Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 03/25/18 in Posts

  1. 21 points
    Sediul SRI intr-o zi obisnuita de duminica: Sediul SRI dupa ce a aparut "Despre clonarea de carduri" pe RST
  2. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  3. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  4. 5 points
    Dark Net - Un documentar de extreme ce se mai intampla prin lume. Subiecte: Cockolding, revenge porn, relatii cu anime-uri duse la extrem, RFID-uri implantate in corp, child porn & sex slaves prin 3rd world countries, nootropice, porn addicts, 3D printed guns, AI sex dolls, minerii de BTC din China, nationalism si altele. Real life Black Mirror. Adam Ruins Everything - "[... a] quest to reveal the hidden truths behind everything you know and love". Electric Dreams - Un serial pe aceeasi idee cu Black Mirror. Mindhunter - Despre inceputurile diviziei de analiza a comportamentului din FBI. Manhunt: Unabomber - Documentar despre cum l-au prins pe unabomber. Gerald's Game - Horror, done right. The Sinner - Un serial bun. The Good Place - Serial, comedie. Judah Friedlander: America is the greatest country in the United States - Stand-up comedy. Anthony Jeselnik: Thoughts and Prayers - Stand-up comedy, dark humour. Bo Burnham: Make Happy - Stand-up comedy. American Vandal - Serial, fake documentary, comedie. Dirty Money - Un documentar despre coruptia din sistemul monetar. Calitate extraordinara. Rotten - Un documentar despre coruptia din sistemul de productie si distributie de produse alimentare. La fel, calitate extraordinara. Crema din ce-am vazut in ultimii 2 ani. Multe-s pe Netflix.
  5. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  6. 4 points
    Salut, Vreau sa am un portofoliu cat se poate de serios si vast, si astfel doresc sa realizez aplicatii gratuit (adica eu nu va cer niciun leu). Exista totusi cateva conditii de indeplinit: fara cacaturi (imi place libertatea, man) am control deplin asupra sursei (sa o postez pe github m-ar interesa, dar la nevoie pot sa o pastrez pentru portofoliul personal privat, sau mai discutam, vedem) intelegere (in momentul de fata sunt prins in treburile vietii, dar in scurt timp voi fi foarte liber si pot sa dau talpa mare pentru proiectele voastre... sunt serios, daca iau un proiect inseamna ca il duc la capat cand am promis) Ce folosesc: Pentru aplicatii desktop: C# (+ tot felul de APIs, NuGet packages and shit) + MySQL pentru baze de date (si forkuri MySQL, cum ar fi MariaDB)... Pentru aplicatii web: Aici nu sunt asa meserias, dar pot realiza aplicatii ASP.NET daca va intereseaza. Pentru android: Aici nu prea am experienta, dar daca aveti "curajul" sa imi dati un astfel de proiect, o sa folosesc Xamarin. Ce promit: daca iau un proiect inseamna ca il fac orice ar fi respect deadline-ul suport pentru aplicatii, daca apar buguri sau vreti sa adaug o functionalitate noua o pot face fara probleme, tot gratis, evident Daca vreti sa ma intrebati ceva astept orice fel de intrebare pertinenta, de preferat in acest topic. Multumesc. P.S.: Daca aveti nevoie de vreun API sau ceva care se poate obtine numai contra cost, asta nu depinde de mine. O sa incerc mereu sa folosesc ceva gratuit, dar cand nu se poate trebuie sa va asteptati la astfel de costuri care nu depind de mine, mie personal nu imi dati niciun ban.
