Information Security
@sec_nerd_en
408
subscribers
157
photos
5
videos
9
files
2.28K
links
Information Security News
we are
@sec_nerd
twin brother
Download Telegram
Join
Information Security
408 subscribers
Information Security
https://www.inputzero.io/2020/03/fuzzing-vim.html
www.inputzero.io
Fuzzing VIM
Fuzzing VIM with AFL
Information Security
https://github.com/atmoner/TwitWork
GitHub
GitHub - atmoner/TwitWork: Monitor twitter stream from nodejs electron
Monitor twitter stream from nodejs electron. Contribute to atmoner/TwitWork development by creating an account on GitHub.
Information Security
https://github.com/advisories/GHSA-h4mf-75hf-67w4
GitHub
CVE-2020-5251 - GitHub Advisory Database
Information disclosure in parse-server
Information Security
https://pentester.land/newsletter/2020/03/05/the-5-hacking-newsletter-95.html
pentester.land
The 5 Hacking NewsLetter 95
Our weekly favorite websec videos, articles, tips, tweets and more, curated with love for hackers by a hacker!
Information Security
https://gist.github.com/davydany/0ad377f6de3c70056d2bd0f1549e1017
Gist
IP Tables (iptables) Cheat Sheet
IP Tables (iptables) Cheat Sheet. GitHub Gist: instantly share code, notes, and snippets.
Information Security
https://zon8.re/posts/exploiting-an-accidentally-discovered-v8-rce/
zon8.re
Exploiting an Accidentally Discovered V8 RCE
Please start opening your eyes, if you have something that crashes, don’t just ignore it, don’t just click away…
Take the time to look at what happened, if you surf to a page with your web browser and your web browser disappears, and you surf to the page…
Information Security
https://docs.microsoft.com/en-us/windows-hardware/drivers/network/packet-injection-functions
Docs
Packet Injection Functions - Windows drivers
Information Security
https://medium.com/@ismailtasdelen/sql-injection-payload-list-b97656cfd66b
Medium
SQL Injection Payload List
PayloadBox
Information Security
https://github.com/blabla1337/skf-labs
GitHub
GitHub - blabla1337/skf-labs: Repo for all the SKF Docker lab examples
Repo for all the SKF Docker lab examples. Contribute to blabla1337/skf-labs development by creating an account on GitHub.
Information Security
https://github.com/scriptingxss/IoTGoat
GitHub
GitHub - scriptingxss/IoTGoat: IoTGoat is a deliberately insecure firmware based on OpenWrt.
IoTGoat is a deliberately insecure firmware based on OpenWrt. - GitHub - scriptingxss/IoTGoat: IoTGoat is a deliberately insecure firmware based on OpenWrt.
Information Security
https://www.zerodayinitiative.com/blog/2020/3/5/cve-2020-2555-rce-through-a-deserialization-bug-in-oracles-weblogic-server
Zero Day Initiative
Zero Day Initiative — CVE-2020-2555: RCE Through a Deserialization Bug in Oracle’s WebLogic Server
Insecure deserialization vulnerabilities have become a popular target for attackers/researchers against Java web applications. These vulnerabilities often lead to reliable remote code execution and are generally difficult to patch. In this blog post, we will…
Information Security
https://packetstormsecurity.com/files/156642/php_fpm_rce.rb.txt
Packetstormsecurity
PHP-FPM 7.x Remote Code Execution ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
Information Security
Univ of Cincinnati makes graduate-level Malware Analysis course public
https://class.malware.re
Information Security
https://www.bugcrowd.com/blog/hacking-unicode-like-a-boss/
Bugcrowd
Hacking Unicode Like a Boss | @Bugcrowd
This guest post was authored by Charlie Eriksen, Bugcrowd researcher and CTO of Adversary. Adversary delivers a platform that provides technical security training and education opportunities with a focus on hands-on learning. In this blog he’s sharing a fantastic…
Information Security
https://www.imperva.com/blog/remote-file-inclusion-rfi-detecting-the-undetectable/
Blog
Remote File Inclusion (RFI) - Detecting the Undetectable | Imperva
Intro Remote File Inclusion [RFI] is an attack exploiting the functionality in web applications which allows the inclusion of external source code without validating its content or origin. An RFI payload is a link that points to a malicious file that an application…
Information Security
https://medium.com/@andripwn/wordpress-multiple-vulnerabilities-in-simple-login-log-plugin-19dc6560ca51
Medium
Wordpress: Multiple Vulnerabilities in Simple Login Log Plugin
WordPress: Multiple Vulnerabilities in Simple Login Log Plugin
Information Security
#bugbountytips
https://t.co/2NIihwQCkH
https://t.co/h0KZQXKgvv
https://t.co/UAOqDLhbmu
https://t.co/nHZ59cQEFD
https://t.co/pvs1EGuzwh
https://t.co/FzMeSXoHjb
https://t.co/1wwN432vtU
#bugbounty
Information Security
https://www.hackingarticles.in/evil-ssdp-spoofing-the-ssdp-and-upnp-devices/
Hacking Articles
Evil SSDP: Spoofing the SSDP and UPnP Devices - Hacking Articles
TL; DR Spoof SSDP replies and creates fake UPnP devices to phish for credentials and NetNTLM challenge/response. Disclaimer Table of Content Introduction What is SSDP?
Information Security
https://www.kazamiya.net/mssql_4n6-02
Information Security
https://github.com/AlexisAhmed/BugBountyTools
GitHub
GitHub - AlexisAhmed/BugBountyTools: Tools that i personally use for Bug Bounty Hunting and web assessments.
Tools that i personally use for Bug Bounty Hunting and web assessments. - GitHub - AlexisAhmed/BugBountyTools: Tools that i personally use for Bug Bounty Hunting and web assessments.
