내가 좋아할 만한 콘텐츠
Happy Friday! I just published XRayC2 a command & control framework that uses AWS X-Ray as a communication channel. medium.com/@dhiraj_mishra… #infosec #redteam
🛠️ A serverless command & control (C2) framework 🗓️ Leverages Google Calendar APIs, as a covert communication channel between operators and a compromised system github.com/deriv-security…
I just published MeetC2 - A serverless command & control (C2) framework that leverages Google Calendar APIs, as a communication channel. github.com/deriv-security… #infosec #redteam
Just thought of sharing. YubiKey's OATH app lets you name accounts anything including base64 files, turning into a tiny file storage. #infosec #redteam
Through libfuzzer, I found a heap-overflow in libssh2 which is now fixed. github.com/inputzero/Secu… #infosec #fuzzing
Yesterday at DEFCON 33, we participated in the Bio Hacking Village and conducted security assessment of PET/CT imaging systems. Successfully identifying three vulnerabilities, which were responsibly reported to the vendor. #infosec #defcon33
Through libFuzzer, double-free of icalproperty objects. github.com/inputzero/Secu… #infosec #fuzzing
Through libFuzzer, LibArchive ACL Buffer Overflow Vulnerability (Low) - github.com/inputzero/Secu… #infosec #fuzzing
I wrote a blog on Medium, "Brewing Trouble - Dissecting a macOS Malware Campaign". medium.com/deriv-tech/bre… #infosec #redteam
Alright! I'll be presenting my tool "SmuggleShield" at BlackHat USA, see you there if you are around.(github.com/RootUp/Smuggle…) #infosec #redteam #blueteam
Offensive Phishing Operations Update 2 Released: maldevacademy.com/phishing-cours… - HTML Smuggling Strategies - Analyzing and Evading SmuggleShield (S/O @RandomDhiraj) - Integrating Anti-Bot With HTML Smuggling - SVG Smuggling - WebAssembly Smuggling
The next update for the Offensive Phishing Operations course will be heavily focused on HTML Smuggling and will be going up against @RandomDhiraj's awesome SmuggleShield. We'll also be demonstrating a module that combines anti-bot capabilities with HTML smuggling. More info:…
Stoked! Our (@r00treaver) work on SVG Smuggling is now part of MITRE ATT&CK (T1027.017)! attack.mitre.org/techniques/T10… #infosec #redteam
Never trust a favicon at face value. 👀 @RandomDhiraj demonstrates how attackers can hide malicious files inside .ico icons by exploiting their dual directory structure — allowing payloads to slip past filters in a stealth move similar to HTML smuggling.
Just learned a neat way of hiding file within favicon (.ico). You can manipulate the dual directory entry structure and smuggle any file type in it. Here is a quick raw script I put together for testing.(github.com/RootUp/Persona…) #infosec #redteam
United States 트렌드
- 1. phil 51.1K posts
- 2. phan 64.2K posts
- 3. Columbus 203K posts
- 4. President Trump 1.24M posts
- 5. Middle East 307K posts
- 6. Yesavage 3,087 posts
- 7. Thanksgiving 59.4K posts
- 8. #LGRW 1,925 posts
- 9. Mike McCoy N/A
- 10. Cam Talbot N/A
- 11. Titans 37.7K posts
- 12. #IndigenousPeoplesDay 17K posts
- 13. Brian Callahan 12.6K posts
- 14. Macron 238K posts
- 15. HAZBINTOOZ 7,798 posts
- 16. John Oliver 8,259 posts
- 17. Cejudo 1,520 posts
- 18. Falcons 11.5K posts
- 19. Native Americans 18.1K posts
- 20. #UFC323 5,470 posts
내가 좋아할 만한 콘텐츠
-
André Baptista
@0xacb -
Niemand
@niemand_sec -
Jasmin Landry
@JR0ch17 -
streaak
@streaak -
pwnmachine 👾
@princechaddha -
Samuel
@saamux -
Riyaz Walikar
@riyazwalikar -
Armaan Pathan
@armaancrockroax -
gujjuboy10x00
@vis_hacker -
nikhil(niks)
@niksthehacker -
Jon Bottarini
@jon_bottarini -
DeepBlue Security & Intelligence
@DeepBlueInfoSec -
Aseem Jakhar
@aseemjakhar -
Rakesh Mane
@RakeshMane10 -
harrymg
@GertyBoy27
Something went wrong.
Something went wrong.