How I hacked 50+ Companies in 6 hrs – Vignesh C – Medium
https://medium.com/@cvignesh28/how-i-hacked-50-companies-in-6-hrs-3866b61cfdcc
https://medium.com/@cvignesh28/how-i-hacked-50-companies-in-6-hrs-3866b61cfdcc
Medium
How I hacked 50+ Companies in 6 hrs
Long story short, I have created my Hackerone/Bugcrowd profiles a way back in 2016 but I have never reported a bug there. I have never…
Evil Clippy - A Cross-Platform Assistant For Creating Malicious MS Office Documents
http://amp.kitploit.com/2019/04/evil-clippy-cross-platform-assistant.html?amp=0
http://amp.kitploit.com/2019/04/evil-clippy-cross-platform-assistant.html?amp=0
KitPloit - PenTest & Hacking Tools
Evil Clippy - A Cross-Platform Assistant For Creating Malicious MS Office Documents
The inception bar: a new phishing method
https://jameshfisher.com/2019/04/27/the-inception-bar-a-new-phishing-method/
https://jameshfisher.com/2019/04/27/the-inception-bar-a-new-phishing-method/
jameshfisher.com
The inception bar: a new phishing method
A new phishing technique that displays a fake URL bar in Chrome for mobile. A key innovation is the "scroll jail" that traps the user in a fake browser.
Your nmap http scripts returning nothing? Might be because there's a block on nmap's default user agent. Either correct by modifying http.lua or use a script arg.
https://t.co/tvGiSmmGAc
https://t.co/g0K3L4CPwH
Here's my nmap alias: https://t.co/WtLBfp3Tm2
https://t.co/tvGiSmmGAc
https://t.co/g0K3L4CPwH
Here's my nmap alias: https://t.co/WtLBfp3Tm2
Kroosec
Making Nmap Scripting Engine stealthier
Nmap comes with NSE : a fully integrated scripting engine with many useful libraries. The http library is one I've come to use oftenbut I...
GitHub - sk3ptre/AndroidMalware_2019: Popular Android threats in 2019
https://github.com/sk3ptre/AndroidMalware_2019
https://github.com/sk3ptre/AndroidMalware_2019
GitHub
GitHub - sk3ptre/AndroidMalware_2019: Popular Android threats in 2019
Popular Android threats in 2019. Contribute to sk3ptre/AndroidMalware_2019 development by creating an account on GitHub.
Remote code execution On Microsoft edge URL Protocol
https://medium.com/@mattharr0ey/remote-code-execution-on-microsoft-edge-url-protocol-a67d0f96b32d
https://medium.com/@mattharr0ey/remote-code-execution-on-microsoft-edge-url-protocol-a67d0f96b32d
Medium
Remote code execution On Microsoft edge using URL Protocol
Introduction
Pentesters Guide to Oracle Hacking – Netscylla Cyber Security – Medium
https://medium.com/@netscylla/pentesters-guide-to-oracle-hacking-1dcf7068d573
https://medium.com/@netscylla/pentesters-guide-to-oracle-hacking-1dcf7068d573
Medium
Pentesters Guide to Oracle Hacking
A colleague encountered Oracle for the first time this week! Yes, you guessed it, they popped their Oracle DB Cherry! So attached is a…
Dexcalibur - an automatic DBI tool for Android powered by Frida with a GUI
https://t.co/4WBJUrTfJX
https://t.co/4WBJUrTfJX
GitHub
FrenchYeti/dexcalibur
Dynamic binary instrumentation tool designed for Android application and powered by Frida. It desassemble dex, analyze, can generate hook, stored intercepted data automatically and do new things fr...
Malicious DLL execution using Apple's APSDaemon.exe signed binary - Malware - 0x00sec - The Home of the Hacker
https://0x00sec.org/t/malicious-dll-execution-using-apples-apsdaemon-exe-signed-binary/13409
https://0x00sec.org/t/malicious-dll-execution-using-apples-apsdaemon-exe-signed-binary/13409
GitHub - 0vercl0k/CVE-2019-9810: Exploit for CVE-2019-9810 Firefox on Windows 64 bits.
https://github.com/0vercl0k/CVE-2019-9810
https://github.com/0vercl0k/CVE-2019-9810
GitHub
GitHub - 0vercl0k/CVE-2019-9810: Exploit for CVE-2019-9810 Firefox on Windows 64-bit.
Exploit for CVE-2019-9810 Firefox on Windows 64-bit. - 0vercl0k/CVE-2019-9810
Docker Tutorial Series – Romin Irani’s Blog
https://rominirani.com/docker-tutorial-series-a7e6ff90a023
https://rominirani.com/docker-tutorial-series-a7e6ff90a023
Medium
Docker Tutorial Series
Unless you have intentionally decided to block any news around software in your social feeds, it is likely that you have heard about Docker. I have written a few posts around Docker and how you can…
Exploring Mimikatz - Part 1 - WDigest
https://blog.xpnsec.com/exploring-mimikatz-part-1/amp/?__twitter_impression=true
https://blog.xpnsec.com/exploring-mimikatz-part-1/amp/?__twitter_impression=true
XPN InfoSec Blog
Exploring Mimikatz - Part 1 - WDigest
We’ve packed it, we’ve wrapped it, we’ve injected it and powershell’d it, and now we've settled on feeding it a memory dump, and still Mimikatz remains the tool of choice when extracting credentials from lsass on Windows systems. Of course this is due to…
GitHub - Mr-Un1k0d3r/Shellcoding: Shellcoding utilities
https://github.com/Mr-Un1k0d3r/Shellcoding
https://github.com/Mr-Un1k0d3r/Shellcoding
GitHub
GitHub - Mr-Un1k0d3r/Shellcoding: Shellcoding utilities
Shellcoding utilities. Contribute to Mr-Un1k0d3r/Shellcoding development by creating an account on GitHub.
An intro to pentesting an Android phone – Noteworthy - The Journal Blog
https://blog.usejournal.com/an-intro-to-pentesting-an-android-phone-464ec4860f39
https://blog.usejournal.com/an-intro-to-pentesting-an-android-phone-464ec4860f39
Medium
Pentesting Android applications by reversing and finding attack surfaces
In this past semester, I was taking a cybersecurity class. Since our awesome professor believe in the concept that we learn by doing and…
» Attack Methods for Gaining Domain Admin Rights in Active Directory » Active Directory Security
https://adsecurity.org/?p=2362
https://adsecurity.org/?p=2362
Active Directory & Azure AD/Entra ID Security
Attack Methods for Gaining Domain Admin Rights in Active Directory
There are many ways an attacker can gain Domain Admin rights in Active Directory. This post is meant to describe some of the more popular ones in current use. The techniques described here "assume breach" where an attacker already has a foothold on an internal…
RCE in EA's Origin Desktop Client – Underdog Security – Our blog...
https://blog.underdogsecurity.com/rce_in_origin_client/
https://blog.underdogsecurity.com/rce_in_origin_client/
Reverse-engineering Broadcom wireless chipsets
https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html
https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html
Quarkslab
Reverse-engineering Broadcom wireless chipsets - Quarkslab's blog
Broadcom is one of the major vendors of wireless devices worldwide. Since these chips are so widespread they constitute a high value target to attackers and any vulnerability found in them should be considered to pose high risk. In this blog post I provide…