🔰Noia: Simple #Android and #iOS (newly added feature) application sandbox file browser #tools #Frida @hacklido
https://github.com/0x742/noia
https://github.com/0x742/noia
GitHub
GitHub - 0x742/noia: [WIP] Simple mobile applications sandbox file browser tool. Powered with [frida.re](https://www.frida.re).
[WIP] Simple mobile applications sandbox file browser tool. Powered with [frida.re](https://www.frida.re). - 0x742/noia
🔰HiveJack: This tool can be used to dump #windows credentials from an already-compromised host. #tools @hacklido
It is a good #post_exploitation utility and also provides an option to delete #log files to clear the trace.
https://github.com/Viralmaniar/HiveJack
It is a good #post_exploitation utility and also provides an option to delete #log files to clear the trace.
https://github.com/Viralmaniar/HiveJack
GitHub
GitHub - Viralmaniar/HiveJack: This tool can be used during internal penetration testing to dump Windows credentials from an already…
This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM hives and once copied to the a...
🔰Subdomain finder based on free online services. #tools @hacklido
https://github.com/Fadavvi/Sub-Drill
https://github.com/Fadavvi/Sub-Drill
GitHub
GitHub - Fadavvi/Sub-Drill: A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration…
A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements. - GitHub - Fadavvi/Sub-Drill: A very (very) FAST and simple subdomai...
🔰Fortiscan - A High Performance #FortiGate SSL-VPN #Vulnerability_Scanner And #Exploitation #Tools. @hacklido
https://www.kitploit.com/2020/11/fortiscan-high-performance-fortigate.html
https://www.kitploit.com/2020/11/fortiscan-high-performance-fortigate.html
KitPloit - PenTest & Hacking Tools
Fortiscan - A High Performance FortiGate SSL-VPN Vulnerability Scanning And Exploitation Tool
🔰Metahttp - A #bash script that automates the scanning of a target network for HTTP resources through #XXE #tools @hacklido
https://github.com/vp777/metahttp
https://github.com/vp777/metahttp
GitHub
GitHub - vp777/metahttp: A bash script that automates the scanning of a target network for HTTP resources through XXE
A bash script that automates the scanning of a target network for HTTP resources through XXE - vp777/metahttp
🔰We Hacked #Apple and Made $500,000 in Bounties @hacklido
https://www.youtube.com/watch?v=CHdUgRGYynI
https://www.youtube.com/watch?v=CHdUgRGYynI
YouTube
We Hacked Apple and Made $500,000 in Bounties
Live Every Friday, Saturday Sunday and Monday on Twitch:
https://twitch.tv/nahamsec
Free $100 DigitalOcean Credit:
https://m.do.co/c/3236319b9d0b
Guests:
https://twitter.com/bbuerhaus
https://twitter.com/samwcyo
https://twitter.com/erbbysam
https://twi…
https://twitch.tv/nahamsec
Free $100 DigitalOcean Credit:
https://m.do.co/c/3236319b9d0b
Guests:
https://twitter.com/bbuerhaus
https://twitter.com/samwcyo
https://twitter.com/erbbysam
https://twi…
🔰The Pen Testing #Tools We’re Thankful for in 2020 @hacklido
https://labs.bishopfox.com/industry-blog/pen-testing-tools-were-thankful-for-in-2020
https://labs.bishopfox.com/industry-blog/pen-testing-tools-were-thankful-for-in-2020
Bishop Fox
The Pen Testing Tools We’re Thankful for in 2020
Recap of Bishop Fox's favorite penetration testing tools for 2020 including, Nuclei, Spyse Search Engine, Dufflebag, GadgetProbe, RMIScout and more.
🔰 Tutorials and Methodologies for #OSCP /#OSWE #Buffer_Overflow #exploitation @hacklido
http://strongcourage.github.io/2020/04/19/bof.html
http://strongcourage.github.io/2020/04/19/bof.html
strongcourage.github.io
Manh-Dung Nguyen - OSCP/OSCE Buffer Overflows Exploitation
Tutorials / Methodologies https://github.com/gh0x0st/Buffer_Overflow https://infosecsanyam261.gitbook.io/tryharder/buffer-overflow https://blog.own.sh/introd...
🔰 Another cool Reverse Shell #cheat_sheet @hacklido
https://www.github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Methodology%20and%20Resources%2FReverse%20Shell%20Cheatsheet.md
https://www.github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Methodology%20and%20Resources%2FReverse%20Shell%20Cheatsheet.md
GitHub
PayloadsAllTheThings/Methodology and Resources/Reverse Shell Cheatsheet.md at master · swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF - swisskyrepo/PayloadsAllTheThings
🔰Let's understand each file system of #LINUX in detail: @hacklido
1. Ext, Ext2, Ext3 and Ext4 file system
The file system Ext stands for Extended File System. It was primarily developed for MINIX OS. The Ext file system is an older version, and is no longer used due to some limitations.
Ext2 is the first Linux file system that allows managing two terabytes of data.
Ext3 is developed through Ext2; it is an upgraded version of Ext2 and contains backward compatibility.
Ext4 file system is the faster file system among all the Ext file systems. It is a very compatible option for the SSD (solid-state drive) disks, and it is the default file system in Linux distribution.
2. JFS File System
JFS stands for Journaled File System, and it is developed by IBM for AIX Unix. It is an alternative to the Ext file system.
3. ReiserFS File System
ReiserFS is an alternative to the Ext3 file system. It has improved performance and advanced features.
5. Btrfs File System
Btrfs stands for the B tree file system. It is used for fault tolerance, repair system, fun administration, extensive storage configuration, and more.
6. Swap File System
The swap file system is used for memory paging in Linux operating system during the system hibernation.
1. Ext, Ext2, Ext3 and Ext4 file system
The file system Ext stands for Extended File System. It was primarily developed for MINIX OS. The Ext file system is an older version, and is no longer used due to some limitations.
Ext2 is the first Linux file system that allows managing two terabytes of data.
Ext3 is developed through Ext2; it is an upgraded version of Ext2 and contains backward compatibility.
Ext4 file system is the faster file system among all the Ext file systems. It is a very compatible option for the SSD (solid-state drive) disks, and it is the default file system in Linux distribution.
2. JFS File System
JFS stands for Journaled File System, and it is developed by IBM for AIX Unix. It is an alternative to the Ext file system.
3. ReiserFS File System
ReiserFS is an alternative to the Ext3 file system. It has improved performance and advanced features.
5. Btrfs File System
Btrfs stands for the B tree file system. It is used for fault tolerance, repair system, fun administration, extensive storage configuration, and more.
6. Swap File System
The swap file system is used for memory paging in Linux operating system during the system hibernation.
🔰sri-check | A #Burp Suite extension for identifying missing Subresource Integrity attributes. @hacklido
https://github.com/PortSwigger/sri-check
https://github.com/PortSwigger/sri-check
GitHub
GitHub - PortSwigger/sri-check: A Burp Suite extension for identifying missing Subresource Integrity attributes.
A Burp Suite extension for identifying missing Subresource Integrity attributes. - PortSwigger/sri-check
Burp similar-request-excluder
🔰 #Burp Suite extension that detects similar CFG-paths from HTTP responses in a black box manner. @hacklido
https://github.com/PortSwigger/similar-request-excluder
🔰 #Burp Suite extension that detects similar CFG-paths from HTTP responses in a black box manner. @hacklido
https://github.com/PortSwigger/similar-request-excluder
GitHub
GitHub - PortSwigger/similar-request-excluder: A Burp Suite extension that detects similar CFG-paths from HTTP responses in a black…
A Burp Suite extension that detects similar CFG-paths from HTTP responses in a black box manner. - PortSwigger/similar-request-excluder
🔰ImHex
A #Hex Editor for #Reverse_Engineering , Programmers and people that value their eye sight when working at 3 AM. @hacklido
https://github.com/WerWolv/ImHex
A #Hex Editor for #Reverse_Engineering , Programmers and people that value their eye sight when working at 3 AM. @hacklido
https://github.com/WerWolv/ImHex
GitHub
GitHub - WerWolv/ImHex: 🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3…
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM. - WerWolv/ImHex
🔰My phone was spying on me, so I tracked down the surveillants. @hacklido
https://nrkbeta.no/2020/12/03/my-phone-was-spying-on-me-so-i-tracked-down-the-surveillants/
https://nrkbeta.no/2020/12/03/my-phone-was-spying-on-me-so-i-tracked-down-the-surveillants/
NRKbeta
My Phone Was Spying on Me, so I Tracked Down the Surveillants
There are 160 apps on my phone. What they're actually doing, I don't know. But I decided to find out.
This is an English translation, read the original here.
I have a feeling these apps are …
This is an English translation, read the original here.
I have a feeling these apps are …
🔰 #Binary Ninja #plugin to deal with the strings #encoding in the most common Golang obfuscator: gobfuscate @hacklido
https://www.kryptoslogic.com/blog/2020/12/automated-string-de-gobfuscation/
https://www.kryptoslogic.com/blog/2020/12/automated-string-de-gobfuscation/
Kryptoslogic
Automated string de-gobfuscation
Last week the Network Security Research Lab at 360 released a blog post on an obfuscated backdoor written in Go named Blackrota. They claim that the Blackrota backdoor is available for both x86/x86-64 architectures which is no surprise given how capable Golang’s…
🔰#Automated #Pen_Testing: Can It Replace Humans? @hacklido
https://www.darkreading.com/vulnerabilities---threats/automated-pen-testing-can-it-replace-humans/a/d-id/1339513?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple
These #tools have come a long way, but are they far enough along to make human pen testers obsolete?
https://www.darkreading.com/vulnerabilities---threats/automated-pen-testing-can-it-replace-humans/a/d-id/1339513?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple
These #tools have come a long way, but are they far enough along to make human pen testers obsolete?
Dark Reading
Automated Pen Testing: Can It Replace Humans?
These tools have come a long way, but are they far enough along to make human pen testers obsolete?
🔰 #CVE -2020-8913: @hacklido
Persistent code execution in #Google Play Core Library ( #PoC )
https://blog.oversecured.com/Oversecured-automatically-discovers-persistent-code-execution-in-the-Google-Play-Core-Library/
Vulnerability in #Google Play Core Library Remains Unpatched in Google Play Applications... @hacklido
https://research.checkpoint.com/2020/vulnerability-in-google-play-core-library-remains-unpatched-in-google-play-applications/
Persistent code execution in #Google Play Core Library ( #PoC )
https://blog.oversecured.com/Oversecured-automatically-discovers-persistent-code-execution-in-the-Google-Play-Core-Library/
Vulnerability in #Google Play Core Library Remains Unpatched in Google Play Applications... @hacklido
https://research.checkpoint.com/2020/vulnerability-in-google-play-core-library-remains-unpatched-in-google-play-applications/
News, Techniques & Guides
Oversecured automatically discovers persistent code execution in the Google Play Core Library
The Google Play Core Library is a popular library for Android that allows updates to various parts of an app to be delivered at runtime without the participation of the user, via the Google API...
🔰Garuda #Linux
An Indian Operating System based on GNU Linux! You are really going to fall in love with it's speed and Interface. @hacklido
Link: https://garudalinux.org
An Indian Operating System based on GNU Linux! You are really going to fall in love with it's speed and Interface. @hacklido
Link: https://garudalinux.org