Test Your XSS Skills Using Vulnerable Sites
https://www.acunetix.com/blog/web-security-zone/test-xss-skills-vulnerable-sites/
https://www.acunetix.com/blog/web-security-zone/test-xss-skills-vulnerable-sites/
Acunetix
Test Your XSS Skills Using Vulnerable Sites | Acunetix
We compiled a Top-10 list of web applications that were intentionally made vulnerable to Cross-site Scripting (XSS). They were created so that you can learn in practice how attackers exploit XSS vulnerabilities by testing your own malicious code.
XSS-Payloads
This repository holds all the list of advanced #XSS #payloads that can be used in penetration testing. These payloads can be loaded into XSS scanners as well.
https://github.com/pgaijin66/XSS-Payloads
This repository holds all the list of advanced #XSS #payloads that can be used in penetration testing. These payloads can be loaded into XSS scanners as well.
https://github.com/pgaijin66/XSS-Payloads
❤2💩1
TLDbrute
A simple utility to generate domain names with all possible TLDs
https://github.com/Sybil-Scan/TLDbrute
A simple utility to generate domain names with all possible TLDs
https://github.com/Sybil-Scan/TLDbrute
❤1👎1
/ Reddit was hacked
Reddit systems were hacked as a result of a sophisticated and highly-targeted phishing attack. They gained access to some internal documents, code, and some internal business systems..:
https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/
Reddit systems were hacked as a result of a sophisticated and highly-targeted phishing attack. They gained access to some internal documents, code, and some internal business systems..:
https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/
Reddit
From the reddit community on Reddit
Explore this post and more from the reddit community
CVE-2023-0045.zip
13.4 KB
🔥🔥🔥Linux Kernel: Bypassing Spectre-BTI User Space Mitigations(CVE-2023-0045)
The Linux kernel does not correctly mitigate SMT attacks, as discovered through a strange pattern in the kernel API using STIBP as a mitigation, leaving the process exposed for a short period of time after a syscall. The kernel also does not issue an IBPB immediately during the syscall.
The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the
The behavior is only corrected after a reschedule of the task happens. Furthermore, the kernel entrance (due to the syscall itself), does not issue an IBPB in the default scenarios (i.e., when the kernel protects itself via retpoline or eIBRS).
🛡Security patch(Flush IBP in ib_prctl_set())
💥 PoC + writeup
The Linux kernel does not correctly mitigate SMT attacks, as discovered through a strange pattern in the kernel API using STIBP as a mitigation, leaving the process exposed for a short period of time after a syscall. The kernel also does not issue an IBPB immediately during the syscall.
The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the
SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall.The behavior is only corrected after a reschedule of the task happens. Furthermore, the kernel entrance (due to the syscall itself), does not issue an IBPB in the default scenarios (i.e., when the kernel protects itself via retpoline or eIBRS).
🛡Security patch(Flush IBP in ib_prctl_set())
💥 PoC + writeup
👍1
收集分享一些AI工具(网站),持续更新
- Galileo AI 用AI设计生成UI设计
- README 生成器 用AI生成完整的GitHub readme
- ChatGPT for StackOverflow 查看 ChatGPT 对 StackOverflow 上每个问题的回复,甚至是未回答的问题
- 周报生成器 简单描述工作内容,帮你生成完整周报
- email-helper AI帮你写邮件
- animeai AI生成漫画风格图片
- autodraw AI辅助绘画
- bearly AI帮助你阅读、创作,撰写,提高你的工作效率
- poe quora出品的对话式AI工具
- latentlabs 根据文本生成 360 度全景图
- invideo 根据文本生成视频
- docuchat 上传文档,AI回答对应的问题
- tweetmonk AI帮你打理社交网络
- image-to-sound-fx 图片转换为相对应的声音内容
- murf AI生成真人演讲视频
- stockimg AI设计图标
- playgroudai 获取AI绘图提示词,帮助你编辑图片
- MetaVoice Studio AI声音编辑平台
- campbell AI生成评语
- penlope AI辅助markdown编辑器
- ChatGPT Detector 判断文本是否是AI生成
- humata 利用AI来分析论文内容
- tosummary 利用AI提取书籍、YouTube视频摘要
#AI #网站
- Galileo AI 用AI设计生成UI设计
- README 生成器 用AI生成完整的GitHub readme
- ChatGPT for StackOverflow 查看 ChatGPT 对 StackOverflow 上每个问题的回复,甚至是未回答的问题
- 周报生成器 简单描述工作内容,帮你生成完整周报
- email-helper AI帮你写邮件
- animeai AI生成漫画风格图片
- autodraw AI辅助绘画
- bearly AI帮助你阅读、创作,撰写,提高你的工作效率
- poe quora出品的对话式AI工具
- latentlabs 根据文本生成 360 度全景图
- invideo 根据文本生成视频
- docuchat 上传文档,AI回答对应的问题
- tweetmonk AI帮你打理社交网络
- image-to-sound-fx 图片转换为相对应的声音内容
- murf AI生成真人演讲视频
- stockimg AI设计图标
- playgroudai 获取AI绘图提示词,帮助你编辑图片
- MetaVoice Studio AI声音编辑平台
- campbell AI生成评语
- penlope AI辅助markdown编辑器
- ChatGPT Detector 判断文本是否是AI生成
- humata 利用AI来分析论文内容
- tosummary 利用AI提取书籍、YouTube视频摘要
#AI #网站
Stitch
Stitch - Design with AI
Stitch generates UIs for mobile and web applications, making design ideation fast and easy.
OFFENSIVE SECURITY & REVERSE ENGINEERING (OSRE) Course
https://github.com/ashemery/exploitation-course
https://github.com/ashemery/exploitation-course
GitHub
GitHub - ashemery/exploitation-course: Offensive Software Exploitation Course
Offensive Software Exploitation Course. Contribute to ashemery/exploitation-course development by creating an account on GitHub.
𝙊𝙋𝙎𝙀𝘾 in Adversary Simulation
Link 🔗:-
https://ristbs.github.io/2023/02/08/your-pocket-guide-to-opsec-in-adversary-emulation.html
Link 🔗:-
https://ristbs.github.io/2023/02/08/your-pocket-guide-to-opsec-in-adversary-emulation.html
ristbs’s blog
Your Pocket Guide to OPSEC in Adversary Emulation
Intro to OPSEC Our Ennemies Offensive Architecture Security Events OPSEC Tips Information Gathering Initial Access Kerberos Attacks Lateral Mouvement Pivoting Tooling & Malwares
Twitter 200M+ Scraped Data | 2023
Format -
Format -
Email,Name,ScreenName,Followers,CreatedDate
Download - https://root.direct/twitter200MChatGPT for Google
Расширение Chrome для отображения ответа ChatGPT в результатах поиска Google.
https://github.com/wong2/chat-gpt-google-extension
#chrome #bot
Расширение Chrome для отображения ответа ChatGPT в результатах поиска Google.
https://github.com/wong2/chat-gpt-google-extension
#chrome #bot
👍2❤1
Crypto_Crime_Report_2023.pdf
43.4 MB
📓 The 2023 Crypto Crime Report
Everything you need to know about cryptocurrency-based crime