Making Cheap Hacking tools with Arduino | Security Tools Podcast
https://ift.tt/2SzdfKF
Submitted February 21, 2020 at 06:29PM by varonisofficial
via reddit https://ift.tt/2HHqZfU
https://ift.tt/2SzdfKF
Submitted February 21, 2020 at 06:29PM by varonisofficial
via reddit https://ift.tt/2HHqZfU
Security Tools Podcast
Seytonic is a YouTube creator who makes security content and Arduino-based hacking tools. We talk about what it's like to create content for hackers, his experience making hacker hardware, and why he chose to make low-cost hacking tools using Arduino IDE.
CVE-2020-1938 - AJP RCE
/r/sysadmin/comments/f7algz/cve20201938_ajp_rce/
Submitted February 21, 2020 at 06:21PM by arcticnixadm
via reddit https://ift.tt/2T9CTVw
/r/sysadmin/comments/f7algz/cve20201938_ajp_rce/
Submitted February 21, 2020 at 06:21PM by arcticnixadm
via reddit https://ift.tt/2T9CTVw
reddit
CVE-2020-1938 - AJP RCE
Posted in r/netsec by u/arcticnixadm • 3 points and 1 comment
Flask Debug Mode RCE
https://ift.tt/3bIqCQg
Submitted February 21, 2020 at 06:58PM by ghostlulz
via reddit https://ift.tt/38MJoUN
https://ift.tt/3bIqCQg
Submitted February 21, 2020 at 06:58PM by ghostlulz
via reddit https://ift.tt/38MJoUN
Ghostlulz Hacks
Flask RCE Debug Mode - Ghostlulz Hacks
Django, Flask remote code execution (RCE) via enabling debug mode. Werkzeug debug mode enables anonymous command shell execution via the web.
CVE-2018-8611 – Diving into the Windows Kernel Transaction Manager (KTM) for fun and exploitation
https://ift.tt/2SMk4IV
Submitted February 21, 2020 at 07:29PM by digicat
via reddit https://ift.tt/32fA5dg
https://ift.tt/2SMk4IV
Submitted February 21, 2020 at 07:29PM by digicat
via reddit https://ift.tt/32fA5dg
NCC Group Research
CVE-2018-8611 – Diving into the Windows Kernel Transaction Manager (KTM) for fun and exploitation
Written by Cedric Halbronn On Saturday 15th February, I gave a talk titled “How CVE-2018-8611 Can be Exploited to Achieve Privilege Escalation on Windows 10 1809 (RS5) and Earlier”. Thi…
Starting Sept. 1, SSL Certificate Validity Will Be Limited to One Year by Apple’s Safari Browser
https://ift.tt/39KF2gO
Submitted February 21, 2020 at 07:52PM by apkorol
via reddit https://ift.tt/2T4BOOE
https://ift.tt/39KF2gO
Submitted February 21, 2020 at 07:52PM by apkorol
via reddit https://ift.tt/2T4BOOE
Hashed Out by The SSL Store™
SSL Certificate Validity Will Be Limited to One Year by Apple’s Safari Browser - Hashed Out by The SSL Store™
Starting Sept. 1, Safari will no longer trust SSL/TLS certificates with validity periods longer than 398 days Starting Sept. 1, Apple’s Safari browser will no longer trust SSL/TLS leaf certificates...
Sudo Killer
https://ift.tt/3bR3ZsZ
Submitted February 21, 2020 at 09:25PM by brainborg
via reddit https://ift.tt/2HJqwdl
https://ift.tt/3bR3ZsZ
Submitted February 21, 2020 at 09:25PM by brainborg
via reddit https://ift.tt/2HJqwdl
KitPloit - PenTest & Hacking Tools
SUDO_KILLER - A Tool To Identify And Exploit Sudo Rules' Misconfigurations And Vulnerabilities Within Sudo
A-Z guide on setting up Graylog Part 2
/r/sysadmin/comments/f7flc0/az_guide_on_setting_up_graylog_part_2/
Submitted February 22, 2020 at 12:16AM by HanSolo71
via reddit https://ift.tt/2SMOD0T
/r/sysadmin/comments/f7flc0/az_guide_on_setting_up_graylog_part_2/
Submitted February 22, 2020 at 12:16AM by HanSolo71
via reddit https://ift.tt/2SMOD0T
reddit
A-Z guide on setting up Graylog Part 2
Posted in r/netsec by u/HanSolo71 • 2 points and 0 comments
Testing Your Red Team Infrastructure
https://ift.tt/38tKRPv
Submitted February 22, 2020 at 12:45AM by dmchell
via reddit https://ift.tt/2PecAwe
https://ift.tt/38tKRPv
Submitted February 22, 2020 at 12:45AM by dmchell
via reddit https://ift.tt/2PecAwe
MDSec
Testing your RedTeam Infrastructure - MDSec
As RedTeaming has grown with the industry, so has our need to build dependable environments. In keeping with the cat-and-mouse game we find ourselves in, it’s essential to possess the...
IIS Raid – Backdooring IIS Using Native Modules
https://ift.tt/38IjEZp
Submitted February 22, 2020 at 12:45AM by dmchell
via reddit https://ift.tt/3c1lo2i
https://ift.tt/38IjEZp
Submitted February 22, 2020 at 12:45AM by dmchell
via reddit https://ift.tt/3c1lo2i
MDSec
IIS Raid – Backdooring IIS Using Native Modules - MDSec
Introduction Back in 2018, PaloAlto Unit42 publicly documented RGDoor, an IIS backdoor used by the APT34. The article highlighted some details which sparked my interest and inspired me to write...
Getting What You’re Entitled To: A Journey Into MacOS Stored Credentials
https://ift.tt/32eEz3R
Submitted February 22, 2020 at 12:45AM by dmchell
via reddit https://ift.tt/39XrXRB
https://ift.tt/32eEz3R
Submitted February 22, 2020 at 12:45AM by dmchell
via reddit https://ift.tt/39XrXRB
Open source Malboxes now deploys Windows desktop OS to AWS ready for malware detonation and analysis with many tools preinstalled
https://ift.tt/2Vd6vUk
Submitted February 22, 2020 at 01:33AM by obilodeau
via reddit https://ift.tt/2SOtwvg
https://ift.tt/2Vd6vUk
Submitted February 22, 2020 at 01:33AM by obilodeau
via reddit https://ift.tt/2SOtwvg
GoSecure
Cloudy With a Chance of Malware: Malboxes Now Deploys to AWS - GoSecure
The open-source tool Malboxes now makes malware analysis safer by deploying directly into the Amazon AWS cloud removing the requirement of operating a local dirty network.
How Microsoft 365 uses machine learning to stop data leaks & insider attacks
https://ift.tt/2SNXDTC
Submitted February 22, 2020 at 01:28AM by myinnerbanjo
via reddit https://ift.tt/32ei1QS
https://ift.tt/2SNXDTC
Submitted February 22, 2020 at 01:28AM by myinnerbanjo
via reddit https://ift.tt/32ei1QS
The AI Blog
How Microsoft 365 uses AI to stop data leaks & insider attacks
A new Insider Risk Management solution within Microsoft 365 uses machine learning to intelligently detect potentially risky behavior within a company.
Another Subdomain ENumeration Tool
https://ift.tt/2V70Pvc
Submitted February 22, 2020 at 01:26AM by cinerieus
via reddit https://ift.tt/2SNi17r
https://ift.tt/2V70Pvc
Submitted February 22, 2020 at 01:26AM by cinerieus
via reddit https://ift.tt/2SNi17r
GitHub
cinerieus/as3nt
Another Subdomain ENumeration Tool. Contribute to cinerieus/as3nt development by creating an account on GitHub.
I hacked SlickWraps. This is how.
https://ift.tt/39VQLJo
Submitted February 22, 2020 at 07:24AM by irckeyboardwarrior
via reddit https://ift.tt/2VdPbie
https://ift.tt/39VQLJo
Submitted February 22, 2020 at 07:24AM by irckeyboardwarrior
via reddit https://ift.tt/2VdPbie
reddit
I hacked SlickWraps. This is how.
Posted in r/netsec by u/irckeyboardwarrior • 3 points and 7 comments
Simple malware de obfuscation using Chepy
/r/Malware/comments/f7lgk9/simple_malware_de_obfuscation_using_chepy/
Submitted February 22, 2020 at 07:13AM by securisec
via reddit https://ift.tt/2HMazDe
/r/Malware/comments/f7lgk9/simple_malware_de_obfuscation_using_chepy/
Submitted February 22, 2020 at 07:13AM by securisec
via reddit https://ift.tt/2HMazDe
reddit
Simple malware de obfuscation using Chepy
Posted in r/netsec by u/securisec • 1 point and 0 comments
Hunting Tesla Model Y Secrets in the Parts Catalog
https://ift.tt/37RLmSm
Submitted February 22, 2020 at 08:57AM by techdash
via reddit https://ift.tt/3bXchPP
https://ift.tt/37RLmSm
Submitted February 22, 2020 at 08:57AM by techdash
via reddit https://ift.tt/3bXchPP
Medium
Hunting Tesla Model Y Secrets in the Parts Catalog
After buying a Model 3 in June of 2019, I began deep diving into understanding how my new car works. My interest largely being the…
Opposition Research (OSINT): Twitter
https://ift.tt/2PdNFsA
Submitted February 22, 2020 at 10:22AM by NattyFried1
via reddit https://ift.tt/32fSRkZ
https://ift.tt/2PdNFsA
Submitted February 22, 2020 at 10:22AM by NattyFried1
via reddit https://ift.tt/32fSRkZ
TurgenSec Community
Opposition Research (OSINT): Twitter
This article is part of a broader series on opposition research and OSINT. If you would like to contribute or want to suggest an amendment or work with me on my upcoming articles on Facebook,
Radare2/Cutter were accepted in Google Summer of Code 2020 - Call for Students
https://ift.tt/2SNHTjk
Submitted February 22, 2020 at 10:13AM by XVilka
via reddit https://ift.tt/2vQmKw1
https://ift.tt/2SNHTjk
Submitted February 22, 2020 at 10:13AM by XVilka
via reddit https://ift.tt/2vQmKw1
reddit
Radare2/Cutter were accepted in Google Summer of Code 2020 - Call...
Posted in r/netsec by u/XVilka • 5 points and 1 comment
Slickwraps Data breach
/r/technology/comments/f7r0yy/slickwraps_data_breach/
Submitted February 22, 2020 at 04:26PM by PickleeeeeRick
via reddit https://ift.tt/39SwAMD
/r/technology/comments/f7r0yy/slickwraps_data_breach/
Submitted February 22, 2020 at 04:26PM by PickleeeeeRick
via reddit https://ift.tt/39SwAMD
reddit
Slickwraps Data breach
Posted in r/netsec by u/PickleeeeeRick • 3 points and 0 comments
HackTheBox: Zetta - writeup by t3chnocat
https://t3chnocat.com/htb-zetta/
Submitted February 22, 2020 at 09:33PM by t3chnocat_
via reddit https://ift.tt/2ukzqLa
https://t3chnocat.com/htb-zetta/
Submitted February 22, 2020 at 09:33PM by t3chnocat_
via reddit https://ift.tt/2ukzqLa
t3chnocat.com
HackTheBox Writeup: Zetta
Zetta was a hard rated box that had some interesting vulnerabilities. An unfinished dual-stack implementation was used to leak the IPv6 address of the server which exposed a rsync service. Write access to rsync was used to write to an authorized_keys file…
AngularJs Client Side Template Injection (XSS)
https://ift.tt/3c119le
Submitted February 22, 2020 at 09:45PM by ghostlulz
via reddit https://ift.tt/2Vg5ZF8
https://ift.tt/3c119le
Submitted February 22, 2020 at 09:45PM by ghostlulz
via reddit https://ift.tt/2Vg5ZF8
Ghostlulz Hacks
AngularJS Client Side Template Injection (XSS) - Ghostlulz Hacks
Slack Group Before we get started I have started a slack group dedicated to hacking. We welcome everyone from beginner…