ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos.

In this video, I'm talking about deploying a self hosted dark net search engine including crawler, indexer and a web UI. I have used the repository by NexvisionLab named DarkWeb Search Engine available at this link:
https://github.com/NexvisionLab/Darkweb…

Contribute to nirajkharel/AD-Pentesting-Notes development by creating an account on GitHub.

While exploring the DCOM objects for the “SilverPotato” abuse, I stumbled upon the “ShellWindows” DCOM application. This, along with “ShellBrowserWindows”, is we…

DISCLAIMER: Using these tools and methods against hosts that you do not have explicit permission to test is illegal. You are responsible…

Thomas White ran the Silk Road 2.0 drug marketplace and was convicted of child abuse imagery-related crimes. He was also a co-founder of transparency activist organization Distributed Denial of Secrets.

HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy‌ + Exploit Timing Attacks - nxenon/h2spacex

Apparently, you can crash your iPhone Springboard pretty easily:

On your iPhone, swipe left past all your Home Screen pages to get to App Library. Then search for ""::

Do at your own risk :blobupsidedown:

Credit: Somewhere on the bird site

В этой статье я объясню, как построить инфраструктуру для симуляции фишинговой атаки в рамках тестирования организации. Мы создадим с нуля почтовый сервер, установим и настроим обратный прокси Evilginx, а затем внедрим его в фишинговый фреймворк Gophish.…