whip_lash + security   493

How to prevent bypassing AppLocker using Alternate Data Streams – Gunnar Haslinger
So, what’s the trick to bypass AppLocker: We copy the contents of an executable to an Alternate Data Stream of the logs-directory. To be clear: Not to a file in the logs-directory, but to an ADS of the logs-directory itself! The copy-job is done using the “type” command redirecting the output to an ADS. The execution of an ADS can be done by various ways, one way would be to use wmic to create a new process, but there are other ways too.
pentest  security  windows  postexploitation  whitelist-evasion 
2 days ago by whip_lash
bohops on Twitter: "Is Explorer.exe the ultimate #lolbin? explorer.exe [exe/hta/scr/...etc] *Invokes child processes when called (after a lookup of the the default program handler) *Hides from the default filter in AutoRuns *Just might be doing a little m
Favorite tweet:

Is Explorer.exe the ultimate #lolbin?

explorer.exe [exe/hta/scr/...etc]

*Invokes child processes when called (after a lookup of the the default program handler)
*Hides from the default filter in AutoRuns
*Just might be doing a little more on a workstation in your network#DFIR pic.twitter.com/3YmafQmkqs

— bohops (@bohops) April 19, 2018
Twitter  pentest  security  windows  postexploitation  whitelist-evasion 
2 days ago by whip_lash
GitHub - api0cradle/LOLBAS: Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Favorite tweet:

A good documentation on all the different #LOLBins and #LOLScripts would be nice? Right?

Good thing I have started then. Still have a lot of notes to add, but I feel this is a good start. Would love community feedback and contributions.

Is this useful?https://t.co/fGjsX76BEH pic.twitter.com/oYPhvDdGyq

— Oddvar Moe [MVP] (@Oddvarmoe) April 19, 2018
Twitter  pentest  security  livingofftheland  whitelist-evasion  postexploitation  windows 
2 days ago by whip_lash
Securing DNS across all of my devices with Pi-Hole + DNS-over-HTTPS +
Of course you can't simply use this as a DNS resolver, you need something to sit in the middle and speak DNS to your clients and DoH to a provider upstream that answer DoH queries. For that I'm going to use a Pi-Hole and get some extra bang for my buck.
dns  privacy  security 
8 days ago by whip_lash
Dumping Clear-Text Credentials | Penetration Testing Lab
The article contains Windows locations where passwords might exist and techniques to retrieve them.
passwords  windows  security  pentest  postexploitation 
16 days ago by whip_lash
OS Command Injection; The Pain, The Gain - Black Hills Information Security
I was confused. I definitely had command injection but nothing was working. I finally figured out that the command length was limited to 32 characters, likely because it was being written to a database first. I discovered this by sending the ping command over and over again with varying numbers of spaces until it stopped working.
security  commandinjection  pentest 
28 days ago by whip_lash
GitHub - eladshamir/Internal-Monologue: Internal Monologue Attack: Retrieving NTLM Hashes without Mimikatz
The Internal Monologue Attack flow is described below:

