现已上线!2025 年 Telegram 研究 — 年度关键洞察 
Source Byte
前往频道在 Telegram
هشیار کسی باید کز عشق بپرهیزد وین طبع که من دارم با عقل نیامیزد Saadi Shirazi 187
显示更多7 849
订阅者
-524 小时
+437 天
+17230 天
帖子存档
7 849
you can upload any file as an attachment in a draft comment on any public GitHub repo, delete the comment but the file download URL remains active, and the repo owner can’t do anything about it
7 849
7 849
כאן חדשות
נערת הפיתוי האיראנית: נהג משאית צבאי תיעד, לפי החשד, עשרות סוללות כיפת ברזל במהלך נסיעותיו בתפקיד, ושלח תמונות ומיקומים שלהן בפייסבוק לגורם איראני שהתחזה לאישה
#חדשותהע
https://twitter.com/kann_news/status/1783218563177742831
7 849
" The Open Source Problem "
you have software on your machine right now that is running code from one of many similar "suspicious" accounts.
https://cybersecpolitics.blogspot.com/2024/04/the-open-source-problem.html
#CVE-2024-3094
7 849
Refresh AD Groups Membership without Reboot/Logoff
Purge the computer account kerberos tickets with:
```klist -lh 0 -li 0x3e7 purge```
Reload User Groups Membership without Logging Off with:
klist purge
Twitter
7 849
Project that generates Malicious Office Macro Enabled Dropper for DLL SideLoading and Embed it in Lnk file to bypass MOTW
GITHUB
#DLL_SideLoading
#Dropper #Lnk
7 849
Repost from CyberSecurityTechnologies
#exploit
"One Flip is All It Takes:
Identifying Syscall-Guard Variables for Data-Only Attacks", 2024.
]-> https://github.com/psu-security-universe/viper
]-> https://github.com/PSU-Security-Universe/data-only-attacks
7 849
Windows Phantom DLL Hijacking: New Contribution to Hijack Execution Flow – DLL Search Order Hijacking
https://interpressecurity.com/resources/windows-phantom-dll-hijacking/
#dll_hijacking
7 849
(APT-Q-31) A memory loader Cobalt Strike written by Rust
English :
https://www-ctfiot-com.translate.goog/175132.html?_x_tr_sl=fa&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp
Tutorial [Cobalt Strike Shellcode Loader With Rust] :
https://www.youtube.com/watch?v=XfUTpwZKCDU
A COFF loader made in Rust :
https://github.com/hakaioffsec/coffee
7 849
Repost from N/a
𝗘𝗫𝗣𝗟𝗢𝗜𝗧 𝗗𝗘𝗩𝗘𝗟𝗢𝗣𝗠𝗘𝗡𝗧 🐌
🔗 Part 1 : Intro :-
https://0xninjacyclone.github.io/posts/exploitdev_1_intro/
🔗 Part 2 : Understanding Stack Memory :-
https://0xninjacyclone.github.io/posts/exploitdev_2_stack/
🔗 Part 3 : Understanding Heap Memory :-
https://0xninjacyclone.github.io/posts/exploitdev_3_heap/
🔗 Part 4 : Understanding Binary Files :-
https://0xninjacyclone.github.io/posts/exploitdev_4_binfiles/
🔗 Part 5 : Dealing with Windows PE files programmatically :-
https://0xninjacyclone.github.io/posts/exploitdev_5_winpe/
🔗 Part 6 : Dealing with ELF files programmatically :-
https://0xninjacyclone.github.io/posts/exploitdev_6_elf/
🔗 Part 7 : How to do magic with string format bugs :-
https://0xninjacyclone.github.io/posts/exploitdev_7_strfmt/
🔗 Part 8 : Buffer Over-Read Attacks and Developing a Real Exploit :-
https://0xninjacyclone.github.io/posts/exploitdev_8_bor/
@source_chat #exploit_development #binary_exploitation #vulnerability_research #buffer_overread
7 849
Someone used AI to make Lockbit ransomware groups statement regarding the FBI takedown ... into an anime-like EDM ... ?
You're all degenerates 😂😂😂
What happened. On February 19, 2024 penetration testing of two of my servers took place, at 06:39 UTC I found an error on the site 502 Bad Gateway, restarted nginx - nothing changed, restarted mysql - nothing changed, restarted PHP - the site worked. I didn't pay much attention to it, because for 5 years of swimming in money I became very lazy, and continued to ride on a yacht with titsy girls. At 20:47 I found that the site gives a new error 404 Not Found nginx, tried to enter the server through SSH and could not, the password did not fit, as it turned out later all the information on the disks was erased. Due to my personal negligence and irresponsibility I relaxed and did not update PHP in time, the servers had PHP 8.1.2 version installed, which was successfully penetration tested most likely by this CVE https://www.cvedetails.com/cve/CVE-2023-3824/ , as a result of which access was gained to the two main servers where this version of PHP was installed. I realize that it may not have been this CVE, but something else like 0day for PHP, but I can't be 100% sure, because the version installed on my servers was already known to have a known vulnerability, so this is most likely how the victims' admin and chat panel servers and
7 849
Someone used AI to make Lockbit ransomware groups statement regarding the FBI takedown ... into an anime-like EDM ... ?
You're all degenerates 😂😂😂
What happened. On February 19, 2024 penetration testing of two of my servers took place, at 06:39 UTC I found an error on the site 502 Bad Gateway, restarted nginx - nothing changed, restarted mysql - nothing changed, restarted PHP - the site worked. I didn't pay much attention to it, because for 5 years of swimming in money I became very lazy, and continued to ride on a yacht with titsy girls. At 20:47 I found that the site gives a new error 404 Not Found nginx, tried to enter the server through SSH and could not, the password did not fit, as it turned out later all the information on the disks was erased. Due to my personal negligence and irresponsibility I relaxed and did not update PHP in time, the servers had PHP 8.1.2 version installed, which was successfully penetration tested most likely by this CVE https://www.cvedetails.com/cve/CVE-2023-3824/ , as a result of which access was gained to the two main servers where this version of PHP was installed. I realize that it may not have been this CVE, but something else like 0day for PHP, but I can't be 100% sure, because the version installed on my servers was already known to have a known vulnerability, so this is most likely how the victims' admin and chat panel servers and
