Zdjęcie w tle
konik_polanowy

konik_polanowy

Osobistość
  • 937wpisy
  • 104komentarzy

https://lubimyczytac.pl/profil/127443/joker

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/03.03.2021.md
Samsung Investigation Part 1: TEEs, TrustZone and TEEGRIS https://www.riscure.com/blog/samsung-investigation-part1
GNU Poke 1.0 Released For Poking At Binary Data https://www.phoronix.com/scan.php?page=news_item&px=GNU-Poke-1.0
αcτµαlly pδrταblε εxεcµταblε https://justine.lol/ape.html
Anti-Debug and Anti-Memory Dump for Android https://github.com/darvincisec/AntiDebugandMemoryDump
Exploring a New Detection Evasion Technique on Linux https://codemuch.tech/2021/02/25/exploring-linux-evasion/
Breaking VSM by Attacking SecureKernel https://www.youtube.com/watch?v=pm1ejZ3LkYU
BB-1011 Fuzzing WinAFL https://www.youtube.com/watch?v=m7tJkeW6H58
A Journey Into the Beauty of DNSRebinding - Part 1 https://blog.mindedsecurity.com/2021/02/journey-into-beauty-of-dnsrebinding.html
Red Team Stories: The Gordian Lock https://btlr.dev/blog/gordian-lock
Defences against Cobalt Strike https://github.com/MichaelKoczwara/Awesome-CobaltStrike-Defence
C#/Win32 P/Invoke Source Generator https://github.com/microsoft/CsWin32
adrian-wieczorek

@konik_polanowy Gratki za fajne zestawienie linków

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/01.03.2021.md
Poisoning your Cache for 1000$ - Approach to Exploitation Walkthrough - https://galnagli.com/Cache_Poisoning/
Analysis of an attack on automotive keyless entry systems - https://securityboulevard.com/2021/02/analysis-of-an-attack-on-automotive-keyless-entry-systems/
Exploiting (and Patching) a Zero Day RCE Vulnerability in a Western Digital NAS - https://www.youtube.com/watch?v=vsg9YgvGBec
A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev - https://github.com/ripienaar/free-for-dev
reconFTW is a tool designed to perform automated recon on a target - https://github.com/six2dez/reconftw
Using Snapchat for OSINT – part 2 -https://osintcurio.us/2021/02/26/using-snapchat-for-osint-part-2/
GDA-android-reversing-Tool - https://github.com/charles2gan/GDA-android-reversing-Tool

Zaloguj się aby komentować

Zostań Patronem Hejto i odblokuj dodatkowe korzyści tylko dla Patronów

  • Włączona możliwość zarabiania na swoich treściach
  • Całkowity brak reklam na każdym urządzeniu
  • Oznaczenie w postaci rogala , który świadczy o Twoim wsparciu
  • Wcześniejszy dostęp, do wybranych funkcji na Hejto
Zostań Patronem
Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/27.02.2021.md
Keyfinderkey is a tool that let you find keys while surfing the web! - https://github.com/momenbasel/keyFinder
How to intercept traffic from Android apps with Objection and Burp - https://www.youtube.com/watch?v=Ft3H-3J67UE
Security of the Intel Graphics Stack - Part 2 - FW <-> GuC - https://igor-blue.github.io/2021/02/24/graphics-part2.html
Abusing unicode characters to PWN Intigriti XSS challenge [I WON!] - https://www.youtube.com/watch?v=aUsAHb0E7Cg
Offensive Windows IPC Internals 2: RPC - https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html
Extracting an ELF From an ESP32 - Chris Lyne and Nick Miles (Shmoocon 2020) - https://www.youtube.com/watch?v=w4_3vwN_2dI
A curated list of awesome OSCP resources - https://github.com/0x4D31/awesome-oscp

Zaloguj się aby komentować

Link on Github -->https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/25.02.2021.md
How merge trains work at GitLab - https://about.gitlab.com/blog/2020/12/14/merge-trains-explained/
Top 100 Cybersecurity Books - https://www.cyberdefensemagazine.com/top-100-cybersecurity-books/
All Shell/Bash Answers - https://www.codegrepper.com/code-examples/shell
Arm'd & Dangerous malicious code, now native on apple silicon - https://objective-see.com/blog/blog_0x62.html
ASCII fluid dynamics -- IOCCC2012 endoh1.c - https://www.youtube.com/watch?v=QMYfkOtYYlg
An Unconventional Exploit for the RpcEptMapper Registry Key Vulnerability - https://itm4n.github.io/windows-registry-rpceptmapper-exploit/
A Hex Editor for Reverse Engineers - https://github.com/WerWolv/ImHex
Introduction to Malware Analysis and Reverse Engineering - https://class.malware.re/
Is Math.random() Safe? from missing rate limit to bypass 2fa and possible sqli - https://neroli.medium.com/is-math-random-safe-from-missing-rate-limit-to-bypass-2fa-and-possible-sqli-2a4ea66f82c5

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/23.02.2021.md
Remote digital forensics for professionals - https://www.youtube.com/watch?v=Wf99kL1hhuU
MonolithFirst - https://martinfowler.com/bliki/MonolithFirst.html
Timeline of Active Directory changes with replication metadata - https://github.com/ANSSI-FR/ADTimeline
Server-Side Template Injection - https://portswigger.net/research/server-side-template-injection
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP - https://github.com/rewardone/OSCPRepo
Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report - https://github.com/noraj/OSCP-Exam-Report-Template-Markdown
Maltego+Andariel a Force Multiplier For DarkWeb & Botnet Investigations - https://www.advanced-intel.com/post/maltego-andariel-a-force-multiplier-for-darkweb-investigations
Global Socket. Moving data from here to there. Securely, Fast and trough NAT/Firewalls - https://github.com/hackerschoice/gsocket
Domain Password Audit Tool for Pentesters - https://github.com/clr2of8/DPAT

