Information Security – Telegram

Information Security

420 subscribers

157 photos

5 videos

9 files

2.28K links

Information Security News

we are @sec_nerd twin brother

Download Telegram

About

Blog

Apps

Platform

Information Security

420 subscribers

Information Security

https://gts3.org/2019/Real-World-CTF-2019-Safari.html

Systems Software and Security Lab

Hack The Real: An exploitation chain to break the Safari browser

Exploiting type confusion bugs in latest JSC and escaping the sandbox

94 views19:06

Information Security

https://medium.com/intigriti/how-i-got-your-phone-number-through-facebook-223b769cccf1

How I got your phone number through Facebook

Don’t have the time to read the entire article? Go to the FAQ section below for everything you should know.

95 views19:08

Information Security

How to Takover a ldap server.
https://medium.com/@D0rkerDevil/how-i-tookover-a-ldap-server-703209161001

How PayPal helped me to generate XSS
https://medium.com/@pflash0x0punk/how-paypal-helped-me-to-generate-xss-9408c0931add

How I earned $$$$ by finding confidential customer data including plain-text passwords
https://medium.com/@saurabh5392/how-i-earned-by-finding-confidential-customer-data-including-plain-text-passwords-f93c4ce2631

#bugbounty,#bugbountytips

How I Tookover a ldap server.

115 views19:08

Information Security

https://github.com/s1kr10s/D-Link-DIR-859-RCE/

https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104

GitHub - s1kr10s/D-Link-DIR-859-RCE: D-Link DIR-859 - RCE UnAutenticated (CVE-2019–17621)

D-Link DIR-859 - RCE UnAutenticated (CVE-2019–17621) - s1kr10s/D-Link-DIR-859-RCE

160 views09:17

Information Security

https://captmeelo.com/pentest/2019/12/30/lesser-known-tools-for-android-pentest.html

126 views15:02

Information Security

https://ired.team/offensive-security/code-injection-process-injection/addressofentrypoint-code-injection-from-an-injected-dll

AddressOfEntryPoint Code Injection from an Injected DLL

141 views17:17

Information Security

Happy New Year!

@sec_nerd_en

123 views18:03

Information Security

https://medium.com/@freedy0/hack-the-box-legacy-writeup-fe07c63a99b1?

Hack The Box | Legacy — Writeup

Here is my the very first hacking writeup. And the first machine is
Legacy — retired, but pretty useful for novice. This machine was…

118 views19:41

Information Security

http://mobsf.github.io/Mobile-Security-Framework-MobSF/changelog.html

Mobile Security Framework (MobSF)

v4.3.0 Changelog

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

196 views20:06

Information Security

https://3xpl01tc0d3r.blogspot.com/2019/12/process-injection-part-v.html

https://github.com/3xpl01tc0d3r/ProcessInjection

Process Injection - Part V

Blogs related to information security.

127 views08:59

Information Security

https://www.cyberciti.biz/faq/linux-run-a-command-with-a-time-limit/

Linux run a command with a time limit (timeout)

Run a Linux/Unix command with a time limit: Learn how to run a command, and have it abort or timeout after N seconds using timeout, bash & Perl one-liner

121 views09:06

Information Security

https://www.varonis.com/blog/pen-testing-active-directory-environments-part-introduction-crackmapexec-powerview/

Pen Testing Active Directory Environments, Part I: Introduction to crackmapexec (and PowerView)

I was talking to a pen testing company recently at a data security conference to learn more about “day in the life” aspects of their trade. Their president told me...

129 views11:26

Information Security

#Powershell script to extract all users and last logon timestamp from a domain

https://gallery.technet.microsoft.com/scriptcenter/Powershell-script-to-398c5aab

126 views19:07

Information Security

https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104

D-Link DIR-859 — RCE UnAutenticated (CVE-2019–17621) [EN]

149 views19:16

Information Security

https://www.n00py.io/2020/01/zero-day-exploit-in-determine-selectica-contract-lifecycle-management-sclm-v5-4/

Zero day vulnerabilities in Determine Selectica Contract Lifecycle Management (SCLM)

Recently I discovered multiple high severity vulnerabilities in Selectica Contract Lifecycle Management (SCLM) version 5.4. Cross-site Scripting (XSS) There was no shortage of XSS in this app. Here's an example from a light scan with Burp Suite: This is…

170 views10:37

Information Security

#SSRF Write-ups

https://t.co/B1rpUlRIhH

https://t.co/4w1lsceQKh

https://t.co/zi4NXoSVX2

https://t.co/oAIiVSjkJG

https://t.co/6OfhOqBtMH

https://t.co/6OfhOqBtMH

https://t.co/pEZZv9qlKh

#bugbounty #bugbountytips

168 views12:05

Information Security

https://blog.ripstech.com/2018/cubecart-admin-authentication-bypass/

Sonar Blog for Clean Code

Sonar is the home of Clean Code. Our blog showcases our products: SonarLint, SonarQube, and SonarCloud - trusted by 400k+ organizations globally.

116 views16:44

Information Security

https://github.com/cujanovic/SSRF-Testing

GitHub - cujanovic/SSRF-Testing: SSRF (Server Side Request Forgery) testing resources

SSRF (Server Side Request Forgery) testing resources - cujanovic/SSRF-Testing

117 views19:01

Information Security

http://webcache.googleusercontent.com/search?q=cache:http://blog.safebuff.com/2016/07/03/SSRF-Tips/

114 views19:04

Information Security

https://medium.com/secjuice/php-ssrf-techniques-9d422cb28d51

PHP SSRF Techniques

How to bypass filter_var(), preg_match() and parse_url()

128 views19:04