ββAIMOD2
Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proactively identify, engage and prevent cyber threats denying or mitigating potential damage to the organization.
https://github.com/darkquasar/AIMOD2
#cybersecurity #infosec
Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proactively identify, engage and prevent cyber threats denying or mitigating potential damage to the organization.
https://github.com/darkquasar/AIMOD2
#cybersecurity #infosec
GitHub
GitHub - darkquasar/AIMOD2: Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structuredβ¦
Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proactively identify, engage and prevent cyber threats denying or...
Hello,
There is a web application security course from TCM security running in discount.
Course Name: Practical Web Application Security & Testing
Provider: TCM Security
Course Link: https://academy.tcm-sec.com/p/practical-web-application-security-and-testing
Orginal Price: $29.99
Coupon Code: HAPPYBIRTHDAYTAGGART
Discount Price: $1.18 (Inc. TAX)
There is a web application security course from TCM security running in discount.
Course Name: Practical Web Application Security & Testing
Provider: TCM Security
Course Link: https://academy.tcm-sec.com/p/practical-web-application-security-and-testing
Orginal Price: $29.99
Coupon Code: HAPPYBIRTHDAYTAGGART
Discount Price: $1.18 (Inc. TAX)
Tcm-Sec
TCM Security Academy
TCM Security Academy offers practical, job-focused cybersecurity training designed by industry-leading instructors that doesn't break the bank.
π2
ββAdvanced SQL Injection Cheatsheet
This repository contains a advanced methodology of all types of SQL Injection.
β’ Find injection point
β’ Understand the website behaviour
β’ Send queries for enumeration
β’ Understanding WAF & bypass it
β’ Dump the database
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
#infosec #pentesting #bugbounty
This repository contains a advanced methodology of all types of SQL Injection.
β’ Find injection point
β’ Understand the website behaviour
β’ Send queries for enumeration
β’ Understanding WAF & bypass it
β’ Dump the database
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
#infosec #pentesting #bugbounty
β€βπ₯4π1
Hackerinthehouse pinned Β«https://youtu.be/VeeEazeE_fw HTML Injection Like Share & SubscribeΒ»
Bug Bounty Beginner's Roadmap
This is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.
https://github.com/bittentech/Bug-Bounty-Beginner-Roadmap
#bugbounty #pentesting #infosec
This is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.
https://github.com/bittentech/Bug-Bounty-Beginner-Roadmap
#bugbounty #pentesting #infosec
β€βπ₯5π₯2
ββwpfinger
WordPress scanning tool.
β’ Core version detection
β’ Plugin scanning through fingerprinting
β’ Vulnerability output, using database from Wordfence
https://github.com/LeakIX/wpfinger
#pentesting #redteam #bugbounty
WordPress scanning tool.
β’ Core version detection
β’ Plugin scanning through fingerprinting
β’ Vulnerability output, using database from Wordfence
https://github.com/LeakIX/wpfinger
#pentesting #redteam #bugbounty
π2π₯1
In Tech the best thing you can do is to fail. Failing means you are trying. Just make sure you learn from your failure... also don't fail in Prod.
β€βπ₯7π1
ββAnalysis of VirtualBox CVE-2023-21987 and CVE-2023-21991
https://qriousec.github.io/post/vbox-pwn2own-2023/
https://qriousec.github.io/post/vbox-pwn2own-2023/
π2π₯1
Malware is a type of software that is designed to cause harm to a computer or its users. It can be used to steal personal information, damage files, or even take control of a computer.
Read Full Article
https://trickypenguin.ink/what-is-malware-and-how-to-protect-against-malware-attacks/
@trickypenguin
#malware #botnets #torjan
Read Full Article
https://trickypenguin.ink/what-is-malware-and-how-to-protect-against-malware-attacks/
@trickypenguin
#malware #botnets #torjan
β€4π₯2
ββBLACKHAT_Asia2023
Just About BLACKHAT USA2022 PDF Public. File List, Search what your intersting.
https://github.com/Mr-xn/BLACKHAT_Asia2023
#infosec #pentesting #redteam
Just About BLACKHAT USA2022 PDF Public. File List, Search what your intersting.
https://github.com/Mr-xn/BLACKHAT_Asia2023
#infosec #pentesting #redteam
π1
ββRedCaddy
C2 redirector base on caddy.
