6555
Cross-Site Request Forgery Cheat Sheet - TrustFoundry
Favorite tweet:

Cross-Site Request Forgery Cheat Sheet : https://t.co/LaqMfN1hTU pic.twitter.com/hXQUqKxjIc

— Binni Shah (@binitamshah) April 21, 2019
security  xsrf  cheatsheets 
10 hours ago
Loading and Executing Shellcode From PE Resources - Red Teaming Experiments
Favorite tweet:

Was going to suggest PE resources, but I see @_xpn_ did it already. I have put together a quick walkthrough if anyone may find it useful: https://t.co/s3sezUDkkK

— spotless (@kondencuotas) April 21, 2019
c  shellcode 
10 hours ago
Twitter
This is a pretty trash take. I know plenty of really good hackers who didn’t break the law to get where they are to…
from twitter_favs
20 hours ago
Twitter
There's misconception that to be a security expert you must dabble in the dark side. It's not true. You can learn e…
from twitter_favs
23 hours ago
Twitter
If you did blackhat stuff, it isn't just cred that comes into question, it's your sense of ethics.

Be…
from twitter_favs
yesterday
Twitter
I don't like disagreeing on Twitter, but people deserve a *second chance*, which is not the same as the "it was a l…
from twitter
yesterday
asciinema - Record and share your terminal sessions, the right way
asciinema [as-kee-nuh-muh] is a free and open source solution for recording terminal sessions and sharing them on the web.
terminal  video  tools  recording  cli 
yesterday
Twitter
There's a lot of good thoughts shared in this thread. Even once actors have moved into customization, I've seen the…
from twitter_favs
yesterday
Twitter
RT : We have an entry-level, Tier 1 SOC position available.

Requirements:
- Bachelor's Degree (Master's pr…
from twitter
2 days ago
Discord
Here are invites to some Discord chats I have found to be helpful at times
from twitter_favs
3 days ago
Discord
Here are invites to some Discord chats I have found to be helpful at times
from twitter_favs
3 days ago
Twitter
7) use to SSL pinning in iOS (bypass certificate validation - Free) info in this post by…
from twitter_favs
3 days ago
Twitter
Neat.
* ssh(1): When prompting whether to record a new host key, accept the key fingerprint as a synonym for "yes".…
from twitter_favs
4 days ago
Twitter
Managed to recreate this today. - such an awesome technique!
from twitter_favs
4 days ago
Twitter
Slightly worrying Google search:
ConnectionClient.exe "-psw"

Instant RDP credentials.

A vendor has made a solutio…
from twitter_favs
4 days ago
Twitter
Offensive Security Certified Expert && me

- my personal review, hopefully useful for some of you 😎

from twitter_favs
5 days ago
Twitter
Let us all be grateful that Frank Gehry isn't French. And that Le Corbusier is no longer with us.
from twitter
5 days ago
Twitter
RT : I feel personally attacked
from twitter
6 days ago
AWS Risk Model
An expert forecasting session recorded the judgements of these experts for each AWS configuration. These are then tranformed into a statistical model representing their beliefs as an entire panel.
aws  risk  InfoSec  cloud 
6 days ago
GitHub - network-automation/linklight: Training Course for Ansible Network Automation
The Ansible Networking Linklight project is intended for effectively demonstrating Ansible's capabilities through instructor-led workshops or self-paced exercises.
ansible  tutorial  vm  linklight  networengineering  devops 
6 days ago
Twitter
RT : Just a reminder of the power of rebuilding.
Dresden's Frauenkirche in 1957 ... and today
from twitter
6 days ago
Confessions Of a VOIP Hacker - The Cisco Learning Network
Folks are looking for quicker ways to get the VOIP system to start paying for itself. VOIP savings are really like trying to justify the savings of being more secure. Oh sure we tech type folks know the real savings and true **** saving grace that security and in house managed VOIP provides. The problem is the Poindexter in Accounting doesn’t see it. Using the Internet as a trunk provider really provides some serious cash savings on the back end. The problem is many SIP/H323 trunks a...
voip  hacking  voice  pentest  sip 
6 days ago
Twitter
If you are running script scans with Nmap (-sC) make sure you add arguments --script-args http[.]useragent=<"actu…
from twitter_favs
6 days ago
Puppet Learning VM - Try Puppet in a downloadable virtual machine with quests
The Puppet Learning VM is an interactive tutorial and learning environment to get you started with Puppet or level up the skills you already have. Explore the technology in depth with a series of detailed multi-step quests. Working through the Puppet Enterprise console GUI and Linux command-line, you'll learn the building block concepts of Puppet such as resources, manifests, classes and modules, then move on to more advanced topics including defined resource types and application or...
automation  learning  puppet  vm  devops 
7 days ago
GitHub - olafhartong/sysmon-modular: A repository of sysmon configuration modules
A repository of sysmon configuration modules

BUILD SYSMON CONFIGS OUT OF ONLY THE NECESSARY PARTS
windows  sysmon  monitoring  logging 
7 days ago
Twitter
Things we wouldn’t let the police do on their own, we let Google do and sell to the police.

Surveillance Economy a…
from twitter_favs
7 days ago
Twitter
Added a new function in TikiLoader to create processes as SYSTEM using CreateProcessAsUser. Useful in cases like t…
from twitter_favs
7 days ago
Twitter
RT : Hey, tech twitter! Do you use any shell history related tools? I'm creating one as my Master's project and I'm curr…
from twitter
8 days ago
(429) https://twitter.com/i/web/status/1117176129260064768
While I like sharing my work I think I'll never release a tool like DotNet2JScript again. Or at least I won't leave…
from twitter_favs
8 days ago
Twitter
Interested in Ghidra or getting started with reverse engineering? I wrote a post about Ghidra's main windows and ho…
from twitter_favs
8 days ago
Twitter
I vaguely remember a story about InGuardians doing a variation of this on an engagemen…
from twitter_favs
8 days ago
Twitter
RT : SysAdmin: Alright. Now specify your Base DN. Something like “dc=gibson,dc=com”

Me: What if I don’t know the base d…
from twitter
8 days ago
Twitter
RT : Amazon staff listen to customers’ Alexa recordings, report says | Amazon Alexa [TR: What did you expect? In order t…
from twitter
8 days ago
Twitter
I'm an APT!

An Adequate, but Persistent, Threat..
from twitter_favs
9 days ago
Twitter
There are all sorts of ways you can leverage BloodHound data to improve adversary resilience, and some don't even d…
from twitter_favs
9 days ago
Creator Subscription | Epidemic Sound
Diverse music, carefully created by composers, producers, instrumentalists and artists regularly featured on major streaming platforms. Unlimited downloads. Unlimited uploads, on all platforms.
stock  music  streaming  youtube 
9 days ago
Attacking QA platforms: Selenium Grid -
If it is possible to subscribe to the Selenium Grid a new node controlled by the Red Team it could be used to obtain the test parameterizations. In certain cases such are test cases where a valid session is needed, it becomes likely to obtain credentials or other authentication methods.

In a scenario in which a node instance can be setted, if that node has Google Chrome browser avaliable, Remote Command Execution becomes trivial through it’s command line flags.
selenium  pentest  exploit 
10 days ago
GitHub - evilmog/ntlmv1-multi: NTLMv1 Multitool
NTLMv1 Multitool

This tool modifies NTLMv1/NTLMv1-ESS/MSCHAPv2 hashes so they can be cracked with DES Mode 14000 in hashcat
hash  hashcat  ntlm  cracking  pentest 
10 days ago
Running a .NET Assembly in Memory with Meterpreter
For this article we will attempt to execute Seatbelt on the target box to help identify various PrivEsc routes. This guide will walk through the steps necessary to execute the Seatbelt assembly in-memory with our current Meterpreter foothold, much like we would do if our C2 framework was Cobalt Strike.
dotnet  metasploit  exploit  memory  pentest  windows 
10 days ago
SecuritySynapse: Wireless Pentesting on the Cheap (Kali + TL-WN722N) - WPA-PSK
In our previous article we used TP-Link’s TL-WN722N and a Kali Virtual Machine (VM) to perform wireless discovery and attack against a Wired Equivalent Privacy (WEP) network to showcase the abilities of this inexpensive and flexible setup.  In this article we will continue to test our setup by attacking our home router running WPA (Pre-Shared Key) PSK--walking you through the attack from start to finish.
cybersecurity  kali  pentest  wireless 
11 days ago
17 useful rsync (remote sync) Command Examples in Linux
In this article we will discuss 17 useful rsync command examples in Linux. rsync command is used to sync or copy files and directories locally and remotely.
cli  rsync  linux 
11 days ago
How to prevent Roku Wifi Direct from breaking 5ghz devices | Net Consonance
This should solve it. Instead of trying to interfere with the AP, the Roku goes off to an used channel far away from your wifi like it should have originally! In my case it went up to channel 165 which is as far as you can get away from my wifi AP’s channel 40. It does not appear that a reboot is necessary. However the settings persist after a reboot.
roku  troubleshooting  wifi 
11 days ago
LA Police Gear - Survival, Tactical, Military Apparel & Accessories
Welcome to LA Police Gear, your one-stop shop for the newest and coolest survival, tactical, police, military, and a variety of everyday carry gear. Find the lowest prices on must-have duty apparel, lights, bags, and accessories!
boots  equipment  military  police  tactical 
11 days ago
GitHub - Coalfire-Research/DeathMetal: Red team & penetration testing tools to exploit the capabilities of Intel AMT
dm_pickles - Duckyscript interpreter that communicates over AMT KVM (vnc) and injects keystrokes.
dm_toki - IDE-R implementation - lets you attach floopy and CD images remotely to the target computer.
dm_nathan - Is a cli that allows for configuring AMT via authenticated channel
dm_rockso - Presence and version scanner, can help you find AMT capable systems regardless of provisioning status. (works even if explicitly not-enabled)
intel  amt  scanner  pentest  hardware  bmc 
11 days ago
Twitter
I wonder how many Windows XP machines there are in this environment...

PS > Import-Module ActiveDirectory
PS > Get…
from twitter_favs
11 days ago
Twitter


(War crimes are unfunny even to me and I hope this guy get flattened in court, assuming…
from twitter
12 days ago
Twitter
RT : Super exciting announcement! released their very own Web App, Linux app and Windows Desktop App Security Scan…
from twitter
12 days ago
bellingcat - Using Phone Contact Book Apps For Digital Research - bellingcat
Using information saved through phone contact book apps is an oft-neglected resource in digital investigations, largely due to the sheer number of these apps and their invasive privacy policies.

Additionally, the vast majority of the apps in question require a phone to use them, while lacking an accessible web version of their database, making research more cumbersome. This guide will detail how to use these apps in a relatively safe context — either through an Android virtual machi...
privacy  security  osint  phone 
12 days ago
Kubernetes Cheat Sheet - Linux Academy Blog
This Kubernetes Cheat Sheet is meant to get you started with performing commands in Kubernetes and provide all the basic commands at a quick glance.
kubernetes  cheatsheet  devops 
13 days ago
How to Change Lid Close Action in Ubuntu 18.04 LTS - Tips on Ubuntu
In Ubuntu 18.04 Gnome desktop, there’s no option in Settings utility for configuring laptop lid close actions. And Gnome Tweaks only offer a switch to enable / disable ‘Suspend when laptop lid is closed’.
For those who want it automatic shutdown, hibernate, or do nothing when laptop lid is closed, here’s how to do it by hacking on the configuration file.
ubuntu  laptop 
13 days ago
15 Git Commands You May Not Know - DEV Community 👩‍💻👨‍💻
Using [Git](https://git-scm.com/) may be intimidating at times. There are so many commands and details to learn. The [documentation](https://git-scm.com/docs), however, while being immense, is still greatly accessible. Once you overcome the initial feeling of being overwhelmed, the things will start to fall into place. Here is a list of 15 Git commands that you may not know yet, but hopefully they will help you out on a journey to master this tool.
git 
13 days ago
Twitter
A thread, posted long before the current opposite take, that I think I agree with.
from twitter
13 days ago
Texas Tech fans need to be above rioting destruction | Fort Worth Star-Telegram
Texas Tech fans embarrass themselves on Saturday night in Lubbock by celebrating the Red Raiders’ win in the national semifinal game against Michigan State that ended up with cops and tear gas.
humor  lubbock  riot 
13 days ago
(500) https://&lt;Jenkins_IP&gt;/script/
DUMP PASSWORDS FROM JENKINS:

STEP 1: Log into Jenkins server build user:

STEP 2: Fol…
from twitter_favs
13 days ago
Twitter
DUMP PASSWORDS FROM JENKINS:

STEP 1: Log into Jenkins server build user:

STEP 2: Fol…
from twitter_favs
13 days ago
Finding Weaknesses Before the Attackers Do « Finding Weaknesses Before the Attackers Do | FireEye Inc
Mandiant consultants posed as helpdesk technicians and informed employees that their email inboxes had been migrated to a new company server. To complete the “migration,” the employee would have to log into the cloned OWA portal. To avoid suspicion, employees were immediately redirected to the legitimate OWA portal once they authenticated. Using this campaign, the red team captured credentials from eight employees which could be used to establish a foothold in the client’s internal n...
redteam  socialengineering  pentest  osint 
13 days ago
nmap/lu-enum.nse at master · nmap/nmap · GitHub
When connecting to a TN3270E server you are assigned a Logical Unit (LU) or you can tell
the TN3270E server which LU you'd like to use. Typically TN3270E servers are configured to
give you an LU from a pool of LUs. They can also have LUs set to take you to a specific
application. This script attempts to guess valid LUs that bypass the default LUs you are
assigned. For example, if a TN3270E server sends you straight to TPX you could use this
script to find LUs that take you to TSO, C...
mainframe  pentest  telnet  nmap  scanner 
14 days ago
Twitter
RT : The OS abstracts away the machine while leaking hardware faults. Docker abstracts away the OS while leaking softwar…
from twitter
14 days ago
Twitter
RT : Just sayin', it's not illegal for the Red Team to join responders and leadership during an incident to bring an att…
from twitter
14 days ago
Twitter
I'm going to disclose 0days one by one. I hope MSRC give replies to change my mind. I'm not willing to disclose the…
from twitter_favs
14 days ago
Twitter
My first attempt at a Blue Team Video, configure a bunch of Windows Logging: (cmd line, powershell, taskhistory, sy…
from twitter_favs
14 days ago
[unknown title]
Complexity and automation —>
No One Knows How Dangerous Boeing’s 737 Max Actually Is
from twitter_favs
14 days ago
Buscador OSINT VM
Buscador is a Linux Virtual Machine that is pre-configured for online investigators. It was developed by David Westcott and Michael Bazzell, and distributions are maintained on this page. The current build is 5GB and includes the following resources
osint  vm 
14 days ago
Twitter
Last week I showed you a XSS on Google Search. In this follow-up video we discuss how found the XSS…
from twitter_favs
14 days ago
Twitter
Curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applica…
from twitter_favs
14 days ago
sensepost.com
Favorite tweet:

A Crash Course in x86 Assembly for Reverse Engineers : https://t.co/gLr9jp4Fkf (pdf)

Reverse Engineering x86 Processor Microcode : https://t.co/EX2xR7wwpH (Slides)

— Binni Shah (@binitamshah) April 7, 2019
reverse-engineering  reverseengineering  assembly 
14 days ago
Twitter
A Crash Course in x86 Assembly for Reverse Engineers : (pdf)

Reverse Engineering x86 Proce…
from twitter_favs
14 days ago
Twitter
Thanks, Texas Tech! Now no one can catch me in most of my pools.
from twitter_favs
14 days ago
(429) https://twitter.com/i/web/status/1113969371339210752
RT : Every time someone asks for help recovering the password to an email. I screenshot and send to the target. The nu…
from twitter
15 days ago
Twitter
Imagine how much better Blue Teams would be if Red Teams realized they weren’t Conor McGregor, they’re his sparring…
from twitter_favs
15 days ago
(429) https://twitter.com/i/web/status/1114532194888769537
RT : Fun facts:

1. I'm a pentester ATM
2. I'll go after a fully patched Linux system over a fully patched Windows syste…
from twitter
15 days ago
[unknown title]
AWS: Literally. There is no room with monitors and people sitting in it, etc. I have exactly one on-call security e…
from twitter_favs
15 days ago
Exfiltration Methods - Google Sheets
Favorite tweet:

I can think of 99 ways to exfil data. Give me an exfil method I am not thinking about and making searches for:https://t.co/GhzNASHoxX

— { {C:\raig} {Chamberlain} } (@randomuserid) April 2, 2019
exfiltration 
15 days ago
Windows Command Line cheatsheet (part 2): WMIC | So Long, and Thanks for All the Fish
Favorite tweet:

Windows Command Line cheatsheet (part 2): WMIC

- Bookmark this! Saved my day several times 😉#infosec #pentest #redteam https://t.co/POPWbdZqU3

— Florian Hansemann (@HanseSecure) April 6, 2019
windows  wmic  pentest 
15 days ago
(429) https://twitter.com/fouroctets/status/1114290791592091648
Practical exam, opposite of the OSCP. If you can talk someone else into taking the test for you, you pass.
from twitter
15 days ago
Twitter
Windows Command Line cheatsheet (part 2): WMIC

- Bookmark this! Saved my day several times 😉

from twitter_favs
15 days ago
« earlier      
activedirectory algorithms analysis android ansible antivirus apple apps architecture assembly aws banking bash biology bitcoin book books britain business c california career cars certification cheatsheet china cisco cli cloud coding commandline copyright corruption courses crime cryptocurrency ctf culture dallas data database debugging design development devops dfir diy dns docker economics education email encryption energy entrepreneurship environment ethics europe evolution exploit finance food foreignpolicy fraud free freeware games git github globalwarming gold google government guns hacking hardware hash health healthcare history howto http humor hyper-v idiocracy immigration information intellectualproperty intelligence internet interview investing islam java javascript job jobs journalism kernel kubernetes lab language law learning linux malware math memory metasploit mexico microsoft money monitoring movies music network networkengineering networking news nmap obama oil opensource oscp osint passwords pcap pentest pentesting performance philosophy physics politics postexploitation powershell privacy privesc privilegeescalation productivity programming proxy psychology python realestate recipes recon reference religion restaurant restaurants reverse-engineering reverseengineering scanner science scripting search security server shell shellcode sociology software sports sql ssh startup statistics sysadmin tax taxes tech technology terminal terrorism texas thesis tips tmux tool tools transportation travel tutorial tutorials tv twitter ubuntu unix video vim virtualization vmware vpn vulnerability war web webapp webdev weird windows wireless xss

Copy this bookmark:



description:


tags: