recentpopularlog in
« earlier  
Twitter
7) use to SSL pinning in iOS (bypass certificate validation - Free) info in this post by…
6 hours ago
Twitter
Neat.
* ssh(1): When prompting whether to record a new host key, accept the key fingerprint as a synonym for "yes".…
11 hours ago
Twitter
Managed to recreate this today. - such an awesome technique!
15 hours ago
Twitter
Slightly worrying Google search:
ConnectionClient.exe "-psw"

Instant RDP credentials.

A vendor has made a solutio…
20 hours ago
Twitter
Offensive Security Certified Expert && me

- my personal review, hopefully useful for some of you 😎

yesterday
Twitter
Let us all be grateful that Frank Gehry isn't French. And that Le Corbusier is no longer with us.
2 days ago
Twitter
RT : I feel personally attacked
2 days ago
AWS Risk Model
An expert forecasting session recorded the judgements of these experts for each AWS configuration. These are then tranformed into a statistical model representing their beliefs as an entire panel.
aws  risk  InfoSec  cloud 
2 days ago
GitHub - network-automation/linklight: Training Course for Ansible Network Automation
The Ansible Networking Linklight project is intended for effectively demonstrating Ansible's capabilities through instructor-led workshops or self-paced exercises.
ansible  tutorial  vm  linklight  networengineering  devops 
2 days ago
Twitter
RT : Just a reminder of the power of rebuilding.
Dresden's Frauenkirche in 1957 ... and today
2 days ago
Confessions Of a VOIP Hacker - The Cisco Learning Network
Folks are looking for quicker ways to get the VOIP system to start paying for itself. VOIP savings are really like trying to justify the savings of being more secure. Oh sure we tech type folks know the real savings and true **** saving grace that security and in house managed VOIP provides. The problem is the Poindexter in Accounting doesn’t see it. Using the Internet as a trunk provider really provides some serious cash savings on the back end. The problem is many SIP/H323 trunks a...
voip  hacking  voice  pentest  sip 
2 days ago
Twitter
If you are running script scans with Nmap (-sC) make sure you add arguments --script-args http[.]useragent=<"actu…
3 days ago
Puppet Learning VM - Try Puppet in a downloadable virtual machine with quests
The Puppet Learning VM is an interactive tutorial and learning environment to get you started with Puppet or level up the skills you already have. Explore the technology in depth with a series of detailed multi-step quests. Working through the Puppet Enterprise console GUI and Linux command-line, you'll learn the building block concepts of Puppet such as resources, manifests, classes and modules, then move on to more advanced topics including defined resource types and application or...
automation  learning  puppet  vm  devops 
3 days ago
GitHub - olafhartong/sysmon-modular: A repository of sysmon configuration modules
A repository of sysmon configuration modules

BUILD SYSMON CONFIGS OUT OF ONLY THE NECESSARY PARTS
windows  sysmon  monitoring  logging 
3 days ago
Twitter
Things we wouldn’t let the police do on their own, we let Google do and sell to the police.

Surveillance Economy a…
4 days ago
Twitter
Added a new function in TikiLoader to create processes as SYSTEM using CreateProcessAsUser. Useful in cases like t…
4 days ago
Twitter
RT : Hey, tech twitter! Do you use any shell history related tools? I'm creating one as my Master's project and I'm curr…
4 days ago
(429) https://twitter.com/i/web/status/1117176129260064768
While I like sharing my work I think I'll never release a tool like DotNet2JScript again. Or at least I won't leave…
4 days ago
Twitter
Interested in Ghidra or getting started with reverse engineering? I wrote a post about Ghidra's main windows and ho…
5 days ago
Twitter
I vaguely remember a story about InGuardians doing a variation of this on an engagemen…
5 days ago
Twitter
RT : SysAdmin: Alright. Now specify your Base DN. Something like “dc=gibson,dc=com”

Me: What if I don’t know the base d…
5 days ago
Twitter
RT : Amazon staff listen to customers’ Alexa recordings, report says | Amazon Alexa [TR: What did you expect? In order t…
5 days ago
Twitter
I'm an APT!

