Pentester – Telegram

Pentester

2.95K subscribers

120 photos

3 videos

163 files

2.77K links

- Offensive Security (Red Teaming / PenTesting)
- BlueTeam (OperationSec, TreatHunting, DFIR)
- Reverse Engineering / Malware Analisys
- Web Security

Download Telegram

About

Blog

Apps

Platform

2.95K subscribers

https://www.preempt.com/blog/drop-the-mic-2-active-directory-open-to-more-ntlm-attacks/

88 views04:29

WhatsApp GIF RCE on #android ---> https://t.co/ufQBRi6yMw (poc code in c)

note you will need memory leak vuln in order to have a full remote exploit. This is a local exploit where you have to figure out the address manually.

dorkerdevil/CVE-2019-11932

double-free bug in WhatsApp exploit poc. Contribute to dorkerdevil/CVE-2019-11932 development by creating an account on GitHub.

105 views04:39

https://medium.com/@maverickNerd/recon-everything-48aafbb8987

Recon Everything

Bug Bounty Hunting Tip #1- Always read the Source Code

107 views04:47

https://secrary.com/Random/RedTeamTrick/

secrary[dot]com::blog

Simple Trick For Red Teams

https://secrary.com - Does it matter?

92 views13:23

This aggressor script adds three UAC bypass techniques to Cobalt Strike's interface + beacon console. These include:

https://t.co/zX43xhDGlX

RhinoSecurityLabs/Aggressor-Scripts

Aggregation of Cobalt Strike's aggressor scripts. Contribute to RhinoSecurityLabs/Aggressor-Scripts development by creating an account on GitHub.

87 views07:58

🔥 CVE-2019-14287

A flaw in Sudo—that comes installed on almost every #Linux OS—could let users run commands as "root" even when they're restricted.

Details ➤ https://t.co/NeFvITBR73

How? Just by specifying user ID "-1" or "4294967295" in the command instead of the root.

85 views05:54

97 views05:54

https://github.com/hmaverickadams/Beginner-Network-Pentesting

GitHub - hmaverickadams/Beginner-Network-Pentesting: Notes for Beginner Network Pentesting Course

Notes for Beginner Network Pentesting Course. Contribute to hmaverickadams/Beginner-Network-Pentesting development by creating an account on GitHub.

69 views20:30

https://github.com/grant-h/qu1ckr00t

GitHub - grant-h/qu1ckr00t: A PoC application demonstrating the power of an Android kernel arbitrary R/W.

A PoC application demonstrating the power of an Android kernel arbitrary R/W. - grant-h/qu1ckr00t

74 views06:48

https://slides.com/securitymb/prototype-pollution-in-kibana/#/

Prototype Pollution in Kibana

Presentation I did for OWASP Poland Day, 14th October 2019

75 views06:51

https://azeria-labs.com/heap-overflows-and-the-ios-kernel-heap/

Heap Overflows and the iOS Kernel Heap

76 views07:19

https://github.com/sbridgens/OpenVPN-Brute-Forcer

GitHub - sbridgens/OpenVPN-Brute-Forcer: Openvpn password brute forcer

Openvpn password brute forcer. Contribute to sbridgens/OpenVPN-Brute-Forcer development by creating an account on GitHub.

90 views07:32

https://medium.com/@fabs_60995/joern-reborn-f04e74399b2b

In a blog post back in May 2018, we outlined our plans for saving the open-source C/C++ code analyzer “Joern”. Today, we are happy to…

78 views05:51

75 views05:56

Android_Security_Internals_An_In.pdf

180 views05:56

SQL Injection Step By Step:
Part 1:
https://t.co/sKX3RERldM
Part 2:
https://t.co/kS2Qom5DX6

SQL Injection Step By Step Part 1

If you want to learn SQL Injection step by step, then after reading this article will help you to understand SQL Injection step by step…

91 views07:02

https://medium.com/@d0znpp/security-testing-guide-for-json-rest-apis-1-3-38eddba67098

Security testing guide for JSON / REST APIs #1/3

Fuzzing is everything ;) It’s the most useful and resultative hacking technique for sure. At the same time, fuzzing is not just random…

95 views07:20

How to Reverse Engineer an iOS App and macOS Software
https://www.apriorit.com/dev-blog/363-how-to-reverse-engineer-os-x-and-ios-software

How to Reverse Engineer an iOS App - Apriorit

Learn how to reverse engineer an iOS app, break down its components, and understand functionality without source code access for debugging or maintenance.

102 views19:40

The Linux Forensics workshop (labs, slides, forensic images "E01")+talk done at OSDFCon 2019, is now available here: https://t.co/7aeHMNaVQI

ashemery/LinuxForensics

Everything related to Linux Forensics. Contribute to ashemery/LinuxForensics development by creating an account on GitHub.

103 views06:05

https://www.hahwul.com/2019/10/find-subdomain-takeover-with-amass-and-subjack.html?m=1

102 views20:04

Cheatsheet-God:-
Penetration Testing Biggest Reference Bank - OSCP / PTP & PTX Cheatsheet:-

https://t.co/mApUr4FBqW

OlivierLaflamme/Cheatsheet-God

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet - OlivierLaflamme/Cheatsheet-God

131 views18:48