4906
Security news, exploits, vulnerabilities, leaks.. canyoupwn.me twitter.com/canyoupwnme fb.me/canyoupwnme
Top Routinely Exploited Vulnerabilities
https://www.cisa.gov/uscert/ncas/alerts/aa21-209a
Frappo: A New “Phishing-as-a-Service” On The Dark Web
https://brandefense.io/flappo-a-new-phishing-as-a-service-on-the-darkweb/
Hacktrick ekosistemine dahil olmak ve güncel gelişmelerden haberdar olmak için Discord kanalımıza bekliyoruz!
https://discord.gg/XpwhjNZdZR
Top 3 Stealer Malware Activity Research
https://brandefense.io/top-3-stealer-malware-activity-report/
HermeticWiper Technical Analysis Report
https://docs.brandefense.io/af3ca880b0c25832d07d441d75b05eceb5a48d04b2cc0d855c89622dbd3bb933.pdf
Attack Surface’s of Industrial Control Systems
berkdusunur/attack-surfaces-of-industrial-control-systems-47c78c35d7d8" rel="nofollow">https://medium.com/@berkdusunur/attack-surfaces-of-industrial-control-systems-47c78c35d7d8
AWS/Exploitation
https://ayberk.ninja/aws-exploitation
Windows Security Updates for Hackers
https://bitsadm.in/blog/windows-security-updates-for-hackers
How to build a network scanning analysis platform — Part II
fapro0/how-to-build-a-network-scanning-analysis-platform-part-ii-bf98ef2de05c" rel="nofollow">https://medium.com/@fapro0/how-to-build-a-network-scanning-analysis-platform-part-ii-bf98ef2de05c
Command injection prevention for Python
https://semgrep.dev/docs/cheat-sheets/python-command-injection/
Open-source tests of web browser privacy.
https://privacytests.org/
From Zero to Domain Admin
https://thedfirreport.com/2021/11/01/from-zero-to-domain-admin/
CVE-2021-23888 - McAfee ePolicy Orchestrator HTML Injection
https://ricardojba.github.io/CVE-2021-23888-McAfee-ePolicy-Orchestrator-HTML-Injection/
Red-Team-Challenge-Questions
https://github.com/RedSection/Red-Team-Challenge-Questions
Kali Linux 2022.2 Release (GNOME 42, KDE 5.24 & hollywood-activate)
https://www.kali.org/blog/kali-linux-2022-2-release/
Kale İleri Teknoloji olarak ücretsiz Siber Güvenlik Analisti Eğitimi 26-27 Mayıs 2022 tarihlerinde şirketimiz bünyesindeki eğitim salonunda verilecektir. Eğitim 4.sınıf ve yeni mezunları kapsamaktadır. Kampta başarılı olan adaylara Kale İleri Teknoloji bünyesinde tam zamanlı olarak yerinde iş imkanı sağlanacaktır. Kamp kapsamında kampa katılan katılımcıların yol, konaklama ve yemek masrafları kendileri tarafından karşılanacaktır. Siber Güvenlik Analisti Eğitimi ön değerlendirme sınav linki: https://lnkd.in/d-zxuWtg Siber Güvenlik Analisti konularını ele alan içeriklere aşağıdaki linkler aracılığıyla ulaşabilirsiniz: https://lnkd.in/dcjSwdr https://lnkd.in/d_funF7a
#ads
Spring Core RCE PoC
https://github.com/mcdulltii/SpringShell_0-day
Analysis the hybrid warfare concept through Russia - Ukraine war
https://brandefense.io/analysis-of-hybrid-warfare-through-russia-ukraine-cyber-war/
?
https://twitter.com/hacktrickconf/status/1502741743346892802
EE | Parallel Syscalls with Nim (Nim variant of the recent MDSec's research) | https://github.com/frkngksl/ParallelNimcalls
Читать полностью…
TensorFlow Python Code Injection: More eval() Woes
https://jfrog.com/blog/tensorflow-python-code-injection-more-eval-woes/
Cobalt Strike: Decrypting Obfuscated Traffic – Part 4
https://blog.nviso.eu/2021/11/17/cobalt-strike-decrypting-obfuscated-traffic-part-4/
GHSL-2021-1031: Information leak in Qualcomm npu driver - CVE-2021-1969
https://securitylab.github.com/advisories/GHSL-2021-1031-npu/
Trojan Source: Invisible Vulnerabilities
https://www.trojansource.codes/trojan-source.pdf
Android-PIN-Bruteforce
https://github.com/urbanadventurer/Android-PIN-Bruteforce
sish
An open source serveo/ngrok alternative.
https://github.com/antoniomika/sish
Reproducing n-day vulnerabilities and writing N-day based fuzzer with Qiling | https://devilinside.me/blogs/reproducing-ndays-qiling
Читать полностью…