An Adequate, but Persistent, Threat..
5 days ago
Twitter
There are all sorts of ways you can leverage BloodHound data to improve adversary resilience, and some don't even d…
5 days ago
Creator Subscription | Epidemic Sound
Diverse music, carefully created by composers, producers, instrumentalists and artists regularly featured on major streaming platforms. Unlimited downloads. Unlimited uploads, on all platforms.
stock  music  streaming  youtube 
5 days ago
Attacking QA platforms: Selenium Grid -
If it is possible to subscribe to the Selenium Grid a new node controlled by the Red Team it could be used to obtain the test parameterizations. In certain cases such are test cases where a valid session is needed, it becomes likely to obtain credentials or other authentication methods.

In a scenario in which a node instance can be setted, if that node has Google Chrome browser avaliable, Remote Command Execution becomes trivial through it’s command line flags.
selenium  pentest  exploit 
6 days ago
GitHub - evilmog/ntlmv1-multi: NTLMv1 Multitool
NTLMv1 Multitool

This tool modifies NTLMv1/NTLMv1-ESS/MSCHAPv2 hashes so they can be cracked with DES Mode 14000 in hashcat
hash  hashcat  ntlm  cracking  pentest 
6 days ago
Running a .NET Assembly in Memory with Meterpreter
For this article we will attempt to execute Seatbelt on the target box to help identify various PrivEsc routes. This guide will walk through the steps necessary to execute the Seatbelt assembly in-memory with our current Meterpreter foothold, much like we would do if our C2 framework was Cobalt Strike.
dotnet  metasploit  exploit  memory  pentest  windows 
6 days ago
SecuritySynapse: Wireless Pentesting on the Cheap (Kali + TL-WN722N) - WPA-PSK
In our previous article we used TP-Link’s TL-WN722N and a Kali Virtual Machine (VM) to perform wireless discovery and attack against a Wired Equivalent Privacy (WEP) network to showcase the abilities of this inexpensive and flexible setup.  In this article we will continue to test our setup by attacking our home router running WPA (Pre-Shared Key) PSK--walking you through the attack from start to finish.
cybersecurity  kali  pentest  wireless 
7 days ago
17 useful rsync (remote sync) Command Examples in Linux
In this article we will discuss 17 useful rsync command examples in Linux. rsync command is used to sync or copy files and directories locally and remotely.
cli  rsync  linux 
7 days ago
How to prevent Roku Wifi Direct from breaking 5ghz devices | Net Consonance
This should solve it. Instead of trying to interfere with the AP, the Roku goes off to an used channel far away from your wifi like it should have originally! In my case it went up to channel 165 which is as far as you can get away from my wifi AP’s channel 40. It does not appear that a reboot is necessary. However the settings persist after a reboot.
roku  troubleshooting  wifi 
7 days ago
LA Police Gear - Survival, Tactical, Military Apparel & Accessories
Welcome to LA Police Gear, your one-stop shop for the newest and coolest survival, tactical, police, military, and a variety of everyday carry gear. Find the lowest prices on must-have duty apparel, lights, bags, and accessories!
boots  equipment  military  police  tactical 
7 days ago
GitHub - Coalfire-Research/DeathMetal: Red team & penetration testing tools to exploit the capabilities of Intel AMT
dm_pickles - Duckyscript interpreter that communicates over AMT KVM (vnc) and injects keystrokes.
dm_toki - IDE-R implementation - lets you attach floopy and CD images remotely to the target computer.
dm_nathan - Is a cli that allows for configuring AMT via authenticated channel
dm_rockso - Presence and version scanner, can help you find AMT capable systems regardless of provisioning status. (works even if explicitly not-enabled)
intel  amt  scanner  pentest  hardware  bmc 
7 days ago
Twitter
I wonder how many Windows XP machines there are in this environment...

PS > Import-Module ActiveDirectory
PS > Get…
8 days ago
Twitter


(War crimes are unfunny even to me and I hope this guy get flattened in court, assuming…
8 days ago
Twitter
RT : Super exciting announcement! released their very own Web App, Linux app and Windows Desktop App Security Scan…
8 days ago
bellingcat - Using Phone Contact Book Apps For Digital Research - bellingcat
Using information saved through phone contact book apps is an oft-neglected resource in digital investigations, largely due to the sheer number of these apps and their invasive privacy policies.

Additionally, the vast majority of the apps in question require a phone to use them, while lacking an accessible web version of their database, making research more cumbersome. This guide will detail how to use these apps in a relatively safe context — either through an Android virtual machi...
privacy  security  osint  phone 
8 days ago
Kubernetes Cheat Sheet - Linux Academy Blog
This Kubernetes Cheat Sheet is meant to get you started with performing commands in Kubernetes and provide all the basic commands at a quick glance.
kubernetes  cheatsheet  devops 
9 days ago
How to Change Lid Close Action in Ubuntu 18.04 LTS - Tips on Ubuntu
In Ubuntu 18.04 Gnome desktop, there’s no option in Settings utility for configuring laptop lid close actions. And Gnome Tweaks only offer a switch to enable / disable ‘Suspend when laptop lid is closed’.
For those who want it automatic shutdown, hibernate, or do nothing when laptop lid is closed, here’s how to do it by hacking on the configuration file.
ubuntu  laptop 
9 days ago
15 Git Commands You May Not Know - DEV Community 👩‍💻👨‍💻
Using [Git](https://git-scm.com/) may be intimidating at times. There are so many commands and details to learn. The [documentation](https://git-scm.com/docs), however, while being immense, is still greatly accessible. Once you overcome the initial feeling of being overwhelmed, the things will start to fall into place. Here is a list of 15 Git commands that you may not know yet, but hopefully they will help you out on a journey to master this tool.
git 
9 days ago
Twitter
A thread, posted long before the current opposite take, that I think I agree with.
9 days ago
Texas Tech fans need to be above rioting destruction | Fort Worth Star-Telegram
Texas Tech fans embarrass themselves on Saturday night in Lubbock by celebrating the Red Raiders’ win in the national semifinal game against Michigan State that ended up with cops and tear gas.
humor  lubbock  riot 
9 days ago
(500) https://&lt;Jenkins_IP&gt;/script/
DUMP PASSWORDS FROM JENKINS:

STEP 1: Log into Jenkins server build user:

STEP 2: Fol…
9 days ago
Twitter
DUMP PASSWORDS FROM JENKINS:

STEP 1: Log into Jenkins server build user:

STEP 2: Fol…
9 days ago
Finding Weaknesses Before the Attackers Do « Finding Weaknesses Before the Attackers Do | FireEye Inc
Mandiant consultants posed as helpdesk technicians and informed employees that their email inboxes had been migrated to a new company server. To complete the “migration,” the employee would have to log into the cloned OWA portal. To avoid suspicion, employees were immediately redirected to the legitimate OWA portal once they authenticated. Using this campaign, the red team captured credentials from eight employees which could be used to establish a foothold in the client’s internal n...
redteam  socialengineering  pentest  osint 
9 days ago
nmap/lu-enum.nse at master · nmap/nmap · GitHub
When connecting to a TN3270E server you are assigned a Logical Unit (LU) or you can tell
the TN3270E server which LU you'd like to use. Typically TN3270E servers are configured to
give you an LU from a pool of LUs. They can also have LUs set to take you to a specific
application. This script attempts to guess valid LUs that bypass the default LUs you are
assigned. For example, if a TN3270E server sends you straight to TPX you could use this
script to find LUs that take you to TSO, C...
mainframe  pentest  telnet  nmap  scanner 
10 days ago
Twitter
RT : The OS abstracts away the machine while leaking hardware faults. Docker abstracts away the OS while leaking softwar…
10 days ago
Twitter
RT : Just sayin', it's not illegal for the Red Team to join responders and leadership during an incident to bring an att…
10 days ago
Twitter
I'm going to disclose 0days one by one. I hope MSRC give replies to change my mind. I'm not willing to disclose the…
10 days ago
Twitter
My first attempt at a Blue Team Video, configure a bunch of Windows Logging: (cmd line, powershell, taskhistory, sy…
10 days ago
[unknown title]
Complexity and automation —>
No One Knows How Dangerous Boeing’s 737 Max Actually Is
10 days ago
Buscador OSINT VM
Buscador is a Linux Virtual Machine that is pre-configured for online investigators. It was developed by David Westcott and Michael Bazzell, and distributions are maintained on this page. The current build is 5GB and includes the following resources
osint  vm 
10 days ago
Twitter
Last week I showed you a XSS on Google Search. In this follow-up video we discuss how found the XSS…
10 days ago
Twitter
Curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applica…
10 days ago
sensepost.com
Favorite tweet:

A Crash Course in x86 Assembly for Reverse Engineers : https://t.co/gLr9jp4Fkf (pdf)

Reverse Engineering x86 Processor Microcode : https://t.co/EX2xR7wwpH (Slides)

— Binni Shah (@binitamshah) April 7, 2019
reverse-engineering  reverseengineering  assembly 
10 days ago
Twitter
A Crash Course in x86 Assembly for Reverse Engineers : (pdf)

Reverse Engineering x86 Proce…
11 days ago
Twitter
Thanks, Texas Tech! Now no one can catch me in most of my pools.
11 days ago
(429) https://twitter.com/i/web/status/1113969371339210752
RT : Every time someone asks for help recovering the password to an email. I screenshot and send to the target. The nu…
11 days ago
Twitter
Imagine how much better Blue Teams would be if Red Teams realized they weren’t Conor McGregor, they’re his sparring…
11 days ago
(429) https://twitter.com/i/web/status/1114532194888769537
RT : Fun facts:

1. I'm a pentester ATM
2. I'll go after a fully patched Linux system over a fully patched Windows syste…
11 days ago
[unknown title]
AWS: Literally. There is no room with monitors and people sitting in it, etc. I have exactly one on-call security e…
11 days ago
Exfiltration Methods - Google Sheets
Favorite tweet:

I can think of 99 ways to exfil data. Give me an exfil method I am not thinking about and making searches for:https://t.co/GhzNASHoxX

— { {C:\raig} {Chamberlain} } (@randomuserid) April 2, 2019
exfiltration 
11 days ago
Windows Command Line cheatsheet (part 2): WMIC | So Long, and Thanks for All the Fish
Favorite tweet:

Windows Command Line cheatsheet (part 2): WMIC

- Bookmark this! Saved my day several times 😉#infosec #pentest #redteam https://t.co/POPWbdZqU3

— Florian Hansemann (@HanseSecure) April 6, 2019
windows  wmic  pentest 
11 days ago
(429) https://twitter.com/fouroctets/status/1114290791592091648
Practical exam, opposite of the OSCP. If you can talk someone else into taking the test for you, you pass.
11 days ago
Twitter
Windows Command Line cheatsheet (part 2): WMIC

- Bookmark this! Saved my day several times 😉

12 days ago
Twitter
Forget spamming XSS payloads. In my experience, goal based hacking has been extremely effective.

1. Click around a…
12 days ago
(429) https://twitter.com/Louisitaa/status/1114126651242242049
RT : When you suddenly realize you're out of scope 🙈
12 days ago
Twitter
I've always been a generalist. Networks, Windows, UNIX, virtualization, containerization, problem management, vuln…
12 days ago
Twitter
I've seen several stories like this and they make me wonder how (and whether) the feds tell deliberate backdoors ap…
12 days ago
GitHub - anthemtotheego/SharpExec
SharpExec - Lateral Movement With Your Favorite .NET Bling

Quick blog:

Tool:
12 days ago
Twitter
People know my side projects but VALHALLA has been my main project over the last 5 months

It's a web service that…
12 days ago
Twitter
This gave me a twitchy flashback to my young adulthood. Lots of high-powered (for the time) and expensive multicol…
13 days ago
How I Research – Aceso Under Glass
I frequently do science review articles, e.g., on burnout and MDMA.  A friend recently asked for a quick start guide to doing his own, which I am sharing now in the spirit of “done is better than perfect”. I use examples from two recent projects:
research  learning  writing 
13 days ago
www.nccgroup.trust
Favorite tweet:

There has been some really awesome .NET research done recently, this whitepaper is a great reference when you come across .NET deserialization bugs/when code auditing. Machines running .NET have just become so much easier to own: https://t.co/xdo5YYgYto

— shubs (@infosec_au) April 4, 2019
dotnet  webapp  pentest  deserialization 
13 days ago
Twitter
There has been some really awesome .NET research done recently, this whitepaper is a great reference when you come…
13 days ago
Twitter
Today has been very special and humbling. I want to say thank you to my friends, family, colleagues, and attendees…
14 days ago
Twitter
Tornado sirens going off. I go down my list;
If 2am in Dallas, TX: hacker not tornado
If Noon and first Wednesday o…
14 days ago
Twitter
Attending SEC642 taught by and learned about mass assignment flaws via parameter pollution. Wrote a Burp…
14 days ago
« earlier      
per page:    204080120160

Copy this bookmark:





to read