Information Security
@sec_nerd_en
408
subscribers
157
photos
5
videos
9
files
2.28K
links
Information Security News
we are
@sec_nerd
twin brother
Download Telegram
Join
Information Security
408 subscribers
Information Security
https://github.com/cr0hn/festin
GitHub
GitHub - cr0hn/festin: FestIn - Open S3 Bucket Scanner
FestIn - Open S3 Bucket Scanner. Contribute to cr0hn/festin development by creating an account on GitHub.
Information Security
https://github.com/irsl/CVE-2020-1313
GitHub
GitHub - irsl/CVE-2020-1313: Proof of concept exploit of Windows Update Orchestrator Service Elevation of Privilege Vulnerability
Proof of concept exploit of Windows Update Orchestrator Service Elevation of Privilege Vulnerability - irsl/CVE-2020-1313
Information Security
https://twitter.com/jas502n/status/1281631563017367552
Twitter
Jas502n
#CVE-2020-5902 bypass Rules /hsqldb; bypass /hsqldb%0a fix: https://t.co/i5VkDCunU0
Information Security
https://csea-iitb.github.io/IITBreachers-wiki/2020/08/01/Hacking-Sites.html
csea-iitb.github.io
Hacking sites - CTF-wiki
There are plethora of challenge/hacking sites where one could find cool challenges any time of the year.Some of them are ranked and have their own scoreboard...
Information Security
https://medium.com/@pranavvenkats/how-i-got-6000-from-google-a4670aa4158d
Medium
How I got 6000$ from #Google
Hey all ,
Information Security
http://www.economyofmechanism.com/office365-authbypass.html
Economy of mechanism
The road to hell is paved with SAML Assertions
Cross Domain Authentication Bypass in Office 365
Information Security
https://googleprojectzero.blogspot.com/2020/08/exploiting-android-messengers-part-1.html
Blogspot
Exploiting Android Messengers with WebRTC: Part 1
Posted by Natalie Silvanovich, Project Zero This is a three-part series on exploiting messenger applications using vulnerabilities in We...
Information Security
https://github.com/odedshimon/BruteShark
GitHub
GitHub - odedshimon/BruteShark: Network Analysis Tool
Network Analysis Tool. Contribute to odedshimon/BruteShark development by creating an account on GitHub.
Information Security
https://github.com/jmdx/TLS-poison/
GitHub
GitHub - jmdx/TLS-poison
Contribute to jmdx/TLS-poison development by creating an account on GitHub.
Information Security
https://sidechannel.tempestsi.com/path-traversal-vulnerability-in-securenvoy-impacts-on-remote-command-execution-through-file-upload-ec2e731bd50a
Medium
Path Traversal Vulnerability in SecurEnvoy impacts on remote command execution through file upload
Tempest’s consulting team has found a vulnerability in the SecurMail module of the SecurEnvoy product. SecurMail promises to securely send…
Information Security
https://medium.com/@TheJulfikar/how-i-won-my-first-bounty-in-15-seconds-da5789f13258
Medium
How I Woned My First Bounty In 15 Seconds
Hello peoples, I’m Muhammad Julfikar Hyder from Bangladesh back again with my first bounty story today. You can also read my previous blog…
Information Security
https://medium.com/walmartglobaltech/hacking-cisco-sd-wan-vmanage-19-2-2-from-csrf-to-remote-code-execution-5f73e2913e77
Medium
Hacking Cisco SD-WAN vManage 19.2.2 — From CSRF to Remote Code Execution
Introduction
Information Security
https://ssd-disclosure.com/ssd-advisory-terramaster-os-exportuser-php-remote-code-execution/
SSD Secure Disclosure
SSD Advisory - TerraMaster OS exportUser.php Remote Code Execution - SSD Secure Disclosure
TL;DR Find out how we exploited an unauthenticated TerraMaster OS vulnerability and gained root access to the device. Vulnerability Summary TerraMaster Operating System (TOS) is an operating system designed for TNAS devices. Invalid parameter checking in…
Information Security
http://www.righto.com/2020/08/latches-inside-reverse-engineering.html
Righto
Latches inside: Reverse-engineering the Intel 8086's instruction register
The Intel 8086 microprocessor is one of the most influential chips ever created; it led to the x86 architecture that dominates desktop an...
Information Security
https://blog.jonlu.ca/posts/reversing-lyft
JonLuca’s Blog
Reversing Lyft’s ride history API to analyze 6 years worth of rides
A couple years back I built Uber Trip Stat’s (now renamed to RideShare Trip Stats after a C&D from Uber), because I was interested in how much money I had spent on Uber over...
Information Security
https://code.firstlook.media/how-to-defend-against-pegasus-nso-group-s-sophisticated-spyware
Information Security
https://github.com/eyalitki/presentations
GitHub
GitHub - eyalitki/presentations: Collection of my slide decks & conference videos
Collection of my slide decks & conference videos. Contribute to eyalitki/presentations development by creating an account on GitHub.
Information Security
https://malwareandstuff.com/linux-windows-internals-process-structures/
Malware and Stuff
Linux/Windows Internals – Process structures
Having an overview of the running processes on the operating system is something we usually take for granted. We can’t think of working without fundamental features like that. But how does th…
Information Security
https://pentestlab.blog/2018/07/04/dumping-domain-password-hashes/
Penetration Testing Lab
Dumping Domain Password Hashes
It is very common during penetration tests where domain administrator access has been achieved to extract the password hashes of all the domain users for offline cracking and analysis. These hashes…
Information Security
https://github.com/ucgJhe/Qdb
GitHub
ucgJhe/Qdb
A multi-architecture and cross-platform debugger baked by Qiling Framework - ucgJhe/Qdb
