Login
FreshRSS
Login
/r/netsec - Information Security News & Discussion
Shielder - How to Decrypt Manage Engine PMP Passwords for Fun and Domain Admin - a Red Teaming Tale
By
/u/smaury
β September 5
th
2022 at 14:47
submitted by
/u/smaury
[link]
[comments]
/r/netsec - Information Security News & Discussion
Simple IBM i (AS/400) hacking
By
/u/buherator
β September 5
th
2022 at 12:06
submitted by
/u/buherator
[link]
[comments]
/r/netsec - Information Security News & Discussion
Hacking my Helium Crypto Miner
By
/u/wez32
β September 5
th
2022 at 10:53
submitted by
/u/wez32
[link]
[comments]
/r/netsec - Information Security News & Discussion
Walkthrough of an unauthenticated RCE affecting pfBlockerNG <= 2.1.4_26 (CVE-2022-31814)
By
/u/IHTeam
β September 5
th
2022 at 08:40
submitted by
/u/IHTeam
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2022-30190, AKA Follina, Uses Macro-less Word Docs to Drop RCE Files
By
/u/anyore909
β September 5
th
2022 at 08:13
submitted by
/u/anyore909
[link]
[comments]
/r/netsec - Information Security News & Discussion
PoC: resolving dynamically System Service Numbers (SSN) for syscalling in VBA (x64) using FreshyCalls technique
By
/u/gid0rah
β September 5
th
2022 at 08:00
submitted by
/u/gid0rah
[link]
[comments]
/r/netsec - Information Security News & Discussion
WPHash - Fingerprinting WordPress Plugins, now in public beta and open to feedback and collaboration
By
/u/_cydave
β September 4
th
2022 at 18:44
submitted by
/u/_cydave
[link]
[comments]
/r/netsec - Information Security News & Discussion
Arti 1.0.0: Rust Tor implementation is ready for production use
By
/u/sanitybit
β September 3
rd
2022 at 18:37
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Fun with Windows Containers - Popping Calc
By
/u/sanitybit
β September 3
rd
2022 at 18:28
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Chromeloader browser hijacker
By
/u/CyberMasterV
β September 3
rd
2022 at 17:46
submitted by
/u/CyberMasterV
[link]
[comments]
/r/netsec - Information Security News & Discussion
Practical guide for Golden SAML
By
/u/sanitybit
β September 3
rd
2022 at 04:19
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Reviewing macOS Unified Logs
By
/u/sanitybit
β September 3
rd
2022 at 04:17
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Thereβs Another Hole In Your SoC: Unisoc ROM Vulnerabilities as used in the Motorola Moto E40 / Teclast T40 5G etc. - disclosure timeline is a thing of wonder
By
/u/digicat
β September 2
nd
2022 at 18:46
submitted by
/u/digicat
[link]
[comments]
/r/netsec - Information Security News & Discussion
Windows Firmware Attack Surface Reduction (FASR)
By
/u/sanitybit
β September 2
nd
2022 at 18:03
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
curlβs TLS fingerprint
By
/u/sanitybit
β September 2
nd
2022 at 17:46
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
iPhone 11 w/ iBoot & iOS16 emulated on QEMU
By
/u/sanitybit
β September 2
nd
2022 at 16:54
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
GraphQL Batching Attacks: Turbo Intruder
By
/u/_rs
β September 2
nd
2022 at 11:45
submitted by
/u/_rs
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2021-38406 or CISA KEV Catalog Lacks Accountability
By
/u/chicksdigthelongrun
β September 2
nd
2022 at 10:52
submitted by
/u/chicksdigthelongrun
[link]
[comments]
/r/netsec - Information Security News & Discussion
So You Wanna Pwn The Kernel?