Disable NetNTLMv1 preventive controls by changing LMCompatibilityLevel, NTLMMinClientSec and RestrictSendingNTLMTraffic to appropriate values, as described above.
Retrieve all non-network logon tokens from currently running processes and impersonate the associated users.
For each impersonated user, interact with NTLM SSP locally to elicit a NetNTLMv1 response to the chosen challenge in the security context of the impersonated user.
Restore the original values of LMCompatibilityLevel, NTLMMinClientSec and RestrictSendingNTLMTraffic.
Crack the NTLM hash of the captured responses using rainbow tables.
Pass the Hash.
hash  postexploitation  pentest  security  github 
4 weeks ago by whip_lash
Top Five Ways I gained access to Your Corporate Wireless Network (Lo0tBo0ty KARMA edition)
I’ve been able to snag credentials for EAP and TTLS networks ,where other Evil Twins fail. A set of valid user credentials can allow privilege escalation and persistence that can take a red team sometimes week to establish.
wireless  pentest  security 
4 weeks ago by whip_lash
Introducing Metta: Uber’s Open Source Tool for Adversarial Simulation
Today, Uber announced the open-source release of Metta, a tool for basic adversarial simulation. Modern software techniques such as end-to-end functional testing and test-driven development work well for software design, and these same techniques can be applied to detection systems. In fact, Metta was born from multiple internal projects where we’d already brought DevOps concepts to our detection rules.
devops  hacking  opensource  security  purpleteam  metta 
4 weeks ago by whip_lash
Analysis of a Kubernetes hack — Backdooring through kubelet
There are two ports that kubelet listens on, 10255 and 10250. The former is a read only HTTP port and the latter is an HTTPS port that can essentially do whatever you want.
containers  kubernetes  security 
4 weeks ago by whip_lash
Could the Military Start Drafting Hackers in Their 40s? - Nextgov
The National Commission on Military, National and Public Service is seeking public feedback on a slew of possible changes to the way the government handles its selective service requirements, including drafting people with cyber skills regardless of their age or gender.
military  security 
7 weeks ago by whip_lash
Russell Cohen | Demystifying Two Factor Auth
I always wondered how Google Authenticator style 2-factor codes worked. The process of going from QR code to rotating 6-digit pin seemed a bit magical. A few days ago, my curiosity found itself coupled with some free time. Here’s what I found:
authentication  python  security 
7 weeks ago by whip_lash
Creating Static Binaries for Nmap, Socat and other Tools – Insinuator.net
In various scenarios it might be helpful or even required to have a statically compiled version of Nmap available. This applies to e.g. scenarios where only limited user privileges are available and installing anything to the system might not be desirable.

For such cases I’ve started to create recipes to build such binaries.
nmap  pentest  security 
7 weeks ago by whip_lash
caesar0301/awesome-pcaptools: A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.
This project does not contain any source code or files. I just want to make a list of tools to process pcap files in research of network traffic. For more awesome lists, see https://github.com/sindresorhus/awesome
network  pcap  security  tools 
7 weeks ago by whip_lash
How a Tiny Startup Became the Most Important Hacking Shop You’ve Never Heard Of - Motherboard
Besides its researchers’ talent, which multiple sources said is top-quality, what separates Azimuth from other players in the exploit industry is its client rolodex. Three sources familiar with the company said Azimuth—through its partner firm—provides exploits to members of the so-called Five Eyes, a global intelligence sharing group made up of the United States, United Kingdom, Canada, Australia, and New Zealand. The partner firm is Linchpin Labs, a software company founded by former Five Eyes intelligence officials.
security  espionage 
8 weeks ago by whip_lash
Car Hacker's Handbook
Build an accurate threat model for your vehicle
Reverse engineer the CAN bus to fake engine signals
Exploit vulnerabilities in diagnostic and data-logging systems
Hack the ECU and other firmware and embedded systems
Feed exploits through infotainment and vehicle-to-vehicle communication systems
Override factory settings with performance-tuning techniques
Build physical and virtual test benches to try out exploits safely
books  car  cars  hacking  tools  security 
9 weeks ago by whip_lash
StreisandEffect/streisand: Streisand sets up a new server running L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run yo
Streisand sets up a new server running L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
github  privacy  security  tool  vpn 
9 weeks ago by whip_lash
codeexpress/respounder: Respounder detects presence of responder in the the network.
Respounder sends LLMNR name resolution requests for made-up hostnames that do not exist. In a normal non-adversarial network we do not expect such names to resolve. However, a responder, if present in the network, will resolve such queries and therefore will be forced to reveal itself.
responder  security  tool 
9 weeks ago by whip_lash
R-Smith/tcpTrigger: A windows service that notifies you of incoming network connections
As far as I know, tcpTrigger is currently the only solution capable of detecting NetBIOS and LLMNR name poisoning.  The way it works is very simple:  every few minutes it broadcasts NetBIOS and LLMNR name queries for fictitious names, and if a response is returned, an alert is triggered.
responder  windows  security  tool  github 
9 weeks ago by whip_lash
Yubikey All The Things | EngineerBetter | More than Cloud Foundry specialists
Each team member now has a single Yubikey USB security device that does all of the following:
Stores and loads our personal SSH keys
Provides one-touch two-factor authentication
Stores and recalls our 1Password secret keys
2fa  security  ssh  yubikey 
9 weeks ago by whip_lash
If you haven't already killed Lotus Notes, IBM just gave you the perfect reason to do it now, fast • The Register
All that's needed to reproduce the bug, Borup wrote, is to compile his proof-of-concept code and give it a static link as MSIMG32.dll; copy that file to C:\windows\temp; and run sc control lnsusvc 136 at the command line.
ibm  lotusnotes  security  pentest 
9 weeks ago by whip_lash
Some time ago, I found a design flaw/vulnerability which affects most TCP services and allows for a new variant of denial of service. This attack can multiply the efficiency of a traditional DoS by a large amount, depending on what the target and purpose may be.

