Pentester

Re: [exim] [oss-security] Exim CVE-2019-16928 RCE using a heap-based buffer overflow
https://lists.exim.org/lurker/message/20190928.232024.589b2ef5.en.html

101 views17:59

Pentester

Spartan: Recon Automation.

https://t.co/5GYZkoXFrf

GitHub

Mad-robot/Spartan

My Recon Automation. Contribute to Mad-robot/Spartan development by creating an account on GitHub.

109 views04:18

Pentester

https://www.hackingarticles.in/web-application-pentest-lab-setup-using-docker/

Hacking Articles

Web Application Pentest Lab setup Using Docker

Learn how to set up a web application pentest lab using Docker, and understand the benefits of containerization for security testing now.

108 views04:53

Pentester

Finding the real IP behind Cloudflare has never been so easy. Here you are a tool to search on @shodanhq starting from a simple favicon

https://t.co/HAGJo6fuWi

GitHub

pielco11/fav-up

IP lookup by favicon using Shodan. Contribute to pielco11/fav-up development by creating an account on GitHub.

102 views05:21

Pentester

https://github.com/threat9/routersploit

GitHub

GitHub - threat9/routersploit: Exploitation Framework for Embedded Devices

Exploitation Framework for Embedded Devices. Contribute to threat9/routersploit development by creating an account on GitHub.

92 views19:40

Pentester

Updated course for reverse engineering iOS applications for iOS 12 and added a new .epub file for you to read on your tablet or eReader:

https://t.co/reioa3YglN

GitHub

ivRodriguezCA/RE-iOS-Apps

A completely free, open source and online course about Reverse Engineering iOS Applications. - ivRodriguezCA/RE-iOS-Apps

88 views04:16

Pentester

If you love Android security, you will love these 8 new vulnerabilities in Android's VoIP components found by Daoyuan Wu and his team https://t.co/fKupSDh7Xt

He is a very good researcher and his others papers are definitely worth looking https://t.co/7j4LwFN6q8

97 viewsedited 04:18

Pentester

https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/

Home

How a double-free bug in WhatsApp turns to RCE

In this blog post, I’m going to share about a double-free vulnerability that I discovered in WhatsApp for Android, and how I turned it into an RCE. I informed this to Facebook. Facebook acknowledged and patched it officially in WhatsApp version 2.19.244.…

103 views04:52

Pentester

https://www.vdalabs.com/2019/10/01/phishing-users-using-evilginx-and-bypassing-2fa/

VDA Labs

From the Experts

Stay up-to-date on the latest cybersecurity trends with this Cyber Security Blog. Learn how to improve your online security today!

106 views05:01

Pentester

https://amp.kitploit.com/2019/07/hiddeneye-modern-phishing-tool-with.html?amp=1&m=1

KitPloit ☣

HiddenEye - Modern Phishing Tool With Advanced Functionality (Android-Support-Available)

95 views05:36

Pentester

https://www.kitploit.com/2019/10/subsh-online-subdomain-detect-script.html?m=1

KitPloit - PenTest & Hacking Tools

Sub.Sh - Online Subdomain Detect Script

97 views05:38

Pentester

https://medium.com/bugbountywriteup/sql-injection-to-lfi-to-rce-536bed29a862

Medium

SQL injection to RCE

In the next lines I will expose a curious case that I experimented in a customer penetration testing days ago…

97 views08:16

Pentester

https://bugs.chromium.org/p/project-zero/issues/detail?id=1942

99 views08:18

197 views08:18

Mobile Pentesting with FRIDA
[SLIDES] https://t.co/APhEluWkYa

Google Docs

frida_nn2019.pdf

105 views17:37

Pentester

https://www.hahwul.com/p/ssrf-open-redirect-cheat-sheet.html?m=1

103 views06:23

Pentester

TotalRecon installs all the recon tools you need.

https://t.co/cxAuN7oqkU

GitHub

vitalysim/totalrecon

TotalRecon installs all the recon tools you need. Contribute to vitalysim/totalrecon development by creating an account on GitHub.

108 views17:34

Pentester

https://www.exploit-db.com/exploits/47465

Exploit Database

Joomla! 3.4.6 - 'configuration.php' Remote Code Execution

Joomla! 3.4.6 - 'configuration.php' Remote Code Execution.. webapps exploit for PHP platform

87 views04:34

Pentester

Multiple D-Link Routers Found Vulnerable To Unauthenticated Remote Code Execution (will remian unpatched due to EOL) : https://t.co/RC9UAZIV1M

Fortinet Blog

Multiple D-Link Routers Found Vulnerable To Unauthenticated Remote Code Execution

FortiGuard Labs has discovered an unauthenticated command injection vulnerability in D-Link products that could lead to Remote Code Execution (RCE) upon successful exploitation. Learn more.…

95 views18:47

Pentester

https://www.preempt.com/blog/drop-the-mic-2-active-directory-open-to-more-ntlm-attacks/

88 views04:29

Pentester

WhatsApp GIF RCE on #android ---> https://t.co/ufQBRi6yMw (poc code in c)

note you will need memory leak vuln in order to have a full remote exploit. This is a local exploit where you have to figure out the address manually.

GitHub

dorkerdevil/CVE-2019-11932

double-free bug in WhatsApp exploit poc. Contribute to dorkerdevil/CVE-2019-11932 development by creating an account on GitHub.

105 views04:39

About

Blog

Apps

Platform