How I am able to hijack you. – InfoSec Write-ups – Medium
https://medium.com/bugbountywriteup/how-i-am-able-to-hijack-you-1cab793a01d1
https://medium.com/bugbountywriteup/how-i-am-able-to-hijack-you-1cab793a01d1
Medium
How I am able to hijack you.
or rather: How I am able to hijack your autosuggestions in Google Search.
GitHub - NationalSecurityAgency/ghidra: Ghidra is a software reverse engineering (SRE) framework
https://github.com/NationalSecurityAgency/ghidra
https://github.com/NationalSecurityAgency/ghidra
GitHub
GitHub - NationalSecurityAgency/ghidra: Ghidra is a software reverse engineering (SRE) framework
Ghidra is a software reverse engineering (SRE) framework - NationalSecurityAgency/ghidra
Xiaomi URL spoofing w/ SSL vulnerability or, CVE-2019-10875 - Was it intentionally kept in the global versions by Xiaomi? - Andmp | A blog about infosec, bug hunting and more!
https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html?m=1
https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html?m=1
Andmp | A blog about infosec, bug hunting and more!
Xiaomi URL Address Bar spoofing w/ SSL vulnerability or, CVE-2019-10875 - Was it intentionally kept in the global versions by Xiaomi?
Writeup and PoC for Xiaomi URL spoofing w/ SSL vulnerability or, CVE-2019-10875
Wordpress cve 2019 8942 · Issue #11587 · rapid7/metasploit-framework · GitHub
https://github.com/rapid7/metasploit-framework/pull/11587
https://github.com/rapid7/metasploit-framework/pull/11587
Bypassing Network Restrictions Through RDP Tunneling « Bypassing Network Restrictions Through RDP Tunneling | FireEye Inc
https://www.fireeye.com/blog/threat-research/2019/01/bypassing-network-restrictions-through-rdp-tunneling.html
https://www.fireeye.com/blog/threat-research/2019/01/bypassing-network-restrictions-through-rdp-tunneling.html
Google Cloud Blog
Bypassing Network Restrictions Through RDP Tunneling | Mandiant | Google Cloud Blog
GitHub - sailay1996/eternal-pulsar: Eternalblue-Doublepulsar without Metasploit or python
https://github.com/sailay1996/eternal-pulsar
https://github.com/sailay1996/eternal-pulsar
GitHub
GitHub - sailay1996/eternal-pulsar: Eternalblue-Doublepulsar without Metasploit or python
Eternalblue-Doublepulsar without Metasploit or python - GitHub - sailay1996/eternal-pulsar: Eternalblue-Doublepulsar without Metasploit or python
Mimikatz C# Wrapper
https://t.co/amYFILWWCh
Mimikatz in XSL
https://t.co/TRotg1HPgr
If it can run .NET, or JScript, or VBScript, or ... it can run Mimikatz...
https://t.co/amYFILWWCh
Mimikatz in XSL
https://t.co/TRotg1HPgr
If it can run .NET, or JScript, or VBScript, or ... it can run Mimikatz...
Gist
Updated Katz.cs - Latest Mimikatz, I mean honestly it is 2018...
Updated Katz.cs - Latest Mimikatz, I mean honestly it is 2018... - katz.cs
Lynis : Security auditing tool for Linux, macOS, and UNIX-based systems (Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional ) : https://t.co/JKnJuZXJ2d
Repo : https://t.co/MBl98ddJ4b
Repo : https://t.co/MBl98ddJ4b
Cisofy
Lynis - Security auditing and hardening tool for Linux/Unix
Lynis is an open source security auditing tool. Part of Lynis Enterprise Suite, its main goal is to audit and harden Unix and Linux based systems.
0day Alert: Bypassing CVE-2019-10875 or, Xiaomi's Mint Browser's URL Spoofing patch: Discovered by Renwa - Andmp | A blog about infosec, bug hunting and more!
https://www.andmp.com/2019/04/bypassing-cve-2019-10875-or-xiaomis.html?m=1
https://www.andmp.com/2019/04/bypassing-cve-2019-10875-or-xiaomis.html?m=1
Andmp | A blog about infosec, bug hunting and more!
0day Alert: Bypassing CVE-2019-10875 or, Xiaomi's Mint Browser's URL Spoofing patch: Discovered by Renwa
Infosec ramblings. Bug Bounty, vulnerability research and random things.
A Pentester’s Guide – Part 1 (OSINT – Passive Recon and Discovery of Assets) : https://t.co/JrGxbI6Wew
Part 2 : (OSINT – LinkedIn is Not Just for Jobs) : https://t.co/llKKseBYV4
Part 2 : (OSINT – LinkedIn is Not Just for Jobs) : https://t.co/llKKseBYV4
Sequoia
A Pentester's Guide - Part 1 (OSINT - Passive Recon and Discovery of Assets) | Sequoia
Sequoia Cyber Solutions is now known as NaviSec. Technical articles like this have been moved to delta.navisec.io https://delta.navisec.io/osint-for-p...
How regular expression and fuzzing change my approach for finding vulnerabilities (Series part 1.)
http://securityviacode.in/view_article/How%20regular%20expression%20and%20fuzzing%20change%20my%20approach%20for%20finding%20vulnerabilities%20(Series%20part%201.)
http://securityviacode.in/view_article/How%20regular%20expression%20and%20fuzzing%20change%20my%20approach%20for%20finding%20vulnerabilities%20(Series%20part%201.)
securityviacode.in
How regular expression and fuzzing change my approach for finding vulnerabilities (Series part 1.)
So I m starting my blog with this technical writeup. I have tried to write this blog for a long time. but as I was coding and reading different books in Freetime. it took me a bit of time but here am I with this.
How to do mobile application penetration testing:-
Part I:-
https://t.co/8J6ouL9Quk
Part 2:-
https://t.co/HzvijVY8oH
Part 3:-
https://t.co/vnaXsfPAcY
Part I:-
https://t.co/8J6ouL9Quk
Part 2:-
https://t.co/HzvijVY8oH
Part 3:-
https://t.co/vnaXsfPAcY
YouTube
How to do mobile application penetration testing, Part I
This is Episode 1 of a trilogy on mobile penetration testing - forensic analysis of data at rest on the device. Episode 2 - Return of the Network/Back-end Co...
A Pentester's Guide - Part 3 (OSINT, Breach Dumps, & Password Spraying)
https://delta.navisec.io/osint-for-pentesters-part-3-password-spraying-methodology/
https://delta.navisec.io/osint-for-pentesters-part-3-password-spraying-methodology/
GitHub - cujanovic/SSRF-Testing: SSRF (Server Side Request Forgery) testing resources
https://github.com/cujanovic/SSRF-Testing
https://github.com/cujanovic/SSRF-Testing
GitHub
GitHub - cujanovic/SSRF-Testing: SSRF (Server Side Request Forgery) testing resources
SSRF (Server Side Request Forgery) testing resources - cujanovic/SSRF-Testing