The idea behind this attack is to close a TCP session on the attacker's side, while leaving it open for the victim. Looping this will quickly fill up the victim’s session limit, effectively denying other users to access the service.
tcp  security  ddos 
9 weeks ago by whip_lash
Talk down to Siri like she's a mere servant – your safety demands it • The Register
We're approaching a point where we will have to both guard our speech carefully and be very cautious before we believe anything anyone else says. We may soon see individuals with a special need to guard their security adopt a different vocal register when talking to voice assistants, something analogous to the register one might have used 100 years ago when communicating with staff "below stairs".
privacy  security 
9 weeks ago by whip_lash
Feature, not bug: DNSAdmin to DC compromise in one line
We will shallowly delve into the protocol’s implementation and detail a cute feature (certainly not a bug!) which allows us, under some circumstances, to run code as SYSTEM on domain controllers, without being a domain admin.
dns  domain  activedirectory  exploit  privesc  pentest  security 
9 weeks ago by whip_lash
SSH Hijacking for lateral movement | xorl %eax, %eax
By setting MaxSessions to 1 you can disable ControlMaster/session multiplexing and each new session will require a complete new connection that includes the authentication step. However, if you don’t, then regardless of how strong authentication method you are employing for your users, an attacker only has to get code execution to one of your user’s endpoints and wait for that user to SSH somewhere. The attacker can look for the open connections by inspecting the directory specified by ControlPath directive on the client’s side or just using common tools like netstat. Then, if the attacker attempts to open an SSH session to a host that it is already in the ControlMaster, it will require no authentication or establishing a new connection as it is re-using the existing one.
pentest  ssh  security 
10 weeks ago by whip_lash
Positive Technologies - learn and secure : How to Hack a Turned-off Computer, or Running Unsigned Code in Intel ME
After unpacking the executable modules, we proceeded to examine the software and hardware internals of Intel ME. Our efforts to understand the workings of ME were rewarded: ME was ultimately not so unapproachable as it had seemed.
exploit  intel  security  hardware 
12 weeks ago by whip_lash
An Introduction to Fuzzing: Using fuzzers (SPIKE) to find vulnerabilities
This article discusses the process of fuzzing an application to find exploitable bugs. Vulnserver, a TCP server application deliberately written by Stephen Bradshaw to contain security vulnerabilities, will be used as the fuzzing target. The fuzzer creation kit SPIKE will be used to perform the fuzzing. SPIKE scripting and a simple approach to automating SPIKE fuzzing sessions will also be discussed.
fuzzing  security 
12 weeks ago by whip_lash
CNIT 127: Exploit Development -- Sam Bowne
Learn how to find vulnerabilities and exploit them to gain control of target systems, including Linux, Windows, Mac, and Cisco. This class covers how to write tools, not just how to use them; essential skills for advanced penetration testers and software security professionals.
Advisory: CS 110A or equivalent familiarity with programming
pentest  exploit  development  programming  security  learning  class 
12 weeks ago by whip_lash
Practical Reverse Engineering Part 1 - Hunting for Debug Ports · Hack The World
In this series of posts we’re gonna go through the process of Reverse Engineering a router. More specifically, a Huawei HG533.
electronics  hacking  hardware  reverseengineering  security 
january 2018 by whip_lash
My Research on Misconfigured Jenkins Servers - emtunc's Blog
As of this post there are approximately 25,000 Jenkins hosts exposed on the internet. I looked at about half of them and that alone took several weeks of my time – most of which was spent manually validating issues as well as reporting said issues to organisations where possible.