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/21.02.2021.md
How Malware Walks The PEB To Find Modules By Hash - https://www.youtube.com/watch?v=Tk3RWuqzvII
Introducing MacHound: A Solution to MacOS Active Directory-Based Attacks - https://www.xmcyber.com/introducing-machound-a-solution-to-macos-active-directory-based-attacks/
Exploiting crash handlers: LPE on Ubuntu - https://alephsecurity.com/2021/02/16/apport-lpe/
Python wheel-jacking in supply chain attacks - https://www.vdoo.com/blog/python-wheel-jacking-supply-chain-attacks
Disclose internal CMS objects content - https://ysamm.com/?p=636
Misconfigurations in Java XML Parsers - https://immunityservices.blogspot.com/2021/02/misconfigurations-in-java-xml-parsers.html
Adversary Tactics: PowerShell - https://github.com/specterops/at-ps
The Memory Process File System - https://github.com/ufrisk/MemProcFS
HackTricks - https://book.hacktricks.xyz/

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/19.02.2021.md
AzureC2Relay is an Azure Function that validates and relays Cobalt Strike - https://github.com/Flangvik/AzureC2Relay
Linux-Privilege-Escalation - https://github.com/Ignitetechnologies/Linux-Privilege-Escalation
Nmap-For-Pentester - https://github.com/Ignitetechnologies/Nmap-For-Pentester
Reverse Engineering: Simple malware deobufscation & analysis - https://www.youtube.com/watch?v=bEsQ8UYioU4&feature=emb_logo
Introduction to the ELF Format: The ELF Header (Part I) - https://blog.k3170makan.com/2018/09/introduction-to-elf-format-elf-header.html
How CPUs Access Hardware - Another SerenityOS Exploit - https://www.youtube.com/watch?v=1hpqiWKFGQs
[PYTHON] Fuzzing Python library using Google Atheris Fuzzer - https://www.youtube.com/watch?v=JfFD7-5nnLY

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/17.02.2021.md
This repository is a collection of my malicious VBA projects - https://github.com/JohnWoodman/VBA-Macro-Projects
How to stop ransomware—even if your system has been taken over by a hacker - https://blog.emsisoft.com/en/37680/how-to-stop-ransomware-even-if-your-system-has-been-taken-over-by-a-hacker/
Kubernetes Failure Stories https://k8s.af/
Collections of Orange Tsai's public presentation slides - https://github.com/orangetw/My-Presentation-Slides
Swarm of Palo Alto PAN-OS vulnerabilities - https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/
Using TensorFlow / machine learning for automated RF side-channel attack classification - https://leveldown.de/blog/tensorflow-sidechannel-analysis/
CIMplant Part 1: Detection of a C# Implementation of WMImplant - https://fortynorthsecurity.com/blog/cimplant-part-1-detections/

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/15.02.2021.md
My experiments in weaponizing Nim - https://github.com/byt3bl33d3r/OffensiveNim
Hijacking connections without injections: a ShadowMoving approach to the art of pivoting - https://adepts.of0x.cc/shadowmove-hijack-socket/
ICS Security Tools, Tips, and Trade - https://github.com/ITI/ICS-Security-Tools
Kasablanka Group's LodaRAT improves espionage capabilities on Android and Windows - https://blog.talosintelligence.com/2021/02/kasablanka-lodarat.html
Virus.DOS.Tadpole - https://www.youtube.com/watch?v=quQKZ2oz_Vw
MSBuild without MSBuild - https://www.youtube.com/watch?v=HfpmqgwvGx4
Offensive API Hooking - https://ilankalendarov.github.io/posts/offensive-hooking/
Reverse proxies cheatsheet - https://ilankalendarov.github.io/posts/offensive-hooking/
PeBe

Kiedyś to były fajne wirusy, nie to co teraz.

Zaloguj się aby komentować

na wykopie słabo się to przyjeło, może tu będzie lepiej
github pages in progress
Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/13.02.2021.md
Analysis and exploitation of the iOS kernel vulnerability CVE-2021-1782 - https://www.synacktiv.com/publications/analysis-and-exploitation-of-the-ios-kernel-vulnerability-cve-2021-1782
RCE via XStream object deserialization - https://www.pwntester.com/blog/2013/12/23/rce-via-xstream-object-deserialization38/
Hack The Box - Introduction to Blue Team - Chase - [Walkthrough] - https://www.youtube.com/watch?v=0MW39gZQbtE
RDP Event Log DFIR - https://dfironthemountain.wordpress.com/2019/02/15/rdp-event-log-dfir/
Java GPU accelerated Viola Jones Face Detection with TornadoVM https://e2data.eu/blog/java-gpu-accelerated-viola-jones-face-detection-with-tornadovm
Updates on the Tsunami Security Scanning Engine - https://opensource.googleblog.com/2021/02/updates-on-tsunami-security-scanning-engine.html
What the f*ck Python? - https://github.com/satwikkansal/wtfpython
Recovers passwords from pixelized screenshots - https://github.com/beurtschipper/Depix
938ad8dd-8eb2-47ad-9758-63b9fc867bf8
konik_polanowy

@Rastablasta Siema, Trzeba z buta wjechać

Zaloguj się aby komentować

Poprzednia