| Tweetovi |
| muuk proslijedio/la je tweet | ||
|
Faraz Khan
@securityidiots
|
29. lip |
|
CollabOzark is a simple tool which helps the researchers track SSRF, Blind XSS, XXE, SQLi, External Resource Access payloads triggers. github.com/securityidiots…
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
/r/netsec
@_r_netsec
|
4. velj |
|
ESLinter - a Burp Extension to Extract and ESLint JavaScript github.com/parsiya/eslint…
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
Root Cause
@rtcz_io
|
4. velj |
|
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
OccupytheWeb
@three_cube
|
4. velj |
|
Android Hacking: How to Embed a Backdoor into a Legitimate APK #androidhacking #apk #cybersecurity #cyberwarrior
bit.ly/2F208YF pic.twitter.com/tU4s5x1YHC
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
Planet Arduino
@planetarduino
|
4. velj |
|
A Simple App Controlled Door Lock - #arduino hackaday.com/2020/01/16/a-s…
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
meh
@mehqq_
|
6. ožu 2018. |
|
Found another off-by-one remote code execution vulnerability (CVE-2018-6789) in Exim mail server! It was challenging but interesting and we finally achieve RCE and bypass mitigations (ASLR, NX …) successfully. Details here:
devco.re/blog/2018/03/0…
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
The Hacker's Choice
@hackerschoice
|
23. ožu 2018. |
|
new tools: afl-fuzz with pintool github.com/vanhauser-thc/…, afl-simulator github.com/vanhauser-thc/… ... have fun! #thc #fuzzing #afl
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
hanno
@hanno
|
21. sij 2019. |
|
Apache httpd use after free bugs (unfixed) github.com/hannob/apache-…
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
Roderick Schaefer
@kciredor_
|
29. ruj |
|
Woohoo got 2 new CVE’s on Foxit Reader foxitsoftware.com/support/securi… CVE-2019-13123 and CVE-2019-13124. Happy Sunday! ;-)
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
Paul Seekamp
@nullenc0de
|
2. ožu |
|
Need privilege escalation? Have access to SMB and NFS shares? Automate looking for credentials!
1) pip3 install -r requirements.txt
sudo apt-get install cifs-utils
2) git clone github.com/nikallass/shar…
3) python3 sharesearch.py -p all -w -v -H hosts.lst -C creds.lst pic.twitter.com/7kvsSeNs1D
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
Daniel Cocking
@dcocking7
|
4. ožu |
|
link.medium.com/AySwgo8PMU An Introduction to file format fuzzing where we find a previously unknown vulnerability in a real-world piece of software and exploit it to gain code execution. Enjoy!
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
Patrik Fehrenbach🤖
@ITSecurityguard
|
8. ožu |
|
Happy Friday!
have you ever stumbled over this and asked yourself whats next? Try to append ?wsdl at the end of the URL to get the entire description of the application, use github.com/NetSPI/Wsdler to parse the necessary POST / GET requests
#bugbountytip #bugbountytips pic.twitter.com/9MHjlmEXIQ
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
Somdev Sangwan
@s0md3v
|
10. ožu |
|
Here's my research paper about bypassing WAFs for XSS ❤️
github.com/s0md3v/MyPaper…
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
Teddy Katz
@not_aardvark
|
23. stu |
|
New blogpost about an account takeover bug. This one took awhile to figure out blog.teddykatz.com/2019/11/23/jso…
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
Nacho Sanzu © 🇪🇸
@morodog
|
31. sij |
|
#cybersecurity #ethicalhacking S3Enum – Fast Amazon S3 Bucket Enumeration Tool For Pentesters: s3enum is a tool to enumerate a target’s Amazon S3 buckets. It is fast and leverages DNS instead of HTTP,... The post S3Enum – Fast Amazon S3 Bucket… bit.ly/37GlmKo
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
raptor
@0xdea
|
2. velj |
|
I’ve just published my exploit for the LPE and RCE in OpenBSD’s OpenSMTPD recently disclosed by @qualys
You can find it here:
github.com/0xdea/exploits…
#opensmtpd_too_open pic.twitter.com/q1ykEhz7vh
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
Aliaksei Chapyzhenka
@wavedrom
|
3. velj |
|
Memory Maps are bread and butter of chip design. I see a lot of artistic creativity looking into datasheets. github.com/drom/bitfield/…
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
Michael Hausenblas
@mhausenblas
|
3. velj |
|
Yo @awscloud Lambda folks, if you’re into layers I might have something for you: The Lambda Layer Inspector (l2i). A CLI inspection tool w/ binaries for Linux, macOS, and Windows, see:
github.com/mhausenblas/l2i
CC: @chrismunns @brianleroux @edjgeek @jbesw
#serverless #tooling pic.twitter.com/5r38wLiv0I
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
💾 Astr0 Baby
@astr0baby
|
3. velj |
|
Seems that Windows 10 arm64 10.0.19033.1 does not ship the
CVE-2020-0601 patch .. github.com/ollypwn/CurveB… works perfectly for signing custom meterpreter payloads to execute on the Arm64 windows 10 box :) pic.twitter.com/8ZFyg99bS8
|
||
|
|
||
| muuk proslijedio/la je tweet | ||
|
Anastasis KingStyle
@Anastasis_King
|
3. velj |
|
Python-Backdoor:-- Hidden and undetectable #Backdoor written in #python3
#Download #Link:-
github.com/xp4xbox/Python…
|
||
|
|
||