你可能會喜歡
If you have UDP 631 accessible from all internet: you probably have much bigger problems than the CUPS vulnerability.
🚨Make sure UDP port 631 is not exposed to the internet!🚨 To check: sudo netstat -tulpn | grep 631. If the output is empty you're good.
Exfiltrating data through audio is not new (e.g. excellent code by @x86matthew) but doing it in pure #PowerShell was fun 😎 1. bin2wav.ps1 creates audio file to be played. 2. wav2bin.ps1 analyzes recorded audio file and re-creates original data. Enjoy: github.com/gtworek/PSBits…
7 killer sites that will reveal thousands of free resources (save them):
Be a Python Expert in 2023: A roadmap for absolute beginners
7 GitHub repositories will make you a standout developer from 99% of people:
Becoming a creator in 2023 will change your life. Here are 13 tips to make the switch from a consumer to a creator:
What are some tools you can't live without? Here are a few I use: 1. Bpytop: A better version of the Linux `top` command
6 GitHub repositories will make you a standout developer from 99% of people:
The new cs.github.com search allows for regex, which means brand **new** regex GitHub Dorks are possible! Eg, find SSH and FTP passwords via connection strings with: /ssh:\/\/.*:.*@.*target\.com/ /ftp:\/\/.*:.*@.*target\.com/ #BugBounty #bugbountytips #infosec
Dumping LSASS is such a 2020 move, let me introduce a new CrackMapExec module called Masky developed by @_ZakSec 🎉 If you have admin privilege, the module will impersonate all users connected -> ask a certificate (ADCS) -> retrieve the NT hash using PKINIT 🚀 Crazy module 🪂
1/ Perhaps a lesser known "feature" of Microsoft Authenticator, but the diagnostic data can be very helpful in investigating a compromised #Azure account where MFA is enabled but the user claims not to have confirmed the MFA Consent Prompt. 🧵
Free design websites that should be illegal to know - part 2 (mega thread):
Tools that make #Pentesting #Azure easier: TeamFiltration: github.com/Flangvik/TeamF… RoadTools: github.com/dirkjanm/ROADt… ScoutSuite: github.com/nccgroup/Scout… Microburst: github.com/NetSPI/MicroBu… AAD Internals: github.com/Gerenios/AADIn… OneDrive Enum: github.com/nyxgeek/onedri…
In 1940, an illegitimate Russian referendum forced my country into decades of terror, subjugation and poverty. That's all I'm going to say about illegitimate Russian referendums.
Thanks to @vysecurity I've built for #PingCastleCloud a service to translate DNS to tenantID (no news here) but also from TenantID to a DNS record (exclusive!!!). 7M+ tenants are listed and this database is enriched after each search. tenantresolution.pingcastle.com
Kubernetes Goat - Interactive Kubernetes Security Learning Playground 🚀 madhuakula.com/kubernetes-goa…
madhuakula.com
Welcome to Kubernetes Goat | Kubernetes Goat
Interactive Kubernetes Security Learning Playground
Compromising Read-Only Containers with Fileless Malware sysdig.com/blog/container…
sysdig.com
Fileless malware mitigation | Sysdig
A read-only file system will not provide adequate protection to mitigate all vulnerabilities exploited via fileless malware techniques.
My top 3 go-to resources for every pentest I perform: cristivlad.substack.com/p/pentestbooks
United States 趨勢
- 1. Thanksgiving 400K posts
- 2. Golesh 2,665 posts
- 3. Camp Haven 7,440 posts
- 4. Fani Willis 17.6K posts
- 5. #WipersDayGiveaway N/A
- 6. Trumplican 3,408 posts
- 7. Khabib 7,265 posts
- 8. Hong Kong 17K posts
- 9. NextNRG Inc 1,180 posts
- 10. Denzel 3,502 posts
- 11. Tom Hardy 1,818 posts
- 12. Mendy 5,234 posts
- 13. Wine 40K posts
- 14. Stranger Things 169K posts
- 15. Africans 27.4K posts
- 16. Idris 7,949 posts
- 17. Riker N/A
- 18. Breyers 2,602 posts
- 19. #PuebloEnBatallaYVictoria 4,861 posts
- 20. Fassbender 1,151 posts
你可能會喜歡
Something went wrong.
Something went wrong.