Twitter | Pretraživanje | |
Mr. Fuzzy
649
Tweetovi
2.564
Pratim
73
Osobe koje vas prate
Tweetovi
Mr. Fuzzy proslijedio/la je tweet
Sean Gallagher 19 h
I feel like I'm writing the same stories over and over again and it never seems to change anything: Somebody didn't patch. Somebody didn't test. Somebody bought and forgot. Somebody thought security through obscurity works. Somebody didn't respond to a vulnerability report.
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
TrustedSec 18 h
Secret's out! announces the release of the TrustedSec Community Guide. Discover the vision for making the guide and how you can contribute to making the best for all things sysmon!
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
The Cyber 7 h
Not sure if there's a better CTI tool than pDNS. Maybe VTI?
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
Vala Afshar 18 h
If you want to master something, teach it. The more you teach, the better you learn. Teaching is a powerful tool to learning. —Professor Richard Feynman
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
Vala Afshar 6. velj
Listen to David Bowie’s stunningly accurate understanding of the power of the Internet in 1999 - worldwide web was only 6 years old. “I think the potential of what the Internet can do for society, both good and bad, is unimaginable.”
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
Vala Afshar 5. velj
The ability to remove clutter and to simplify is a superpower.
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
Metasploit Project 4. velj
Last year, researched and published a command-and-control module for SMB DOUBLEPULSAR. Since then, we've researched and reverse-engineered the RDP version of the implant. Today we're publishing that research and a module for it. Details:
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
dawgyg 4. velj
When testing for SSRF using a black list, take internal IP addresses and when encoding them, dont encode entire IP. Encode 1 octet of the IP address, or 2 or 3. For Instance: AWS Metadata - 0251.254.169.254 (this got the $160,000 payout in Oct 2018)
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
Doyensec 3. velj
Our first blog post of 2020 is out! Learn about how we discovered a heap overflow in the F-Secure Internet Gatekeeper, which leads to unauthenticated RCE
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
Xentropy 1. velj
I was tired of outdated XSS cheat sheets that don't touch on frameworks, html5, filter bypasses and other important stuff, so I made my own. I hope you find it as useful as I do. :)
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
Inanc Gumus 16. kol
🎁 1000+ exercises are waiting for you. From the simplest ones to the advanced. Check out: PS: I salute you if you can solve the advanced slice exercises.
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
HD Moore 27. sij
Flamingo is a new open source tool from for capturing credentials sprayed by IT and security products: (h/t to for HTTP NTLM support!)
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
ً 31. sij
If you are stressed, here is an old Asian grandma making tofu
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
PaulM 2. ruj
There are multiple legitimate, free tunneling services that are routinely used by attackers to evade defenses: ngrok[.](com|io) portmap[.](com|io) serveo[.]net localtunnel[.]me pagekite[.]net Hunt for these domains. Also hunt for long-running TCP connections with dstport>10000.
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
Clément Notin 3. ruj
success story: 1. Steal .keytab file from a Linux server for a webapp using Kerberos authentication🕵️ 2. Extract Kerberos service encryption key using 3. Create silver ticket using 🥝 and pass-the-ticket 4. Browse the target 5. Profit!😉
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
Julian Horoszkiewicz 27. pro
PE Import Table hijacking as a way of achieving persistence/exploiting DLL side loading (Christmas blog post 😉):
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
ΜΔDΞRΔS 1. velj
Deleting your digital footprint: Consumer Reporting Requesting Consumer Scoring data from companies like Sift (who collects/uses millions of datapoints)
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
dawgyg 27. pro
Thinking about getting stoned and starting the blog back up tonight with the first post a basic intro to bug hunting, and some of my routine for hunting bugs. If this can get 100 retweets then I'll start on it, otherwise xbox sounds like just as much fun lol.
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
Alexandre Borges 13. pro
Finally: Malwoverview 2.0 (in Python 3.x) is available! There're so many news, so it's better to check on the GitHub ;)
Reply Retweet Označi sa "sviđa mi se"
Mr. Fuzzy proslijedio/la je tweet
elan gale 29. sij
I’ve got some NEWS for you people about WHY your salads are dull and flavorless. Are you ready for some NEWS???
Reply Retweet Označi sa "sviđa mi se"