Leaderboard

Vuln.: XSS *.Redhat Status: Raportat PoC :

Am vazut ca multi vreti un domeniu cu o oarecare istorie , o sa va arat cum sa luati domenii expirate doar la pretul unei inregistrari normale. 1. Faceti-va cont pe Expired Domains with PR, Backlinks and more completely FREE , e gratis si aveti mai multe detalli asupra domeniilor. 2. Duceti-va la sectiunea de "Deleted .com" Login 3. Ca filtre cele mai bune pe care vi le recomand sunt "only new last 24 hours/no Numbers/no Hyphens " Ca sa vedeti cam cat valoreaza domeniul puteti folosi http://www.valuate.com/ , https://www.archive.org/ si in cazul in care domeniul are ranking alexa va puteti uita si pe Alexa - The Web Information Company (cele cu un rank mai mic de 4mil ) Intr-un final, cele mai bune domenii sunt cele care chiar inseamna ceva, scurte ca lungime si poate cele cu un PR gata facut . Happy hunting !

E mai ieftin pt ei in felul asta, mai ales ca majoritatea traficului vine de acolo. Daca ar deschide pe viitor inca un POP in Rm. Valcea, mai ales Paypal ar reduce costurile cu banda cu peste 80%.

A facut o treaba buna. Recomand

Banuiesc ca asa o sa arate reteaua din datacenter-ul tau? http://puu.sh/dnXDE/547809ad46.jpg Am auzit ca in Alexandria si HE are PoP deci clar o sa ai mare turbo p? transit.

Buna seara stimate Enki Valium von Baal (Inalt Duce de Gradul 66).As putea sa va finantez dar cu o singura conditie, vreau sa devin membru al ordinului dvs., imi puteti trimite un mesaj privat cu mai multe detalii?Cum as putea sa devin Cavaler de grad mai mare? De unde as putea sa procur etnobotanicele puternice pe care le fumati?Se pare ca sunt de inalta calitate. Am uitat sa precizez, te-ar interesa sa deschidem inca un datacenter in Rm. Valcea? Ti-am lasat datele unui sponsor potent pe PM, contacteaza-l maine intre orele 18.00-21.00. Multumesc mult, astept un raspuns.

Omule, un router bunicel costa 15.000 euro. Tu vrei sa-ti faci datacenter cu 8000 ?

OK, chestia asta e super. VIP oricând î?i face user. A fost muncitoresc, cred, s? îl faci s? mearg? pe mai multe versiuni de putty. Felicit?ri.