By
/u/_rs
β September 2
nd
2022 at 10:12
submitted by
/u/_rs
[link]
[comments]
/r/netsec - Information Security News & Discussion
Source Code Management Attack Toolkit - Supports GitHub Enterprise, GitLab Enterprise, & Bitbucket Server
By
/u/sanitybit
β September 2
nd
2022 at 04:20
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
More SRE Lessons for SOC: Release Engineering Ideas
By
/u/sanitybit
β September 2
nd
2022 at 04:11
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
GitHub - RossGeerlings/tio-ad-sync: Group Syncing between Active Directory and Tenable.io, and Automated Access Control
By
/u/RossGeerlings
β September 1
st
2022 at 14:36
submitted by
/u/RossGeerlings
[link]
[comments]
/r/netsec - Information Security News & Discussion
SETTLERS OF NETLINK: Exploiting a limited Use After Free in nf_tables (CVE-2022-32250) against the latest Ubuntu (22.04) and Linux kernel 5.15 -
By
/u/digicat
β September 1
st
2022 at 09:08
submitted by
/u/digicat
[link]
[comments]
/r/netsec - Information Security News & Discussion
How I Met Your Beacon: Detection Strategies
By
/u/sanitybit
β September 1
st
2022 at 00:23
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Linux Audit comes at a cost, is that where BPF steps in?
By
/u/Blakebvhjjdd
β August 31
st
2022 at 17:40
submitted by
/u/Blakebvhjjdd
[link]
[comments]
/r/netsec - Information Security News & Discussion
MemLabs: Learn Memory Forensics through CTF-styled labs
By
/u/sanitybit
β August 31
st
2022 at 17:32
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Vulnerability in TikTok Android app could lead to one-click account hijacking
By
/u/CyberMasterV
β August 31
st
2022 at 17:30
submitted by
/u/CyberMasterV
[link]
[comments]
/r/netsec - Information Security News & Discussion
Open source automated AWS CIS v1.5 benchmark assessment just released by Steampipe.io
By
/u/bobtbot
β August 31
st
2022 at 14:07
submitted by
/u/bobtbot
[link]
[comments]
/r/netsec - Information Security News & Discussion
Announcing the Open Sourcing of Paranoid's Library - Detect well-known weaknesses in large amounts of crypto artifacts, like public keys and digital signatures
By
/u/_rs
β August 31
st
2022 at 12:31
submitted by
/u/_rs
[link]
[comments]
/r/netsec - Information Security News & Discussion
Restricting Libraries in JVM Compute Platforms - Security challenges with Scala and Java libraries
By
/u/_rs
β August 31
st
2022 at 12:29
submitted by
/u/_rs
[link]
[comments]
/r/netsec - Information Security News & Discussion
From Onboarding to Offboarding - Securing GitHub Apps Integration
By
/u/Hefty_Knowledge_7449
β August 31
st
2022 at 11:16
submitted by
/u/Hefty_Knowledge_7449
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2021-38297 - Technical analysis of a Go WebAssembly vulnerability
By
/u/SRMish3
β August 31
st
2022 at 07:30
submitted by
/u/SRMish3
[link]
[comments]
/r/netsec - Information Security News & Discussion
Digging into an NTLM Downgrade Attack
By
/u/0xdea
β August 31
st
2022 at 05:06
submitted by
/u/0xdea
[link]
[comments]
/r/netsec - Information Security News & Discussion
MATE: Interactive Program Analysis with Code Property Graphs
By
/u/sanitybit
β August 31
st
2022 at 00:05
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Microsoft ports Windows SymCrypt to Linux, bringing a FIPS certified drop-in module to OpenSSL
By
/u/sanitybit
β August 30
th
2022 at 23:55
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Announcing Googleβs Open Source Software Vulnerability Rewards Program
By
/u/sanitybit
β August 30
th
2022 at 23:43
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Snakes on a Domain: An Analysis of a Python Malware Loader
By
/u/sanitybit
β August 30
th
2022 at 23:29
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
reinschauer - A PoC to remotely control Windows machines over Websockets.
