/archive/

Bearer tokens are awful
https://mjg59.dreamwidth.org/59353.html

102 viewsPatrick Bateman, 01:36

Bearer tokens are awful https://mjg59.dreamwidth.org/59353.html

É engraçado porque é verdade.

103 viewsPatrick Bateman, 17:34

The person who follows the crowd will usually go no further than the crowd. The person who walks alone is likely to find himself in places no one has ever seen before.

128 viewsPatrick Bateman, 00:46

/archive/

sicp.pdf

This media is not supported in your browser

VIEW IN TELEGRAM

97 viewsLain Iwakura, 00:59

/archive/

Motivos pra não usar systemd:
CVE-2012-0871
CVE-2012-1101
CVE-2012-1174
CVE-2012-3524
CVE-2013-4327
CVE-2013-4391
CVE-2013-4392
CVE-2013-4393
CVE-2013-4394
CVE-2014-8399
CVE-2014-9770
CVE-2015-0245
CVE-2015-5969
CVE-2015-7510
CVE-2015-8222
CVE-2015-8842
CVE-2015-8945
CVE-2015-8946
CVE-2016-10156
CVE-2016-5425
CVE-2016-6349
CVE-2016-7795
CVE-2016-7796
CVE-2017-1000082
CVE-2017-11565
CVE-2017-14178
CVE-2017-15908
CVE-2017-18078
CVE-2017-6507
CVE-2017-8900
CVE-2017-9217
CVE-2017-9445
CVE-2018-1049
CVE-2018-1196
CVE-2018-14634
CVE-2018-15686
CVE-2018-15687
CVE-2018-15688
CVE-2018-16864
CVE-2018-16865
CVE-2018-16866
CVE-2018-16888
CVE-2018-20839
CVE-2018-21029
CVE-2018-6954
CVE-2019-10132
CVE-2019-14514
CVE-2019-15718
CVE-2019-18901
CVE-2019-20386
CVE-2019-3815
CVE-2019-3831
CVE-2019-3842
CVE-2019-3843
CVE-2019-3844
CVE-2019-6454
CVE-2020-13529
CVE-2020-13776
CVE-2020-14004
CVE-2020-1712
CVE-2020-26261
CVE-2020-8903
CVE-2021-31822
CVE-2021-33910
CVE-2021-40084
CVE-2021-41281
CVE-2022-21944
CVE-2022-22704
CVE-2022-25293

99 viewsLain Iwakura, 17:34

/archive/

Quanto maior a complexidade no quesito de responsabilidades, maior a superfície de ataque. 2021 bateu recorde em ataques 0day. Vamos ver 2022...

95 viewsLain Iwakura, 17:36

/archive/

Exploiting Tomcat and Coyote:
https://charlesreid1.com/wiki/Metasploitable/Apache/Tomcat_and_Coyote

Apache and Tomcat default pass:
https://github.com/netbiosX/Default-Credentials/blob/master/Apache-Tomcat-Default-Passwords.mdown

96 viewsLain Iwakura, edited 18:51

/archive/

Useful for OSCP students:

https://libredd.it/r/oscp/comments/a9e2yv/from_0_to_oscp_in_90days/

libredd.it

from 0 to OSCP in 90days - r/oscp

View on Libreddit, an alternative private front-end to Reddit.

145 viewsLain Iwakura, 21:00

/archive/

Executar payload como se fosse um ScreenSaver:

rundll32.exe desk.cpl,InstallScreenSaver C:\temp\file.scr

https://twitter.com/pegabizu/status/1519637165667454979?t=eGDSHM4U9XPdHLd2MM2wnA&

Twitter

Rafael S Marques

@Wietze @VakninHai @pabraeken Guys, I published this technique literally decades ago... 29a issue 7. vxug.fakedoma.in/zines/29a/29a7… @vxunderground

109 viewsLain Iwakura, 11:42

/archive/

Use nmap over proxychains+tor

https://odysee.com/@HackerSploit:26/anonymize-your-traffic-with-proxychains:e

Odysee

Anonymize Your Traffic With Proxychains & Tor

In this video, we will take a look at how to anonymize your traffic with Proxychains and the Tor service to stay anonymous while hacking.
proxychains - a tool that forces any TCP connection made by an...

145 viewsLain Iwakura, 20:44

/archive/

Resources for malware development:

https://github.com/rootkit-io/awesome-malware-development

GitHub

GitHub - rootkit-io/awesome-malware-development: Organized list of my malware development resources

Organized list of my malware development resources - rootkit-io/awesome-malware-development

104 viewsLain Iwakura, 00:10

/archive/

Professionalism in the cyber crime.

https://thehackernews.com/2022/05/experts-analyze-conti-and-hive.html

99 viewsLain Iwakura, edited 00:01

/archive/

Professionalism in the cyber crime. https://thehackernews.com/2022/05/experts-analyze-conti-and-hive.html

Como assim esse site não tem meta tag de preview

102 viewsLain Iwakura, 00:02

/archive/

github.com/bmrf/tron

GitHub

GitHub - bmrf/tron: Tron

Tron. Contribute to bmrf/tron development by creating an account on GitHub.

102 views🚶‍♂️, 11:06

/archive/

Forwarded from 0lab channel ™ (RSM-56)

❤️https://www.cisoadvisor.com.br/rede-tor-fica-mais-veloz-com-controle-de-congestionamento/

CISO Advisor

Rede Tor fica mais veloz com controle de congestionamento

O Projeto Tor publicou detalhes sobre um sistema recém-introduzido chamado de Controle de Congestionamento que promete eliminar os limites de velocidade na rede. O novo sistema está funcionando na…

109 viewsLain Iwakura, 13:40

/archive/

Curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.

https://gtfobins.github.io/

111 viewsLain Iwakura, 01:07

/archive/

PostgreSQL pwning

https://www.unix-ninja.com/p/postgresql_for_red_teams

Unix-Ninja

PostgreSQL for red teams

111 viewsLain Iwakura, 12:50

/archive/

Forwarded from 0lab channel ™ (sblmn)

#Infographics
Process Injection Infographic, ver. 2.

99 viewsLain Iwakura, 20:55

/archive/

Desofuscando endereços de email protegidos pela Cloudflare, muito interessante.

https://blog.jse.li/posts/cloudflare-scrape-shield/

blog.jse.li

An Analysis of Cloudflare's Email Address Obfuscation | Jesse Li

It's a hex encoded string where the first byte (the key), is XORed against each subsequent byte to decrypt the email address. This is not a vulnerability.

104 viewsLain Iwakura, 00:41

/archive/

https://infosecwriteups.com/

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekl…

111 viewsLain Iwakura, 13:02

/archive/

The best articles from /r/oscp

https://libredd.it/r/oscp/comments/owfcl3/i_passed_oscp_and_here_is_how_you_shouldnt_do_it/
https://libredd.it/r/oscp/comments/ng6k5t/from_35_point_fail_to_100_point_pass_how_to_avoid/
https://libredd.it/r/oscp/comments/rs38pm/a_different_kind_of_root_how_a_dentist_passed_the/

125 viewsLain Iwakura, 21:38

About

Blog

Apps

Platform