Puzzle hidden in the book The full title of this polish book is “Praktyczna inżynieria wsteczna” which we can translate to “Ap... 2019-9-10 15:1:1 | 阅读: 8 | 收藏 | Stories by @radekk on Medium - medium.com crc32c checksums memory rwx

Firefox and Burp Suite There is a few popular ways to run Burp Suite from PortSwigger in the pentesting environment. The si... 2019-9-5 15:1:2 | 阅读: 12 | 收藏 | Stories by @radekk on Medium - medium.com burp proxy cacert software security

RouterOS Post Exploitation - Tenable TechBlog - Medium Shared Objects, RC Scripts, and a SymlinkAt DEF CON 27, I presented Help Me, Vulnerabilities! You’re... 2019-08-16 23:00:19 | 阅读: 540 | 收藏 | medium.com routeros pckg defconf attacker npk

USBSamurai — A Remotely Controlled Malicious USB HID Injecting Cable for less than 10$ TL;DR: The Video is self-explanatory. (Wanna know how to make it? Read the article below.)All starte... 2019-08-16 22:55:40 | 阅读: 543 | 收藏 | medium.com logitacker mame82 nrf52840 aliexpress github

Quick Introduction to ConfuserEX - Mark Mo - Medium I wanted to test this tool as soon as I saw it. I downloaded the binary from here linked in thedocum... 2019-08-06 18:30:25 | 阅读: 488 | 收藏 | medium.com sharpdump yck1509 52k confuserex markmotig

Сookie-based XSS exploitation | $2300 Bug Bounty story For quite a long time I have been hunting for vulnerabilities on the HackerOne platform, allocating... 2019-07-18 15:21:54 | 阅读: 553 | 收藏 | medium.com subdomain hackerone victim

Persistence with KeePass -Part 2 - James - Medium In part 1 we saw how we can use KeePass to gain persistent access to a compromised system. The techn... 2019-07-04 14:47:59 | 阅读: 483 | 收藏 | medium.com keepass typeguid kpres ecastrigger

Eternalrelayx.py — Non-Admin NTLM Relaying & ETERNALBLUE Exploitation In this post, we will cover how to perform the EternalRelay attack, an attack technique which reuses... 2019-07-03 19:35:39 | 阅读: 744 | 收藏 | medium.com payload windows eternalblue responder

SigintOS: A Wireless Pentest Distro Review - Tomas C. - Medium Good news! There’s new security distro called SigintOS becoming available for download. SigintOS is... 2019-07-03 00:44:28 | 阅读: 1037 | 收藏 | medium.com sdr sigintos software security hackrf

Nuget/Squirrel uncontrolled endpoints leads to arbitrary code execution Update :2-July-2019https://medium.com/@reegun/update-nuget-squirrel-uncontrolled-endpoints-leads-to-... 2019-07-02 13:46:13 | 阅读: 655 | 收藏 | medium.com microsoft download nupkg squirrel

Update : Nuget/Squirrel uncontrolled endpoints leads to arbitrary code execution Reegun JJul 1 · 1 min readPart 1 : https://medium.com/@reegun/nuget-squirrel-uncontrolled-endpoints-... 2019-07-02 13:46:02 | 阅读: 507 | 收藏 | medium.com microsoft squirrel reegun

Persistence with KeePass - Part 1 - James - Medium In this post we are going to look at a method of gaining persistence using KeePass. This approach re... 2019-07-01 01:00:33 | 阅读: 456 | 收藏 | medium.com keepass strfilepath strtype beacon shellcode

Remote code execution On Microsoft edge URL Protocol IntroductionHello everyone and welcome to my first bug ever in ‘RCE’ section and I hope this is a go... 2019-05-03 12:43:44 | 阅读: 485 | 收藏 | medium.com jsffile wsffile understood matt harr0ey

My Recon Process — DNS Enumeration – Noobhax – Medium This is my first post in a series where I will go into detail on how I conduct my reconnaissance.The... 2019-05-01 00:14:17 | 阅读: 585 | 收藏 | medium.com amass tesla massdns masscan wildcard

5 Simple Tips for Efficient Web Crawling using Selenium Python In this article, I will share 5 simple tips that will help you to improve automation of your web scr... 2019-03-26 23:31:21 | 阅读: 550 | 收藏 | medium.com selenium python phantomjs chrome killall

Command Injection PoC – InfoSec Write-ups – Medium So back in December 2017 i found a command injection vulnerability in one of job listing site. Here... 2019-03-21 23:42:59 | 阅读: 565 | 收藏 | medium.com ngrok icmp blablabla passwd injection

HOW TO FIX BURP SUITE SSL/TLS CONNECTION PROBLEMS – Iraklis Mathiopoulos – Medium Intercepting SSL/TLS connections works seamlessly 95% of the time. This tutorial aims to help with t... 2019-03-21 18:24:27 | 阅读: 813 | 收藏 | medium.com zap burp proxy 8081 talks

Top Five Ways I Got Domain Admin on Your Internal Network before Lunch (2018 Edition) A Scary Thought: I’ve worked in the Cyber ​​Security space performing a wide breadth of penetration... 2019-03-16 01:25:14 | 阅读: 535 | 收藏 | medium.com mitm6 windows ntlmrelayx wpad

From RCE to LDAP access – Thibeault – Medium This is my second write-up, feel free to give me feedback on Twitter (@thibeault_chenu) or in the co... 2019-03-16 01:17:41 | 阅读: 450 | 收藏 | medium.com rfid php security windows network

Hardening Your Azure Domain Front – Steve Borosh – Medium IntroductionWhile domain fronting isn’t a new technique for offensive infrastructure, it continues t... 2019-02-26 00:32:54 | 阅读: 544 | 收藏 | medium.com payload c2 beacon defenses prying