By
/u/sanitybit
β August 30
th
2022 at 23:00
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Going Atomic: The Strengths and Weaknesses of a Technique-centric Purple Teaming Approach
By
/u/sanitybit
β August 30
th
2022 at 22:50
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Bootkitting Windows Sandbox
By
/u/mrexodia
β August 30
th
2022 at 18:44
submitted by
/u/mrexodia
[link]
[comments]
/r/netsec - Information Security News & Discussion
hashcathelper: Convenience tool for hashcat - crack NT hashes by taking LM hashes into account; generate analytics for cracked passwords; visualize "SamePassword" clusters in Bloodhound
By
/u/0xfffffg
β August 30
th
2022 at 18:15
submitted by
/u/0xfffffg
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2022-26113: FortiClient Arbitrary File Write As SYSTEM
By
/u/hackers_and_builders
β August 30
th
2022 at 16:00
submitted by
/u/hackers_and_builders
[link]
[comments]
/r/netsec - Information Security News & Discussion
Write-up of N-day exploit for CVE-2022-2586: Linux kernel nft_object UAF
By
/u/gid0rah
β August 30
th
2022 at 08:21
submitted by
/u/gid0rah
[link]
[comments]
/r/netsec - Information Security News & Discussion
Truth Behind the Celer Network cBridge cross-chain bridge incident: BGP hijacking
By
/u/sanitybit
β August 30
th
2022 at 05:48
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Tetsuji: Remote Code Execution on a GameBoy Colour 22 Years Later
By
/u/sanitybit
β August 30
th
2022 at 05:46
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Incident Response in AWS
By
/u/sanitybit
β August 30
th
2022 at 05:41
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Ethernaut CTF walkthrough with Brownie framework
By
/u/Glittering_Audience8
β August 29
th
2022 at 23:02
submitted by
/u/Glittering_Audience8
[link]
[comments]
/r/netsec - Information Security News & Discussion
jscythe: Abuse the node.js inspector mechanism to force any node.js/electron/v8 based process to execute arbitrary javascript code.
By
/u/sanitybit
β August 29
th
2022 at 19:37
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Part 1 β SingPass RASP Analysis
By
/u/jeandrew
β August 29
th
2022 at 16:20
submitted by
/u/jeandrew
[link]
[comments]
/r/netsec - Information Security News & Discussion
Blind exploits to rule WatchGuard firewalls: pre-auth RCE as root on WG appliances
By
/u/cfambionics
β August 29
th
2022 at 14:22
submitted by
/u/cfambionics
[link]
[comments]
/r/netsec - Information Security News & Discussion
A technical analysis of Pegasus for Android β Part 1
By
/u/CyberMasterV
β August 29
th
2022 at 13:03
submitted by
/u/CyberMasterV
[link]
[comments]
/r/netsec - Information Security News & Discussion
Vision2 this script analyses the Nmap XML scanning results parses each CPE context and correlates to search CVE on NIST. You can use that to find public vulnerabilities in services.
By
/u/CoolerVoid
β August 29
th
2022 at 02:53
submitted by
/u/CoolerVoid
[link]
[comments]
/r/netsec - Information Security News & Discussion
On Cryptocurrency Wallet Design β defines access control taxonomy, can be reused e.g. for MFA factors
By
/u/D4r1
β August 28
th
2022 at 07:28
submitted by
/u/D4r1
[link]
[comments]
/r/netsec - Information Security News & Discussion
SATisfying our way into remote code execution in the OPC UA industrial stack
By
/u/SRMish3
β August 28
th
2022 at 06:36
submitted by
/u/SRMish3
[link]
[comments]
/r/netsec - Information Security News & Discussion
Command Injection in the GitHub Pages Build Pipeline
By
/u/whisperingmime
β August 27
th
2022 at 15:48
submitted by
/u/whisperingmime
[link]
[comments]
/r/netsec - Information Security News & Discussion
The Elastic Container Project for Security Research
By
/u/sanitybit
β August 27
th
2022 at 00:43
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Microsoft: New UEFI CA memory mitigation requirements for signing
By
/u/sanitybit
β August 27
th
2022 at 00:43
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Matano - An open source serverless security lake platform for AWS using Rust + Apache Iceberg
By
/u/sanitybit
β August 26
th
2022 at 22:20
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Tool Release β JWT-Reauth - a plugin aims to provide a painless solution to this issue. JWT-Reauth provides Burp with a way to authenticate with a given endpoint, parse out the provided token and then attach it as a header on requests going to a given s
By
/u/digicat
β August 26
th
2022 at 12:40
submitted by
/u/digicat
[link]
[comments]
/r/netsec - Information Security News & Discussion
Security in Advanced Analytics and Machine Learning Environments
By
/u/Preatoria
β August 26
th
2022 at 07:07
submitted by
/u/Preatoria
[link]
[comments]
Load more articles