Catalog of Supply Chain Compromises
/r/blueteamsec/comments/eeffw5/catalog_of_supply_chain_compromises/
Submitted December 23, 2019 at 12:59PM by digicat
via reddit https://ift.tt/2sYlcOV
/r/blueteamsec/comments/eeffw5/catalog_of_supply_chain_compromises/
Submitted December 23, 2019 at 12:59PM by digicat
via reddit https://ift.tt/2sYlcOV
reddit
Catalog of Supply Chain Compromises
Posted in r/netsec by u/digicat • 19 points and 0 comments
Full release of Empire 3.0! BC-Security's fork will be the Kali supported fork going forward. Plus details on what's in the update.
https://ift.tt/2EKUVqj
Submitted December 23, 2019 at 06:51PM by Hubble_BC_Security
via reddit https://ift.tt/2SmzKCO
https://ift.tt/2EKUVqj
Submitted December 23, 2019 at 06:51PM by Hubble_BC_Security
via reddit https://ift.tt/2SmzKCO
reddit
Full release of Empire 3.0! BC-Security's fork will be the Kali...
Posted in r/netsec by u/Hubble_BC_Security • 178 points and 0 comments
App Analysis: Plenty of Fish; Locating users and revealing information via the API
https://ift.tt/2EO95Xr
Submitted December 23, 2019 at 06:43PM by theappanalyst
via reddit https://ift.tt/392wQZL
https://ift.tt/2EO95Xr
Submitted December 23, 2019 at 06:43PM by theappanalyst
via reddit https://ift.tt/392wQZL
reddit
App Analysis: Plenty of Fish; Locating users and revealing...
Posted in r/netsec by u/theappanalyst • 268 points and 23 comments
NGINX error_page request smuggling
https://ift.tt/34UvnBE
Submitted December 24, 2019 at 09:21PM by albinowax
via reddit https://ift.tt/2MpVsC6
https://ift.tt/34UvnBE
Submitted December 24, 2019 at 09:21PM by albinowax
via reddit https://ift.tt/2MpVsC6
Pentester's Mindset - Get out of the limited OWASP TOP-10/SANS TOP-25/Bug Bounty mindset
https://ift.tt/2MHp1PV
Submitted December 25, 2019 at 03:30PM by rotisabzi
via reddit https://ift.tt/34R7XwR
https://ift.tt/2MHp1PV
Submitted December 25, 2019 at 03:30PM by rotisabzi
via reddit https://ift.tt/34R7XwR
reddit
Pentester's Mindset - Get out of the limited OWASP TOP-10/SANS...
Posted in r/netsec by u/rotisabzi • 127 points and 22 comments
An Introduction to Arcade Security and How to Take All Machines Down
https://ift.tt/2t4LHlP
Submitted December 25, 2019 at 05:56PM by utku1337
via reddit https://ift.tt/34RqWr7
https://ift.tt/2t4LHlP
Submitted December 25, 2019 at 05:56PM by utku1337
via reddit https://ift.tt/34RqWr7
Utkusen
An Introduction to Arcade Security and How to Take All Machines Down
TL;DR This article contains my experiences on testing amusement arcade’s security.
I found a DoS vulnerability on Intercard devices. An attacker can take down entire
arcade machines by using this vulnerability.
Me and my girlfriend love to spend hours in…
I found a DoS vulnerability on Intercard devices. An attacker can take down entire
arcade machines by using this vulnerability.