I ran a few searches on Shodan and downloaded the reports in .csv format. I created a list of URLs to crawl  – specifically I was interested in Jenkins instances which required no authentication, instances with the self-registration link present and lastly, instances that had a SSO/SAML integration.

jenkins  shodan  internet  security 
january 2018 by whip_lash
GitHub - dzonerzy/winescalation: Python based module to find common vulnerabilities which lead to Windows privilege escalation
This is a Python based module for fast checking of common vulnerabilities affecting windows which lead to privilege escalation
python  windows  privilegeescalation  privesc  pentest  security 
january 2018 by whip_lash
evilsocket/bettercap: A complete, modular, portable and easily extensible MITM framework.
bettercap is a complete, modular, portable and easily extensible MITM tool and framework with every kind of diagnostic and offensive feature you could need in order to perform a man in the middle attack.
github  security  pentest  mitm 
january 2018 by whip_lash
Updated Hacking Challenge Site Links
These are 70 sites which offer free challenges for hackers to practice their skills. Some are web-based challenges, some require VPN access to private labs and some are downloadable ISOs and VMs. I’ve tested the links at the time of this posting and they work.
ctf  security 
january 2018 by whip_lash
RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an…
You could, for example, dump out the server memory and get user passwords. That’s a long process compared to just running tscon.exe with a session number, and instantly get the desktop of said user — with no obvious trace, or external tools. This isn’t about SYSTEM — this is about what you can do with it very quickly, and quietly.
hacking  rdp  security  windows 
january 2018 by whip_lash
MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) is a curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s lifecycle and the platforms they are known to target. ATT&CK is useful for understanding security risk against known adversary behavior, for planning security improvements, and verifying defenses work as expected.
dfir  security 
january 2018 by whip_lash
mitm6 – compromising IPv4 networks via IPv6 | Fox-IT International blog
Running the attack itself is quite straightforward. First we start mitm6, which will start replying to DHCPv6 requests and afterwards to DNS queries requesting names in the internal network. For the second part of our attack, we use our favorite relaying tool, ntlmrelayx. This tool is part of the impacket Python library by Core Security and is an improvement on the well-known smbrelayx tool, supporting several protocols to relay to. Core Security and Fox-IT recently worked together on improving ntlmrelayx, adding several new features which (among others) enable it to relay via IPv6, serve the WPAD file, automatically detect proxy requests and prompt the victim for the correct authentication. If you want to check out some of the new features, have a look at the relay-experimental branch.

To serve the WPAD file, all we need to add to the command prompt is the host is the -wh parameter and with it specify the host that the WPAD file resides on. Since mitm6 gives us control over the DNS, any non-existing hostname in the victim network will do. To make sure ntlmrelayx listens on both IPv4 and IPv6, use the -6 parameter. The screenshots below show both tools in action, mitm6 selectively spoofing DNS replies and ntlmrelayx serving the WPAD file and then relaying authentication to other servers in the network.

hash  relay  ipv6  mitm  pentest  security 
january 2018 by whip_lash
ROP Emporium
Learn return-oriented programming through a series of challenges designed to teach ROP techniques in isolation, with minimal reverse-engineering and bug-hunting.
ctf  programming  security 
january 2018 by whip_lash
Thief found with master key to 6,000 Austin buildings - Austin Business Journal
More than 6,000 apartment, office and other large buildings in Austin have had their security compromised.

City officials are rushing to re-key thousands of hidden lock boxes used by emergency personnel after police caught a suspect accused of burglarizing two local businesses — including Dell Children's Medical Center, where $30,000 was stolen, police said.

The burglary suspect is behind bars and the master key to so-called Knox-Boxes has been recovered.
security  physical  lockpicking  austin 
january 2018 by whip_lash
I’m harvesting credit card numbers and passwords from your site. Here’s how.
Lucky for me, we live in an age where people install npm packages like they’re popping pain killers.
javascript  security  web 
january 2018 by whip_lash
"Reverse Engineering for Beginners" free book
Topics discussed: x86/x64, ARM/ARM64, MIPS, Java/JVM.

