Information Security – Telegram

Information Security

408 subscribers

157 photos

5 videos

9 files

2.28K links

Information Security News

we are @sec_nerd twin brother

Download Telegram

About

Blog

Apps

Platform

Information Security

408 subscribers

Information Security

https://github.com/cynops/Frida-Hooks/tree/master/RDP_Rogue

cynops/Frida-Hooks

Contribute to cynops/Frida-Hooks development by creating an account on GitHub.

113 views18:30

Information Security

https://hackerone.com/reports/701183

Node.js third-party modules disclosed on HackerOne: [tree-kill] RCE...

I would like to report a `RCE` issue in the `tree-kill` module.
It allows to execute `arbitrary commands remotely inside the victim's PC`

# Module
**module name:** `tree-kill`
**version:**...

107 views18:33

Information Security

http://download.nccst.nat.gov.tw/attachfilenew/Shaoye%20Botnet%20Affecting%20Network%20Devices%20in%20Asia-Pacific.pdf

105 views18:49

Information Security

https://github.com/sachinkamath/ntlmrecon

GitHub - pwnfoo/NTLMRecon: Enumerate information from NTLM authentication enabled web endpoints 🔎

Enumerate information from NTLM authentication enabled web endpoints 🔎 - pwnfoo/NTLMRecon

98 views18:56

Information Security

http://www.peppermalware.com/2019/12/analysis-of-malicious-electrumx-servers.html

Analysis of Malicious ElectrumX Servers Source Code

Blog about computer security, malware and reverse engineering.

91 views18:59

Information Security

https://seclists.org/oss-sec/2019/q4/122

oss-sec: [CVE-2019-14899] Inferring and hijacking VPN-tunneled TCP connections.

95 views19:00

Information Security

https://itm4n.github.io/localservice-privileges/

Give Me Back My Privileges! Please?

I want to tell you the story of a service account which lost all its powers (a.k.a. privileges). Windows world is getting increasingly ruthless and when the system considers you are not worthy, this is what happens. Fortunately for our service account, all…

551 views19:02

Information Security

https://github.com/FuzzySecurity/PowerShell-Suite

GitHub - FuzzySecurity/PowerShell-Suite: My musings with PowerShell

My musings with PowerShell. Contribute to FuzzySecurity/PowerShell-Suite development by creating an account on GitHub.

97 views19:03

Information Security

http://www.labofapenetrationtester.com/2014/11/powershell-for-client-side-attacks.html

Labofapenetrationtester

Using PowerShell for Client Side Attacks

Home of Nikhil SamratAshok Mittal. Posts about Red Teaming, Offensive PowerShell, Active Directory and Pen Testing.

93 views19:59

Information Security

https://posts.specterops.io/attacking-freeipa-part-ii-enumeration-ad27224371e1

Attacking FreeIPA — Part II Enumeration

In Part I of this series, we reviewed some of the background and underlying technologies utilized by FreeIPA. We also discussed several…

98 views20:01

Information Security

https://www.forensicfocus.com/News/article/sid=3750/

Forensic Extraction Of Data From Mobile Apple Devices

99 views20:02

Information Security

https://labs.nettitude.com/blog/cve-2019-12750-symantec-endpoint-protection-local-privilege-escalation-part-1/

CVE-2019-12750: Symantec Endpoint Protection Local Privilege Escalation – Part 1

A malicious application can take advantage of a vulnerability in Symantec Endpoint Protection to leak privileged information and/or execute code with higher privileges, thus taking full control over the affected host.

107 views20:03

Information Security

CVE-2019-19609 Strapi Framework Post-Auth RCE

curl -H $'Authorization: Bearer [jwt]' ... --data {"plugin": "documentation && $(whoami > /tmp/whoami)","port":"1337"}

https://bittherapy.net/post/strapi-framework-remote-code-execution/

Strapi Framework Vulnerable to Remote Code Execution (CVE-2019-19609)

CVE: CVE-2019-19609
Vendor: Strapi (https://strapi.io)
Product: Strapi Framework
Version Affected: strapi-3.0.0-beta.17.7 and earlier
Fix PR: https://github.com/strapi/strapi/pull/4636
NPM Advisory: https://www.npmjs.com/advisories/1424
Description:
“Manage…

116 views07:24

Information Security

https://immersivelabs.com/2019/12/04/aviatrix-vpn-client-vulnerability/

Immersive Labs Unearths Vulnerability in Aviatrix VPN - Immersive Labs

Aviatrix, an enterprise VPN company with customers including Nasa, Shell and BT, has recently patched a vulnerability uncovered by Immersive Labs researcher and content engineer Alex Seymour.

115 views07:28

Information Security

https://maddiestone.github.io/AndroidAppRE/

193 views07:29

Information Security

https://www.hackingarticles.in/windows-for-pentester-certutil/

Hacking Articles

Windows for Pentester: Certutil

In this article, we are going to describe the utility of Certutil tool and how vital it is in Windows Penetration Testing. TL; DR Certutil

112 views11:03

Information Security

Fast DNS servers:

64.6.64.6 - verisign
1.1.1.1 - cloudflare
9.9.9.9 - quad9
84.200.69.80 - dnswatch
94.247.43.254 - opennic
89.233.43.71 - censurfridns
94.130.110.185 - dnsprivacy
208.67.222.222 - opendns

#IT #tech #news #linux #networking #DNS #Security #CyberSecurity

106 views18:08

Information Security

webapp bugbounty tips :

https://gowsundar.gitbook.io/book-of-bugbounty-tips/untitled-2
https://gowsundar.gitbook.io/book-of-bugbounty-tips/untitled-3
https://gowsundar.gitbook.io/book-of-bugbounty-tips/tips-from-jasonhaddix
https://gowsundar.gitbook.io/book-of-bugbounty-tips/tips-from-ben
https://gowsundar.gitbook.io/book-of-bugbounty-tips/tips-fro-yogoshaofficial
https://gowsundar.gitbook.io/book-of-bugbounty-tips/tips-from-user-blogs

#bugbountytips #pentesting

gowsundar.gitbook.io

Tips From @intigriti

112 views18:08

Information Security

https://i.blackhat.com/eu-19/Wednesday/eu-19-Yazdanmehr-Mobile-Network-Hacking-IP-Edition-2.pdf

172 views18:17

Information Security

https://github.com/audibleblink/passdb-frontend/

GitHub - audibleblink/passdb-frontend: Pivoting Frontend for Pre-Seeded Password Databases

Pivoting Frontend for Pre-Seeded Password Databases - audibleblink/passdb-frontend

107 views07:11