Me and my girlfriend love to spend hours in…
SANS Holiday Hack 2019 Writeup - Kringlecon 2: Turtle Doves
https://ift.tt/2PUcydq
Submitted December 26, 2019 at 12:11AM by PolleV
via reddit https://ift.tt/35WuIAX
https://ift.tt/2PUcydq
Submitted December 26, 2019 at 12:11AM by PolleV
via reddit https://ift.tt/35WuIAX
Kringlecon-2-Turtle-Doves
Kringlecon 2: Turtle Doves
Writeup for the SANS holiday hack challenge 2019 (Kringlecon 2019)
Parse and convert Nessus, Nmap (and more tools) to XLSX, CSV
https://ift.tt/2LOYPlW
Submitted December 26, 2019 at 01:37AM by 0bs1d1an-
via reddit https://ift.tt/39feWTF
https://ift.tt/2LOYPlW
Submitted December 26, 2019 at 01:37AM by 0bs1d1an-
via reddit https://ift.tt/39feWTF
GitLab
Guido Kroon / sr2t
Converts scanning reports to a tabular format
Almost 2 Million Records Exposed in May 2019 Healthcare Data Breaches - HIPAA Guide
https://ift.tt/2Ymy8ZO
Submitted December 26, 2019 at 06:32PM by fgery456vb6e2
via reddit https://ift.tt/2ZpQMRR
https://ift.tt/2Ymy8ZO
Submitted December 26, 2019 at 06:32PM by fgery456vb6e2
via reddit https://ift.tt/2ZpQMRR
HIPAA Guide
Almost 2 Million Records Exposed in May 2019 Healthcare Data Breaches - HIPAA Guide
April was a record-breaking month for healthcare data breaches. The high number of breaches has continued in May, with 44 reported breaches and almost 2 million records exposed.
Gone in 30 seconds – a DIY HID cable story tale » Using bettercap HID module with CrazyRadio to connect to the rogue cable
https://ift.tt/2t5kOys
Submitted December 27, 2019 at 03:54PM by s0pas
via reddit https://ift.tt/2tXm1Z5
https://ift.tt/2t5kOys
Submitted December 27, 2019 at 03:54PM by s0pas
via reddit https://ift.tt/2tXm1Z5
Davidsopas
Gone in 30 seconds – a HID cable story tale | David Sopas - Web Security Researcher
Following what I mentioned in my previous post, I went to my electronics bin and gathered a Logitech Wireless mouse (M185) and a USB cable. On the mouse, I took
New Windows Exploit Suggester tool: Windows Exploit Dowser
https://ift.tt/39gKSHf
Submitted December 27, 2019 at 03:10PM by dangerJackpot
via reddit https://ift.tt/2rBpZps
https://ift.tt/39gKSHf
Submitted December 27, 2019 at 03:10PM by dangerJackpot
via reddit https://ift.tt/2rBpZps
GitHub
akabe1/windows_exploit_dowser
A simple tool which could be useful to identify the exploits afflicting a Windows OS - akabe1/windows_exploit_dowser
When ꓘamerka meets healthcare — Research on exposed medical devices
https://ift.tt/2stl6yW
Submitted December 27, 2019 at 10:18PM by Mysterii8
via reddit https://ift.tt/39rPomC
https://ift.tt/2stl6yW
Submitted December 27, 2019 at 10:18PM by Mysterii8
via reddit https://ift.tt/39rPomC
Medium
When ꓘamerka meets healthcare — Research on exposed medical devices
ꓘamerka is going after hospitals and health clinics. I’m publishing tons of queries related to healthcare industry and medical sciences.
Wifi deauthentication attacks and home security
https://ift.tt/360gD5j
Submitted December 27, 2019 at 10:47PM by liotier
via reddit https://ift.tt/2Q5rohv
https://ift.tt/360gD5j
Submitted December 27, 2019 at 10:47PM by liotier
via reddit https://ift.tt/2Q5rohv
reddit
Wifi deauthentication attacks and home security
Posted in r/netsec by u/liotier • 2 points and 0 comments
PE Import Table hijacking as a way of achieving persistence - or exploiting DLL side loading
https://ift.tt/2ZstTNG
Submitted December 27, 2019 at 11:43PM by fuckup1337
via reddit https://ift.tt/2ZvlkC3
https://ift.tt/2ZstTNG
Submitted December 27, 2019 at 11:43PM by fuckup1337
via reddit https://ift.tt/2ZvlkC3
HACKINGISCOOL
PE Import Table hijacking as a way of achieving persistence - or exploiting DLL side loading
PrefaceIn this post I describe a simple trick I came up with recently - something which is definitely nothing new, but as I found it useful and haven't seen it elsewhere, I decided to write it up. What we want to achieveSo - let's consider backdooring a Windows…
<b>Parsuite: A Modularized Parser Framework Written in Python 3</b>
<a href="https://github.com/arch4ngel/parsuite">https://github.com/arch4ngel/parsuite</a>I came across <a href="https://www.reddit.com/r/netsec/comments/efl3rc/parse_and_convert_nessus_nmap_and_more_tools_to/">0bs1d1an-'s</a> post about a really cool parser yesterday that supports input files from various sources and it inspired me to share this modular parser I've been working on. I put it together when I decided too much time was being spent using grep and awk during my day-to-day as a penetration tester.Hope someone finds it useful!Framework CapabilitiesYou can create simple <strong>parser modules</strong> and drop them in the <code>parsuite.modules</code> path as described in the <a href="https://github.com/arch4ngel/parsuite/wiki/Parser-Modules">wiki</a>, which'll make them appear in the interface.<strong>abstractions</strong> can be used to represent elements from Nessus, NMap, Masscan, and Burp XML files as Python objects (it's not one-to-one, but enough to get the job done in most cases)<strong>parsers</strong> can be used to parse XML objects on the quickCurrent ModulesThere are several super useful modules already implemented, but here are the three I use most often:nessus_api_host_dumperContrary to the name, this module dumps output from a Nessus scan using the JSON API to while using the filesystem as an improvised database, i.e. each vulnerability receives a folder that contains a list of affected hosts, ports, and sockets. The directory structure is: <code><output directory>/<severity>/<vulnerability name></code>.This module is particularly useful when long scans are running or when the user interface stops working due to large data sets (thanks Tenable).``` archangel@deskjet~> parsuite nessus_api_host_dumper --url <a href="https://www.somenessus.com:8834">https://www.somenessus.com:8834</a> -od nessus_output -i --scan-names TestScan [+] Starting the parser [+] Loading modules [+] Executing module: nessus_api_host_dumper [+] Getting user credentials...[+] Attempting to dump hosts from TestScan [+] Processing: TestScan [+] Processing scan hosts [+] Processing scan plugins (this may take some time) [+] Processing target plugin ids [+] [INFO] traceroute_information [+] [INFO] nessus_scan_information [+] [INFO] additional_dns_hostnames [+] [INFO] tls_version_1_1_protocol_detection [+] [INFO] tls_npn_supported_protocol_enumeration [+] [INFO] tls_next_protocols_supported [+] [INFO] tls_alpn_supported_protocol_enumeration [+] [INFO] ssl_root_certification_authority_certificate_infor [+] [INFO] ssl_perfect_forward_secrecy_cipher_suites_supporte [+] [INFO] ssl_cipher_suites_supported [+] [INFO] ssl_cipher_block_chaining_cipher_suites_supported [+] [INFO] ssl_certificate_signed_using_weak_hashing_algorith [+] [INFO] ssl_certificate_information [+] [INFO] ssl_tls_versions_supported [+] [INFO] hsts_missing_from_https_server [+] [INFO] nessus_tcp_scanner [+] [INFO] hypertext_transfer_protocol_http_information [+] [INFO] http_server_type_and_version [+] [INFO] service_detection [+] Module execution complete. Exiting. ```...and the directory structure looks like``` archangel@deskjet~> head nessus_output/info/additional_dns_hostnames/additional_informationPlugin Name: Additional DNS HostnamesPlugin ID: 46180Severity: INFODescription:Hostnames different from the current hostname have been collected by miscellaneous plugins. Nessus has generated a list of hostnames that point to the remote host. Note that these are only the alternate hostnames for vhosts discovered on a web server.Different web servers may be hosted on name-based virtual hosts. ```xml_dumperExtract output from NMap, Nessus, and Masscan XML files in various formats.Here's an example of dumping records in URI format while searching for HTTP services.<code>root@deskjet:recon~> parsuite xml_dumper -ifs full_aggressive.xml --format uri --sreg --service-search 'https?' [+] Starting the parser [+] Loading…
<a href="https://github.com/arch4ngel/parsuite">https://github.com/arch4ngel/parsuite</a>I came across <a href="https://www.reddit.com/r/netsec/comments/efl3rc/parse_and_convert_nessus_nmap_and_more_tools_to/">0bs1d1an-'s</a> post about a really cool parser yesterday that supports input files from various sources and it inspired me to share this modular parser I've been working on. I put it together when I decided too much time was being spent using grep and awk during my day-to-day as a penetration tester.Hope someone finds it useful!Framework CapabilitiesYou can create simple <strong>parser modules</strong> and drop them in the <code>parsuite.modules</code> path as described in the <a href="https://github.com/arch4ngel/parsuite/wiki/Parser-Modules">wiki</a>, which'll make them appear in the interface.<strong>abstractions</strong> can be used to represent elements from Nessus, NMap, Masscan, and Burp XML files as Python objects (it's not one-to-one, but enough to get the job done in most cases)<strong>parsers</strong> can be used to parse XML objects on the quickCurrent ModulesThere are several super useful modules already implemented, but here are the three I use most often:nessus_api_host_dumperContrary to the name, this module dumps output from a Nessus scan using the JSON API to while using the filesystem as an improvised database, i.e. each vulnerability receives a folder that contains a list of affected hosts, ports, and sockets. The directory structure is: <code><output directory>/<severity>/<vulnerability name></code>.This module is particularly useful when long scans are running or when the user interface stops working due to large data sets (thanks Tenable).``` archangel@deskjet~> parsuite nessus_api_host_dumper --url <a href="https://www.somenessus.com:8834">https://www.somenessus.com:8834</a> -od nessus_output -i --scan-names TestScan [+] Starting the parser [+] Loading modules [+] Executing module: nessus_api_host_dumper [+] Getting user credentials...[+] Attempting to dump hosts from TestScan [+] Processing: TestScan [+] Processing scan hosts [+] Processing scan plugins (this may take some time) [+] Processing target plugin ids [+] [INFO] traceroute_information [+] [INFO] nessus_scan_information [+] [INFO] additional_dns_hostnames [+] [INFO] tls_version_1_1_protocol_detection [+] [INFO] tls_npn_supported_protocol_enumeration [+] [INFO] tls_next_protocols_supported [+] [INFO] tls_alpn_supported_protocol_enumeration [+] [INFO] ssl_root_certification_authority_certificate_infor [+] [INFO] ssl_perfect_forward_secrecy_cipher_suites_supporte [+] [INFO] ssl_cipher_suites_supported [+] [INFO] ssl_cipher_block_chaining_cipher_suites_supported [+] [INFO] ssl_certificate_signed_using_weak_hashing_algorith [+] [INFO] ssl_certificate_information [+] [INFO] ssl_tls_versions_supported [+] [INFO] hsts_missing_from_https_server [+] [INFO] nessus_tcp_scanner [+] [INFO] hypertext_transfer_protocol_http_information [+] [INFO] http_server_type_and_version [+] [INFO] service_detection [+] Module execution complete. Exiting. ```...and the directory structure looks like``` archangel@deskjet~> head nessus_output/info/additional_dns_hostnames/additional_informationPlugin Name: Additional DNS HostnamesPlugin ID: 46180Severity: INFODescription:Hostnames different from the current hostname have been collected by miscellaneous plugins. Nessus has generated a list of hostnames that point to the remote host. Note that these are only the alternate hostnames for vhosts discovered on a web server.Different web servers may be hosted on name-based virtual hosts. ```xml_dumperExtract output from NMap, Nessus, and Masscan XML files in various formats.Here's an example of dumping records in URI format while searching for HTTP services.<code>root@deskjet:recon~> parsuite xml_dumper -ifs full_aggressive.xml --format uri --sreg --service-search 'https?' [+] Starting the parser [+] Loading…
GitHub
GitHub - ImpostorKeanu/parsuite: Simple parser framework.
Simple parser framework. Contribute to ImpostorKeanu/parsuite development by creating an account on GitHub.
endlessh: SSH tarpit that slowly sends an endless banner
https://ift.tt/2WgSvGv
Submitted December 28, 2019 at 04:51PM by drspeaker
via reddit https://ift.tt/2Ztt8UP
https://ift.tt/2WgSvGv
Submitted December 28, 2019 at 04:51PM by drspeaker
via reddit https://ift.tt/2Ztt8UP
GitHub
skeeto/endlessh
SSH tarpit that slowly sends an endless banner. Contribute to skeeto/endlessh development by creating an account on GitHub.
CORS Misconfigurations
https://ift.tt/2QuPFMD
Submitted December 28, 2019 at 09:55PM by ghostlulz
via reddit https://ift.tt/2QqzHn0
https://ift.tt/2QuPFMD
Submitted December 28, 2019 at 09:55PM by ghostlulz
via reddit https://ift.tt/2QqzHn0
Ghostlulz Hacks
Cross-Origin Resource Sharing (CORS) - Ghostlulz Hacks
Cross-Origin Resource Sharing (CORS) can be used to bypass the Same Origin Policy(SOP) and read sensitive user data.
Bumble: Finding dates and WiFi access points
https://ift.tt/2QsYpD5
Submitted December 28, 2019 at 10:25PM by theappanalyst
via reddit https://ift.tt/2Q5GKT9
https://ift.tt/2QsYpD5
Submitted December 28, 2019 at 10:25PM by theappanalyst
via reddit https://ift.tt/2Q5GKT9
reddit
Bumble: Finding dates and WiFi access points
Posted in r/netsec by u/theappanalyst • 2 points and 0 comments
Sleuthing from public sources to figure out how the Hateful Eight leaker was caught
https://ift.tt/37fzmKq
Submitted December 29, 2019 at 01:24AM by jjj98
via reddit https://ift.tt/2rA8q98
https://ift.tt/37fzmKq
Submitted December 29, 2019 at 01:24AM by jjj98
via reddit https://ift.tt/2rA8q98
Boing Boing
Sleuthing from public sources to figure out how the Hateful Eight leaker was caught
In 2014, Quentin Tarantino sued Gawker for publishing a link to a leaked pre-release screener of his movie “The Hateful Eight.” The ensuing court-case revealed that the screeners Tarant…
D-Link DIR-859 — Unautenticated RCE (CVE-2019–17621)
https://ift.tt/2t7ntYu
Submitted December 27, 2019 at 07:45AM by secenv
via reddit https://ift.tt/37eoSev
https://ift.tt/2t7ntYu
Submitted December 27, 2019 at 07:45AM by secenv
via reddit https://ift.tt/37eoSev
Medium
D-Link DIR-859 — Unautenticated RCE (CVE-2019–17621) [EN]
Researchers
NCSC Cyber Security Body Of Knowledge Published.
https://ift.tt/2oNGdu4
Submitted December 29, 2019 at 06:41AM by 1nt3rnalv01d
via reddit https://ift.tt/2Q5wKcj
https://ift.tt/2oNGdu4
Submitted December 29, 2019 at 06:41AM by 1nt3rnalv01d
via reddit https://ift.tt/2Q5wKcj
www.ncsc.gov.uk
First full version of the Cyber Security Body of Knowledge published
Authoritative guide to the foundational knowledge underpinning cyber security.