This proof-of-concept combines a BrainFck interpreter with shell command obfuscation. It maps every 8-bit value to a BrainFck command, making detection difficult.

submitted by /u/Aaron_Dj0nt
[link] [comments]

/r/netsec - Information Security News & Discussion

Introduction to LLM Security

By /u/nilla615615 — March 11^th 2024 at 14:35

submitted by /u/nilla615615
[link] [comments]

/r/netsec - Information Security News & Discussion

CVE-2023-49785 SSRF in NextChat: An AI Chatbot That Lets You Talk to Anyone You Want To

By /u/scopedsecurity — March 11^th 2024 at 13:53

submitted by /u/scopedsecurity
[link] [comments]

/r/netsec - Information Security News & Discussion

New OpenSecurityTraining2 class: "Trusted Computing 1101: Introductory Trusted Platform Module (TPM) usage" by Dimi Tomov of TPM.dev

By /u/OpenSecurityTraining — March 11^th 2024 at 11:58

submitted by /u/OpenSecurityTraining
[link] [comments]

/r/netsec - Information Security News & Discussion

CVE-2024–23897 – Arbitrary file read in Jenkins

By /u/SL7reach — March 11^th 2024 at 11:05

submitted by /u/SL7reach
[link] [comments]

/r/netsec - Information Security News & Discussion

Analyze installed Android app for security risks in Termux using APKDeepLens

By /u/barakadua131 — March 11^th 2024 at 08:37

submitted by /u/barakadua131
[link] [comments]

/r/netsec - Information Security News & Discussion

GitHub - thiagopeixoto/winsos-poc: A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.

By /u/thewatcher_ — March 10^th 2024 at 22:21

submitted by /u/thewatcher_
[link] [comments]

/r/netsec - Information Security News & Discussion

Behind the doors of a Chinese hacking company, a sordid culture fuelled by influence, alcohol and sex

By /u/nexxai — March 8^th 2024 at 21:45

submitted by /u/nexxai
[link] [comments]

/r/netsec - Information Security News & Discussion

pgAdmin (<=8.3) Path Traversal in Session Handling Leads to Unsafe Deserialization and Remote Code Execution (RCE) - Shielder

By /u/smaury — March 8^th 2024 at 13:57

submitted by /u/smaury
[link] [comments]

/r/netsec - Information Security News & Discussion

Git-Rotate: Leveraging GitHub Actions for Password Spraying

By /u/Acceptable-Doubt-878 — March 7^th 2024 at 21:08

submitted by /u/Acceptable-Doubt-878
[link] [comments]

/r/netsec - Information Security News & Discussion

HappyCamper: Doubling Down On Naming Space Location Randomization (NSLR)

By /u/operat1ve — March 7^th 2024 at 16:49

submitted by /u/operat1ve
[link] [comments]

/r/netsec - Information Security News & Discussion

VMWare release patches for CVE-2024-22252, CVE-2024-22253, CVE-2024-22254 and CVE-2024-22255

By /u/woja111 — March 7^th 2024 at 15:20

submitted by /u/woja111
[link] [comments]

/r/netsec - Information Security News & Discussion

Iranian Hacktivist claims responsibility for Israel academic institute hack

By /u/woja111 — March 7^th 2024 at 15:18

submitted by /u/woja111
[link] [comments]

/r/netsec - Information Security News & Discussion

Introducing CloudGrappler: An Open-Source Threat Detection Tool for AWS and Azure

By /u/permis0 — March 7^th 2024 at 15:10

submitted by /u/permis0
[link] [comments]

/r/netsec - Information Security News & Discussion

Source Code Disclosure in ASP.NET via Cookieless Sessions

By /u/albinowax — March 7^th 2024 at 14:31

submitted by /u/albinowax
[link] [comments]

/r/netsec - Information Security News & Discussion

Clickstudios Passwordstate - Potential authentication bypass issue [High Severity] (CVE-Pending)

By /u/chirping_cat — March 7^th 2024 at 05:12

submitted by /u/chirping_cat
[link] [comments]

/r/netsec - Information Security News & Discussion

Code injection on Android without ptrace

By /u/ihavelotsofspac — March 6^th 2024 at 18:04

submitted by /u/ihavelotsofspac
[link] [comments]

/r/netsec - Information Security News & Discussion

CVE-2024-1403: Progress OpenEdge Authentication Bypass Deep-Dive, IOCs, and Exploit

By /u/scopedsecurity — March 6^th 2024 at 17:11

submitted by /u/scopedsecurity
[link] [comments]

/r/netsec - Information Security News & Discussion

Kali NetHunter now supports Bad Bluetooth HID attacks to inject keystrokes wirelessly

By /u/barakadua131 — March 6^th 2024 at 10:01

submitted by /u/barakadua131
[link] [comments]

/r/netsec - Information Security News & Discussion

Bypassing CSP with Form Hijacking

By /u/qwerty0x41 — March 6^th 2024 at 07:07

submitted by /u/qwerty0x41
[link] [comments]

/r/netsec - Information Security News & Discussion

List of 39 Documented Windows Persistence Techniques

By /u/netbiosX — March 5^th 2024 at 16:57

submitted by /u/netbiosX
[link] [comments]

/r/netsec - Information Security News & Discussion

Smishing with EvilGophish

By /u/fin3ss3g0d — March 5^th 2024 at 15:32

submitted by /u/fin3ss3g0d
[link] [comments]

/r/netsec - Information Security News & Discussion

Spoofed DNS queries and IP TTL triangulation

By /u/jtkchicago — March 5^th 2024 at 14:53

submitted by /u/jtkchicago
[link] [comments]

