Exploiting Remote File Inclusion (RFI) in PHP application and bypassing remote URL inclusion restriction | Start With Linux | Mannu Linux
http://www.mannulinux.org/2019/05/exploiting-rfi-in-php-bypass-remote-url-inclusion-restriction.html?m=1
http://www.mannulinux.org/2019/05/exploiting-rfi-in-php-bypass-remote-url-inclusion-restriction.html?m=1
www.mannulinux.org
Exploiting Remote File Inclusion (RFI) in PHP application and bypassing remote URL inclusion restriction
Learn Basic Concepts of Linux. Best site to learn Linux from beginner to Advanced.
Seven years after v1.0, Microsoft has released a new version of Attack Surface Analyzer, a tool that logs the changes made to a Windows OS during the installation of third-party applications.
https://t.co/7vRZ3B3g2G
https://t.co/7vRZ3B3g2G
ZDNet
Microsoft releases new version of Attack Surface Analyzer utility
New Attack Surface Analyzer 2.0 works on Windows, but also Mac and Linux.
PayloadsAllTheThings/Reverse Shell Cheatsheet.md at master · swisskyrepo/PayloadsAllTheThings · GitHub
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md
GitHub
PayloadsAllTheThings/Methodology and Resources/Reverse Shell Cheatsheet.md at master · swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF - swisskyrepo/PayloadsAllTheThings
GitHub - zerosum0x0/CVE-2019-0708: Scanner PoC for CVE-2019-0708 RDP RCE vuln
https://github.com/zerosum0x0/CVE-2019-0708
https://github.com/zerosum0x0/CVE-2019-0708
[Tool] LeakLooker - Find open databases with Shodan
Elasticsearch
CouchDB
MongoDB
SMB
Gitlab
Rsync
Jenkins
Sonarqube
Kibana
https://t.co/Hm89ypuOVQ
Elasticsearch
CouchDB
MongoDB
SMB
Gitlab
Rsync
Jenkins
Sonarqube
Kibana
https://t.co/Hm89ypuOVQ
GitHub
woj-ciech/LeakLooker
Find open databases with Shodan. Contribute to woj-ciech/LeakLooker development by creating an account on GitHub.
How to brick all Samsung phones – Elliot Alderson – Medium
https://medium.com/@fs0c131y/how-to-brick-all-samsung-phones-6aae4389bea
https://medium.com/@fs0c131y/how-to-brick-all-samsung-phones-6aae4389bea
Medium
How to brick all Samsung phones
Few months ago, I bought a Samsung phone in order to analyse it. After few hours I found an unprotected receiver in the ContainerAgent…
Provoking browser quirks with behavioural fuzzing | Blog
https://portswigger.net/blog/provoking-browser-quirks-with-behavioural-fuzzing
https://portswigger.net/blog/provoking-browser-quirks-with-behavioural-fuzzing
PortSwigger Research
Provoking browser quirks with behavioural fuzzing
In this post I'm going to walk you through how I used behavioural fuzzing to find multiple quirks in Firefox. Normally, when fuzzing the goal is to find a crash indicating memory corruption, but my go
Disclosing Tor users' real IP address through 301 HTTP Redirect Cache Poisoning : https://t.co/OxF0vLmhbL
Ref : HTTP 301 Cache Poisoning : https://t.co/OxF0vLmhbL
Ref : HTTP 301 Cache Poisoning : https://t.co/OxF0vLmhbL
blog.duszynski.eu
Disclosing Tor users' real IP address through 301 HTTP Redirect Cache Poisoning
This blog post describes a practical application of the ‘HTTP 301 Cache Poisoning” attack that can be used by a malicious Tor exit node to disclose real IP address of chosen clients.
GitHub - tanprathan/MobileApp-Pentest-Cheatsheet: The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet
https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet
GitHub
GitHub - tanprathan/MobileApp-Pentest-Cheatsheet: The Mobile App Pentest cheat sheet was created to provide concise collection…
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics. - tanprathan/MobileApp-Pentest-Chea...
Resource: Exploit Development Tutorials and Guides – Chiheb Chebbi
https://www.peerlyst.com/posts/resource-exploit-development-tutorials-and-guides-chiheb-chebbi
https://www.peerlyst.com/posts/resource-exploit-development-tutorials-and-guides-chiheb-chebbi
The Unusual Case of Open Redirection to AWS Security Credentials Compromise
https://medium.com/@logicbomb_1/the-unusual-case-of-open-redirection-to-aws-security-credentials-compromise-59acc312f02b
https://medium.com/@logicbomb_1/the-unusual-case-of-open-redirection-to-aws-security-credentials-compromise-59acc312f02b
Medium
The Unusual Case of Status code- 301 Redirection to AWS Security Credentials Compromise
Hi All,