My Personal OSINT Techniques, Part 1 of 2: Key & Layer, Contingency Seeding - Reconnaissance - 0x00sec - The Home of the Hacker
http://0x00sec.org/t/my-personal-osint-techniques-part-1-of-2-key-layer-contingency-seeding/13033
http://0x00sec.org/t/my-personal-osint-techniques-part-1-of-2-key-layer-contingency-seeding/13033
0x00sec - The Home of the Hacker
My Personal OSINT Techniques, Part 1 of 2: Key & Layer, Contingency Seeding
We live in a world that is hyper communicative, with much of this communication occurring on the Internet. On the Internet, companies/products want to communicate their value to customers and people want to communicate with other people. Open Source Intelligence…
Emotet malware analysis. Part 1. | Persianov on Security
https://persianov.net/emotet-malware-analysis-part-1
https://persianov.net/emotet-malware-analysis-part-1
Persianov on Security
Emotet malware analysis. Part 1.
Analyzing Emotet malware, a trojan that is spread via phishing emails, malicious links and targets individuals, companies and governments.
File path traversal
https://portswigger.net/web-security/file-path-traversal
https://portswigger.net/web-security/file-path-traversal
portswigger.net
What is path traversal, and how to prevent it? | Web Security Academy
In this section, we explain: What path traversal is. How to carry out path traversal attacks and circumvent common obstacles. How to prevent path traversal ...
PHP deserialization techniques DRUPAL 1-CLICK TO RCE EXPLOIT CHAIN DETAILED
/sites/default/files/pictures/<YYYY-MM>/_0
instead of:
/sites/default/files/pictures/<YYYY-MM>/profile_pic.gif.
[Demo] https://t.co/ZkHof6sDzy
https://t.co/etmxwSWEBD
/sites/default/files/pictures/<YYYY-MM>/_0
instead of:
/sites/default/files/pictures/<YYYY-MM>/profile_pic.gif.
[Demo] https://t.co/ZkHof6sDzy
https://t.co/etmxwSWEBD
YouTube
Getting code execution through multiple Drupal vulnerabilities
Demonstrating how the bugs submitted through the ZDI Targeted Initiative Program (TIP) can be combined to get code execution on an affected Drupal server. An...
Invisi-Shell : Hide your Powershell script in plain sight (Bypass all Powershell security features) : https://t.co/Zsy5Bp4tJH
Presentation : Goodbye Obfuscation - Hello InvisiShell Hiding Your Powershell Script in Plain Sight : https://t.co/awYN09bcVE
Presentation : Goodbye Obfuscation - Hello InvisiShell Hiding Your Powershell Script in Plain Sight : https://t.co/awYN09bcVE
GitHub
OmerYa/Invisi-Shell
Hide your Powershell script in plain sight. Bypass all Powershell security features - OmerYa/Invisi-Shell
This repository contains all the noise and artifacts surrounding the development of a new implementation of #Meterpreter that is intended to run on the CLR.
https://t.co/8qKOnis9N7
https://t.co/8qKOnis9N7
GitHub
OJ/clr-meterpreter
The full story of the CLR implementation of Meterpreter - OJ/clr-meterpreter
GitHub - Pure-L0G1C/Loki: Remote Access Tool/Botnet
https://github.com/Pure-L0G1C/Loki
https://github.com/Pure-L0G1C/Loki
GitHub
GitHub - Bitwise-01/Loki: Remote Access Tool
Remote Access Tool. Contribute to Bitwise-01/Loki development by creating an account on GitHub.
Building an Office macro to spoof parent processes and command line arguments - Christophe Tafani-Dereeper
https://blog.christophetd.fr/building-an-office-macro-to-spoof-process-parent-and-command-line/
https://blog.christophetd.fr/building-an-office-macro-to-spoof-process-parent-and-command-line/
File Path Traversal and File Inclusions – Asfiya Shaikh – Medium
https://medium.com/@asfiyashaikh10/file-path-traversal-and-file-inclusions-7c567da9e226
https://medium.com/@asfiyashaikh10/file-path-traversal-and-file-inclusions-7c567da9e226
Medium
File Path Traversal and File Inclusions(LFI / RFI)
There exist hell lot of information over internet that can help you understand these vulnerabilities, However i will also help you with…
How I hacked 50+ Companies in 6 hrs – Vignesh C – Medium
https://medium.com/@cvignesh28/how-i-hacked-50-companies-in-6-hrs-3866b61cfdcc
https://medium.com/@cvignesh28/how-i-hacked-50-companies-in-6-hrs-3866b61cfdcc
Medium
How I hacked 50+ Companies in 6 hrs
Long story short, I have created my Hackerone/Bugcrowd profiles a way back in 2016 but I have never reported a bug there. I have never…
Evil Clippy - A Cross-Platform Assistant For Creating Malicious MS Office Documents
http://amp.kitploit.com/2019/04/evil-clippy-cross-platform-assistant.html?amp=0
http://amp.kitploit.com/2019/04/evil-clippy-cross-platform-assistant.html?amp=0
KitPloit - PenTest & Hacking Tools
Evil Clippy - A Cross-Platform Assistant For Creating Malicious MS Office Documents
The inception bar: a new phishing method
https://jameshfisher.com/2019/04/27/the-inception-bar-a-new-phishing-method/
https://jameshfisher.com/2019/04/27/the-inception-bar-a-new-phishing-method/
jameshfisher.com
The inception bar: a new phishing method
A new phishing technique that displays a fake URL bar in Chrome for mobile. A key innovation is the "scroll jail" that traps the user in a fake browser.
Your nmap http scripts returning nothing? Might be because there's a block on nmap's default user agent. Either correct by modifying http.lua or use a script arg.
https://t.co/tvGiSmmGAc
https://t.co/g0K3L4CPwH
Here's my nmap alias: https://t.co/WtLBfp3Tm2
https://t.co/tvGiSmmGAc
https://t.co/g0K3L4CPwH
Here's my nmap alias: https://t.co/WtLBfp3Tm2
Kroosec
Making Nmap Scripting Engine stealthier
Nmap comes with NSE : a fully integrated scripting engine with many useful libraries. The http library is one I've come to use oftenbut I...
GitHub - sk3ptre/AndroidMalware_2019: Popular Android threats in 2019
https://github.com/sk3ptre/AndroidMalware_2019
https://github.com/sk3ptre/AndroidMalware_2019
GitHub
GitHub - sk3ptre/AndroidMalware_2019: Popular Android threats in 2019
Popular Android threats in 2019. Contribute to sk3ptre/AndroidMalware_2019 development by creating an account on GitHub.
Remote code execution On Microsoft edge URL Protocol
https://medium.com/@mattharr0ey/remote-code-execution-on-microsoft-edge-url-protocol-a67d0f96b32d
https://medium.com/@mattharr0ey/remote-code-execution-on-microsoft-edge-url-protocol-a67d0f96b32d
Medium
Remote code execution On Microsoft edge using URL Protocol
Introduction