima. Zoom es un software para realizar reuniones a través de videoconferencia.…
Network+ video courses: https://mega.nz/#F!e75VmKJT!8Kc8MzSWKrhqQE4oVhJooA
Security+ video Courses: https://mega.nz/#F!H3pH0ACB!OEtXp59qZIqMh7oQI5Gcdg
CySA+ Video Courses: https://mega.nz/#F!66pXSYTT!GjbQkKXxT3dIWx-w5a47LA
Android Pocketprep Premium apks: https://mega.nz/#F!ijxn1aKC!c-1ENzRpuXKInWwGdy8EGA
various books, course notes, practice exams: https://mega.nz/#F!HrRlAa4a!HN-LxlJ8fM-uPwSHGi5fGg
+ pentest android web - red team👍🏽
https://mega.nz/?fbclid=IwAR0zt050MN2t9T7LrQMuKKr1LUf_21qroTD4ObWIEJCni_mx6SeJGKTcjTY#F!vmICjAiL!2Kib1xFG07oj0Ugn7kq4mg!K3pzVSZA
Security+ video Courses: https://mega.nz/#F!H3pH0ACB!OEtXp59qZIqMh7oQI5Gcdg
CySA+ Video Courses: https://mega.nz/#F!66pXSYTT!GjbQkKXxT3dIWx-w5a47LA
Android Pocketprep Premium apks: https://mega.nz/#F!ijxn1aKC!c-1ENzRpuXKInWwGdy8EGA
various books, course notes, practice exams: https://mega.nz/#F!HrRlAa4a!HN-LxlJ8fM-uPwSHGi5fGg
+ pentest android web - red team👍🏽
https://mega.nz/?fbclid=IwAR0zt050MN2t9T7LrQMuKKr1LUf_21qroTD4ObWIEJCni_mx6SeJGKTcjTY#F!vmICjAiL!2Kib1xFG07oj0Ugn7kq4mg!K3pzVSZA
mega.nz
MEGA provides free cloud storage with convenient and powerful always-on privacy. Claim your free 20GB now
Lo prometido es deuda y aqui les dejo el video nuevo del canal espero les guste ya vendran muchos mas
https://m.youtube.com/watch?v=W4mLr1ag9zg
https://m.youtube.com/watch?v=W4mLr1ag9zg
YouTube
Hacking a windows server 2012 R2 (x64)
Bueno, luego de un largo tiempo sin subir videos traigo un video sencillo, espero les guste.
Cisco Password Cracking and Decrypting Guide
https://www.infosecmatter.com/cisco-password-cracking-and-decrypting-guide/
https://www.infosecmatter.com/cisco-password-cracking-and-decrypting-guide/
InfosecMatter
Cisco Password Cracking and Decrypting Guide - InfosecMatter
This guide covers common Cisco password types (0, 4, 5, 7, 8 and 9) and provides instructions on how to decrypt then or crack them using Hashcat or John the Ripper
Forwarded from DragonJAR - Seguridad Informática, Hacking
En estos días, Zoom se está sintiendo un poco Windows. Analizado por todos los frentes, diana de todos los ataques. En tres meses ha pasado de 10 millones de reuniones diarias a más de 200. Si te has perdido un poco en todos sus fallos y ataques aparecidos, hilo con resumen ¬.
— Sergio de los Santos (@ssantosv) April 4, 2020
— Sergio de los Santos (@ssantosv) April 4, 2020
Twitter
Sergio de los Santos
En estos días, Zoom se está sintiendo un poco Windows. Analizado por todos los frentes, diana de todos los ataques. En tres meses ha pasado de 10 millones de reuniones diarias a más de 200. Si te has perdido un poco en todos sus fallos y ataques aparecidos…
Bueno en unos minutos subire un video al canal de como causar un crash a windows 10 👌🏻 espero les guste.
Bueno gente dejo por aqui en ultimo video del canal espero les guste
https://m.youtube.com/watch?v=3sTzY4MBDdg
https://m.youtube.com/watch?v=3sTzY4MBDdg
YouTube
hacking a Windows 10 (Crash) (1903/1909)
Espero les guste este corto vídeo pero muy interesante.
Link del Scanner o Checker:
http://www.mediafire.com/file/2l20hhre4b5w1we/cve-2020-0796-master.zip/file
Link del Exploit:
http://www.mediafire.com/file/lvni2n408qhzugl/CVE-2020-0796-PoC-master.tgz/file
Link del Scanner o Checker:
http://www.mediafire.com/file/2l20hhre4b5w1we/cve-2020-0796-master.zip/file
Link del Exploit:
http://www.mediafire.com/file/lvni2n408qhzugl/CVE-2020-0796-PoC-master.tgz/file
Slingshot C2 Matrix: una VM que incluye un arsenal de frameworks de C&C
https://www.hackplayers.com/2020/04/slingshot-c2-matrix-una-vm-arsenal-c2.html
https://www.hackplayers.com/2020/04/slingshot-c2-matrix-una-vm-arsenal-c2.html
Hackplayers
Slingshot C2 Matrix: una VM que incluye un arsenal de frameworks de C&C
Slingshot es una distribución de Linux basada en Ubuntu con el entorno de escritorio MATE creada por SANS para las prácticas de sus cursos ...
Motores de búsqueda utilizado por Hacker's
http://carbondate.cs.odu.edu
http://exif.regex.info/exif.cgi
http://fotoforensics.com
http://gjobqjj7wyczbqie.onion
http://htmlpreview.github.io
http://icanhazip.com
http://insecam.org
http://ipconfig.io
http://iris-h.malwageddon.com
http://karmadecay.com
http://maldun.com/submit/submit_file
http://malwareconfig.com
http://malwaretracker.com/pdf.php
http://manalyzer.org
http://nanoav.ru
http://r5n26fdanb4i522h.onion/recent
http://rootabout.com
https://29a.ch/photo-forensics/#forensic-magnifier
https://ahmia.fi
https://android.fallible.co
https://any.run
https://app.binaryedge.io
https://buckets.grayhatwarfare.com
https://cape.contextis.com
https://censys.io
https://check-host.net
https://code.woboq.org
https://community.riskiq.com
https://cse.google.com/cse?cx=003248445720253387346:turlh5vi4xc
https://cxsecurity.com
https://darksearch.io
https://databases.today/search.php
https://ddos.netlab.360.com
https://dehashed.com
https://dns.coffee
https://dnsdumpster.com
https://en.whotwi.com
https://etherscamdb.info/scams
https://exploitbox.io
https://findsubdomains.com
https://fofa.so
https://geoip-db.com/jsonp
https://ghostproject.fr
https://ghostproject.fr/m
https://haveibeenpwned.com
https://hunter.io
https://hybrid-analysis.com
https://ide.onelang.io
https://idtheftcenter.org/data-breaches
https://intelx.io
https://intrigue.io
https://ip-api.com/docs/api:json
https://ivre.rocks
https://kartkatalog.geonorge.no
https://leakedsource.ru
https://malware.sekoia.fr/new
https://malwr.com
https://map.internetintel.oracle.com
https://metacpan.org
https://metadefender.opswat.com
https://mikewk.shinyapps.io/botornot
https://monitor.firefox.com
https://nerdydata.com
https://onionsearchengine.com
https://onyphe.io
https://osintframework.com
https://outage.report
https://paper.seebug.org
https://phishstats.info
https://pipl.com
https://plik.root.gg
https://privacyrights.org/data-breaches
https://prnt.sc
https://protoxin.net/s3
https://psbdmp.ws
https://publicwww.com
https://reverse.it
https://scan.netlab.360.com/#/dashboard
https://scylla.sh
https://searchcode.com
https://shadowban.eu
https://shodan.io
https://sploitus.com
https://thispersondoesnotexist.com
https://threatbutt.com/map
https://threatmap.checkpoint.com/ThreatPortal/livemap.html
https://torrentparadise.org
https://totalhash.cymru.com
https://transfer.sh
https://urlscan.io
https://valkyrie.comodo.com
https://vigilante.pw/
https://virusscan.jotti.org
https://virustotal.com
https://viz.greynoise.io
https://viz.greynoise.io/table
https://wigle.net
https://wtfismyip.com/json
https://www.adminsub.net/mac-address-finder
https://www.exploit-db.com
https://www.how-old.net
https://www.inteltechniques.com/menu.html
https://www.iocbucket.com
https://www.packettotal.com
https://www.shodan.io
https://www.startpage.com/do/search
https://zoomeye.org
http://termbin.com
http://urlquery.net
http://virscan.org
http://www.yasiv.com/reddit#/Search?q=malware
https://bitnodes.earn.com/
https://investigativedashboard.org/
http://carbondate.cs.odu.edu
http://exif.regex.info/exif.cgi
http://fotoforensics.com
http://gjobqjj7wyczbqie.onion
http://htmlpreview.github.io
http://icanhazip.com
http://insecam.org
http://ipconfig.io
http://iris-h.malwageddon.com
http://karmadecay.com
http://maldun.com/submit/submit_file
http://malwareconfig.com
http://malwaretracker.com/pdf.php
http://manalyzer.org
http://nanoav.ru
http://r5n26fdanb4i522h.onion/recent
http://rootabout.com
https://29a.ch/photo-forensics/#forensic-magnifier
https://ahmia.fi
https://android.fallible.co
https://any.run
https://app.binaryedge.io
https://buckets.grayhatwarfare.com
https://cape.contextis.com
https://censys.io
https://check-host.net
https://code.woboq.org
https://community.riskiq.com
https://cse.google.com/cse?cx=003248445720253387346:turlh5vi4xc
https://cxsecurity.com
https://darksearch.io
https://databases.today/search.php
https://ddos.netlab.360.com
https://dehashed.com
https://dns.coffee
https://dnsdumpster.com
https://en.whotwi.com
https://etherscamdb.info/scams
https://exploitbox.io
https://findsubdomains.com
https://fofa.so
https://geoip-db.com/jsonp
https://ghostproject.fr
https://ghostproject.fr/m
https://haveibeenpwned.com
https://hunter.io
https://hybrid-analysis.com
https://ide.onelang.io
https://idtheftcenter.org/data-breaches
https://intelx.io
https://intrigue.io
https://ip-api.com/docs/api:json
https://ivre.rocks
https://kartkatalog.geonorge.no
https://leakedsource.ru
https://malware.sekoia.fr/new
https://malwr.com
https://map.internetintel.oracle.com
https://metacpan.org
https://metadefender.opswat.com
https://mikewk.shinyapps.io/botornot
https://monitor.firefox.com
https://nerdydata.com
https://onionsearchengine.com
https://onyphe.io
https://osintframework.com
https://outage.report
https://paper.seebug.org
https://phishstats.info
https://pipl.com
https://plik.root.gg
https://privacyrights.org/data-breaches
https://prnt.sc
https://protoxin.net/s3
https://psbdmp.ws
https://publicwww.com
https://reverse.it
https://scan.netlab.360.com/#/dashboard
https://scylla.sh
https://searchcode.com
https://shadowban.eu
https://shodan.io
https://sploitus.com
https://thispersondoesnotexist.com
https://threatbutt.com/map
https://threatmap.checkpoint.com/ThreatPortal/livemap.html
https://torrentparadise.org
https://totalhash.cymru.com
https://transfer.sh
https://urlscan.io
https://valkyrie.comodo.com
https://vigilante.pw/
https://virusscan.jotti.org
https://virustotal.com
https://viz.greynoise.io
https://viz.greynoise.io/table
https://wigle.net
https://wtfismyip.com/json
https://www.adminsub.net/mac-address-finder
https://www.exploit-db.com
https://www.how-old.net
https://www.inteltechniques.com/menu.html
https://www.iocbucket.com
https://www.packettotal.com
https://www.shodan.io
https://www.startpage.com/do/search
https://zoomeye.org
http://termbin.com
http://urlquery.net
http://virscan.org
http://www.yasiv.com/reddit#/Search?q=malware
https://bitnodes.earn.com/
https://investigativedashboard.org/
Herramientas que utilizo personalmente para Bug Bounty Hunting y evaluaciones web.
Burp Suite
OWASP ZAP
Dirb
Dirbuster
Gobuster
Wfuzz
Sublist3r
Massdns
Dnseno
Knockpy
nmap
Masscan
Sn1per
XSStrike
Sqlmap
Wpscan
Joomscan
CMSmap
Construido con
Wappalyzer
wafw00f
https://github.com/AlexisAhmed/BugBountyTools
Burp Suite
OWASP ZAP
Dirb
Dirbuster
Gobuster
Wfuzz
Sublist3r
Massdns
Dnseno
Knockpy
nmap
Masscan
Sn1per
XSStrike
Sqlmap
Wpscan
Joomscan
CMSmap
Construido con
Wappalyzer
wafw00f
https://github.com/AlexisAhmed/BugBountyTools
GitHub
GitHub - AlexisAhmed/BugBountyTools: Tools that i personally use for Bug Bounty Hunting and web assessments.
Tools that i personally use for Bug Bounty Hunting and web assessments. - GitHub - AlexisAhmed/BugBountyTools: Tools that i personally use for Bug Bounty Hunting and web assessments.
Creación de DLLs maliciosas para hijacking, fácil, sencillo y para toda la familia
https://www.hackplayers.com/2020/04/creacion-de-dlls-maliciosas-para-hijacking.html
https://www.hackplayers.com/2020/04/creacion-de-dlls-maliciosas-para-hijacking.html
Hackplayers
Creación de DLLs maliciosas para hijacking, fácil, sencillo y para toda la familia
EvilDLL v1.0 de thelinuxchoice es una herramienta bastante útil que nos facilitará la creación de DLLs maliciosas para obtener nuestra she...
FOCA v3.4.7 Released! #FearTheFOCA What's new? @fear_the_foca
http://feedproxy.google.com/~r/ElLadoDelMal/~3/nuFHvBq93r4/foca-v347-released-fearthefoca-whats.html
http://feedproxy.google.com/~r/ElLadoDelMal/~3/nuFHvBq93r4/foca-v347-released-fearthefoca-whats.html
Elladodelmal
FOCA v3.4.7 Released! #FearTheFOCA What's new? @fear_the_foca
Blog personal de Chema Alonso, consultor de seguridad en Informática 64, sobre seguridad, hacking, hackers, Cálico Electrónico y sus paranoias.
nuevo video del canal hacking a win 10 mediante ftp utility espero les guste: https://youtu.be/ObOiqoauTLI
YouTube
Hacking a Windows 10 (Ftp Utility)
En este video veremos como vulnerar una maquina windows 10 mediante un programa (Ftp Utility).Link de Ftp Utility (Para que hagan sus propio LAB)http://www.m...