Topics touched: Oracle RDBMS, Itanium, copy-protection dongles, LD_PRELOAD, stack overflow, ELF, win32 PE file format, x86-64, critical sections, syscalls, TLS, position-independent code (PIC), profile-guided optimization, C++ STL, OpenMP, win32 SEH.
assembly  book  engineering  security  reverseengineering 
january 2018 by whip_lash
Operation Cobalt Kitty: A large-scale APT in Asia carried out by the OceanLotus Group
The attackers arsenal consisted of modified publicly-available tools as well as six undocumented custom-built tools, which Cybereason considers the threat actor’s signature tools. Among these tools are two backdoors that exploited DLL sideloading attack in Microsoft, Google and Kaspersky applications. In addition, they developed a novel and stealthy backdoor that targets Microsoft Outlook for command-and-control channel and data exfiltration.

apt  security  pentest 
january 2018 by whip_lash
Who can add workstation to the domain – Dubai Security Blog
So taking into consideration above 2 items, by default any authenticated user can join up to 10 machines to the domain.
activedirectory  security  pentest 
january 2018 by whip_lash
Web Application Firewall (WAF) Evasion Techniques – secjuice™ – Medium
Why using ? instead of *? Because the asterisk (*) is widely used for comment syntax (something like /* hey I’m a comment */) and many WAF blocks it in order to avoid SQL Injection… something like UNION+SELECT+1,2,3/*
waf  hacking  pentest  security 
january 2018 by whip_lash
paralax/awesome-honeypots: an awesome list of honeypot resources
A curated list of awesome honeypots, tools, components and much more. The list is divided into categories such as web, services, and others, focusing on open source projects.
security  honeypot  activedefense 
january 2018 by whip_lash
Why Raspberry Pi isn't vulnerable to Spectre or Meltdown - Raspberry Pi
Now let’s look at how speculation and caching combine to permit a Meltdown-like attack on our processor. Consider the following example, which is a user program that sometimes reads from an illegal (kernel) address, resulting in a fault (crash):
programming  security  intel  bug 
january 2018 by whip_lash
PiKarma Python Script Helps You Identify Malicious WiFi Networks
The project is called PiKarma and it's a Python script created by Turkish security researcher Besim Altinok that can detect WiFi networks that are carrying KARMA attacks, a well-known form of WiFi Man-in-the-Middle attacks.
wifi  security 
january 2018 by whip_lash
IoT Privacy and Security Challenges for Smart Home Environments
In the case of the quote above, hackers attempted to steal data from a North American casino through a fish tank that was connected to the internet. Although the casino had implemented some security precautions, these hackers still managed to compromise the tank to send data to a device in Finland before the threat was discovered and the perpetrators were stopped.

iot  hacking  security 
january 2018 by whip_lash
Abusing Microsoft Word Features for Phishing: “subDoc” - Rhino Security Labs
In the above configuration, we’re telling Word to open a sub-document over the network using a UNC path which points external to their network. The destination IP address, in this case, is a VM instance that we control, hosted by a cloud provider which allows incoming SMB requests.

At this point, we’re able to load Responder.py which allows us to listen for incoming SMB requests and collect the respective NTLMv2 hashes.
hashes  Microsoft  office  vulnerability  pentest  responder  security 
january 2018 by whip_lash
Why Intel's 2015 CPU bugs should make us expect worse bugs in the future
Anyway, back to 2015. We’ve seen at least two serious bugs in Intel CPUs in the last quarter3, and it’s almost certain there are more bugs lurking.

hardware  intel  security  bug  vulnerability 
january 2018 by whip_lash
Attacking Read-Only Domain Controllers (RODCs) to Own Active Directory – Active Directory Security
RODCs are meant to be administered by almost anyone since they are standard servers. However, there is risk with this. If regular users are delegated admin access to one or more RODCs, these RODCs either shouldn’t cache passwords or allow only the minimum number of accounts required to cache passwords. Enabling the RODCs to cache a large number of account passwords in the domain effectively makes the RODC a junior DC and elevates the RODC admins to psuedo-Domain Admin status since they have access to many of the account passwords in the domain.
security  windows  activedirectory 
january 2018 by whip_lash
Cracking Encrypted PDFs – Part 1 | Didier Stevens
In this series of blog posts, I’ll explain how I decrypted the encrypted PDFs shared by John August (John wanted to know how easy it is to crack encrypted PDFs, and started a challenge).

