has anybody faced a honeypot so far?
Not me, tho, but it is good to know how to detect honeypot setups.
> They have outdated services and ports, like they are a complete decoy, such as an old version of WordPress or Apache and Nginx.
> They have a perfect bait, like a default password or something like that
> And they have a passive response; they are not real operating systems, so they won't have a full handshake. They will refuse at some point, u will see some inconsistency
To figure out (identify the decoy):
> Lookup the IP and domain on threat intel platforms like Shodan, which may reveal the ASN that IP belongs to and stuff like that
> Or use an automated scanner with less threat ig
this is what i found from the internet eski arif honeypot resource kagegnew i will share it
@AfroSec
Not me, tho, but it is good to know how to detect honeypot setups.
> They have outdated services and ports, like they are a complete decoy, such as an old version of WordPress or Apache and Nginx.
> They have a perfect bait, like a default password or something like that
> And they have a passive response; they are not real operating systems, so they won't have a full handshake. They will refuse at some point, u will see some inconsistency
To figure out (identify the decoy):
> Lookup the IP and domain on threat intel platforms like Shodan, which may reveal the ASN that IP belongs to and stuff like that
> Or use an automated scanner with less threat ig
this is what i found from the internet eski arif honeypot resource kagegnew i will share it
@AfroSec
π2π€2β1
What a Sunday
I was minding my own business and suddenly stumbled upon some weird TG channel and found a link to a library-like SaaS application. I clicked it, it took me to the site, and I saw the book, but it asked for a login. Then I logged in with a temp email, tried to download the file, but ended up needing to pay.
Huh, seriously? Nibba nah, nah
I intercepted the request. I saw the backend is Supabase and the frontend is on Vercel. Then I opened Burp and everything was there, like the download URL and hidden subdomain. I went to that subdomain, but only the devs can log in. But lucky me, I can request any book and download via interception. :)
Not a bad guy after all; I reported it to them ππππ
@AfroSec
I was minding my own business and suddenly stumbled upon some weird TG channel and found a link to a library-like SaaS application. I clicked it, it took me to the site, and I saw the book, but it asked for a login. Then I logged in with a temp email, tried to download the file, but ended up needing to pay.
Huh, seriously? Nibba nah, nah
I intercepted the request. I saw the backend is Supabase and the frontend is on Vercel. Then I opened Burp and everything was there, like the download URL and hidden subdomain. I went to that subdomain, but only the devs can log in. But lucky me, I can request any book and download via interception. :)
Not a bad guy after all; I reported it to them ππππ
@AfroSec
π₯8π2π«‘2β€1π1
Last spam of the day:
so kdm, which 11:30 PM Akababi local time Indeed, I went out with my bro to play PS, then the owner was initiating a kernel exploit to play FIFA 2026. I saw the logs on the screen and asked my bro; he said this is the jailbroken one, so Leza new Mnamn and i was like ufff ππ
i bet the dude dont know what actually happening behind the scene belew
@AfroSec
so kdm, which 11:30 PM Akababi local time Indeed, I went out with my bro to play PS, then the owner was initiating a kernel exploit to play FIFA 2026. I saw the logs on the screen and asked my bro; he said this is the jailbroken one, so Leza new Mnamn and i was like ufff ππ
i bet the dude dont know what actually happening behind the scene belew
@AfroSec
π€£7β€1π1
Forwarded from Mira
swift is kinda cool. been mAkInG this app recently. since tele's network is unbearable, i can't afford multiple processes hogging my network resource and leading it to basically unusable state. the catch with "stats" apps is you can't (or don't let you) execute sudo commands like killing the process directly from an interface.
so i am making mine to track both pure bandwith (apps currently downloading/uploading files) and lag (latency/bufferbloat) to measure packet loss or round-trip time (RTT) per process (discord packets are taking 300ms because steam is hogging the pipe kinda situations so that i can see if the issue is latency). then i can kill any process directly with a click of a button. it has both menu bar app and desktop standalone app
latency scoring β> bad-state connections + buffer saturation + connection count. also turned off app sandboxing so that i can access system-level PIDs and sockets lmao
P.S the attached image is a working app running inside Xcode
so i am making mine to track both pure bandwith (apps currently downloading/uploading files) and lag (latency/bufferbloat) to measure packet loss or round-trip time (RTT) per process (discord packets are taking 300ms because steam is hogging the pipe kinda situations so that i can see if the issue is latency). then i can kill any process directly with a click of a button. it has both menu bar app and desktop standalone app
latency scoring β> bad-state connections + buffer saturation + connection count. also turned off app sandboxing so that i can access system-level PIDs and sockets lmao
P.S the attached image is a working app running inside Xcode
π₯6β‘2
Rants of a deranged squirrel.
MSRC; Tell The Whole Story Please
Every so often, it seems that Microsoft Security Response Center (MSRC) likes to stick their proverbial foot in their mouth on the topic of vulnerability disclosure. The root issue is that collectiβ¦
I am today, yrs old, finding that Microsoft is a CVE Number Authority which has the ability to identify, assign, and publish CVEs. Damn, so the recent zero-days aren't assigned any number which means ...... hmm...π§π§π§
anyways i was reading this blog check it out
[ Blog ]
@AfroSec
anyways i was reading this blog check it out
[ Blog ]
@AfroSec
π₯4
AfroSec
damn, these kinds of weird things exist lol was using their wifi and u know me i love to mess with things and try to find connected users then this happened admin:admin on organizations router portal @AfroSec
Friendly reminder: change your MAC when you join public Wi-Fi in addition to using a VPN ππ
@AfroSec
@AfroSec
π6π―2π€1
LinkedIn
#cybersecuritynews | Gurubaran KS
π‘οΈ HexStrike AI RED-TEAM With 127 Security Tools and BOAZ Red Team Integration | Source: https://lnkd.in/gAuJNiiz
A fork of the original HexStrike AI project has been released as HexStrike AI v6.0, an advanced Model Context Protocol (MCP)-based cybersecurityβ¦
A fork of the original HexStrike AI project has been released as HexStrike AI v6.0, an advanced Model Context Protocol (MCP)-based cybersecurityβ¦
https://www.linkedin.com/posts/gurubaran-cybersecuritynews_cybersecuritynews-share-7468489877790081025-PtW8/?utm_source=social_share_send&utm_medium=android_app&rcm=ACoAAEmsiKABMNf6vI8xWypuZmdaNAdjxziaP0o&utm_campaign=copy_link
@AfroSec
@AfroSec
π4