8092
showing only twitter [see all]
GitHub - skorov/ridrelay: Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.
RT : Enumerate usernames on an internal network domain where you have no creds by using SMB Relay with low priv
from twitter
yesterday
Twitter
RT : Apple Safari - Wasm Section Exploit : (pdf)
from twitter
yesterday
Daedalus – Though the Maze of Code // Speaker Deck
RT : Daedalus: state-of-the-art of code obfuscation, and JS code tricks by
Slides:
Conf…
from twitter
2 days ago
Twitter
RT : Daedalus: state-of-the-art of code obfuscation, and JS code tricks by
Slides:
Conf…
from twitter
2 days ago
Stored XSS on Facebook | OpnSec
RT : 3 stored XSS in facebook, documented in a great write-up by
from twitter
2 days ago
Twitter
RT : Look for wadl/wsdl files (also variations like "svc?wsdl", "asmx?wsdl", "/?_wsdl","/?_wadl") and parse it with too…
from twitter
3 days ago
Tags
RT : Some nice writeup you should read it.
from twitter
4 days ago
Untitled (https://arxiv.org/pdf/1804.04014.pdf)
PowerHammer: Exfiltrating Data from Air-Gapped Computers through Power Lines
from twitter
5 days ago
GitHub - peikexin9/deepxplore: DeepXplore code release
RT : It looks like the code for DeepXplore, which fuzzes neural networks based on neuron coverage, is available now:
from twitter
6 days ago
Twitter
RT : Breaking CFI: Exploiting CVE-2015-5122 using COOP :
from twitter
7 days ago
Remote Hash Extraction On Demand Via Host Security Descriptor Modification
RT : Remote Hash Extraction On Demand Via Host Security Descriptor Modification : , An ACE in t…
from twitter
7 days ago
Twitter
RT : Remote Hash Extraction On Demand Via Host Security Descriptor Modification : , An ACE in t…
from twitter
7 days ago
Use Windows Event Forwarding to help with intrusion detection (Windows 10) | Microsoft Docs
RT : Use Windows Event Forwarding to help with intrusion detection (Windows 10) | Microsoft Docs
from twitter
7 days ago
Twitter
RT : Highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W (required for…
from twitter
8 days ago
Twitter
RT : The detailed breakdown of the remote reg DACL modification work from , , and myself - "Remote Has…
from twitter
8 days ago
(500) http://codetective.py
Find secrets in code with Codetective:
python -r -d mypath -m 80 -t secrets
from twitter
8 days ago
Untitled (https://www.youtube.com/watch?v=OvarkOxxdic&app=desktop)
RT : The new Same Origin Method Execution talk is out with adv aspects, playground and tools:
SOMEAttack  HITB2017AMS  from twitter
9 days ago
Gynvael - Mission 22 - Solution
RT : Gynvael - Mission 22 - Solution with r2
from twitter
9 days ago
Twitter
RT : For those who might find it interesting, just wrote a guide on how to setup a Burp Collaborator Server on a typical…
from twitter
10 days ago
Twitter
RT : 2 interesting vectors by
;[].constructor.prototype.join=function(){return'pwnd'};eval('alert(1)')

im…
from twitter
10 days ago
Twitter
RT : goGetBucket - A Penetration Testing Tool To Enumerate And Analyse Amazon S3 Buckets Owned By A Domain…
from twitter
11 days ago
Twitter
RT : If you ever have to compile Python scripts to Windows executables, have a look at this Docker image. It's the clean…
from twitter
12 days ago
Twitter
RT : Thanks for the warm welcome ! The slides for , , and my presentation "The Unintended R…
from twitter
12 days ago
Untitled (https://papers.mathyvanhoef.com/opcde2018-slides.pdf)
RT : Slides of my presentation "Improved KRACK Attacks Against WPA2 Implementations" at
opcde2018  from twitter
12 days ago
Payload Generation using SharpShooter – MDSec
RT : Payload Generation using SharpShooter

great writeUp

awesome code
from twitter
12 days ago
GitHub - mdsecactivebreach/SharpShooter: Payload Generation Framework
RT : Payload Generation using SharpShooter

great writeUp

awesome code
from twitter
12 days ago
Twitter
RT : Payload Generation using SharpShooter

great writeUp

awesome code
from twitter
12 days ago
Twitter
RT : Pushed using angr to find IOCTL codes and dumping pool tags in IDA
from twitter
13 days ago
(429) https://twitter.com/i/web/status/982216053508882433
RT : CVE-2018-0763: MS Edge type confusion in CSS parsers.
Tweetable poc => <script>document.write("<style>*{box-shadow…
from twitter
13 days ago
Twitter
RT : development has officially restarted, you can see the progress of the new implementation here…
OpenSnitch  from twitter
14 days ago
Project Zero: aPAColypse now: Exploiting Windows 10 in a Local Network with WPAD/PAC and JScript
Project Zero: aPAColypse now: Exploiting Windows 10 in a Local Network with WPAD/PAC and JScript
from twitter
14 days ago
Twitter
RT : are you the googler quoted in the SEL article?

I'd love to hear your though…
from twitter
14 days ago
Twitter
RT : It's easy to find bugs when you know how to build the right tools. Check out our blog to learn how to model vulnera…
from twitter
15 days ago
Twitter
RT : Use a Moxa AWK in an industrial environment? Maybe on autonomous vehicles? Well, I hope you got your shittin' pants…
from twitter
16 days ago
Twitter
RT : Our latest research blogpost is out!

Beyond XSS: Edge Side Include Injection
Abusing Caching Servers into SSRF and…
from twitter
16 days ago
Twitter
RT : disclosed a bug submitted by obmihail: - Bounty: $5,000
hackerone  from twitter
16 days ago
HackerOne
RT : disclosed a bug submitted by obmihail: - Bounty: $5,000
hackerone  from twitter
16 days ago
Twitter
RT : Intel FSP reverse engineering : Finding the real entry point! : cc
from twitter
16 days ago
Hakluke’s Ultimate OSCP Guide: Part 3 — Practical hacking tips and tricks
RT : Ultimate OSCP Guide : Practical hacking tips and tricks (Part 3) : , Part 2 :  Workflow…
from twitter
16 days ago
Twitter
RT : Ultimate OSCP Guide : Practical hacking tips and tricks (Part 3) : , Part 2 :  Workflow…
from twitter
16 days ago
Twitter
RT : The 500M hashlist from is now fully available on with more than 99…
from twitter
17 days ago
Hashes.org - Home
RT : The 500M hashlist from is now fully available on with more than 99…
from twitter
17 days ago
DiskShadow: The Return of VSS Evasion, Persistence, and Active Directory Database Extraction – | bohops |
RT : DiskShadow: The Return of VSS Evasion, Persistence, and Active Directory Database Extraction
from twitter
20 days ago
GitHub - tandasat/DdiMon: Monitoring and controlling kernel API calls with stealth hook using EPT
RT : Monitoring and controlling kernel API calls with stealth hook using EPT [Full Sources, Video and PDF Papers - Se...
from twitter
20 days ago
Twitter
RT : The PS4 4.55/FreeBSD BPF kernel exploit writeup is now up on my GitHub repo! The bug is present on any system runni…
from twitter
20 days ago
Twitter
RT : Windows 7 Meltdown patch opened up a new vulnerability (on Win7 & Win Serv 2008): arbitrary memory read & write 😱…
from twitter
22 days ago
Windows Kernel Exploitation Tutorial Part 7: Uninitialized Heap Variable - rootkit
RT : Windows Kernel Exploitation Tutorial (Part 7): Uninitialized Heap Variable : , Part 6 : Uni…
from twitter
29 days ago
Twitter
RT : Windows Kernel Exploitation Tutorial (Part 7): Uninitialized Heap Variable : , Part 6 : Uni…
from twitter
29 days ago
Breaking the Ledger Security Model | Saleem Rashid
RT : Full technical write-up, video demonstration and proof-of-concept code for hardware wallet vulnerability.
from twitter
4 weeks ago
Untitled (https://www.youtube.com/watch?v=mpfKN1URqdQ)
RT : OffensiveCon18 - Vitaly Nikolenko - Concolic Testing for Kernel Fuzzing and Vulnerability Discovery
from twitter
4 weeks ago
Twitter
RT : Exploitation on ARM-based Systems
[SLIDES] by presented at
MobileSecurity  from twitter
4 weeks ago
Damn Small Vulnerable Web in Docker – Appsecco
RT : Damn Small Vulnerable Web in Docker > practice web app attacks in a 50mb docker
hacking  infosec  webapp  h4ck  from twitter
4 weeks ago
Twitter
RT : Updated my repository + pushed the final Free Float FTP exploit | fuzze…
Pentesting  from twitter
4 weeks ago
Twitter
RT : Event IDs to look for on DCs, from 's talk
TR18  from twitter
4 weeks ago
weppy - the web framework for humans
weppy - full-stack python web framework designed with simplicity in mind
from twitter
4 weeks ago
« earlier      
#blog #fr #hacking #homepage #js #security 00 01 02 03 05 06 0day 159460 2009 31c3 32c3 44con academic activedirectory adfsl ai alabama analysis androguard android anonym8 anonymous antisandbox antisec apple apps appsec architecture arm arp arpy art ashley aslr asm audit auditingtool awesome aws b2b backdoor backdoors backtrack backup bash belgrade beroot bheu bhusa bigdata binwalk birmingham bitlocker bittorrent blackhat blackhateu blackhole blind_sqli blog blogpost blueteam bluetooth bm book books boot boot2root bootkit bro_ids browser browsers brucon bruteforce bruteforcer bsideschallenge bsideslisbon bsideslondon bugbounty burp bypass campc canvas capstone capstoneinside captcha capture centos charliehebdo chart cheatsheet checkitout checklist chisel chrome cisco ciscotalos civ climber cloud cms cocoa code codebits codebits2011 codetainer coding colorado comedy comic conf confoo connections crack crackme crawler cronjob crossplatformdisassembler crosssitescripting crowbar crypto cryptohaven cryptoparty cryptowall csp csrf css ctf cuckoo curiosity cyber cyber_warfare cybercrime cybersecurity dahboo7 dailywtf data dataexfiltrationtoolkit datascience db dbgkit dc4420 deal deals debugger debugging decompiler deeplearning defcon defense derbycon design det detection dev devel devops dfir dfirsummit dfrws dirtycow disassembler discover diy dl dll dns doc docker dockersecurity dominator dos dropbox duqu earth eclipse elasticsearch electronics elf elixirlang emacs emet empire encryption equationgroup erlang escalating ettercap event exploit exploitation exploitkit fail fb firefox flame forensic forensics foss fr framework free freebsd fridayreads fun funny future fuzzer fuzzing game gamedev games gaming gdb geek geographyofpoverty git github gnome gnu golang google googleplay graph graphs grrcon gtd gui hack hack2learn hacker hackerone hackers hackersonlineclub hacking hackingteam hacklu hackpra hardening hardware hash hashcat heartbleed hitb2016ams hitb2017ams hitbgsec homepage honeypot howto html html5 https humor hunter icloud icon icons ida ids ie ie6 ie9 infosec infrastructure injection ioc ios iphone ipv6 ipython iso it italy itsec j2ee j2eescan jaff java javaone javascript jesuischarlie jobs jquery js jsrat jvm kali kalilinux katoolin kekeo kernel keylogger kibana lab learn leopard lfi libsigrokdecode links linux live locky lowpower lynis mac macbook machinelearning macos macosx mail maltego malware malwareanalysis malwaremustdie manager manual map math mbr metasploit microsoft mimikatz mitm mobile model modeling money monitoring moon movies movp mq msf mysql nasa neo4j netbook netsec network networking neutrinobot news nginx nginxday nmap nodejs noriben notsosecure nsa nsm ntp numpy ohm2013 oldschool oldschoolbackdoors oleoutlook ollydbg opensource openssl oprahssl oracle os oss osx owasp pacsec pandas paper password patch pdf pe penetrationtest pentest pentesters pentesting pentestlab perceptual persistence personal pestudio pgp phishing php pki plot poc poc2014 portable portugal postgresql powershell privacy privilegeescalation processexplorer productivity programming proxy pshitt pwn2own python qt quotes ransomware raspberrypi raspberrypi2 rce re realtime recipes recon14 reconmtl regex rehints rekall remcos remwa repy2exe retrogaming reverse reverse_engineering reverseengineering reversing rkt rodeoide root rop ror rowhammer ruby ructfe samba sandbox sans sanspentestblog scada scanner screencast screencasts sdo search sec14 security securitymanager seo serbia shadowbrokers shellcode shellcoding shellter slides sniffer snippet snmp snowleopard social software source sp17 space splunk sqli sqlilab sqlinjection ss7map ssh ssl starttls startups stat stats stuxnet sun suricata svg sync sysadmin syslog tbt tech terminal testbed thn threat threathunting tip tips tool tools toolswatch tor tr16 tricks trojan truestory tutorial tv tweak ubuntu ue4 uefi ui unix url usa usb usenix vault7 video videos vietnam virginia virtualization viz vm voip volatility vpn vulnerability vulnhub waf wearables web web-dev web2py webapp webdev websec websecurity webvulscan wii wikileaks win windbg windows windows8 wordpress worldphotographyday wpa wpscan writeup wxpython x64dbg xslt xss xxe yara zeronighs zeronights

Copy this bookmark:



description:


tags: