recentpopularlog in
« earlier  
SensePost | A new look at null sessions and user enumeration
TLDR; I think I found three new ways to do user enumeration on Windows domain controllers, and I wrote some scripts for it.
activedirectory  pentest  enumeration 
9 hours ago
ungleich Blog - ungleich quiz v6
It has been some years since Philipp and Nico launched the famous sysengquiz. Some years have passed since then, now is certainly time to launch a new edition: the ungleichquiz v6. If you are a Linux / Unix geek, you should have no trouble in solving it.

The rules are pretty simple: login to the right VM, find the answers and save your place in the hall of fame!
ctf 
10 hours ago
Why Can’t a Woman be More Like a Man? - Quillette
For those who believe that gender is a social construct, and there are no differences between men and women’s brains, this paper is something of a reality check.
feminism  intelligence  sex 
10 hours ago
Reverse MSSQL shell
Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration
github  pentest  exfiltration  sql  reverseshell 
13 hours ago
Twitter
Still couldn't find valid individual emails on the open web.

Searched through the LinkedIn and Ashley Madison dump…
14 hours ago
Twitter
An artist friend made this for me as a wedding present years ago. I still love it.
18 hours ago
Twitter
Just ordered all the new studio gear I'm going to set up at Risky Business Word Headquarters when it's ready (any d…
yesterday
Twitter
PSA for my Twitter friends: I'm 100% sure that I disagree with each of you on at least one very important social or…
yesterday
Twitter
We'll be showing how you can build arbitrarily complex proxies with ease using Mallet 's Arsenal…
yesterday
cnbKZUQ.jpg (1280×960)
Cable organization with TP roll holders
cablemanagement 
yesterday
TestingScripts/snmpv3enum.rb at master · raesene/TestingScripts
# This class just wraps snmpwalk and iterates over a series of IP addresses and usernames
# Designed to brute-force a snmpv3 username
# for it to work on ubuntu you need to have the snmp programs and MIBs installed
snmp  snmpv3  bruteforce  pentest  enumeration 
yesterday
Twitter
can somebody read your passwd file with: "/???/?at /???/????w?" ? yes.
bypass blacklisted words filter (or…
yesterday
Twitter
For a little over 30€, you can make an evil mouse for exercise. 👌
You will be able to control a computer &…
yesterday
Twitter
Dear CTF challenge creators. If I have to guess a password, URL, hostname etc and it’s not either in rockyou, dirbu…
2 days ago
Twitter
A periodic reminder that simple stuff works amazingly well: tcpdump -n 'tcp[13] == 2 and dst net not <your local ne…
2 days ago
Twitter
No doubt. Some uni students in TX have access to free or cheap legal aid, but…
2 days ago
Twitter
Not enforceable but impossible to afford to fight in court, get another job if they p…
2 days ago
Twitter
While I do enjoy OSCP, doing certs can be stiffling sometimes. I have a couple really cool side project ideas i'd l…
2 days ago
Twitter
Sure. Also a way to pass along info from a similar situation. Apply to your sit…
3 days ago
Twitter
My lawyer says no, not enforceable in TX unless they are teaching him a proprietary skill.…
3 days ago
Twitter
RT : Do you use the Internet to log into anything, anywhere, ever, while online? Great you'll love this talk! Come out t…
3 days ago
f0rb1dd3n/Reptile: LKM Linux rootkit
Give root to unprivileged users
Hide files and directories
Hide files contents
Hide processes
Hide himself
Hidden boot persistence
ICMP/UDP/TCP port-knocking backdoor
Full TTY/PTY shell with file transfer
Client to handle Reptile Shell
kernel  linux  security 
3 days ago
Twitter
As someone who graduated a year ago with a Comp Sci degree and is now working i…
3 days ago
Twitter
A lot of entry level positions are exciting, on the front lines of what's really happening. I've always enjoyed dro…
3 days ago
Twitter
Security is sink or swim, not some elite, in my experience. I had 10 years of infrastructure engineering but no de…
3 days ago
Twitter
Yeah, I'm quickly understanding. Sadly, a lot of content I would have wanted to see has been invisible to me…
3 days ago
Twitter
Rebooting my twitter has been a two-step experience. I wasn't really aware of lists. Fixing that is time consuming,…
3 days ago
Practical Symbolic Execution and SATisfiability Module Theories (SMT) 101
Finding bugs is hard, reverse engineering is hard. Constraint solvers are the heart of many program analysis techniques, and can aid Fuzzing, and software verification.

This post contains a few hands-on experiments with Z3, a high performance theorem prover developed at Microsoft Research by Leonardo de Moura and Nikolaj Bjorner. With KLEE, a Symbolic Execution Engine built on top of the LLVM compiler infrastructure developed by Cristian Cadar, Daniel Dunbar, and Dawson Engler. And, angr, a binary analysis framework developed by the Computer Security Lab at UC Santa Barbara and their associated CTF team, Shellphish.
ctf  assembly  exploit  development  reverse-engineering 
3 days ago
Extracting SSH Private Keys from Windows 10 ssh-agent
Favorite tweet:

New blogpost: extracting unencrypted private SSH keys from Windows 10's new builtin ssh-agent service

Had some fun this weekend playing with the new OpenSSH utilities on Windows 10. Might be useful for pentesters/redteamers :)https://t.co/Xn47rTfVQc

— Ronnie Flathers (@ropnop) May 20, 2018
security  ssh  pentest 
3 days ago
Twitter
RT : "WARNING. In our butcher's shop we might ask your name and remember your meat-related preferences. If you are worri…
3 days ago
Twitter
RT : He's making a list
He's checking it twice
He's gonna find out who's naughty or nice
Santa Claus is in contravention…
3 days ago
Twitter
New blogpost: extracting unencrypted private SSH keys from Windows 10's new builtin ssh-agent service

Had some fun…
4 days ago
Twitter
RT : Interesting DLL Hijacking technique using .URL files.

1. Create a .URL file.
2. URL = path to application
3. Worki…
5 days ago
Twitter
RT : Step 1: record random piano notes for a few minutes.
Step 2: embed your new song into your malware
Step 3: DMCA tak…
6 days ago
GitHub - bettercap/bettercap: The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and attacks.
bettercap is the Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and attacks.
github  network  pentest  tool 
6 days ago
Twitter
I see nothing that could possibly go wrong with having only one functional exit to a building with 1000 students an…
6 days ago
Term Sheet -- Friday, May 18 | Fortune
Real estate is one. Another is fine art. We’ve talked to a few high-end art dealers with their own inventory and access to institutional inventory. What if you tokenized the work by Monet? Not many people can stroke a check for $20 million. But if you owned a fraction of a Monet, lots of people would like to stroke a check for $200,000. What if you tokenize a bunch of works by Monet and then you create a fund that owns 10% of each tokenized work? Now, I own a Monet fund or a Monet ETF.

With the tokenization technology, you could create leveraged longs and leveraged shorts. You can go long French impressionists and short modern art. You can do the same with real estate — I tear off a 10% strip of all my Class A in Midtown and create a midtown fund. Class A in Upper East Side, Downtown, Brooklyn, Jersey. I can go long Manhattan, I can go short Brooklyn.

Yes, there will be some gambling going on, but what’s interesting is that if I’m a property developer and I just put a huge amount of capital into Manhattan, I could effectively hedge my position very cheaply and efficiently.
crypto  securitytoken 
6 days ago
Twitter
Just read a frigging dope post on blind command injection w/ Collaborator & DNS exfil. on

Hig…
6 days ago
Twitter
Good blog stepping through exploiting a buffer overflow using radare and pwntools via…
6 days ago
Twitter
For the record, I didn’t and wouldn’t consider a company with an open plan office.
You could literally offer me dou…
7 days ago
Twitter
"The existence of FizzBuzz is proof that schools, for-profit and not, are failing to impart skills to many of their…
7 days ago
Twitter
No matter how old I get, sitting outside the principal's office is still a misery. Y'all, I spent a LOT of time sit…
7 days ago
There Will Be — » Latacora
WireGuard is a modern, streamlined VPN protocol that Jason Donenfeld developed based on Trevor Perrin’s Noise protocol framework. Imagine a VPN with the cryptographic sophistication of Signal Protocol and you’re not far off.
linux  vpn 
7 days ago
Twitter
RT : "Accordingly, we will silently be disappearing people who don't 'add to the conversation'"
"TWEETS, we're silently…
8 days ago
Twitter
I trapped mine with a carefully plotted LiveJournal and leather pants. So much more work!
8 days ago
Twitter
For years, I tried to make my parents proud of me... but they didn't understand what I did.

Then I had hoped my sp…
8 days ago
Twitter
It’ll take longer than I had hoped, but we’ll have a small fund for student living expenses up and ready to donate…
8 days ago
Intermittent Fasting, 1 Year Later
When I eat, which is typically only once a day. Some days, I will not eat at all. Other days, I may eat twice a day. It depends on where I am in the world, what's going on, and so on.
What I eat, which is mostly low in carbohydrates, high in fat. You might call it a ketogenic diet, or even the induction phase of Atkins (the 1970s version). I had previously done Atkins in the early 2000s with some success, so this part of the change was somewhat familiar.
diet  weight 
8 days ago
Low Level Bit Hacks You Absolutely Must Know - good coders code, great coders reuse
I decided to write an article about a thing that is second nature to embedded systems programmers - low level bit hacks. Bit hacks are ingenious little programming tricks that manipulate integers in a smart and efficient manner. Instead of performing some operation (such as counting the 1 bits in an integer) by looping over individual bits, these programming nuggets do the same with one or two carefully chosen bitwise operations.
binary  programming 
8 days ago
The headers we don't want
HTTP headers are an important way of controlling how caches and browsers process your web content. But many are used incorrectly or pointlessly, which adds overhead at a critical time in the loading of your page, and may not work as you intended. In this first of a series of posts about header best practice, we’ll look at unnecessary headers.
http  web 
8 days ago
Twitter
I've never blocked anyone on Twitter but I use the mute button liberally (so to speak) on decent people who just ha…
9 days ago
Twitter
RT : What could go wrong...
9 days ago
Twitter
I like more technical details in the slide deck (or handout or whatever) and more narrative from the sp…
9 days ago
Twitter
It's more like before Pearl Harbor every single Navy fleet did things totally differently, and several presidents i…
9 days ago
Twitter
-2018-1111 tweetable PoC :) dnsmasq --interface=eth0 --bind-interfaces --except-interface=lo --dhcp-range=10.1…
9 days ago
Twitter
Twitter becomes incredible when you realize two things:

1. You can engage in conversation with anyone

2. You don’…
10 days ago
Twitter
i can show you the xrays and spine problems that resulted from my time at twitter.

tl;dr: if your bos…
10 days ago
« earlier      
per page:    204080120160

Copy this bookmark:





to read