» VB.Net: Cmd Exploit
» Tamanho: 248 KB ::.
» Data da Criação: 11/07/2019 [06:28]
from Connect Trojan https://ift.tt/2ZcJTCv
via IFTTT
четвъртък, 25 юли 2019 г.
Cmd Exploit + (SRC) By Abo Rady
DOWNLOAD PASS = tr
» Informações:
» VB.Net: Cmd Exploit
» Tamanho: 248 KB ::.
» Data da Criação: 11/07/2019 [06:28]
from Connect Trojan https://ift.tt/2ZcJTCv
via IFTTT
» VB.Net: Cmd Exploit
» Tamanho: 248 KB ::.
» Data da Criação: 11/07/2019 [06:28]
from Connect Trojan https://ift.tt/2ZcJTCv
via IFTTT
HTA Exploit By Abo Rady
понеделник, 22 юли 2019 г.
COModo: From Sandbox to SYSTEM (CVE-2019–3969) ↳...
COModo: From Sandbox to SYSTEM (CVE-2019–3969)
↳ https://medium.com/tenable-techblog/comodo-from-sandbox-to-system-cve-2019-3969-b6a34cc85e67
Antivirus (AV) is a great target for vulnerability hunting: Large attack surface, complex parsing, and various components executing with high privileges. So a couple of months ago, I decided looked at the latest Comodo Antivirus v12.0.0.6810….
from Hack+ https://ift.tt/2JKhzSH
via IFTTT
HACKTALE ↳ https://ift.tt/2XQHHnO HackTale is a new, innovative approach for teaching and training...
HACKTALE
HackTale is a new, innovative approach for teaching and training cyber experts via gamification. HackTale is a platform designed for the creation of cyber-games. Each game simulates a different attack scenario and focuses on different aspects of cyber-defense….
from Hack+ https://ift.tt/2M3IsCR
via IFTTT
Analyzing iOS Stalkerware Applications ↳...
Analyzing iOS Stalkerware Applications
↳ https://ivrodriguez.com/analyzing-ios-stalkerware-apps/
Stalkerware (a.k.a. Spouseware) applications are invasive applications that an individual installs on a target’s device (usually their partner) to spy on them, snooping in as much data as they can….
from Hack+ https://ift.tt/2M9SfXZ
via IFTTT
DBHeise/VM_Setup ↳ https://ift.tt/2xyxw6G Please consider this in its ALPHA...
DBHeise/VM_Setup
↳ https://github.com/DBHeise/VM_Setup
Please consider this in its ALPHA stages!…
from Hack+ https://ift.tt/2JJd3E0
via IFTTT
WoW64 internals ↳ https://ift.tt/2F0H8yJ WoW64 - aka Windows...
WoW64 internals
↳ https://wbenny.github.io/2018/11/04/wow64-internals.html
WoW64 - aka Windows (32-bit) on Windows (64-bit) - is a subsystem that enables 32-bit Windows applications to run on 64-bit Windows. Most people today are familiar with WoW64 on Windows x64, where they can run x86 applications….
from Hack+ https://ift.tt/2JK9KN2
via IFTTT
Calle Svensson - Software Obfuscation with LLVM - SecurityFest 2019 ↳...
Calle Svensson - Software Obfuscation with LLVM - SecurityFest 2019
↳ https://www.youtube.com/watch?v=bQpPdT7RDqQ
Software obfuscation is a method to make programs more difficult to reverse engineer. There are multiple reasons why this is done such as protecting intellectual property, defense in depth or hiding bugs. No matter the reason, there are multiple ways to go about in making the software more difficult…
from Hack+ https://ift.tt/2JLJiTf
via IFTTT
Emulator basics: a stack and register machine ↳...
Emulator basics: a stack and register machine
↳ http://notes.eatonphil.com/emulator-basics-a-stack-and-register-machine.html
In this post we’ll create a small virtual machine in JavaScript and use it to run a simple C program compiled with GCC for an x86_64 (or AMD64) CPU running Linux. All source code is available on Github….
from Hack+ https://ift.tt/2M7SGlu
via IFTTT
Game Source Code Collection ↳ https://ift.tt/14y5N68 This is a collection of...
Game Source Code Collection
↳ https://archive.org/details/gamesourcecode
This is a collection of computer game source code. The majority of these titles were originally released as commercial products and the source code was made available to the public at a later time. Developers have released these assets under varying licenses….
from Hack+ https://ift.tt/2JJrSX7
via IFTTT
Docker for Pentesters ↳ https://ift.tt/2GjqLvc Over the last few years I...
Docker for Pentesters
↳ https://blog.ropnop.com/docker-for-pentesters/
Over the last few years I have done a complete 180 on Docker (well, containerization in general). One of the very first posts I wrote on this blog was about plundering Docker images, and at the time I was not a fan….
from Hack+ https://ift.tt/2M7Uf38
via IFTTT
Basic ROP Techniques and Tricks ↳ https://ift.tt/30LuklB During...