Here is how I decrypted the “easy” PDF (encryption_test).
pdf  hacking  pentest  security 
january 2018 by whip_lash
Flaw In Major Browsers Allows 3rd-Party Scripts to Steal Your Saved Passwords
However, a team of researchers from Princeton's Center for Information Technology Policy has discovered that at least two marketing companies, AdThink and OnAudience, are actively exploiting such built-in password managers to track visitors of around 1,110 of the Alexa top 1 million sites across the Internet.
Third-party tracking scripts found by researchers on these websites inject invisible login forms in the background of the webpage, tricking browser-based password managers into auto-filling the form using the saved user's information.
browser  security  privacy 
january 2018 by whip_lash
Update: Two Years After Discovery Dangerous Security Hole Lingers in GPS Services | The Security Ledger
In all, the researchers identified more than 100 GPS services that were affected and unpatched. The number of devices that use these services isn’t known, but could number in the millions. Just one site, gpsui.net, acts as the master server for what Gruhn and Stykas estimate to be more 615,00 GSM and GPS location tracking devices.

The service is vulnerable to more than one authorization bypass attack – in which an attacker can access and interact with the GPS service without first entering a user name and password. Those, in turn, could open the door to so-called “privilege escalation” attacks that could expose all location tracking information stored by the site. Attackers could potentially send commands to and control all the connected devices that use the service.
gps  security  vulnerability 
january 2018 by whip_lash
India's National ID Database With Private Information Of Nearly 1.2 Billion People Was Reportedly Breached
The Tribune, a local Indian newspaper, published a report claiming its reporters paid Rs. 500 (approximately $8) to a person who said his name was Anil Kumar, and who they contacted through WhatsApp. Kumar was able to create a username and password that gave them access to the demographic information of nearly 1.2 billion Indians who have currently enrolled in Aadhaar, simply by entering a person’s unique 12-digit Aadhaar number. Regional officers working with the Unique Identification Authority of India (UIDAI), the government agency responsible for Aadhaar, told the Tribune the access was “illegal,” and a “major national security breach.”
india  security 
january 2018 by whip_lash
SSH Security and You - /bin/false is *not* security :: semicomplete.com - Jordan Sissel
Whatever sysadmin was tasked with securing these machines forgot something very important about ssh2: channels. I use them often for doing agent, x11, or port forwarding. You probably use them too, right? So what happens if we try to port forward without requesting a shell (ssh -N)? You might not have guessed that it allows you to do the requested port forward and keeps the connection alive. SSH stays connected because it never executes the shell, so it never gets told to die. Whoops!
ssh  security  shell  linux  unix 
december 2017 by whip_lash
Users Have Reported the Same Chrome Bug 43 Times. Actually Not a Bug.
Password asterisks were added to prevent nosey roommates trying to get a peek at your passwords while you were logging in. They're not an indicator of actual security nor do they hide the password from everything and everyone.
browser  security 
december 2017 by whip_lash
Famed Hacker Kevin Mitnick Shows You How to Go Invisible Online | WIRED
After using Tor to randomize your IP address, and after creating a Gmail account that has nothing to do with your real phone number, Google sends your phone a verification code or a voice call. Now you have a Gmail account that is virtually untraceable. We can produce reasonably secure emails whose IP address—thanks to Tor—is anonymous (although you don’t have control over the exit nodes) and whose contents, thanks to PGP, can’t be read except by the intended recipient.