/r/netsec - Information Security News & Discussion

Executed vs Loaded: a new dimension for Application Security with eBPF

By /u/cov_id19 — March 5^th 2024 at 13:43

submitted by /u/cov_id19
[link] [comments]

/r/netsec - Information Security News & Discussion

Persistence – Explorer

By /u/netbiosX — March 5^th 2024 at 12:15

submitted by /u/netbiosX
[link] [comments]

/r/netsec - Information Security News & Discussion

Release alert - EMBA firmware security analyzer v1.4.0 - ICS testing Edt. is out now

By /u/_m-1-k-3_ — March 5^th 2024 at 12:05

submitted by /u/_m-1-k-3_
[link] [comments]

/r/netsec - Information Security News & Discussion

Multiple vulnerabilities in RT-Thread RTOS

By /u/0xdea — March 5^th 2024 at 10:38

submitted by /u/0xdea
[link] [comments]

/r/netsec - Information Security News & Discussion

Relishing new Fickling features for securing ML systems

By /u/dummypatty — March 5^th 2024 at 00:49

submitted by /u/dummypatty
[link] [comments]

/r/netsec - Information Security News & Discussion

Reverse Engineering Protobuf Definitions From Compiled Binaries

By /u/arkadiyt — March 5^th 2024 at 00:18

submitted by /u/arkadiyt
[link] [comments]

/r/netsec - Information Security News & Discussion

Getting Bored of Cyberwar: Exploring the Role of Low-level Cybercrime Actors in the Russia-Ukraine Conflict

By /u/Nervous--Astronomer — March 4^th 2024 at 17:24

submitted by /u/Nervous--Astronomer
[link] [comments]

/r/netsec - Information Security News & Discussion

Planes, Ferries and Automobiles – How I Hacked Free Travel Across Iceland

By /u/likezoidberg — March 4^th 2024 at 15:06

submitted by /u/likezoidberg
[link] [comments]

/r/netsec - Information Security News & Discussion

On-Device Fraud on the rise: exposing a recent Copybara fraud campaign | Cleafy Labs

By /u/f3d_0x0 — March 4^th 2024 at 14:15

submitted by /u/f3d_0x0
[link] [comments]

/r/netsec - Information Security News & Discussion

Persistence – Visual Studio Code Extensions

By /u/netbiosX — March 4^th 2024 at 14:00

submitted by /u/netbiosX
[link] [comments]

/r/netsec - Information Security News & Discussion

Threat Brief: WordPress Exploit Leads to Godzilla Web Shell, Discovery & New CVE

By /u/TheDFIRReport — March 4^th 2024 at 13:45

submitted by /u/TheDFIRReport
[link] [comments]

/r/netsec - Information Security News & Discussion

HTTP 403 bypass tool

By /u/SmokeyShark_777 — March 4^th 2024 at 07:51

Hello, guys! I've published the tool I use to bypass HTTP 403 error pages and access the juicy information behind 👀. It is written in Golang, it's very fast, and it incorporates many techniques from book.hacktricks. If someone wants to collaborate or just leave feedback, here's the repo.

submitted by /u/SmokeyShark_777
[link] [comments]

/r/netsec - Information Security News & Discussion

BSidesSATX CFP is open

By /u/SciaticNerd — March 4^th 2024 at 05:52

The @BSidesSATX CFP is open at BSidesSATX.com June 8th at St. Mary’s in San Antonio

submitted by /u/SciaticNerd
[link] [comments]

/r/netsec - Information Security News & Discussion

Dont Gamble With Risk - Quantitative Risk Modeling of Complex Event Chains

By /u/bcdefense — March 4^th 2024 at 01:22

submitted by /u/bcdefense
[link] [comments]

/r/netsec - Information Security News & Discussion

How to Make Nmap Recognize New Services

By /u/Salmiakkilakritsi — March 3^rd 2024 at 19:22

submitted by /u/Salmiakkilakritsi
[link] [comments]

/r/netsec - Information Security News & Discussion

An intro to automated evasion and compilation of .NET offensive tools

By /u/clod81 — March 3^rd 2024 at 08:31

submitted by /u/clod81
[link] [comments]

/r/netsec - Information Security News & Discussion

RattaGATTa: Scalable Bluetooth Low-Energy Survey

By /u/netsecfriends — March 1^st 2024 at 21:02

submitted by /u/netsecfriends
[link] [comments]

/r/netsec - Information Security News & Discussion

DUALITY: Advanced Red Team Persistence through Self-Reinfecting DLL Backdoors for Unyielding Control

By /u/b1x3r — March 1^st 2024 at 14:21

submitted by /u/b1x3r
[link] [comments]

/r/netsec - Information Security News & Discussion

How to effortlessly setup Yubikeys for SSH/GIT on WSL

By /u/KaanSK — March 3^rd 2024 at 07:23

submitted by /u/KaanSK
[link] [comments]

/r/netsec - Information Security News & Discussion

SubSeekerPro

By /u/TheArtHacker34 — March 3^rd 2024 at 06:44

Don't worry this isn't some sort of stealer that I grabbed from GitHub, nope it's actually my very own framework, it's open source, easy to understand, easy for beginners to learn from the code, easy to run and over all just great at everything one does for recon! Dont worry I'll be updating it continuously fore the framework is on its first little legs but I'll be releasing SubSeekerPro V.2 soon!

Stay tuned and as always, keep grinding my dudes ☝🏻✨

submitted by /u/TheArtHacker34
[link] [comments]

/r/netsec - Information Security News & Discussion