Волосатый бублик
Ko'proq ko'rsatish
5 206
Obunachilar
Ma'lumot yo'q24 soatlar
+787 kunlar
+21630 kunlar
Post vaqtlarining boʻlagichi
Ma'lumot yuklanmoqda...
Find out who reads your channel
This graph will show you who besides your subscribers reads your channel and learn about other sources of traffic.
Nashrni tahlil qilish
| Postlar | Ko'rishlar | Ulashishlar | Ko'rish dinamikasi |
01 #cve #fortinet
https://www.bleepingcomputer.com/news/security/exploit-released-for-maximum-severity-fortinet-rce-bug-patch-now/ | 458 | 10 | Loading... |
02 An SQL injection cheatsheet like no other
Payloads / techniques that cover the 5 most popular database variants and their derivatives (MySQL, PostgreSQL, MSSQL/SQL Server, Oracle, SQLite).
https://tib3rius.com/sqli | 1 233 | 69 | Loading... |
03 https://blog.slonser.info/posts/email-attacks/
Очень интересно. Подделка отправителя например Gmail -> Outlook или наоборот. | 1 447 | 36 | Loading... |
04 https://github.com/es3n1n/no-defender
Отключение Windows Defender через недокументированное АПИ | 1 500 | 42 | Loading... |
05 Injecting code into PPL processes without vulnerable drivers on Windows 11
https://blog.slowerzs.net/posts/pplsystem/ | 1 396 | 24 | Loading... |
06 CVE-2024-21683: Confluence Data Center RCE
https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server | 2 474 | 58 | Loading... |
07 согласен | 4 232 | 36 | Loading... |
08 https://www.zabbix.com/security_advisories
[ Time Based SQL Injection in Zabbix Server Audit Log ]
CVE-2024-22120
⛔️ CRITICAL ⛔️
This vulnerability could lead to privilege escalation from user to admin. In some cases, SQL injection leads to RCE.
Affected version/s:
6.0.0-6.0.27
6.4.0-6.4.12
7.0.0alpha1-7.0.0beta1 | 8 717 | 179 | Loading... |
09 Новый тулкит от участника нашего чата:
BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices.
It works by executing templated exploits one by one and verifying appropriate properties based on the template logic. The toolkit is extensible and allows new research to be added to the centralized testing toolkit. There are 43 Bluetooth exploits available in the toolkit, from known public exploits and tools to custom-developed ones.
The framework works in a Black-box fashion, but it is also possible to operate the toolkit in a Gray-box fashion. For that one needs to extend the framework and connect it to the Operating System of the target so that it would be possible to observe Bluetooth logs and guarantee no false positives.
Also, we have already used our framework and were able to find 64 new vulnerabilities in 22 products.
https://github.com/sgxgsx/BlueToolkit | 3 649 | 53 | Loading... |
10 Есть такой очень уязвимый Windows драйвер как HEVD
Создан для тренировки навыков эксплуатации ядерных багов в Windows. старая штука, иногда обновляющееся.
А вот вам статья с примерами. | 3 061 | 69 | Loading... |
11 Media files | 3 454 | 63 | Loading... |
12 Media files | 1 | 0 | Loading... |
13 Удобная замена SimpleHTTPServer. Умеет в аутентификацию и главное в FileUpload
https://github.com/sc0tfree/updog | 2 645 | 82 | Loading... |
14 https://www.youtube.com/watch?v=RW3cEdKbC4E | 2 428 | 43 | Loading... |
15 #adcs #bloodhound #ad
[ ADCS Attack Paths in BloodHound ]
This blog post(s) details the domain escalation requirements and explains how BloodHound incorporates the relevant components. SpectrOps team will demonstrate how to effectively use BloodHound to identify attack paths that involve ESC abuse.
Part 1
Part 2 | 3 579 | 55 | Loading... |
16 Дорогие друзья!
Сегодня у нас особый день - 5000 подписчиков! Это невероятное достижение, которое мы смогли бы достичь только благодаря вам - нашим преданным подписчикам.
Хочется выразить огромную благодарность каждому из вас за вашу поддержку, вдохновение и активное участие в нашем сообществе. Ваши лайки, комментарии и репосты делают наш контент еще более ценным и интересным.
Мы ценим каждого из вас и обещаем продолжать радовать вас увлекательным контентом, интересными материалами и полезными советами. Без вас ничего из этого не было бы возможно!
Спасибо за вашу веру в нас и вашу активность! Давайте продолжать двигаться вперед и достигать новых высот вместе!
С любовью и благодарностью, ChatGPT | 3 183 | 2 | Loading... |
17 #windows #ad
[ PingCastle Notify ]
PingCastle Notify is a tool that will monitor your PingCastle reports ! You will be notified every time a change between a scan and a previous scan is made.
https://github.com/LuccaSA/PingCastle-Notify | 2 834 | 28 | Loading... |
An SQL injection cheatsheet like no other
Payloads / techniques that cover the 5 most popular database variants and their derivatives (MySQL, PostgreSQL, MSSQL/SQL Server, Oracle, SQLite).
https://tib3rius.com/sqli
👍 7
https://blog.slonser.info/posts/email-attacks/
Очень интересно. Подделка отправителя например Gmail -> Outlook или наоборот.
Old new email attacks
The article is informative and intended for security specialists conducting testing within the scope of a contract. The author is not responsible for any damage caused by the application of the provided information. The distribution of malicious programs, disruption of system operation, and violation of the confidentiality of correspondence are pursued by law. Introduction This article will be dedicated to my research in the field of email service attacks, including all aspects related to email messages.
👍 6😁 5
https://github.com/es3n1n/no-defender
Отключение Windows Defender через недокументированное АПИ
GitHub - es3n1n/no-defender: A slightly more fun way to disable windows defender. (through the WSC api)
A slightly more fun way to disable windows defender. (through the WSC api) - es3n1n/no-defender
👍 5👎 2
Injecting code into PPL processes without vulnerable drivers on Windows 11
https://blog.slowerzs.net/posts/pplsystem/
Injecting code into PPL processes without vulnerable drivers on Windows 11
👍 3
CVE-2024-21683: Confluence Data Center RCE
https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server
GitHub - absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server: This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server. The vulnerability exists due to an improper validation of user-supplied input in the Confluence REST API. This allows an attacker to inject malicious code into the Confluence server, which can then be executed by the server
This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server. The vulnerability exists due to an improper validation of user-supplied i...
https://www.zabbix.com/security_advisories
[ Time Based SQL Injection in Zabbix Server Audit Log ]
CVE-2024-22120
⛔️ CRITICAL ⛔️
This vulnerability could lead to privilege escalation from user to admin. In some cases, SQL injection leads to RCE. Affected version/s: 6.0.0-6.0.27 6.4.0-6.4.12 7.0.0alpha1-7.0.0beta1
👍 8😁 2
Photo unavailableShow in Telegram
Новый тулкит от участника нашего чата:
BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices.
It works by executing templated exploits one by one and verifying appropriate properties based on the template logic. The toolkit is extensible and allows new research to be added to the centralized testing toolkit. There are 43 Bluetooth exploits available in the toolkit, from known public exploits and tools to custom-developed ones.
The framework works in a Black-box fashion, but it is also possible to operate the toolkit in a Gray-box fashion. For that one needs to extend the framework and connect it to the Operating System of the target so that it would be possible to observe Bluetooth logs and guarantee no false positives.
Also, we have already used our framework and were able to find 64 new vulnerabilities in 22 products.
https://github.com/sgxgsx/BlueToolkit
👍 14
Hammasini ko'rsatish...
GitHub - hacksysteam/HackSysExtremeVulnerableDriver: HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux - hacksysteam/HackSysExtremeVulnerableDriver
👍 9