Basic ROP Techniques and Tricks
↳ https://trustfoundry.net/basic-rop-techniques-and-tricks/
During assessments, we’ll occasionally run across custom binaries….
from Hack+ https://ift.tt/2M9S8M3
via IFTTT
Using OOAnalyzer to Reverse Engineer Object Oriented Code with Ghidra ↳...
Using OOAnalyzer to Reverse Engineer Object Oriented Code with Ghidra
Object-oriented programs continue to pose many challenges for reverse engineers and malware analysts. C++ classes tend to result in complex arrangements of assembly instructions and sophisticated data structures that are hard to analyze at the machine code level….
from Hack+ https://ift.tt/2M6IslG
via IFTTT
A guide for windows penetration testing ↳...
A guide for windows penetration testing
↳ https://www.roguesecurity.in/2018/12/02/a-guide-for-windows-penetration-testing/
Windows penetration testing is one of the grey area where many beginner penetration testers struggles with. It is irony that most of us use windows for our day-to-day tasks but when it comes to penetration testing, we are more comfortable with Linux….
from Hack+ https://ift.tt/2JJc470
via IFTTT
Security tool list from 2 years on Twitter ↳...
Security tool list from 2 years on Twitter
↳ https://medium.com/@markmotig/security-tool-list-from-2-years-on-twitter-f1d2d9c4716
First off, a huge THANK YOU to everyone that shares their tools and experience. This is just my directory listing of security tools I found interesting . Just about every tool here I learned about by following people on Twitter. Here is a sample of how I try to categorize….
from Hack+ https://ift.tt/2M9RZIv
via IFTTT
Evasive VBA — Advanced Maldoc Techniques ↳...
Evasive VBA — Advanced Maldoc Techniques
↳ https://medium.com/walmartlabs/evasive-vba-advanced-maldoc-techniques-1365e9373f80
Different methods of creating processes in VBA come with benefits and drawbacks. Shell$, Shell, or a variation of CreateObject(“WScript.Shell”).Run will result in the office application being listed as the parent of the created process….
from Hack+ https://ift.tt/2JJd36Y
via IFTTT
Polymorphic C# Prepender - Theory and Practice ↳...
Polymorphic C# Prepender - Theory and Practice
[+]Topic: Code [+]Von: AlcoPaul [+]Return: Code Polymorphic C# Prepender - Theory and Practice alc0paul bangingatbang@land.ru http://alcopaul.co….
from Hack+ https://ift.tt/2M7SFOs
via IFTTT
Introduction to SpiderMonkey exploitation. ↳...
Introduction to SpiderMonkey exploitation.
↳ https://doar-e.github.io/blog/2018/11/19/introduction-to-spidermonkey-exploitation/
This blogpost covers the development of three exploits targeting SpiderMonkey JavaScript Shell interpreter and Mozilla Firefox on Windows 10 RS5 64-bit from the perspective of somebody that has never written a browser exploit nor looked closely at any JavaScript engine codebase….
from Hack+ https://ift.tt/2JMgaLI
via IFTTT
неделя, 21 юли 2019 г.
Bust a Kube: Kubernetes Hacking and Hardening Techniques ↳...
Bust a Kube: Kubernetes Hacking and Hardening Techniques
↳ https://www.beyondtrust.com/blog/entry/bust-a-kube-kubernetes-hacking-and-hardening-techniques
An ever-increasing number of companies are using Kubernetes to manage and scale applications and services….
from Hack+ https://ift.tt/2M4kCHg
via IFTTT
понеделник, 15 юли 2019 г.
M3_Mini_Rat v0.1 + (SRC) By Mr-3amo
неделя, 14 юли 2019 г.
W00t3k/Awesome-Cellular-Hacking ↳ https://ift.tt/30qpJp4 Please note...
W00t3k/Awesome-Cellular-Hacking
↳ https://github.com/W00t3k/Awesome-Cellular-Hacking
Please note multiple researchers published and compiled this work. This is a list of their research in the 3G/4G/5G Cellular security space. This information is intended to consolidate the community’s knowledge….
from Hack+ https://ift.tt/2liGsLH
via IFTTT
петък, 12 юли 2019 г.
The Complete Beginner Network Penetration Testing Course for 2019 ↳...
The Complete Beginner Network Penetration Testing Course for 2019
↳ https://www.youtube.com/watch?v=WnN6dbos5u8
GitHub repo (for homework): https://github.com/hmaverickadams/Beg…Timestamps:0:00 - Course Introduction/whoami6:12 - Part 1: Introduction, Notekeeping, and Introductory Linux1:43:45 - Part 2: Python 1013:10:05 - Part 3: Python 102 (Building a Terrible Port Scanner)4:23:14 - Part 4: Passive OSINT5…
from Hack+ https://ift.tt/2jGkkue
via IFTTT
четвъртък, 11 юли 2019 г.
