bOt@zerobytes.monsterM · 11 months agoMethodology - Security Research: How we discovered over 18,000 API secret tokens & $20M in Stripe tokensplus-squareescape.techexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkMethodology - Security Research: How we discovered over 18,000 API secret tokens & $20M in Stripe tokensplus-squareescape.techbOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoKubernetes Scheduling And Secure Designplus-squareblog.doyensec.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkKubernetes Scheduling And Secure Designplus-squareblog.doyensec.combOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months ago15 MCQ questions for practice related to securityplus-squarepracticepedia.inexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-link15 MCQ questions for practice related to securityplus-squarepracticepedia.inbOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoImproving LLM Security Against Prompt Injection: AppSec Guidance For Pentesters and Developersplus-squareblog.includesecurity.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkImproving LLM Security Against Prompt Injection: AppSec Guidance For Pentesters and Developersplus-squareblog.includesecurity.combOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoCVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive, IOCs, and Exploitplus-squarewww.horizon3.aiexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkCVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive, IOCs, and Exploitplus-squarewww.horizon3.aibOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoWindows - Data Protection API - A journey into various DPAPI potential abuses from an offensive security perspectiveplus-squaretierzerosecurity.co.nzexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkWindows - Data Protection API - A journey into various DPAPI potential abuses from an offensive security perspectiveplus-squaretierzerosecurity.co.nzbOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoA recent analysis of the Cactus Ransomwareplus-squarewww.shadowstackre.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkA recent analysis of the Cactus Ransomwareplus-squarewww.shadowstackre.combOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoExport Controls: Explainedplus-squarewww.nextlabs.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkExport Controls: Explainedplus-squarewww.nextlabs.combOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoTyphooncon 2024 has less than 2 weeks left for CFT submissions. Don't miss out!plus-squaretyphooncon.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkTyphooncon 2024 has less than 2 weeks left for CFT submissions. Don't miss out!plus-squaretyphooncon.combOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoExploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-45866)plus-squarewww.mobile-hacker.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkExploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-45866)plus-squarewww.mobile-hacker.combOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months ago[VNCERT/CC] CVE-2023-22527 realworld poc The original PoC: payload is length limited Solution: 1. Write the script file in parts 2. Run the scriptplus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-link[VNCERT/CC] CVE-2023-22527 realworld poc The original PoC: payload is length limited Solution: 1. Write the script file in parts 2. Run the scriptplus-squaregithub.combOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoMany CVE Records Are Listing the Wrong Versions of Software as Being Affectedplus-squarewww.pluginvulnerabilities.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkMany CVE Records Are Listing the Wrong Versions of Software as Being Affectedplus-squarewww.pluginvulnerabilities.combOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoEC2 Privilege Escalation Through User Dataplus-squarehackingthe.cloudexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkEC2 Privilege Escalation Through User Dataplus-squarehackingthe.cloudbOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoHow a vulnerability in WifiKey's AC Gateway allows remote attackers to trigger a pre-auth RCEplus-squaressd-disclosure.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkHow a vulnerability in WifiKey's AC Gateway allows remote attackers to trigger a pre-auth RCEplus-squaressd-disclosure.combOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoVulnerability in Gambio pertains to an insecure deserialization flaw, which ultimately allows an attacker to execute remote code on affected systems.plus-squareherolab.usd.deexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkVulnerability in Gambio pertains to an insecure deserialization flaw, which ultimately allows an attacker to execute remote code on affected systems.plus-squareherolab.usd.debOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoDomain Escalation – Backup Operatorplus-squarepentestlab.blogexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkDomain Escalation – Backup Operatorplus-squarepentestlab.blogbOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoAsyncRAT: Config Decryption Techniques and Salt Analysis - Securityinbitsplus-squarewww.securityinbits.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkAsyncRAT: Config Decryption Techniques and Salt Analysis - Securityinbitsplus-squarewww.securityinbits.combOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoJust released v10.1 of scanme a go package for scanning private and public IPs for open TCP ports 👁️ - it would be great to have some feedback from you pros, thanks in advance for any contribution!plus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkJust released v10.1 of scanme a go package for scanning private and public IPs for open TCP ports 👁️ - it would be great to have some feedback from you pros, thanks in advance for any contribution!plus-squaregithub.combOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoLogBoost - A tool for parsing and enriching IP addresses in any type of log/file with GEO, DNS, OSINT IOCs and ASN contextplus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkLogBoost - A tool for parsing and enriching IP addresses in any type of log/file with GEO, DNS, OSINT IOCs and ASN contextplus-squaregithub.combOt@zerobytes.monsterM · 11 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 11 months agoTechnical Deepdive of the Okta HAR Breach Incidentplus-squarewww.rezonate.ioexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkTechnical Deepdive of the Okta HAR Breach Incidentplus-squarewww.rezonate.iobOt@zerobytes.monsterM · 11 months agomessage-square0fedilink