β’ Block IP by GEOIP country
β’ Allow requests by header matcher
β’ User-agent & IP blacklist
β’ Support multiple redirection
β’ TeamServer port warden
https://github.com/XiaoliChan/RedCaddy
#infosec #pentesting #redteam
C2 redirector base on caddy.
β’ Block IP by GEOIP country
β’ Allow requests by header matcher
β’ User-agent & IP blacklist
β’ Support multiple redirection
β’ TeamServer port warden
https://github.com/XiaoliChan/RedCaddy
#infosec #pentesting #redteam
GitHub
GitHub - XiaoliChan/RedCaddy: C2 redirector base on caddy
C2 redirector base on caddy. Contribute to XiaoliChan/RedCaddy development by creating an account on GitHub.
π₯1
π Web Pentesting Roadmap for Success π
Web pentesting is a process of finding and exploiting security vulnerabilities in web applications or websites to ensure their security. It involves gathering information about the target, identifying weaknesses, and providing recommendations for improvement.
πLink: bit.ly/Web-Pentesting-Roadmap
Share with Loveπ
Web pentesting is a process of finding and exploiting security vulnerabilities in web applications or websites to ensure their security. It involves gathering information about the target, identifying weaknesses, and providing recommendations for improvement.
πLink: bit.ly/Web-Pentesting-Roadmap
Share with Loveπ
π2π₯2
Best Online MD5 Encryption & Decryption Tools
https://trickypenguin.ink/best-online-md5-encryption-decryption-tools/
@trickypenguin
#pentesting #cryptography
https://trickypenguin.ink/best-online-md5-encryption-decryption-tools/
@trickypenguin
#pentesting #cryptography
π3π₯3β€1
Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App (CVE-2023-28153, CVE-2023-29078, CVE-2023-29079)
1) Login and registration returns password as MD5 hash
2) Stored XSS via device name in parent Dashboard
3) Possible CSRF attacks in parent Dashboard
4) Arbitrary File Upload to AWS S3 bucket
5) Disable Child App Restriction without Parent's notice
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-kiddoware-kids-place-parental-control-android-app/
1) Login and registration returns password as MD5 hash
2) Stored XSS via device name in parent Dashboard
3) Possible CSRF attacks in parent Dashboard
4) Arbitrary File Upload to AWS S3 bucket
5) Disable Child App Restriction without Parent's notice
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-kiddoware-kids-place-parental-control-android-app/
SEC Consult
Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App
Multiple vulnerabilities have been identified in the Kiddoware Kids Place Parental Control Android App. Users of the parent's web dashboard can be attacked via cross site scripting or cross site request forgery vulnerabilities, or attackers may upload arbitraryβ¦
π₯1
πGoogle Dorks: Learn to Hack Anyone's Account with Googleπ
β What you'll learn?
β’ Complete understanding of Google Dorks
β’ How to find Vulnerabilities
β’ How to find anyone's Username & Password
β’ How to do Google search like a Hacker
πLink: http://bit.ly/GoogleDorksForHacking
Share with Loveπ
β What you'll learn?
β’ Complete understanding of Google Dorks
β’ How to find Vulnerabilities
β’ How to find anyone's Username & Password
β’ How to do Google search like a Hacker
πLink: http://bit.ly/GoogleDorksForHacking
Share with Loveπ
π1
829 GB of books and videos in MEGA β
Course Books (28 GB)
Course Videos (790 GB)
Softwares (11 GB)
https://mega.nz/folder/1rBHzIyD#M-aTi-c1nC3OGNgpH8OqhA
Course Books (28 GB)
Course Videos (790 GB)
Softwares (11 GB)
https://mega.nz/folder/1rBHzIyD#M-aTi-c1nC3OGNgpH8OqhA
mega.nz
File folder on MEGA
Google introduced Mobile VRP: Mobile Vulnerability Rewards Program (Mobile VRP) focuses on first-party Android applications developed or maintained by Google
https://bughunters.google.com/about/rules/6618732618186752/google-mobile-vulnerability-reward-program-rules
https://bughunters.google.com/about/rules/6618732618186752/google-mobile-vulnerability-reward-program-rules
Google
Google Mobile Vulnerability Reward Program Rules | Google Bug Hunters
Googleβs Mobile Vulnerability Rewards Program (Mobile VRP) focuses on first-party Android applications developed or maintained by Google. The Mobile VRP recognizes the contributions and hard work of researchers who help Google improve the security...
π2