You might like
If you have UDP 631 accessible from all internet: you probably have much bigger problems than the CUPS vulnerability.
🚨Make sure UDP port 631 is not exposed to the internet!🚨 To check: sudo netstat -tulpn | grep 631. If the output is empty you're good.
Exfiltrating data through audio is not new (e.g. excellent code by @x86matthew) but doing it in pure #PowerShell was fun 😎 1. bin2wav.ps1 creates audio file to be played. 2. wav2bin.ps1 analyzes recorded audio file and re-creates original data. Enjoy: github.com/gtworek/PSBits…
7 killer sites that will reveal thousands of free resources (save them):
Be a Python Expert in 2023: A roadmap for absolute beginners
7 GitHub repositories will make you a standout developer from 99% of people:
Becoming a creator in 2023 will change your life. Here are 13 tips to make the switch from a consumer to a creator:
What are some tools you can't live without? Here are a few I use: 1. Bpytop: A better version of the Linux `top` command
6 GitHub repositories will make you a standout developer from 99% of people:
The new cs.github.com search allows for regex, which means brand **new** regex GitHub Dorks are possible! Eg, find SSH and FTP passwords via connection strings with: /ssh:\/\/.*:.*@.*target\.com/ /ftp:\/\/.*:.*@.*target\.com/ #BugBounty #bugbountytips #infosec
Dumping LSASS is such a 2020 move, let me introduce a new CrackMapExec module called Masky developed by @_ZakSec 🎉 If you have admin privilege, the module will impersonate all users connected -> ask a certificate (ADCS) -> retrieve the NT hash using PKINIT 🚀 Crazy module 🪂
1/ Perhaps a lesser known "feature" of Microsoft Authenticator, but the diagnostic data can be very helpful in investigating a compromised #Azure account where MFA is enabled but the user claims not to have confirmed the MFA Consent Prompt. 🧵
Free design websites that should be illegal to know - part 2 (mega thread):
Tools that make #Pentesting #Azure easier: TeamFiltration: github.com/Flangvik/TeamF… RoadTools: github.com/dirkjanm/ROADt… ScoutSuite: github.com/nccgroup/Scout… Microburst: github.com/NetSPI/MicroBu… AAD Internals: github.com/Gerenios/AADIn… OneDrive Enum: github.com/nyxgeek/onedri…
In 1940, an illegitimate Russian referendum forced my country into decades of terror, subjugation and poverty. That's all I'm going to say about illegitimate Russian referendums.
Thanks to @vysecurity I've built for #PingCastleCloud a service to translate DNS to tenantID (no news here) but also from TenantID to a DNS record (exclusive!!!). 7M+ tenants are listed and this database is enriched after each search. tenantresolution.pingcastle.com
Kubernetes Goat - Interactive Kubernetes Security Learning Playground 🚀 madhuakula.com/kubernetes-goa…
madhuakula.com
Welcome to Kubernetes Goat | Kubernetes Goat
Interactive Kubernetes Security Learning Playground
Compromising Read-Only Containers with Fileless Malware sysdig.com/blog/container…
sysdig.com
Fileless malware mitigation | Sysdig
A read-only file system will not provide adequate protection to mitigate all vulnerabilities exploited via fileless malware techniques.
My top 3 go-to resources for every pentest I perform: cristivlad.substack.com/p/pentestbooks
United States Trends
- 1. #FanCashDropPromotion N/A
- 2. Good Friday 54.5K posts
- 3. LINGORM DIOR AT MACAU 482K posts
- 4. #FridayVibes 4,185 posts
- 5. Happy Friyay 1,144 posts
- 6. RED Friday 2,988 posts
- 7. #ElMundoConVenezuela 3,279 posts
- 8. #TheWorldWithVenezuela 3,286 posts
- 9. #FridayFeeling 2,260 posts
- 10. Josh Allen 45.7K posts
- 11. Ja Rule N/A
- 12. Sedition 347K posts
- 13. Kenyon N/A
- 14. Dubai Air Show 42.6K posts
- 15. Haier EST SUPHA 154K posts
- 16. Parisian 2,019 posts
- 17. Tejas 75.8K posts
- 18. Commander in Chief 89.4K posts
- 19. Niger 65.4K posts
- 20. Patriot Act 3,020 posts
You might like
Something went wrong.
Something went wrong.