Unlocking the power of Red Teaming: An overview of trainings and certifications
https://blog.nviso.eu/2023/07/31/unlocking-the-power-of-red-teaming-an-overview-of-trainings-and-certifications/?amp
@IRCyberGuardians
https://blog.nviso.eu/2023/07/31/unlocking-the-power-of-red-teaming-an-overview-of-trainings-and-certifications/?amp
@IRCyberGuardians
NVISO Labs
Unlocking the power of Red Teaming: An overview of trainings and certifications
NVISO enjoys an excellent working relationship with SANS and has been involved as Instructors and Course Authors for a variety of their courses: For SEC511, Continuous Monitoring and Security Opera…
Exploiting Web3’s Hidden Attack Surface: Universal XSS on Netlify’s Next.js Library
https://samcurry.net/universal-xss-on-netlifys-next-js-library/
@IRCyberGuardians
https://samcurry.net/universal-xss-on-netlifys-next-js-library/
@IRCyberGuardians
samcurry.net
Exploiting Web3's Hidden Attack Surface: Universal XSS on Netlify's Next.js Library
On August 24th, 2022, we reported a vulnerability to Netlify affecting their Next.js "netlify-ipx" repository which would allow an attacker to achieve persistent cross-site scripting and full-response server side request forgery on any website out of the…
Upgrading Simple Shells to Fully Interactive TTYs
https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/
@IRCyberGuardians
https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/
@IRCyberGuardians
ropnop blog
Upgrading Simple Shells to Fully Interactive TTYs
Catching a reverse shell over netcat is great…until you accidentally Ctrl-C and lose it. These techniques let you upgrade your shell to a proper TTY
Top disclosed reports from HackerOne
https://github.com/reddelexc/hackerone-reports/tree/master
@IRCyberGuardians
https://github.com/reddelexc/hackerone-reports/tree/master
@IRCyberGuardians
GitHub
GitHub - reddelexc/hackerone-reports: Top disclosed reports from HackerOne
Top disclosed reports from HackerOne. Contribute to reddelexc/hackerone-reports development by creating an account on GitHub.
In this repository I'll host my research and methodologies for auditing vulnerabilities
https://github.com/OlivierLaflamme/Auditing-Vulnerabilities
@IRCyberGuardians
https://github.com/OlivierLaflamme/Auditing-Vulnerabilities
@IRCyberGuardians
GitHub
GitHub - OlivierLaflamme/Auditing-Vulnerabilities: In this repository I'll host my research and methodologies for auditing vulnerabilities
In this repository I'll host my research and methodologies for auditing vulnerabilities - GitHub - OlivierLaflamme/Auditing-Vulnerabilities: In this repository I'll host my researc...
SSRF and Open Redirect CheatSheet
https://www.hahwul.com/phoenix/ssrf-open-redirect/
@IRCyberGuardians
https://www.hahwul.com/phoenix/ssrf-open-redirect/
@IRCyberGuardians
HAHWUL
SSRF and Open Redirect CheatSheet
Cookieless DuoDrop: IIS Auth Bypass & App Pool Privesc in ASP.NET Framework (CVE-2023-36899)
https://soroush.me/blog/2023/08/cookieless-duodrop-iis-auth-bypass-app-pool-privesc-in-asp-net-framework-cve-2023-36899/
@IRCyberGuardians
https://soroush.me/blog/2023/08/cookieless-duodrop-iis-auth-bypass-app-pool-privesc-in-asp-net-framework-cve-2023-36899/
@IRCyberGuardians
Telegram
Cyber Guardians
RedTeaming TTPs
Bug Hunting
Web PenTest
Web Security
Binary Analysis
Exploit DEV
Malware DEV
Malware Analysis
BlueTeaming
Threat Hunting
SOC
CSIRT
FORENSICS
Open-Source Intelligence(OSINT)
Cybersec Tools
Bug Hunting
Web PenTest
Web Security
Binary Analysis
Exploit DEV
Malware DEV
Malware Analysis
BlueTeaming
Threat Hunting
SOC
CSIRT
FORENSICS
Open-Source Intelligence(OSINT)
Cybersec Tools
A collection of smart contract vulnerabilities along with prevention methods.
https://github.com/kadenzipfel/smart-contract-vulnerabilities
@IRCyberGuardians
https://github.com/kadenzipfel/smart-contract-vulnerabilities
@IRCyberGuardians
GitHub
GitHub - kadenzipfel/smart-contract-vulnerabilities: A collection of smart contract vulnerabilities along with prevention methods
A collection of smart contract vulnerabilities along with prevention methods - kadenzipfel/smart-contract-vulnerabilities
This Repository contains list of Common Solidity SmartContract Attack Vectors. If you find any attack vectors missing, you can create a pull request and be a contributor of the project.
https://github.com/Quillhash/Solidity-Attack-Vectors
@IRCyberGuardians
https://github.com/Quillhash/Solidity-Attack-Vectors
@IRCyberGuardians
GitHub
GitHub - Quillhash/Solidity-Attack-Vectors: This Repository contains list of Common Solidity SmartContract Attack Vectors. If you…
This Repository contains list of Common Solidity SmartContract Attack Vectors. If you find any attack vectors missing, you can create a pull request and be a contributor of the project. - Quillhash...
Comprehensive list of known attack vectors and common anti-patterns
https://github.com/sigp/solidity-security-blog
@IRCyberGuardians
https://github.com/sigp/solidity-security-blog
@IRCyberGuardians
GitHub
GitHub - sigp/solidity-security-blog: Comprehensive list of known attack vectors and common anti-patterns
Comprehensive list of known attack vectors and common anti-patterns - sigp/solidity-security-blog
A POC of the ContainYourself research presented in DEF CON 31, which abuses the Windows containers framework to bypass EDRs.
https://github.com/deepinstinct/ContainYourself
@IRCyberGuardians
https://github.com/deepinstinct/ContainYourself
@IRCyberGuardians
GitHub
GitHub - deepinstinct/ContainYourself: A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers…
A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs. - deepinstinct/ContainYourself
A Rust crate for parsing Windows user minidumps.
https://github.com/0vercl0k/udmp-parser-rs
@IRCyberGuardians
https://github.com/0vercl0k/udmp-parser-rs
@IRCyberGuardians
GitHub
GitHub - 0vercl0k/udmp-parser-rs: A Rust crate for parsing Windows user minidumps.
A Rust crate for parsing Windows user minidumps. Contribute to 0vercl0k/udmp-parser-rs development by creating an account on GitHub.
Advanced Module Stomping & Heap/Stack Encryption
https://labs.cognisys.group/posts/Advanced-Module-Stomping-and-Heap-Stack-Encryption/
@IRCyberGuardians
https://labs.cognisys.group/posts/Advanced-Module-Stomping-and-Heap-Stack-Encryption/
@IRCyberGuardians
Cognisys Group Labs
Advanced Module Stomping & Heap/Stack Encryption
Overview