Install Android 8.1 Oreo in Virtual Machine: VMware and VirtualBox ↳...
Install Android 8.1 Oreo in Virtual Machine: VMware and VirtualBox
↳ https://techsviewer.com/install-android-in-virtual-machine-vmware-and-virtualbox/
When you want to install Android 8.1 Oreo on any virtualization software, you have two options. These are the Android 8.1 ISO and the Android 8.1 virtual disk image. You can use either and get good results but they are not the same thing….
from Hack+ https://ift.tt/2XG78s7
via IFTTT
сряда, 10 юли 2019 г.
Minute Hack: Get SSH login notification on Telegram ↳...
Minute Hack: Get SSH login notification on Telegram
↳ https://8192.one/post/ssh_login_notification_withtelegram/
A simple shell script that executes automatically once a ssh user logs into a server with SSH. The script sends a telegram message to a user of your choice. It also has features to identify the user who has just logged in….
from Hack+ https://ift.tt/2G3oEvl
via IFTTT
New Android malware replaces legitimate apps with ad-infested doppelgangers ↳...
New Android malware replaces legitimate apps with ad-infested doppelgangers
A new Android malware strain has been discovered that can infect devices and replace legitimate apps with clones that show a deluge of ads for a criminal group’s profits….
from Hack+ https://ift.tt/2XFcD5e
via IFTTT
Windows zero-day CVE-2019-1132 exploited in targeted attacks ↳...
Windows zero-day CVE-2019-1132 exploited in targeted attacks
↳ https://www.welivesecurity.com/2019/07/10/windows-zero-day-cve-2019-1132-exploit/
In June 2019, ESET researchers identified a zero-day exploit being used in a highly targeted attack in Eastern Europe. The exploit abuses a local privilege escalation vulnerability in Microsoft Windows, specifically a NULL pointer dereference in the win32k.sys component….
from Hack+ https://ift.tt/2XElzry
via IFTTT
вторник, 9 юли 2019 г.
Presenting QCSuper: a tool for capturing your 2G/3G/4G air traffic on Qualcomm-based phones ↳...
Presenting QCSuper: a tool for capturing your 2G/3G/4G air traffic on Qualcomm-based phones
But the way layer 2 is decoded also depends on layer 1: the precise time/frequency slot where the packet is received will attribute a physical channel and a transport channel (here, the “BCH”) to it….
from Hack+ https://ift.tt/2XE7RFa
via IFTTT
It’s Not Your Father’s Endpoint – Four Ways The Bad Guys Attack Mobile Devices ↳...
It’s Not Your Father’s Endpoint – Four Ways The Bad Guys Attack Mobile Devices
↳ https://blog.zimperium.com/not-fathers-endpoint-four-ways-bad-guys-attack-mobile-devices/
In our second blog, I discussed why a mobile device needs to be protected. Exactly what are we talking about here? What are the ways an attacker can hack a mobile device to get what they need? …
from Hack+ https://ift.tt/2Jo1cez
via IFTTT
Naategh/PyCk ↳ https://ift.tt/2xEj2TO This is a simple project that implements some usefull...
Naategh/PyCk
↳ https://github.com/Naategh/PyCk
This is a simple project that implements some usefull scripts. This project can be used for learning scripting with Python and creating simple pentesting tools, too. And I should also point out that The reason for using different and large libraries in this project It is for educational use….
from Hack+ https://ift.tt/2xEd2e0
via IFTTT
Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website! ↳...
Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!
As far as I can tell this vulnerability also impacts Ringcentral. Ringcentral for their web conference system is a white labeled Zoom system. This vulnerability allows any website to forcibly join a user to a Zoom call, with their video camera activated, without the user’s permission….
from Hack+ https://ift.tt/2S3LQi5
via IFTTT
7-Eleven Japanese customers lose $500,000 due to mobile app flaw ↳...
7-Eleven Japanese customers lose $500,000 due to mobile app flaw
↳ https://www.zdnet.com/article/7-eleven-japanese-customers-lose-500000-due-to-mobile-app-flaw/
Approximately 900 customers of 7-Eleven Japan have lost a collective of ¥55 million ($510,000) after hackers hijacked their 7pay app accounts and made illegal charges in their names….
from Hack+ https://ift.tt/2Jva29b
via IFTTT
понеделник, 8 юли 2019 г.
More than 1,000 Android apps harvest data even after you deny permissions ↳...
More than 1,000 Android apps harvest data even after you deny permissions
Permissions on Android apps are intended to be gatekeepers for how much data your device gives up. If you don’t want a flashlight app to be able to read through your call logs, you should be able to deny that access….
from Hack+ https://ift.tt/2S0IrR2
via IFTTT
неделя, 7 юли 2019 г.
Breaking & Entering with Zipato SmartHubs ↳ https://ift.tt/2XidWqN During the...
Breaking & Entering with Zipato SmartHubs
↳ https://blackmarble.sh/zipato-smart-hub/
During the 0DAYALLDAY Research Event three vulnerabilities were discovered in the ZipaMicro Z-Wave Controller Model #: ZM.ZWUS and the Zipabox Z-Wave Controller Model #: 2AAU7-ZBZWUS….
from Hack+ https://ift.tt/2XNnLRX
via IFTTT
петък, 5 юли 2019 г.
Mobile Security Penetration Testing List ↳...
Mobile Security Penetration Testing List
↳ https://hackersonlineclub.com/mobile-security-penetration-testing/
Mobile Security Penetration Testing List for All-in-one Mobile Security Frameworks including Android and iOS Application Penetration Testing….
from Hack+ https://ift.tt/2FZrHoC
via IFTTT
Debugging the Samsung Android Kernel part 1: ↳...
Debugging the Samsung Android Kernel part 1:
↳ https://medium.com/@alex91ar/debugging-the-samsung-android-kernel-part-1-ab2a9b87c162
First, we need to set up a few environmental variables. Go to the folder that contains the android-cross-compiler, presumably it’s called aarch64-linux-android-4.9, and run the following:…
from Hack+ https://ift.tt/2RXLZDO
via IFTTT
четвъртък, 4 юли 2019 г.
ipasimulator/ipasim ↳ https://ift.tt/2LHFhQS This repository contains source code of...
ipasimulator/ipasim
↳ https://github.com/ipasimulator/ipasim
This repository contains source code of ipasim, an iOS emulator for Windows. More detailed documentation is available. We use Git Submodules (recursively), so make sure you clone with –recurse-submodules. We also use Git LFS, so make sure you have that installed if you want to get all files….
from Hack+ https://ift.tt/2RSt2lP
via IFTTT
DiogoMRSilva/websitesVulnerableToSSTI ↳...
DiogoMRSilva/websitesVulnerableToSSTI
↳ https://github.com/DiogoMRSilva/websitesVulnerableToSSTI
This project has very simple websites to learn how to exploit Server Side Template Injections(SSTI). It might also be used to test automated vulnerability scanning tools.Some of the Servers aren’t working…
from Hack+ https://ift.tt/2JcXEfe
via IFTTT
Circuit Design App for Makers- circuito.io ↳ https://ift.tt/2qdvsfU Seamless circuit design for...
Circuit Design App for Makers- circuito.io
Seamless circuit design for your project. circuito.io is an online tool for designing electronic circuits. Select your component combination and instantly get a detailed list of parts, a step-by-step wiring guide and custom test code for your circuit….
from Hack+ https://ift.tt/2Xox1b1
via IFTTT
Red Teaming Toolkit Collection ↳...
Red Teaming Toolkit Collection
↳ https://0xsp.com/offensive/red-teaming-toolkit-collection
spoofcheck a program that checks if a domain can be spoofed from. The program checks SPF and DMARC records for weak configurations that allow spoofing. https://github.com/BishopFox/spoofcheck…
from Hack+ https://ift.tt/2XoeviP
via IFTTT
Android Security & Malware ↳ https://ift.tt/2Xox1Yz 577 members Mobile news about -...
Android Security & Malware
577 members Mobile news about - security, privacy, malware on Google Play, bugs, vulnerabilities, data leaks, bug bounty hunting, security tips & tutorials, tools, hacks, ethical hacking, penetration testing……
from Hack+ https://ift.tt/2JbDDpe
via IFTTT
сряда, 3 юли 2019 г.
Exploiting Android Through ADB With PhoneSploit ↳ https://www.youtube.com/watch?v=ONHxcGMdkM0 Hey...
Exploiting Android Through ADB With PhoneSploit
↳ https://www.youtube.com/watch?v=ONHxcGMdkM0
Hey guys! in this video I will be showing you how ADB on Android works and how to exploit it with PhonSploit. Android Debug Bridge (adb) is a versatile command-line tool that lets you communicate with a device. The adb command facilitates a variety of device actions, such as installing and debugging…
from Hack+ https://ift.tt/2ROvRV0
via IFTTT
How to: Burp ♥ OpenVPN ↳ https://ift.tt/2KZ4CGC When performing...
How to: Burp ♥ OpenVPN
↳ https://honoki.net/2019/06/21/how-to-burp-and-openvpn/
When performing security tests, you will often be required to send all of your traffic through a VPN. If you don’t want to send all of your local traffic over the same VPN, configuring an easy-to-use setup can sometimes be a pain….
from Hack+ https://ift.tt/2S08AQ9
via IFTTT
Абонамент за:
Публикации (Atom)