Some LOLbin Examples for Antivirus Evasion - Silly Rabbit, Trix are for Kids
https://ift.tt/2Q8Wyob
Submitted December 30, 2019 at 07:52AM by thickofits
via reddit https://ift.tt/2MIbkQG
https://ift.tt/2Q8Wyob
Submitted December 30, 2019 at 07:52AM by thickofits
via reddit https://ift.tt/2MIbkQG
reddit
Some LOLbin Examples for Antivirus Evasion - Silly Rabbit, Trix...
Posted in r/netsec by u/thickofits • 29 points and 4 comments
Bashar Bachir Infection Chain Analysis
https://ift.tt/354eVyy
Submitted December 30, 2019 at 09:15AM by kindredsec
via reddit https://ift.tt/359tj8V
https://ift.tt/354eVyy
Submitted December 30, 2019 at 09:15AM by kindredsec
via reddit https://ift.tt/359tj8V
GitHub
itsKindred/malware-analysis-writeups
A repository of my completed writeups, along with the samples themselves. - itsKindred/malware-analysis-writeups
Compatible Wireless Penetration Hardware for Rolling Kali
https://ift.tt/369ai7N
Submitted December 30, 2019 at 09:59AM by pentest4life
via reddit https://ift.tt/2FgFeYd
https://ift.tt/369ai7N
Submitted December 30, 2019 at 09:59AM by pentest4life
via reddit https://ift.tt/2FgFeYd
Medium
Compatible Wireless Penetration Hardware for Kali Rolling
This post will talk about what USB devices are supported out of the box for Kali in the year 2020, include a quick cheat sheet, and and…
In the face of password breaches, we are equal - A quick study of data breaches vs. decision-makers in 11 top market cap companies in Finland
https://ift.tt/37psn1x
Submitted December 30, 2019 at 12:04PM by btriani
via reddit https://ift.tt/36jDl93
https://ift.tt/37psn1x
Submitted December 30, 2019 at 12:04PM by btriani
via reddit https://ift.tt/36jDl93
Medium
In the face of password breaches, we are equal
A quick study of data breaches vs. decision-makers in 11 top market cap companies in Finland
InfoCon Collection: Hacking Conference Audio and Video Archive
https://infocon.org/
Submitted December 30, 2019 at 03:49PM by digicat
via reddit https://ift.tt/2SEvQp8
https://infocon.org/
Submitted December 30, 2019 at 03:49PM by digicat
via reddit https://ift.tt/2SEvQp8
infocon.org
InfoCon.org is an archive of hacking and security conference videos, documentaries, rainbow tables, word lists and podcasts.
Lesser-known Tools for Android Application PenTesting
https://ift.tt/39osDQr
Submitted December 30, 2019 at 05:15PM by CaptMeelo
via reddit https://ift.tt/357rhpN
https://ift.tt/39osDQr
Submitted December 30, 2019 at 05:15PM by CaptMeelo
via reddit https://ift.tt/357rhpN
Hack.Learn.Share
Lesser-known Tools for Android Application PenTesting
This blog contains write-ups of the things that I researched, learned, and wanted to share to others.
Reverse Engineering new-gen Web Assembly applications using Chrome dev tools
https://ift.tt/37jH8TJ
Submitted December 30, 2019 at 07:20PM by ISeeFacesInClouds
via reddit https://ift.tt/2MF4xHt
https://ift.tt/37jH8TJ
Submitted December 30, 2019 at 07:20PM by ISeeFacesInClouds
via reddit https://ift.tt/2MF4xHt
Medium
Reversing Web Assembly (WASM)
xmas_future
Android VPN app with 10,000,000+ downloads exposes users' VPN usernames & IP addresses in android logs
https://ift.tt/35a7m9F
Submitted December 31, 2019 at 06:00AM by WannaMakeAnApp
via reddit https://ift.tt/2SC9uEF
https://ift.tt/35a7m9F
Submitted December 31, 2019 at 06:00AM by WannaMakeAnApp
via reddit https://ift.tt/2SC9uEF
RIIS
VPN App With 10,000,000+ downloads exposes users' VPN logins and servers in android logs • RIIS
Learn how to use AI to improve your app or website's UI tests.
Lesser-known Tools for Android Application PenTesting
https://ift.tt/39osDQr
Submitted December 31, 2019 at 08:57AM by CaptMeelo
via reddit https://ift.tt/2szd73A
https://ift.tt/39osDQr
Submitted December 31, 2019 at 08:57AM by CaptMeelo
via reddit https://ift.tt/2szd73A
Hack.Learn.Share
Lesser-known Tools for Android Application PenTesting
This blog contains write-ups of the things that I researched, learned, and wanted to share to others.
CVE-2019-19632 and CVE-2019-19631: XSS and Sensitive Information Disclosure
https://ift.tt/2Fa3bjO
Submitted December 31, 2019 at 01:24AM by breach_house
via reddit https://ift.tt/2Qb4PYz
https://ift.tt/2Fa3bjO
Submitted December 31, 2019 at 01:24AM by breach_house
via reddit https://ift.tt/2Qb4PYz
Bishopfox
Big Monitoring Fabric Application
High-risk vulnerabilities in the Big Monitoring Fabric app that would grant a remote attacker admin access and SSH console access to affected system.
The /r/netsec Monthly Discussion Thread - January 2020
OverviewQuestions regarding netsec and discussion related directly to netsec are welcome here.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on /r/netsec.As always, the content & discussion guidelines should also be observed on /r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted January 01, 2020 at 10:06AM by AutoModerator
via reddit https://ift.tt/2sBYyfE
OverviewQuestions regarding netsec and discussion related directly to netsec are welcome here.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on /r/netsec.As always, the content & discussion guidelines should also be observed on /r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted January 01, 2020 at 10:06AM by AutoModerator
via reddit https://ift.tt/2sBYyfE
Reddit
Technical Information Security Content & Discussion
/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to provide value to security practitioners, students, researchers, and hackers everywhere.
How To Secure Apache From Clickjack attack using X-Frame-Options
https://ift.tt/2CNjYIF
Submitted January 01, 2020 at 03:41PM by vulpinecode
via reddit https://ift.tt/2QwONHy
https://ift.tt/2CNjYIF
Submitted January 01, 2020 at 03:41PM by vulpinecode
via reddit https://ift.tt/2QwONHy
Tutorials24x7
How To Secure Apache From Clickjack attack using X-Frame-Options
Explains the way to secure websites and web-based applications from Clickjacking hosted on Apache HTTP Server using the Header option X-Frame-Options.
/r/netsec's Q1 2020 Academic Program Thread
Many of our members are searching or applying for college now so, like the hiring thread, we'd like to aggregate information about great security programs at colleges and universities. We did this once in 2015 and most of the information is still relevant, check it out.If you work for or attend an educational institution that covers security (including non computer science, like law, business, etc), please leave a comment outlining the program and its unique features. There a few requirements/requests:No admissions counselors.Please be thorough and upfront with details about the program. Include links to relevant websites detailing the coursework and your College Scorecard.List the top career paths that graduates take. Industry, academia, and government use security expertise in many different ways. What career paths does the program best prepare you for?Reserve top-level comments for those posting about their academic programs. Feedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)Share this post on Twitter and Facebook to increase exposure
Submitted January 01, 2020 at 10:51PM by ranok
via reddit https://ift.tt/35gFSPP
Many of our members are searching or applying for college now so, like the hiring thread, we'd like to aggregate information about great security programs at colleges and universities. We did this once in 2015 and most of the information is still relevant, check it out.If you work for or attend an educational institution that covers security (including non computer science, like law, business, etc), please leave a comment outlining the program and its unique features. There a few requirements/requests:No admissions counselors.Please be thorough and upfront with details about the program. Include links to relevant websites detailing the coursework and your College Scorecard.List the top career paths that graduates take. Industry, academia, and government use security expertise in many different ways. What career paths does the program best prepare you for?Reserve top-level comments for those posting about their academic programs. Feedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)Share this post on Twitter and Facebook to increase exposure
Submitted January 01, 2020 at 10:51PM by ranok
via reddit https://ift.tt/35gFSPP
reddit
/r/netsec's Q3 2015 Academic Program Thread
Many of our members are applying for college now so, like the hiring thread, we'd like to aggregate information about great security programs at...
Decrypting config.bin files for TP-Link WR841N, WA855RE, and probably more…
https://ift.tt/37pfOU7
Submitted January 01, 2020 at 11:01PM by thatstevelord
via reddit https://ift.tt/2ua7Wrj
https://ift.tt/37pfOU7
Submitted January 01, 2020 at 11:01PM by thatstevelord
via reddit https://ift.tt/2ua7Wrj
Blogspot
Decrypting config.bin files for TP-Link WR841N, WA855RE, and probably more…
Notice - moved from medium.com, as their pricing model is just plain wrong... This is also hosted here , but updated below. Tl;Dr — i...
Disclosure of exploit in Home alarms in Sweden.
https://ift.tt/39yD1F9
Submitted January 02, 2020 at 12:09AM by showmeyourprincess
via reddit https://ift.tt/2QhgnJK
https://ift.tt/39yD1F9
Submitted January 02, 2020 at 12:09AM by showmeyourprincess
via reddit https://ift.tt/2QhgnJK
reddit
Disclosure of exploit in Home alarms in Sweden.
Posted in r/netsec by u/showmeyourprincess • 4 points and 0 comments
Alert Alarm SMS exploit
https://ift.tt/39yD1F9
Submitted January 02, 2020 at 12:25AM by giffengrabber
via reddit https://ift.tt/35gQ6jb
https://ift.tt/39yD1F9
Submitted January 02, 2020 at 12:25AM by giffengrabber
via reddit https://ift.tt/35gQ6jb
reddit
Alert Alarm SMS exploit
Posted in r/netsec by u/giffengrabber • 5 points and 1 comment
iOS Application Injection with Theos
https://ift.tt/2Fcx9Ue
Submitted January 02, 2020 at 01:35AM by Boomcan90
via reddit https://ift.tt/2tqfvcP
https://ift.tt/2Fcx9Ue
Submitted January 02, 2020 at 01:35AM by Boomcan90
via reddit https://ift.tt/2tqfvcP
reddit
iOS Application Injection with Theos
Posted in r/netsec by u/Boomcan90 • 37 points and 0 comments
BusKill: A $20 USB dead-man-switch triggered if someone physically yanks your laptop away
https://ift.tt/36ozmIk
Submitted January 02, 2020 at 07:16PM by maltfield
via reddit https://ift.tt/2SP590T
https://ift.tt/36ozmIk
Submitted January 02, 2020 at 07:16PM by maltfield
via reddit https://ift.tt/2SP590T
Michael Altfield's Tech Blog
Introducing BusKill: A Kill Cord for your Laptop - Michael Altfield's Tech Blog
BusKill is a Kill Cord for your laptop implementing a Dead Man Switch using $20 in USB hardware + udev rule to trigger your laptop self-destruct if stolen.
Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 Authentication Bypass
https://ift.tt/39rJim1
Submitted January 02, 2020 at 06:54PM by sejzer
via reddit https://ift.tt/35gNgur
https://ift.tt/39rJim1
Submitted January 02, 2020 at 06:54PM by sejzer
via reddit https://ift.tt/35gNgur
Cxsecurity
Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 Authentication Bypass - CXSecurity.com
Raphael Karger & Nathan Hrncirik has realised a new security note Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 Authentication Bypass
Exploiting Wi-Fi Stack on Tesla Model S
https://ift.tt/2SJsXmU
Submitted January 02, 2020 at 09:31PM by 0xdea
via reddit https://ift.tt/2ZRtRiQ
https://ift.tt/2SJsXmU
Submitted January 02, 2020 at 09:31PM by 0xdea
via reddit https://ift.tt/2ZRtRiQ
Keen Security Lab Blog
Exploiting Wi-Fi Stack on Tesla Model S
In the past two years, Keen Security Lab did in-depth research on the security of Tesla Cars and presented our research results on Black Hat 2017 and Black Hat 2018. Our research involves many in-veh
PHP Version Audit: Easily check a given PHP version against an automatically updated list of CVEs, patches, and support end dates
https://ift.tt/2FerahJ
Submitted January 02, 2020 at 09:49PM by lightswitch05
via reddit https://ift.tt/36ibru1
https://ift.tt/2FerahJ
Submitted January 02, 2020 at 09:49PM by lightswitch05
via reddit https://ift.tt/36ibru1
Developerdan
PHP Version Audit
PHP Version Audit is a convenience tool to easily check a given PHP version against a regularly updated list of CVE exploits, new releases, and end of life dates.