mr.robot everyday @hacklido.png
671.3 KB
🔰1920*1080 #cybersecurity #wallpaper !
Every day, we change the world, but to change the world in a way that means anything, that takes more time than most people have. It never happens all at once. It’s slow. It’s methodical. It’s exhausting.
-Elliot Alderson
Share and support us ❤️ @hacklido
Every day, we change the world, but to change the world in a way that means anything, that takes more time than most people have. It never happens all at once. It’s slow. It’s methodical. It’s exhausting.
-Elliot Alderson
Share and support us ❤️ @hacklido
🔰 #Exploit #CVE-2020-13886:
#LFI Intelbras IP terminal TIP 200/200 LITE ( #PoC )
https://github.com/lucxssouza/CVE-2020-13886
#LFI Intelbras IP terminal TIP 200/200 LITE ( #PoC )
https://github.com/lucxssouza/CVE-2020-13886
GitHub
GitHub - Ls4ss/CVE-2020-13886: Exploit CVE-2020-13886 - LFI Intelbras TIP 200 / 200 LITE /
Exploit CVE-2020-13886 - LFI Intelbras TIP 200 / 200 LITE / - GitHub - Ls4ss/CVE-2020-13886: Exploit CVE-2020-13886 - LFI Intelbras TIP 200 / 200 LITE /
🔰 Automated Security Risk Identification Using AutomationML-based Engineering Data. #blueteam
This prototype identifies security risk sources (i.e., threats and vulnerabilities) and types of attack consequences based on AutomationML (AML) artifacts. The results of the risk identification process can be used to generate cyber-physical attack graphs, which model multistage cyber attacks that potentially lead to physical damage.
https://github.com/sbaresearch/amlsec
This prototype identifies security risk sources (i.e., threats and vulnerabilities) and types of attack consequences based on AutomationML (AML) artifacts. The results of the risk identification process can be used to generate cyber-physical attack graphs, which model multistage cyber attacks that potentially lead to physical damage.
https://github.com/sbaresearch/amlsec
GitHub
GitHub - sbaresearch/amlsec: Automated Security Risk Identification Using AutomationML-based Engineering Data
Automated Security Risk Identification Using AutomationML-based Engineering Data - sbaresearch/amlsec
🔰 #Red_Team Tactics:
🔴Weaponizing #XSS
https://saadahmedx.medium.com/weaponizing-xss-for-fun-profit-a1414f3fcee9
🔴Smuggling an (Un)exploitable #XSS
https://www.rcesecurity.com/2020/11/Smuggling-an-un-exploitable-xss/
🔴Weaponizing #XSS
https://saadahmedx.medium.com/weaponizing-xss-for-fun-profit-a1414f3fcee9
🔴Smuggling an (Un)exploitable #XSS
https://www.rcesecurity.com/2020/11/Smuggling-an-un-exploitable-xss/
🔰 Free training on developing #Burp_Suite extensions @hacklido
https://github.com/doyensec/burpdeveltraining
https://github.com/doyensec/burpdeveltraining
GitHub
GitHub - doyensec/burpdeveltraining: Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security…
Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation" - doyensec/burpdeveltraining
🔰 #Google Patches Two More Chrome #Zero-Days Exploited in Attacks @hacklido
https://www.securityweek.com/google-patches-two-more-chrome-zero-days-exploited-attacks
https://www.securityweek.com/google-patches-two-more-chrome-zero-days-exploited-attacks
SecurityWeek
Google Patches Two More Chrome Zero-Days Exploited in Attacks
Google has released another update for Chrome 86 to patch two more zero-day vulnerabilities that have been exploited in the wild.
🔰Noia: Simple #Android and #iOS (newly added feature) application sandbox file browser #tools #Frida @hacklido
https://github.com/0x742/noia
https://github.com/0x742/noia
GitHub
GitHub - 0x742/noia: [WIP] Simple mobile applications sandbox file browser tool. Powered with [frida.re](https://www.frida.re).
[WIP] Simple mobile applications sandbox file browser tool. Powered with [frida.re](https://www.frida.re). - 0x742/noia
🔰HiveJack: This tool can be used to dump #windows credentials from an already-compromised host. #tools @hacklido
It is a good #post_exploitation utility and also provides an option to delete #log files to clear the trace.
https://github.com/Viralmaniar/HiveJack
It is a good #post_exploitation utility and also provides an option to delete #log files to clear the trace.
https://github.com/Viralmaniar/HiveJack
GitHub
GitHub - Viralmaniar/HiveJack: This tool can be used during internal penetration testing to dump Windows credentials from an already…
This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM hives and once copied to the a...
🔰Subdomain finder based on free online services. #tools @hacklido
https://github.com/Fadavvi/Sub-Drill
https://github.com/Fadavvi/Sub-Drill
GitHub
GitHub - Fadavvi/Sub-Drill: A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration…
A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements. - GitHub - Fadavvi/Sub-Drill: A very (very) FAST and simple subdomai...
🔰Fortiscan - A High Performance #FortiGate SSL-VPN #Vulnerability_Scanner And #Exploitation #Tools. @hacklido
https://www.kitploit.com/2020/11/fortiscan-high-performance-fortigate.html
https://www.kitploit.com/2020/11/fortiscan-high-performance-fortigate.html
KitPloit - PenTest & Hacking Tools
Fortiscan - A High Performance FortiGate SSL-VPN Vulnerability Scanning And Exploitation Tool
🔰Metahttp - A #bash script that automates the scanning of a target network for HTTP resources through #XXE #tools @hacklido
https://github.com/vp777/metahttp
https://github.com/vp777/metahttp
GitHub
GitHub - vp777/metahttp: A bash script that automates the scanning of a target network for HTTP resources through XXE
A bash script that automates the scanning of a target network for HTTP resources through XXE - vp777/metahttp
🔰We Hacked #Apple and Made $500,000 in Bounties @hacklido
https://www.youtube.com/watch?v=CHdUgRGYynI
https://www.youtube.com/watch?v=CHdUgRGYynI
YouTube
We Hacked Apple and Made $500,000 in Bounties
Live Every Friday, Saturday Sunday and Monday on Twitch:
https://twitch.tv/nahamsec
Free $100 DigitalOcean Credit:
https://m.do.co/c/3236319b9d0b
Guests:
https://twitter.com/bbuerhaus
https://twitter.com/samwcyo
https://twitter.com/erbbysam
https://twi…
https://twitch.tv/nahamsec
Free $100 DigitalOcean Credit:
https://m.do.co/c/3236319b9d0b
Guests:
https://twitter.com/bbuerhaus
https://twitter.com/samwcyo
https://twitter.com/erbbysam
https://twi…
🔰The Pen Testing #Tools We’re Thankful for in 2020 @hacklido
https://labs.bishopfox.com/industry-blog/pen-testing-tools-were-thankful-for-in-2020
https://labs.bishopfox.com/industry-blog/pen-testing-tools-were-thankful-for-in-2020
Bishop Fox
The Pen Testing Tools We’re Thankful for in 2020
Recap of Bishop Fox's favorite penetration testing tools for 2020 including, Nuclei, Spyse Search Engine, Dufflebag, GadgetProbe, RMIScout and more.
🔰 Tutorials and Methodologies for #OSCP /#OSWE #Buffer_Overflow #exploitation @hacklido
http://strongcourage.github.io/2020/04/19/bof.html
http://strongcourage.github.io/2020/04/19/bof.html
strongcourage.github.io
Manh-Dung Nguyen - OSCP/OSCE Buffer Overflows Exploitation
Tutorials / Methodologies https://github.com/gh0x0st/Buffer_Overflow https://infosecsanyam261.gitbook.io/tryharder/buffer-overflow https://blog.own.sh/introd...