You might like
If you have UDP 631 accessible from all internet: you probably have much bigger problems than the CUPS vulnerability.
🚨Make sure UDP port 631 is not exposed to the internet!🚨 To check: sudo netstat -tulpn | grep 631. If the output is empty you're good.
Exfiltrating data through audio is not new (e.g. excellent code by @x86matthew) but doing it in pure #PowerShell was fun 😎 1. bin2wav.ps1 creates audio file to be played. 2. wav2bin.ps1 analyzes recorded audio file and re-creates original data. Enjoy: github.com/gtworek/PSBits…
7 killer sites that will reveal thousands of free resources (save them):
Be a Python Expert in 2023: A roadmap for absolute beginners
7 GitHub repositories will make you a standout developer from 99% of people:
Becoming a creator in 2023 will change your life. Here are 13 tips to make the switch from a consumer to a creator:
What are some tools you can't live without? Here are a few I use: 1. Bpytop: A better version of the Linux `top` command
6 GitHub repositories will make you a standout developer from 99% of people:
The new cs.github.com search allows for regex, which means brand **new** regex GitHub Dorks are possible! Eg, find SSH and FTP passwords via connection strings with: /ssh:\/\/.*:.*@.*target\.com/ /ftp:\/\/.*:.*@.*target\.com/ #BugBounty #bugbountytips #infosec
Dumping LSASS is such a 2020 move, let me introduce a new CrackMapExec module called Masky developed by @_ZakSec 🎉 If you have admin privilege, the module will impersonate all users connected -> ask a certificate (ADCS) -> retrieve the NT hash using PKINIT 🚀 Crazy module 🪂
1/ Perhaps a lesser known "feature" of Microsoft Authenticator, but the diagnostic data can be very helpful in investigating a compromised #Azure account where MFA is enabled but the user claims not to have confirmed the MFA Consent Prompt. 🧵
Free design websites that should be illegal to know - part 2 (mega thread):
Tools that make #Pentesting #Azure easier: TeamFiltration: github.com/Flangvik/TeamF… RoadTools: github.com/dirkjanm/ROADt… ScoutSuite: github.com/nccgroup/Scout… Microburst: github.com/NetSPI/MicroBu… AAD Internals: github.com/Gerenios/AADIn… OneDrive Enum: github.com/nyxgeek/onedri…
In 1940, an illegitimate Russian referendum forced my country into decades of terror, subjugation and poverty. That's all I'm going to say about illegitimate Russian referendums.
Thanks to @vysecurity I've built for #PingCastleCloud a service to translate DNS to tenantID (no news here) but also from TenantID to a DNS record (exclusive!!!). 7M+ tenants are listed and this database is enriched after each search. tenantresolution.pingcastle.com
Kubernetes Goat - Interactive Kubernetes Security Learning Playground 🚀 madhuakula.com/kubernetes-goa…
madhuakula.com
Welcome to Kubernetes Goat | Kubernetes Goat
Interactive Kubernetes Security Learning Playground
Compromising Read-Only Containers with Fileless Malware sysdig.com/blog/container…
sysdig.com
Fileless malware mitigation | Sysdig
A read-only file system will not provide adequate protection to mitigate all vulnerabilities exploited via fileless malware techniques.
My top 3 go-to resources for every pentest I perform: cristivlad.substack.com/p/pentestbooks
United States Trends
- 1. Jets 59.5K posts
- 2. Justin Fields 3,475 posts
- 3. Peart 1,359 posts
- 4. #BroncosCountry 2,096 posts
- 5. Tyrod N/A
- 6. Sherwood 1,191 posts
- 7. Good Sunday 64.9K posts
- 8. #JetUp 1,181 posts
- 9. #AskFFT N/A
- 10. #sundayvibes 6,276 posts
- 11. #DENvsNYJ 1,348 posts
- 12. Bam Knight N/A
- 13. Brownlee 1,002 posts
- 14. Nate Adkins N/A
- 15. Garrett Wilson N/A
- 16. Troy Franklin N/A
- 17. Rich Eisen N/A
- 18. George Stephanopoulos 2,120 posts
- 19. Lutz 1,412 posts
- 20. The CDC 34K posts
You might like
Something went wrong.
Something went wrong.