How to brick all Samsung phones – Elliot Alderson – Medium
https://medium.com/@fs0c131y/how-to-brick-all-samsung-phones-6aae4389bea
https://medium.com/@fs0c131y/how-to-brick-all-samsung-phones-6aae4389bea
Medium
How to brick all Samsung phones
Few months ago, I bought a Samsung phone in order to analyse it. After few hours I found an unprotected receiver in the ContainerAgent…
Provoking browser quirks with behavioural fuzzing | Blog
https://portswigger.net/blog/provoking-browser-quirks-with-behavioural-fuzzing
https://portswigger.net/blog/provoking-browser-quirks-with-behavioural-fuzzing
PortSwigger Research
Provoking browser quirks with behavioural fuzzing
In this post I'm going to walk you through how I used behavioural fuzzing to find multiple quirks in Firefox. Normally, when fuzzing the goal is to find a crash indicating memory corruption, but my go
Disclosing Tor users' real IP address through 301 HTTP Redirect Cache Poisoning : https://t.co/OxF0vLmhbL
Ref : HTTP 301 Cache Poisoning : https://t.co/OxF0vLmhbL
Ref : HTTP 301 Cache Poisoning : https://t.co/OxF0vLmhbL
blog.duszynski.eu
Disclosing Tor users' real IP address through 301 HTTP Redirect Cache Poisoning
This blog post describes a practical application of the ‘HTTP 301 Cache Poisoning” attack that can be used by a malicious Tor exit node to disclose real IP address of chosen clients.
GitHub - tanprathan/MobileApp-Pentest-Cheatsheet: The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet
https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet
GitHub
GitHub - tanprathan/MobileApp-Pentest-Cheatsheet: The Mobile App Pentest cheat sheet was created to provide concise collection…
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics. - tanprathan/MobileApp-Pentest-Chea...
Resource: Exploit Development Tutorials and Guides – Chiheb Chebbi
https://www.peerlyst.com/posts/resource-exploit-development-tutorials-and-guides-chiheb-chebbi
https://www.peerlyst.com/posts/resource-exploit-development-tutorials-and-guides-chiheb-chebbi
The Unusual Case of Open Redirection to AWS Security Credentials Compromise
https://medium.com/@logicbomb_1/the-unusual-case-of-open-redirection-to-aws-security-credentials-compromise-59acc312f02b
https://medium.com/@logicbomb_1/the-unusual-case-of-open-redirection-to-aws-security-credentials-compromise-59acc312f02b
Medium
The Unusual Case of Status code- 301 Redirection to AWS Security Credentials Compromise
Hi All,
GitHub - Leviathan36/trigmap: A wrapper for Nmap to automate the pentest
https://github.com/Leviathan36/trigmap
https://github.com/Leviathan36/trigmap
GitHub
GitHub - Leviathan36/trigmap: A wrapper for Nmap to quickly run network scans
A wrapper for Nmap to quickly run network scans. Contribute to Leviathan36/trigmap development by creating an account on GitHub.
Hunting COM Objects « Hunting COM Objects | FireEye Inc
https://www.fireeye.com/blog/threat-research/2019/06/hunting-com-objects.html
https://www.fireeye.com/blog/threat-research/2019/06/hunting-com-objects.html
Google Cloud Blog
Hunting COM Objects | Mandiant | Google Cloud Blog
Kerberos (I): How does Kerberos work? - Theory - Tarlogic Security - Cyber Security and Ethical hacking
https://www.tarlogic.com/en/blog/how-kerberos-works/
https://www.tarlogic.com/en/blog/how-kerberos-works/
Tarlogic Security
Kerberos (I): How does Kerberos work? - Theory
The objective of this posts is to clarify how Kerberos works, more than just introducing kerberos attacks. Basic kerberos theory explained
Kerberos (II): How to attack Kerberos? – Tarlogic Security – Cyber Security and Ethical hacking
https://www.tarlogic.com/en/blog/how-to-attack-kerberos/?amp&__twitter_impression=true
https://www.tarlogic.com/en/blog/how-to-attack-kerberos/?amp&__twitter_impression=true
Tarlogic - Ciberseguridad, Ciberinteligencia y RedTeam
Kerberos (II): ¿Como atacar Kerberos?
Introducción
En este artículo de Kerberos, se mostraran algunos ataques contra el protocolo. En caso de necesitar refrescar los conceptos en que se basan estos ataques, se recomienda leer primero la primera parte sobre teoría de Kerberos.El post se divide…
En este artículo de Kerberos, se mostraran algunos ataques contra el protocolo. En caso de necesitar refrescar los conceptos en que se basan estos ataques, se recomienda leer primero la primera parte sobre teoría de Kerberos.El post se divide…
Need to know the internal AD Domain name from outside? Find their Skype or Lync server and then:
nmap -p443 --script http-ntlm-info --script-args http-ntlm-info.root=/WebTicket/WebTicketService.svc skype.example.local
nmap -p443 --script http-ntlm-info --script-args http-ntlm-info.root=/WebTicket/WebTicketService.svc skype.example.local
How does Apple (privately) find your offline devices? – A Few Thoughts on Cryptographic Engineering
https://blog.cryptographyengineering.com/2019/06/05/how-does-apple-privately-find-your-offline-devices/amp/
https://blog.cryptographyengineering.com/2019/06/05/how-does-apple-privately-find-your-offline-devices/amp/
A Few Thoughts on Cryptographic Engineering
How does Apple (privately) find your offline devices?
At Monday’s WWDC conference, Apple announced a cool new feature called “Find My”. Unlike Apple’s “Find my iPhone”, which uses cellular communication and the lost…
How Red Teams Bypass AMSI and WLDP for .NET Dynamic Code – modexp
https://modexp.wordpress.com/2019/06/03/disable-amsi-wldp-dotnet/amp/?__twitter_impression=true
https://modexp.wordpress.com/2019/06/03/disable-amsi-wldp-dotnet/amp/?__twitter_impression=true
modexp
How Red Teams Bypass AMSI and WLDP for .NET Dynamic Code
Introduction Previous Research AMSI Example in C AMSI Context AMSI Initialization AMSI Scanning CLR Implementation of AMSI AMSI Bypass A (Patching Data) AMSI Bypass B (Patching Code 1) AMSI Bypass …
Exploring Mimikatz - Part 2 - SSP
https://blog.xpnsec.com/exploring-mimikatz-part-2/amp/?__twitter_impression=true
https://blog.xpnsec.com/exploring-mimikatz-part-2/amp/?__twitter_impression=true
XPN InfoSec Blog
Exploring Mimikatz - Part 2 - SSP
If you haven't had a chance to check it out, take a look here. Continuing on, in this post we will review what has become a nice way of subverting security controls added by Microsoft to prevent dumping of credentials, as well as extracting credentials as…
GitHub - The-Cracker-Technology/ANDRAX-Mobile-Pentest: ANDRAX The first and unique Penetration Testing platform for Android smartphones
https://github.com/The-Cracker-Technology/ANDRAX-Mobile-Pentest/
https://github.com/The-Cracker-Technology/ANDRAX-Mobile-Pentest/
GitHub - Sheisback/CVE-2019-0859-1day-Exploit: CVE-2019-0859 1day Exploit
https://github.com/Sheisback/CVE-2019-0859-1day-Exploit
https://github.com/Sheisback/CVE-2019-0859-1day-Exploit
GitHub
GitHub - Sheisback/CVE-2019-0859-1day-Exploit: CVE-2019-0859 1day Exploit
CVE-2019-0859 1day Exploit. Contribute to Sheisback/CVE-2019-0859-1day-Exploit development by creating an account on GitHub.
Magic Unicorn v3.8 released.
Adds noexit randomization, python3 fixes and support and auto check for 64 bit shellcode.
https://t.co/tYdDIjWTVv
Adds noexit randomization, python3 fixes and support and auto check for 64 bit shellcode.
https://t.co/tYdDIjWTVv
GitHub
trustedsec/unicorn
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique...