Bypassing PaloAlto Traps EDR Solution
https://www.c0d3xpl0it.com/2019/01/bypassing-paloalto-traps-edr-solution.html
https://www.c0d3xpl0it.com/2019/01/bypassing-paloalto-traps-edr-solution.html
C0D3Xpl0It
Bypassing PaloAlto Traps EDR Solution
In recent Pentest we encountered PaloAlto Traps (EDR Solution) was installed on the compromised machine with WildFire module integrated ...
LeakLooker — Find open databases in a second – Wojciech – Medium
https://medium.com/@woj_ciech/leaklooker-find-open-databases-in-a-second-9da4249c8472
https://medium.com/@woj_ciech/leaklooker-find-open-databases-in-a-second-9da4249c8472
Medium
LeakLooker: Find Open Databases in Seconds
Migrated to new blog
What You Can Learn from Our Simulated Phishing Attack of 45 CEOs
https://blog.rapid7.com/2019/01/07/what-you-can-learn-from-our-successful-simulated-phishing-attack-of-45-ceos/
https://blog.rapid7.com/2019/01/07/what-you-can-learn-from-our-successful-simulated-phishing-attack-of-45-ceos/
Rapid7 Blog
What You Can Learn from Our Simulated Phishing Attack of 45 CEOs
I was recently invited to a cybersecurity event to raise awareness on phishing by simulating targeted campaigns against the CEO attendees. Here's how they fared.
GitHub - outflanknl/RedELK: Red Team's SIEM - easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
https://github.com/outflanknl/RedELK/
https://github.com/outflanknl/RedELK/
GitHub
GitHub - outflanknl/RedELK: Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well…
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations. - outflanknl/RedELK
Running Server 2016 with "DHCP Client" enabled (= default)? - Consider an urgent patch then:
"CVE-2019-0547 | Windows DHCP Client Remote Code Execution Vulnerability" (CVSS Base 9.8)
https://t.co/IBbMGoDAPS
"CVE-2019-0547 | Windows DHCP Client Remote Code Execution Vulnerability" (CVSS Base 9.8)
https://t.co/IBbMGoDAPS
Gradle Plugin Portal: Clickjacking & Cross-Site Request Forgery enabling Account Takeover
https://medium.com/@jonathan.leitschuh/gradle-plugin-portal-clickjacking-cross-site-request-forgery-enabling-account-takeover-d65c2e43082b
https://medium.com/@jonathan.leitschuh/gradle-plugin-portal-clickjacking-cross-site-request-forgery-enabling-account-takeover-d65c2e43082b
Medium
Gradle Plugin Portal: Clickjacking & Cross-Site Request Forgery enabling Account Takeover
Two security vulnerabilities in the Gradle Plugin Portal would have allowed any website to change the username, email & password of any…
GitHub - DennisYurichev/RE-for-beginners: "Reverse Engineering for Beginners" free book
https://github.com/DennisYurichev/RE-for-beginners
https://github.com/DennisYurichev/RE-for-beginners
Microsoft Patch Tuesday — January 2019: Vulnerability disclosures and Snort coverage
https://vulners.com/talosblog/TALOSBLOG:7E9E33CAB0FFF41F91CB12E204945F7F
https://vulners.com/talosblog/TALOSBLOG:7E9E33CAB0FFF41F91CB12E204945F7F
Vulners Database
Microsoft Patch Tuesday — January 2019: Vulnerability disclosures and Snort coverage
Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 49 vulnerabilities, seven of which are rated “critical,” 40 that are considered “important” and one that…
From basic User to full right Admin access on the server (via XSS, LFI, WebShell)
https://medium.com/@valeriyshevchenko/from-basic-user-to-full-right-admin-access-on-the-server-via-xss-lfi-webshell-995f816a6da2
https://medium.com/@valeriyshevchenko/from-basic-user-to-full-right-admin-access-on-the-server-via-xss-lfi-webshell-995f816a6da2
Medium
From basic User to full right Admin access on the server (via XSS, LFI, WebShell)
Imagine that you have a business in partnership with someone. At some point, you have an internal conflict. What will you do as a main…
Mjag dropper: Using decoy documents to drop RATs | Zscaler Blog
https://www.zscaler.com/blogs/research/mjag-dropper-using-decoy-documents-drop-rats
https://www.zscaler.com/blogs/research/mjag-dropper-using-decoy-documents-drop-rats
Zscaler
Mjag dropper: Using decoy documents to drop RATs
Zscaler Security Research technically analyzed Mjag dropper and Punisher RAT. Mjag dropper is compiled in the Microsoft .NET framework, and its original binary is obfuscated using SmartAssembly. Read more..
COM XSL Transformation: Bypassing Microsoft Application Control Solutions (CVE-2018-8492) – | bohops |
https://bohops.com/2019/01/10/com-xsl-transformation-bypassing-microsoft-application-control-solutions-cve-2018-8492/
https://bohops.com/2019/01/10/com-xsl-transformation-bypassing-microsoft-application-control-solutions-cve-2018-8492/
bohops
COM XSL Transformation: Bypassing Microsoft Application Control Solutions (CVE-2018-8492)
Introduction Greetings, Everyone! It has been several months since I’ve blogged, so it seems fitting to start the New Year off with a post about two topics that I thoroughly enjoy exploring: …
A guide for windows penetration testing - Rogue Security
https://www.roguesecurity.in/2018/12/02/a-guide-for-windows-penetration-testing/
https://www.roguesecurity.in/2018/12/02/a-guide-for-windows-penetration-testing/
Tips for bug bounty beginners from a real life experience - Renaud Martinet
https://renaudmarti.net/posts/first-bug-bounty-submission/
https://renaudmarti.net/posts/first-bug-bounty-submission/
Renaud Martinet
Tips for bug bounty beginners from a real life experience
I’ve been aware of bug bounties for a few years now but never really felt I was capable of participating.
GitHub - trimstray/the-book-of-secret-knowledge: A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more. Especially for System and Network Administrators, DevOps, Pentesters or Security Researchers.
https://github.com/trimstray/the-book-of-secret-knowledge
https://github.com/trimstray/the-book-of-secret-knowledge
GitHub
GitHub - trimstray/the-book-of-secret-knowledge: A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners…
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more. - trimstray/the-book-of-secret-knowledge
GitHub - P0cL4bs/WiFi-Pumpkin: Framework for Rogue Wi-Fi Access Point Attack
https://github.com/P0cL4bs/WiFi-Pumpkin
https://github.com/P0cL4bs/WiFi-Pumpkin
GitHub
GitHub - P0cL4bs/WiFi-Pumpkin-deprecated: DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3
DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3 - P0cL4bs/WiFi-Pumpkin-deprecated
Python Tutorials
http://www.primalsecurity.net/tutorials/python-tutorials/
http://www.primalsecurity.net/tutorials/python-tutorials/
www.primalsecurity.net
Overwhelmed With Homework? Try These 10 Tips to Reduce Stress | primalsecurity.net
Homework meltdown is not uncommon among students at any academic level, college, high school, or even middle school. To many students, homework can feel like a
awesome-web-security/README.md at master · qazbnm456/awesome-web-security · GitHub
https://github.com/qazbnm456/awesome-web-security/blob/master/README.md#pocs-database
https://github.com/qazbnm456/awesome-web-security/blob/master/README.md#pocs-database
GitHub
awesome-web-security/README.md at master · qazbnm456/awesome-web-security
🐶 A curated list of Web Security materials and resources. - qazbnm456/awesome-web-security
Dropgangs, or the future of darknet markets • Opaque Link
https://opaque.link/post/dropgang/
https://opaque.link/post/dropgang/