"Pwning WPA/WPA2 Networks With Bettercap and the PMKID Client-Less Attack "
Solid writeup for his tool (bettercap) @firstname.lastname@example.org.
Still need a big cracking ring to be interesting.
Gorsair: Gorsair is a tool that hacks its way into remote docker containers that expose their APIs.
"Bypassing WAFs with Search Engines using dorks"
"Privilege Escalation in Ubuntu Linux (dirty_sock exploit)" - January 2019
Good find and complete writeup.
"How I abused 2FA to maintain persistence after a password change (Google, Microsoft, Instagram, Cloudflare, etc)"
TL:Dr: Waiting in the 2FA page could allow you to log in without knowing the current password in many major websites.
"Joomla Global Configuration Text Filter settings Stored XSS Vulnerability (CVE-2019-6263 Exploit) #Poc"
Impact limited as you need to be logged in as admin in Joomla already.
ct-exposer : An OSINT tool that discovers sub-domains by searching Certificate Transparency logs
"Phishing NG. Bypassing 2FA with Modlishka."
dnstwist : Domain name permutation engine for detecting typo squatting, phishing and corporate espionage
ES File Explorer Open Port Vulnerability - CVE-2019-6447
Outch, once again great find from @email@example.com .
Thankfully limited as attacker need to be on same local network than the victim.
A look at how LinkedIn spies on its users by scanning their installed browser extensions.
Cat and mouse game continue. Smart trick used by phishers.
"Phishing template uses fake fonts to decode content and evade detection"
Sherlock : Find usernames across social networks
"Kick-start your code obfuscation techniques"
Nice read, too bad cats pictures cover a few slides...
A response to “We are Google employees, Google must drop DragonFly”.
I’m Chinese, Google’s DragonFly must go on.
Old but useful for malware analysis.
"Creating the ultimate Tor Virtual Network"
Security Researcher & Privacy Activist. 🐘 DM are welcome for any questions.
Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!