Establishing a penetration testing methodology is becoming increasingly important when considering data security in web applications. The more we come to rely on networked communication and cloud-based data systems, the more we leave ourselves vulnerable to potentially damaging cyber attacks by outside parties. While designing and safeguarding secured systems has become standard, how can you be certain these systems work? The answer lies in building a comprehensive penetration testing methodology to protect your information assets. What is Penetration Testing? Think of a penetration testing methodology—or “pentesting” for short—as a controlled cyber attack during which your best defenses are put to the test and exploited to determine the extent of vulnerabilities in your web applications. Essentially, designing and implementing a penetration testing methodology allows you to: Hack your own system in a proactive, authorized environment, focusing on elements such as IT infrastructure, OS vulnerabilities, application issues and user and configuration errors; Analyze and validate both system defenses and user adherence to system protocols; and Assess potential attack vectors such as web applications, wireless networks and devices and servers. Unfortunately, no data is safe 100 percent of the time. But an effective penetration testing methodology can do wonders for eliminating unnecessary vulnerabilities. What Are the Benefits of a Penetration Testing Methodology? The stakes are high for data security. With an effective penetration testing methodology, you can: Identify vulnerabilities that scanning software cannot; Not only test those vulnerabilities, but also determine how prepared network defenders are to both detect and respond to attacks in a timely manner; Determine the potential magnitude of a successful attack; and Ensure all compliance protocols for data security are being met (a consideration especially important in the payments industry). Another benefit of taking your penetration testing methodology seriously is its potential affect on internal culture. When organizational leadership demonstrates a clear commitment to data security, it reinforces its importance to employees, who will then be encouraged to follow user-end protocols to the best of their abilities. How Often Should a Penetration Testing Methodology Be Performed? An effective penetration testing methodology is executed regularly. As the general wisdom goes, it’s better to be proactive and strengthen your web applications’ defenses now than to wait until you’ve already suffered an attack, losing valuable data in the process. In planning your penetration testing methodology, consider your industry. Not everyone is going to have the same security needs, but it’s your company’s responsibility to make sure confidential information stays confidential. Your organization should deploy its penetration testing methodology regularly, but especially when any of the following occurs: Regulations specific to your industry mandate it. For the payments industry, for example, this can be a quarterly requirement. In other sectors, pentests might only be an annual requirement. Any alterations to network infrastructure or web applications (internal or external). This could entail upgrades, modifications, security patches, new additions or total overhauls. Policies change. This is especially common on the end user side of the equation. Policy changes affect the nature of the user’s interaction with the web application, which could create new challenges. Your organization moves or adds a new location. This includes remote employees, who will be accessing web applications through their ISP rather than your organization’s secure network. Finally, when designing your penetration testing methodology, err on the side of caution. If you think you may need a pentest, you probably do. Pentesting may not be free, but the cost is preferable to a data breach. Building and Effective Penetration Testing Methodology In the previous decade, although support was building for establishing a more widely practiced penetration testing methodology, no standard materialized until 2010 with the introduction of the Penetration Testing Execution Standard (PTES). In the current version of the standard, PTES is divided into seven main sections: Pre-engagement Interactions Intelligence Gathering Threat Modeling Vulnerability Analysis Exploitation Post Exploitation Reporting These elements can be considered the fundamental elements of any penetration testing methodology. We will explore each of these points in the following sections. Pre-Engagement Interactions When building your penetration testing methodology, remember that pentesting requires a lot of trust. You will want to find a provider that is both experienced and familiar with the particular needs of your business. Remember, you’re essentially asking your provider to hack your system, so some ground rules should be established first: What is the Scope? Do you want a particular area of your business targeted, or your business in general? What (and who) is off limits? What Is the Schedule? You still have a business to run, so it’s important to establish during which hours the pentest is to be performed. The overall timeline of the pentest should be established as an essential element of your penetration testing methodology. Blackbox or Whitebox? In a whitebox test, the pentester is given baseline access or information to begin and is then charged with exploiting any weaknesses from that position. In a blackbox test, the pentester begins with nothing, just like an outside attacker. Who Are the Contacts? It’s important that communication channels be established between all involved parties, as lapses in communication could have a variety of unintended consequences. As the foundation of your penetration testing methodology, pre-engagement interactions should be considered very carefully. Intelligence Gathering In this phase of your penetration testing methodology, your provider begins the preliminary steps of planning their attack. In a properly planned pentest, the provider will have a clear idea of what is off limits and what is fair game. Understand that your provider is not doing their job if they’re not turning over every leaf looking for information about your business, its employees, its assets and its liabilities. As such, the time spent on this step of the penetration testing methodology can be quite extensive. Again, remember that establishing ground rules is important in your penetration testing methodology. Providers (and the actual hackers) are accustomed to discovering information however they can—even if that means searching through the company garbage. Threat Modeling Once relevant documentation has been gathered, the next step of the penetration testing methodology is to use that information to build a complete profile of your company and its assets. Once this is established, target primary and secondary assets will be determined and further scrutinized. Assets could entail a variety of different elements, including organizational data (e.g., policies, procedures, trade secrets), employee and customer data and “human assets”—high-level employees that could be exploited in a manner of ways. In a good penetration testing methodology, the provider won’t be biased in what assets they’re seeking out unless they are instructed to. Otherwise, they will work to identify those with the highest value. Vulnerability Analysis With the target assets established, the provider will then work to determine the best entry point to exploit those assets. A good penetration testing methodology will provide strict guidelines on project scope to ensure the client’s desired outcome is met. Sometimes this analysis can be a no-limits effort to uncover all potential vulnerabilities. In other cases, the provider will be asked to target a specific set of potential trouble spots. In a thorough penetration testing methodology, the extent of the vulnerability is then assessed, including the level of weakness and the sensitivity of the information it might expose. Exploitation & Post-Exploitation The next step in the penetration testing methodology is the attack itself. Just as in a real-world data breach, a properly executed exploitation can happen very quickly. Once the provider has gained access to your systems, they will not only continue working to avoid detection, but also attempt a strategy known as “privilege escalation” to gain greater access to the system, as well as additional potential assets. As the penetration testing methodology progresses to post-exploitation after the target has been achieved, the provider will assess the value of the compromised machine or entry point and determine whether it could be further exploited for later use. Reporting Clearly, a thorough penetration testing methodology involves a great deal of work in data collection, analysis and exploitation. But how will the provider report on this information so that your organization can turn it into actionable solutions? Here are some considerations: Get Specifics: High-level recommendations may provide a basic context for the problems with your web applications, but they aren’t always very helpful to the people charged with implementation. Walk-Throughs: Nothing beats learning through experience. Providers should be prepared to show relevant employees and specialists exactly what they did—and also how difficult it was to accomplish. Risk Level: Naturally, the more challenging an attack is to pull off, the harder it will be for others to do so. Providers should include a detailed report on the risk level of the vulnerabilities they encountered, as well as an assessment of the potential business impact if they are exploited. Finally, don’t be afraid to ask questions of your provider. A good penetration testing methodology, after all, is all about being as informed as possible. Source

