Open sourced legal documentation used for physical penetration tests.
The purpose is to help the community and organizations protect their employees when conducting testing.
Includes three docs:
MSA
SOW
Authorization Letter
https://t.co/Tco6WuuuaU
The purpose is to help the community and organizations protect their employees when conducting testing.
Includes three docs:
MSA
SOW
Authorization Letter
https://t.co/Tco6WuuuaU
GitHub
trustedsec/physical-docs
This is a collection of legal wording and documentation used for physical security assessments. The goal is to hopefully allow this as a template for other companies to use and to protect themselve...
Helpful info on making Firefox stop polluting your Burp session with superfluous requests:
https://t.co/93MP5jRH2s
https://t.co/93MP5jRH2s
Black Hills Information Security
Towards a Quieter Firefox - Black Hills Information Security
Brian King // On a recent webapp test, I got a little frustrated with all the extra HTTP requests showing up in my Burpsuite Proxy History from connections that Firefox was making on its own. I was having to scroll around way more than I used to while trying…
CVE-2019-12409: Apache Solr RCE vulnerability due to bad config default (JMX ) https://t.co/xQCOw10eD0
jython https://t.co/vkuiUeaCT2 xxx 18983 command super_secret "ls -la"
https://t.co/WkAdM31DMz
jython https://t.co/vkuiUeaCT2 xxx 18983 command super_secret "ls -la"
https://t.co/WkAdM31DMz
MOGWAI LABS GmbH web site
Attacking RMI based JMX services
An attack primer on how to hack into RMI based JMX services
snek : PowerShell wrapper around Python for .NET to invoke Python from PowerShell : https://t.co/lJz1fHcmgU
More : https://t.co/vvjVukTwD8
More : https://t.co/vvjVukTwD8
GitHub
adamdriscoll/snek
PowerShell wrapper around Python for .NET to invoke Python from PowerShell - adamdriscoll/snek
WinPwn : Automation for internal Windows Penetrationtest / AD-Security : https://t.co/KrF6NMmuG4
GitHub
S3cur3Th1sSh1t/WinPwn
Automation for internal Windows Penetrationtest / AD-Security - S3cur3Th1sSh1t/WinPwn
Introducing the fzero fuzzer! A target-architecture-agnostic grammar-based fuzzer (inspired by F1). With no input size constraints, multi-thread support, and all Rust code for no corruption bugs. 5x faster than the worlds fastest grammar-based fuzzer https://t.co/THfpliGou4
GitHub
gamozolabs/fzero_fuzzer
A fast Rust-based safe and thead-friendly grammar-based fuzz generator - gamozolabs/fzero_fuzzer
10 years ago @achillean launched the Shodan website! To celebrate a decade of discovery and growth we're going to offer the membership for $1 (marked down from $49) for the next 24 hours (0:00 UTC to 24:00 UTC): https://t.co/e6mRc8kQGt
Blog post on CVE-2019-2215, the Android binder bug that was exploited in-the-wild and affected most Android devices manufactured prior to Fall 2018.
https://t.co/guN9P0sXj4
https://t.co/guN9P0sXj4
Blogspot
Bad Binder: Android In-The-Wild Exploit
Posted by Maddie Stone, Project Zero Introduction On October 3, 2019, we disclosed issue 1942 (CVE-2019-2215), which is a use-afte...
Kubernetes Pentest Methodology :-
Part 1:-
https://t.co/dEMDs8nTfH
Part 2:-
https://t.co/MvhDBBBqw2
Part 3:-
https://t.co/ZkaQyai53W
Part 1:-
https://t.co/dEMDs8nTfH
Part 2:-
https://t.co/MvhDBBBqw2
Part 3:-
https://t.co/ZkaQyai53W
CyberArk
Kubernetes Pentest Methodology Part 1 | CyberArk
As the pace of life accelerates, we spend less time waiting or in downtime. Kubernetes offers something similar for our life with technology. It is a container orchestration platform that offers an easy, automated way...
Automated Docker TCP Socket Host Takeover : https://t.co/k45lyTaMi3
GitHub
AbsoZed/DockerPwn.py
Python automation of Docker.sock abuse. Contribute to AbsoZed/DockerPwn.py development by creating an account on GitHub.