recentpopularlog in

asteroza : security   4176

« earlier  
649/Crashcast-Exploit: This tool allows you mass play any YouTube video with Chromecasts obtained from Shodan.io
Oh the unholy hell you could unleash with this. Naturally, there is a certain rickroll default if no particular video is selected...
chromecast  UPNP  exploit  rickroll  security  hacking  pentesting 
5 weeks ago by asteroza
22 SSH Examples, Practical Tips & Tunnels | HackerTarget.com
#20 is kinda neat, cleanly chain jumping between bastion/jump hosts
SSH  forwarding  jump  chain  sysadmin  tips  tricks  CLI  shell  network  security  networking  linux 
5 weeks ago by asteroza
[1901.01161] Page Cache Attacks
This is kinda bad, since it leverages software caches and can be hardware agnostic, allowing write once malware that works well all over (javascript?)
shadow  page  cache  side  channel  attack  exploit  security  hacking  pentesting 
5 weeks ago by asteroza
drk1wi/Modlishka: Modlishka. Reverse Proxy. Phishing NG.
Proving that almost all 2FA can be weak to phishing. Client certs are the last bastion of hope?
phishing  reverse  proxy  gateway  MitM  2FA  security  hacking  pentesting 
5 weeks ago by asteroza
dearplain/goloader: load and run golang code at runtime.
inject go code at runtime from elsewhere. Should allow a small malware go binary to download modules and execute from the internet
go  dynamic  injection  runtime  loader  software  security  hacking  pentesting  opensource  library 
5 weeks ago by asteroza
Kasada | Security Redefined
Antibot WAF SaaS, that likes to troll bots by sending back computationally expensive javascript payloads as a tarpit
WAF  SaaS  service  antibot  javascript  tarpit  security  DDoS 
5 weeks ago by asteroza
PCIe* Device Security Enhancements Specification
Oh hey, new PCIe rev will have a X.509/ASN.1 parser in it. That smells like DRM, and a neverending source of fun for parser exploits...
PCIe  PCIexpress  standard  DRM  X.509  ASN  parser  security  hacking  pentesting 
5 weeks ago by asteroza
Windows Sandbox - Microsoft Tech Community - 301849
Sandbox works via their container system, but it looks like it requires Hyper-V?
windows  10  disposable  VM  sandbox  security  virtualization  Hyper-V  container 
8 weeks ago by asteroza
Threat Grid - Advanced Malware Protection - Cisco - Cisco
ThreatGrid before being swallowed by Cisco was apparently the new hotness for integrated NSM/EDR
Cisco  ThreatGrid  NSM  EDR  security  software 
8 weeks ago by asteroza
Hacking around HTA files - Sevagas
How about stuffing an HTA into the PE sig of a binary...
HTA  file  format  abuse  security  hacking  pentesting  polyglot  append  binary 
8 weeks ago by asteroza
Report: Location Data Monetization in iOS Apps (Sep 2018) - Guardian Mobile Firewall for iPhone and iPad
So there are 75 or so major location data aggregators/providers used for advertising on mobile apps and/or user linking to desktop browsers, here are some major offenders on iOS recently...
privacy  advertising  location  tracking  security 
9 weeks ago by asteroza
Controlling Google Chrome Web Extensions for the Enterprise
People need to start whitelisting chrome extensions, because things are getting out of hand...
google  chrome  ADMX  GPO  AD  active  directory  group  policy  template  enterprise  security  management  sysadmin  tips  tricks 
9 weeks ago by asteroza
« earlier      
per page:    204080120160

Copy this bookmark:





to read