Varianta domestica, pentru cei care tin pc-ul in aprins 24/24. In loc sa trimita oferta prin email, o tipareste in fisierul "chilipiruri.txt" si beepaie #!/usr/bin/env python import urllib2 import random import re import time import winsound #panou de configurare chilipir = 25 # pretul(ron) sub care sunteti anuntat interval_timp_cautare = 600 # in secunde, default 10 min (600 s) beepuri = 5 # nr beepuri pauza_beep = 5 # pauza intre beepuri in secunde durata = 10 # durata beepului in secunde print r""" #@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@#\ #.........RSTforums.com........#-\ #.............Usr6.............#--\/ #.Cautatoru de chilipiruri 1.1.#--/\ #..............................#-/ #@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@#/ """ def beeeep(TEXT): print TEXT with open("chilipiruri.txt", "a") as handle: handle.write("\n" *3 +str(time.strftime("%c")) +"\n" + TEXT) print "Verifica fisierul chilipiruri.txt" for i in range(beepuri): Freq = 2500 # Set Frequency To 2500 Hertz winsound.Beep(Freq,durata * 1000) time.sleep(pauza_beep ) return oferte = [] while True : oferta = "" random_nr = str(random.randint(10**16,99999999999999999)) ua = "Opera/%s.%s (Windows NT %s.%s) Presto/%s.%s.%s Version/%s.%s" \ %(random_nr[0], random_nr[1:3], random_nr[4], random_nr[5], random_nr[6], random_nr[7:9], random_nr[10:13], random_nr[13:15], random_nr[15:17]) try: site = "http://www.emag.ro/resigilate/sort-priceasc" req = urllib2.Request(site, None, {'User-Agent' : ua}) continut = urllib2.urlopen(req, timeout=30).read() match = re.findall('\"money-int\"\>(\d*)\<\/span\>\<sup class=\"money-decimal\"\>\d*.+\n.+\t+.+\n\t.+\n.+\n.+\<a href=\"(.+#resigilate)"',continut) for every in match: pret, link = every if int(pret) <= chilipir: link = "http://www.emag.ro" + link unic = str(pret) + link if unic not in oferte: oferta += str(pret) + "\t" + link +"\n" oferte.append(unic) except Exception as E: print "\n!!! EROARE !!!\n" beeeep(str(E)) if len(oferta) >= 1: beeeep(oferta) time.sleep(interval_timp_cautare) print time.strftime("%c"), "nimic nou" exit()

C++: From Beginner to Expert Designed for people who don't have any knowledge about the programming and want to program in C++ https://www.udemy.com/video-course-c-from-beginner-to-expert/?couponCode=OHFREECPP

In legatura cu Free domain name appraisals - Valuate.com ce parere ave-ti de expertiza lor ?

Buna seara, Impreuna cu 2 prieteni doresc sa incep 2 proiecte, ce au nevoie de o finantare (pentru inceput) de aproximativ 10.000 EURO, momentan avem alocati acestor proiecte doar 5000 de EURO, in total, pentru deschiderea acestor doua proiecte avem nevoie de 15.000, avem deja 5000. Daca gasim una sau mai multe persoane interesate sa ne sustina pentru inceput, banii se vor recupera in timp (daca este nevoie putem semna un contract pentru asta), cum spuneam daca gasim persoanele potrivite putem incepe demersurile pentru deschiderea dc-ului si ziarului. - un datacenter privat in Alexandria, unde vom gazduii DOAR website-uri pentru firme mari / website-uri ce doresc monitorizare 24/24 si garantarea unui up-time de 99.99%, O SECURITATE DE NIVEL INALT - ne propunem ca-n scurt timp sa devenim cel mai sigur datacenter din Romania, vom gazduii organizatii guvernamentale, servicii de informatii si eventual vom inchiria servere dedicate. DC-ul va avea doar oameni compententi in "staff" si "echipa", de la experti in securitate pana la programatori web, suport tehnic 24/24 prin telefon / live chat si la scurt timp dupa infiintarea si propria infrastructura (retea, mai exact va fii un fel de mini-provider de internet, unul SIGUR din toate punctele de vedere, unde atacurile DDoS sau sniffing vor fii de domeniul trecutului) - un ziar national cu sediul in Alexandria (unul serios, unde vor fii articole de calitate, de arta, cultura, spiritualitate, istorie pana la stiri locale, sociale, politice, de interes national, etc, vreau ca sloganul sa fie "IMPREUNA IMPOTRIVA CORUPTIEI") Pentru datacenter se vor aloca 8000 de euro, restul de 2000 vor fii alocati pentru ziar (achizitionare echipamente, licente, etc) Acestea vor fii pe langa ceea ce investim noi, adica aproximativ 5000 de euro. Am inteles ca in Romania sunt cateva organizatii ce te finanteaza pentru proiect (bineinteles ca dupa "isi scot" banii x 100), stiu ca sunt multi interesati sa finanteze proiecte ca dupa sa-si scoata banii. De ce nu investim noi in proiecte? - avem alt proiect la care lucram de 3 luni unde s-au investit deja peste 50.000 euro - nu avem fondurile necesare, cum am spus avem alt proiect si banii "programati/rezervati pentru lucruri mult mai importante" (scuzati termenul, dar n-am gasit altul in acest moment) Intrebare mea este urmatoarea: Cunoasteti vreo organizatie/persoana interesata sa contribuie la strangerea celor 10.000 euro? daca da, va rog lasati-mi un mesaj privat cu toate datele.