email  encryption  privacy  security 
december 2017 by whip_lash
Security Engineering - A Guide to Building Dependable Distributed Systems
When I wrote the first edition, we put the chapters online free after four years and found that this boosted sales of the paper edition. People would find a useful chapter online and then buy the book to have it as a reference. Wiley and I agreed to do the same with the second edition, and now, four years after publication, I am putting all the chapters online for free.
book  security  sysadmin 
december 2017 by whip_lash
GitHub - docker/docker-bench-security: The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
docker  github  security 
december 2017 by whip_lash
The strange story of “Extended Random” – A Few Thoughts on Cryptographic Engineering
Those fossilized printers confirmed a theory we’d developed in 2014, but had been unable to prove: namely, the existence of a specific feature in RSA’s BSAFE TLS library called “Extended Random” — one that we believe to be evidence of a concerted effort by the NSA to backdoor U.S. cryptographic technology.
cryptography  nsa  security 
december 2017 by whip_lash
« earlier      
per page:    204080120160

related tags

2fa  activedefense  activedirectory  afghanistan  aircraft  analysis  android  ansible  antivirus  app  apple  apps  apt  ascii  assembly  austin  authentication  aws  banking  base64  bash  bigbrother  binary  biology  bitcoin  blogs  bloodhound  board  book  books  Brazil  britain  browser  bruteforce  bufferoverflow  bug  bugbounty  burp  c  c&c  c++  c2  car  career  cars  certification  cheatsheet  china  cis  cisco  cissp  class  cloud  code  coldfusion  commandinjection  communications  compliance  compromise  conference  consulting  containers  conversion  courses  crackmapexec  craigslist  creepy  crime  crypto  cryptography  ctf  culture  darkweb  data  database  ddos  debugging  defcon  defense  design  development  devops  dfir  diamond  dictionary  disassembler  diy  dns  docker  domain  dos  download  drive  drm  economics  education  egypt  elasticsearch  electricity  electronics  elkstack  email  encryption  engineering  enumeration  espionage  ethereum  ethics  events  exchange  exfiltration  exploit  facebook  fbi  firewall  foreignpolicy  forum  fraud  free  freebsd  freeware  fuzzing  gadgets  games  gigs  github  glba  goldenticket  google  government  gps  guide  hacking  hardening  hardware  hash  hashcat  hashes  hex  hipaa  honeypot  howto  hping3  html  http  https  humor  i2p  ibm  ichidan  icmp  ida  idiocracy  ids  iis  india  indicators  infraguard  injection  intel  intelligence  internet  intrusionanalysis  ios  iot  iphone  ipsec  ipv6  java  javascipt  javascript  jenkins  joke  juniper  kali  keepass  kerberoast  kerberos  kubernetes  lab  laps  law  learning  lemons  lfi  library  linux  literature  livingofftheland  localadmin  lockpicking  logging  lotusnotes  mac  mainframe  malware  messaging  metasploit  metta  mexico  mfa  microsoft  military  mimikatz  mindmap  mitm  mobile  monitoring  moonlighting  music  netcat  netripper  networengineering  network  networking  news  nmap  nsa  ntlm  obama  office  online  openbsd  opensource  opsec  oscp  osint  outlook  p2p  packetcapture  passports  Password  passwords  pcap  pdf  pentest  pentesting  pgp  php  phy  physical  pivoting  plugin  police  politics  postexploitation  postscript  powershell  privacy  privesc  privilegeescalation  privitization  programming  promiscuous  proxcard  proxy  psychology  purpleteam  python  radio  rails  rdp  recommended  recon  redis  reference  registry  relay  report  responder  reverseengineering  reverseshell  rfi  rmi  router  ruby  sanbox  sans  sarbanes-oxley  scanner  schneier  science  Scripting  sdn  sdr  search  secrecy  secure  security  securityonion  sensepost  server  services  shell  shellcode  shodan  siem  sign  signature  smtp  socks  software  solaris  spam  splunk  sql  sqli  ssh  ssl  ssrf  sudo  swift  sysadmin  sysinternals  sysmon  taliban  tcp  tech  technology  terrorism  testing  tips  tool  tools  tor  torrent  training  transportation  travel  troubleshooting  tty  tutorial  tutorials  Twitter  uac  ubuntu  unicornscan  unix  urldecode  usb  utilities  video  virtualization  vmware  voip  vpn  vulnerability  waf  war  wargames  web  webapp  webdav  webdev  webshell  whitelist-evasion  wifi  windows  wireless  wireshark  wordpress  workstation  wpad  wps  xml  xss  xxe  yara  youtube  yubikey 

Copy this bookmark: