You might like
If you have UDP 631 accessible from all internet: you probably have much bigger problems than the CUPS vulnerability.
🚨Make sure UDP port 631 is not exposed to the internet!🚨 To check: sudo netstat -tulpn | grep 631. If the output is empty you're good.
Exfiltrating data through audio is not new (e.g. excellent code by @x86matthew) but doing it in pure #PowerShell was fun 😎 1. bin2wav.ps1 creates audio file to be played. 2. wav2bin.ps1 analyzes recorded audio file and re-creates original data. Enjoy: github.com/gtworek/PSBits…
7 killer sites that will reveal thousands of free resources (save them):
Be a Python Expert in 2023: A roadmap for absolute beginners
7 GitHub repositories will make you a standout developer from 99% of people:
Becoming a creator in 2023 will change your life. Here are 13 tips to make the switch from a consumer to a creator:
What are some tools you can't live without? Here are a few I use: 1. Bpytop: A better version of the Linux `top` command
6 GitHub repositories will make you a standout developer from 99% of people:
The new cs.github.com search allows for regex, which means brand **new** regex GitHub Dorks are possible! Eg, find SSH and FTP passwords via connection strings with: /ssh:\/\/.*:.*@.*target\.com/ /ftp:\/\/.*:.*@.*target\.com/ #BugBounty #bugbountytips #infosec
Dumping LSASS is such a 2020 move, let me introduce a new CrackMapExec module called Masky developed by @_ZakSec 🎉 If you have admin privilege, the module will impersonate all users connected -> ask a certificate (ADCS) -> retrieve the NT hash using PKINIT 🚀 Crazy module 🪂
1/ Perhaps a lesser known "feature" of Microsoft Authenticator, but the diagnostic data can be very helpful in investigating a compromised #Azure account where MFA is enabled but the user claims not to have confirmed the MFA Consent Prompt. 🧵
Free design websites that should be illegal to know - part 2 (mega thread):
Tools that make #Pentesting #Azure easier: TeamFiltration: github.com/Flangvik/TeamF… RoadTools: github.com/dirkjanm/ROADt… ScoutSuite: github.com/nccgroup/Scout… Microburst: github.com/NetSPI/MicroBu… AAD Internals: github.com/Gerenios/AADIn… OneDrive Enum: github.com/nyxgeek/onedri…
In 1940, an illegitimate Russian referendum forced my country into decades of terror, subjugation and poverty. That's all I'm going to say about illegitimate Russian referendums.
Thanks to @vysecurity I've built for #PingCastleCloud a service to translate DNS to tenantID (no news here) but also from TenantID to a DNS record (exclusive!!!). 7M+ tenants are listed and this database is enriched after each search. tenantresolution.pingcastle.com
Kubernetes Goat - Interactive Kubernetes Security Learning Playground 🚀 madhuakula.com/kubernetes-goa…
madhuakula.com
Welcome to Kubernetes Goat | Kubernetes Goat
Interactive Kubernetes Security Learning Playground
Compromising Read-Only Containers with Fileless Malware sysdig.com/blog/container…
sysdig.com
Fileless malware mitigation | Sysdig
A read-only file system will not provide adequate protection to mitigate all vulnerabilities exploited via fileless malware techniques.
My top 3 go-to resources for every pentest I perform: cristivlad.substack.com/p/pentestbooks
United States Trends
- 1. National Guard 149K posts
- 2. Thanksgiving 448K posts
- 3. Liverpool 105K posts
- 4. Arsenal 331K posts
- 5. Neuer 16.7K posts
- 6. Bayern 180K posts
- 7. Frank Ragnow 6,391 posts
- 8. #InfoSecVPN N/A
- 9. Slot 89.1K posts
- 10. Martinelli 15.9K posts
- 11. Konate 11.8K posts
- 12. Anfield 14.8K posts
- 13. Mbappe 107K posts
- 14. #ARSBAY 6,874 posts
- 15. Declan Rice 5,970 posts
- 16. Patrick Morrisey 3,405 posts
- 17. Olympiacos 24.2K posts
- 18. Arteta 21.8K posts
- 19. Gakpo 9,092 posts
- 20. Denzel 4,677 posts
You might like
Something went wrong.
Something went wrong.