  7. 4 points
    Da, se poate trai, dar doresc sa precizez anumite lucruri: - trebuie cunostinte tehnice foarte avansate. Nu poti sa gasesti vulnerabilitati cand nu stii cum functioneaza un lucru in cele mai mici detalii. - trebuie timp investit constant in a fi la curent cu tot ce se intampla domeniul securitatii - cei mai buni din domeniu (acei 1% care traiesc doar din asta), au ajuns aici facand acest lucru din pasiune, curiozitate, motivatie. Nu o sa te duca prea departe doar dorinta de a castiga bani. Nu o sa fie un castig constant ca si la un loc de munca, uneori o sa fie bani (mai multi sau mai putini), alteori nu o sa fie. Deci s-ar putea sa apara sentimentul de nesiguranta in aceste perioade, si n-o sa mai faci din placere. Cel mai bine gandim cand nu avem grija zilei de maine. Eu as recomanda pentru inceput sa faci asta in timpul liber, sa vezi daca iti place si cum merge treaba. E la fel ca si cu freelancingul, nu iti poti da demisia si sa treci direct in freelancing, pana nu ai o plasa de siguranta pentru cazuri neprevazute. Testezi apele si iti cam dai seama ce ai putea sa faci pe viitor. https://hackerone.com/leaderboard/all-time - Topul celor din hackerone(bug bounty platform). Poti sa-i urmaresti pe twitter sau sa le citesti blogurile https://www.youtube.com/playlist?list=PLZaG0MNecryP55u43LWqHy5MADcvLjnL- - Interviuri foarte interesante cu top hunters (unii fac parte si din topul de mai sus)
  8. 4 points
    Ai 1 post. Cu ce plm ramai dator, ma rat00n ? : ))) download link
  9. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  10. 4 points
    http://www.bbc.co.uk/news/technology-43543483 ... ...
  11. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  12. 4 points
    Astea i-au venit si lui in loguri.
  13. 4 points
    Man, de ce saracia ai luat nume romanesti cu extensie pe co.uk? cum poti targeta astea in google
  14. 3 points
    Achitat!!! Va multumesc tuturor pentru sustinere
  15. 3 points
    My personal challenge for 2016 was to build a simple AI to run my home -- like Jarvis in Iron Man. My goal was to learn about the state of artificial intelligence -- where we're further along than people realize and where we're still a long ways off. These challenges always lead me to learn more than I expected, and this one also gave me a better sense of all the internal technology Facebook engineers get to use, as well as a thorough overview of home automation. So far this year, I've built a simple AI that I can talk to on my phone and computer, that can control my home, including lights, temperature, appliances, music and security, that learns my tastes and patterns, that can learn new words and concepts, and that can even entertain Max. It uses several artificial intelligence techniques, including natural language processing, speech recognition, face recognition, and reinforcement learning, written in Python, PHP and Objective C. In this note, I'll explain what I built and what I learned along the way. Diagram of the systems connected to build Jarvis. Getting Started: Connecting the Home In some ways, this challenge was easier than I expected. In fact, my running challenge (I also set out to run 365 miles in 2016) took more total time. But one aspect that was much more complicated than I expected was simply connecting and communicating with all of the different systems in my home. Before I could build any AI, I first needed to write code to connect these systems, which all speak different languages and protocols. We use a Crestron system with our lights, thermostat and doors, a Sonos system with Spotify for music, a Samsung TV, a Nest cam for Max, and of course my work is connected to Facebook's systems. I had to reverse engineer APIs for some of these to even get to the point where I could issue a command from my computer to turn the lights on or get a song to play. Further, most appliances aren't even connected to the internet yet. It's possible to control some of these using internet-connected power switches that let you turn the power on and off remotely. But often that isn't enough. For example, one thing I learned is it's hard to find a toaster that will let you push the bread down while it's powered off so you can automatically start toasting when the power goes on. I ended up finding an old toaster from the 1950s and rigging it up with a connected switch. Similarly, I found that connecting a food dispenser for Beast or a grey t-shirt cannon would require hardware modifications to work. For assistants like Jarvis to be able to control everything in homes for more people, we need more devices to be connected and the industry needs to develop common APIs and standards for the devices to talk to each other. An example natural language request from command line. Natural Language Once I wrote the code so my computer could control my home, the next step was making it so I could talk to my computer and home the way I'd talk to anyone else. This was a two step process: first I made it so I could communicate using text messages, and later I added the ability to speak and have it translate my speech into text for it to read. It started simple by looking for keywords, like "bedroom", "lights", and "on" to determine I was telling it to turn the lights on in the bedroom. It quickly became clear that it needed to learn synonyms, like that "family room" and "living room" mean the same thing in our home. This meant building a way to teach it new words and concepts. Understanding context is important for any AI. For example, when I tell it to turn the AC up in "my office", that means something completely different from when Priscilla tells it the exact same thing. That one caused some issues! Or, for example, when you ask it to make the lights dimmer or to play a song without specifying a room, it needs to know where you are or it might end up blasting music in Max's room when we really need her to take a nap. Whoops. Music is a more interesting and complex domain for natural language because there are too many artists, songs and albums for a keyword system to handle. The range of things you can ask it is also much greater. Lights can only be turned up or down, but when you say "play X", even subtle variations can mean many different things. Consider these requests related to Adele: "play someone like you", "play someone like adele", and "play some adele". Those sound similar, but each is a completely different category of request. The first plays a specific song, the second recommends an artist, and the third creates a playlist of Adele's best songs. Through a system of positive and negative feedback, an AI can learn these differences. The more context an AI has, the better it can handle open-ended requests. At this point, I mostly just ask Jarvis to "play me some music" and by looking at my past listening patterns, it mostly nails something I'd want to hear. If it gets the mood wrong, I can just tell it, for example, "that's not light, play something light", and it can both learn the classification for that song and adjust immediately. It also knows whether I'm talking to it or Priscilla is, so it can make recommendations based on what we each listen to. In general, I've found we use these more open-ended requests more frequently than more specific asks. No commercial products I know of do this today, and this seems like a big opportunity. Jarvis uses face recognition to let my friends in automatically and let me know. Vision and Face Recognition About one-third of the human brain is dedicated to vision, and there are many important AI problems related to understanding what is happening in images and videos. These problems include tracking (eg is Max awake and moving around in her crib?), object recognition (eg is that Beast or a rug in that room?), and face recognition (eg who is at the door?). Face recognition is a particularly difficult version of object recognition because most people look relatively similar compared to telling apart two random objects -- for example, a sandwich and a house. But Facebook has gotten very good at face recognition for identifying when your friends are in your photos. That expertise is also useful when your friends are at your door and your AI needs to determine whether to let them in. To do this, I installed a few cameras at my door that can capture images from all angles. AI systems today cannot identify people from the back of their heads, so having a few angles ensures we see the person's face. I built a simple server that continuously watches the cameras and runs a two step process: first, it runs face detection to see if any person has come into view, and second, if it finds a face, then it runs face recognition to identify who the person is. Once it identifies the person, it checks a list to confirm I'm expecting that person, and if I am then it will let them in and tell me they're here. This type of visual AI system is useful for a number of things, including knowing when Max is awake so it can start playing music or a Mandarin lesson, or solving the context problem of knowing which room in the house we're in so the AI can correctly respond to context-free requests like "turn the lights on" without providing a location. Like most aspects of this AI, vision is most useful when it informs a broader model of the world, connected with other abilities like knowing who your friends are and how to open the door when they're here. The more context the system has, the smarter is gets overall. I can text Jarvis from anywhere using a Messenger bot. Messenger Bot I programmed Jarvis on my computer, but in order to be useful I wanted to be able to communicate with it from anywhere I happened to be. That meant the communication had to happen through my phone, not a device placed in my home. I started off building a Messenger bot to communicate with Jarvis because it was so much easier than building a separate app. Messenger has a simple framework for building bots, and it automatically handles many things for you -- working across both iOS and Android, supporting text, image and audio content, reliably delivering push notifications, managing identity and permissions for different people, and more. You can learn about the bot framework at messenger.com/platform. I can text anything to my Jarvis bot, and it will instantly be relayed to my Jarvis server and processed. I can also send audio clips and the server can translate them into text and then execute those commands. In the middle of the day, if someone arrives at my home, Jarvis can text me an image and tell me who's there, or it can text me when I need to go do something. One thing that surprised me about my communication with Jarvis is that when I have the choice of either speaking or texting, I text much more than I would have expected. This is for a number of reasons, but mostly it feels less disturbing to people around me. If I'm doing something that relates to them, like playing music for all of us, then speaking feels fine, but most of the time text feels more appropriate. Similarly, when Jarvis communicates with me, I'd much rather receive that over text message than voice. That's because voice can be disruptive and text gives you more control of when you want to look at it. Even when I speak to Jarvis, if I'm using my phone, I often prefer it to text or display its response. This preference for text communication over voice communication fits a pattern we're seeing with Messenger and WhatsApp overall, where the volume of text messaging around the world is growing much faster than the volume of voice communication. This suggests that future AI products cannot be solely focused on voice and will need a private messaging interface as well. Once you're enabling private messaging, it's much better to use a platform like Messenger than to build a new app from scratch. I have always been optimistic about AI bots, but my experience with Jarvis has made me even more optimistic that we'll all communicate with bots like Jarvis in the future. Jarvis uses speech recognition in my iOS app to listen to my request for a fresh t-shirt. Voice and Speech Recognition Even though I think text will be more important for communicating with AIs than people realize, I still think voice will play a very important role too. The most useful aspect of voice is that it's very fast. You don't need to take out your phone, open an app, and start typing -- you just speak. To enable voice for Jarvis, I needed to build a dedicated Jarvis app that could listen continuously to what I say. The Messenger bot is great for many things, but the friction for using speech is way too much. My dedicated Jarvis app lets me put my phone on a desk and just have it listen. I could also put a number of phones with the Jarvis app around my home so I could talk to Jarvis in any room. That seems similar to Amazon's vision with Echo, but in my experience, it's surprising how frequently I want to communicate with Jarvis when I'm not home, so having the phone be the primary interface rather than a home device seems critical. I built the first version of the Jarvis app for iOS and I plan to build an Android version soon too. I hadn't built an iOS app since 2012 and one of my main observations is that the toolchain we've built at Facebook since then for developing these apps and for doing speech recognition is very impressive. Speech recognition systems have improved recently, but no AI system is good enough to understand conversational speech just yet. Speech recognition relies on both listening to what you say and predicting what you will say next, so structured speech is still much easier to understand than unstructured conversation. Another interesting limitation of speech recognition systems -- and machine learning systems more generally -- is that they are more optimized for specific problems than most people realize. For example, understanding a person talking to a computer is subtly different problem from understanding a person talking to another person. If you train a machine learning system on data from Google of people speaking to a search engine, it will perform relatively worse on Facebook at understanding people talking to real people. In the case of Jarvis, training an AI that you'll talk to at close range is also different from training a system you'll talk to from all the way across the room, like Echo. These systems are more specialized than it appears, and that implies we are further off from having general systems than it might seem. On a psychologic level, once you can speak to a system, you attribute more emotional depth to it than a computer you might interact with using text or a graphic interface. One interesting observation is that ever since I built voice into Jarvis, I've also wanted to build in more humor. Part of this is that now it can interact with Max and I want those interactions to be entertaining for her, but part of it is that it now feels like it's present with us. I've taught it fun little games like Priscilla or I can ask it who we should tickle and it will randomly tell our family to all go tickle one of us, Max or Beast. I've also had fun adding classic lines like "I'm sorry, Priscilla. I'm afraid I can't do that." There's a lot more to explore with voice. The AI technology is just getting good enough for this to be the basis of a great product, and it will get much better in the next few years. At the same time, I think the best products like this will be ones you can bring with you anywhere and communicate with privately as well. Facebook Engineering Environment As the CEO of Facebook, I don't get much time to write code in our internal environment. I've never stopped coding, but these days I mostly build personal projects like Jarvis. I expected I'd learn a lot about the state of AI this year, but I didn't realize I would also learn so much about what it's like to be an engineer at Facebook. And it's impressive. My experience of ramping up in the Facebook codebase is probably pretty similar to what most new engineers here go through. I was consistently impressed by how well organized our code is, and how easy it was to find what you're looking for -- whether it's related to face recognition, speech recognition, the Messenger Bot Framework [messenger.com/platform] or iOS development. The open source Nuclide [github.com/facebook/nuclide] packages we've built to work with GitHub's Atom make development much easier. The Buck [buckbuild.com] build system we've developed to build large projects quickly also saved me a lot of time. Our open source FastText [github.com/facebookresearch/fastText] AI text classification tool is also a good one to check out, and if you're interested in AI development, the whole Facebook Research [github.com/facebookresearch] GitHub repo is worth taking a look at. One of our values is "move fast". That means you should be able to come here and build an app faster than you can anywhere else, including on your own. You should be able to come here and use our infra and AI tools to build things it would take you a long time to build on your own. Building internal tools that make engineering more efficient is important to any technology company, but this is something we take especially seriously. So I want to give a shout out to everyone on our infra and tools teams that make this so good. Next Steps Although this challenge is ending, I'm sure I'll continue improving Jarvis since I use it every day and I'm always finding new things I want to add. In the near term, the clearest next steps are building an Android app, setting up Jarvis voice terminals in more rooms around my home, and connecting more appliances. I'd love to have Jarvis control my Big Green Egg and help me cook, but that will take even more serious hacking than rigging up the t-shirt cannon. In the longer term, I'd like to explore teaching Jarvis how to learn new skills itself rather than me having to teach it how to perform specific tasks. If I spent another year on this challenge, I'd focus more on learning how learning works. Finally, over time it would be interesting to find ways to make this available to the world. I considered open sourcing my code, but it's currently too tightly tied to my own home, appliances and network configuration. If I ever build a layer that abstracts more home automation functionality, I may release that. Or, of course, that could be a great foundation to build a new product. Conclusions Building Jarvis was an interesting intellectual challenge, and it gave me direct experience building AI tools in areas that are important for our future. I've previously predicted that within 5-10 years we'll have AI systems that are more accurate than people for each of our senses -- vision, hearing, touch, etc, as well as things like language. It's impressive how powerful the state of the art for these tools is becoming, and this year makes me more confident in my prediction. At the same time, we are still far off from understanding how learning works. Everything I did this year -- natural language, face recognition, speech recognition and so on -- are all variants of the same fundamental pattern recognition techniques. We know how to show a computer many examples of something so it can recognize it accurately, but we still do not know how to take an idea from one domain and apply it to something completely different. To put that in perspective, I spent about 100 hours building Jarvis this year, and now I have a pretty good system that understands me and can do lots of things. But even if I spent 1,000 more hours, I probably wouldn't be able to build a system that could learn completely new skills on its own -- unless I made some fundamental breakthrough in the state of AI along the way. In a way, AI is both closer and farther off than we imagine. AI is closer to being able to do more powerful things than most people expect -- driving cars, curing diseases, discovering planets, understanding media. Those will each have a great impact on the world, but we're still figuring out what real intelligence is. Overall, this was a great challenge. These challenges have a way of teaching me more than I expected at the beginning. This year I thought I'd learn about AI, and I also learned about home automation and Facebook's internal technology too. That's what's so interesting about these challenges. Thanks for following along with this challenge and I'm looking forward to sharing next year's challenge in a few weeks. Sursa: https://www.facebook.com/notes/mark-zuckerberg/building-jarvis/10154361492931634/
  16. 3 points
    Matematica este limbajul comun prin care poti tanzitiona o idee dintr-o parte in alta. Este doar unul din canalele de comunicare dintre cele doua. Pentru a intelege ce vreau sa spun, trebuie sa intelegi cum functioneaza caile de comunicare dezvoltate si intelese de om. Absolut tot ceea ce suntem capabili sa intelegem este o colectie de referinte. Invatam limba materna repetand ce zic ceilalti, invatam cuvinte si expresii noi folosit analogii alcatuite din cuvintele pe care le cunoastem deja, invatam limbi straine prin traducerea lor in limba materna, invatam limbaje de programare prin pseudocod, care e de fapt o simplificare radicala a uneia din limbile pe care le cunoastem, gandim intr-una din limbile pe care le cunoastem, cand invatam ceva nou, nu putem aprofunda pana nu stabilim bazele, etc. Singurul mod de interactiune intre doua medii diferite e ca ambele sa foloseasca un limbaj comun. Imagineaza-ti doi oameni care incearca sa comunice intre ei, unul e vorbitor nativ de chineza, iar celalalt de spaniola. Tot ce pot face, pentru a comunica un gand, e sa foloseasca instructiuni recunoscute de amandoi. Pot gesticula, pot afisa anumite expresii faciale cunoscute de amandoi, unul din ei poate invata limba celuilalt, pot folosi o alta limba total diferita pe care o cunosc amandoi si asa mai departe. Indiferent de tipul de interactiune, tot ce fac e sa-si traduca gandurile intr-un limbaj pe care celalalt il va intelege. In cazul tau, procesul decurge in felul urmator: - Tu vrei sa folosesti un concept exemplificat in fizica si ai nevoie de un mod de a-l comunica mai departe, calculatorului. In starea lui initiala, conceptul este reprezentat de o definitie scrisa folosind elemente de literatura, sau cel putin asta e starea in care-l pastrezi tu, pentru ca de asta te folosesti pentru a intelege lucruri. De aici ai nevoie de una sau mai multe cai de traducere astfel incat la final sa devina inteligibil pentru tranzistorii unui procesor. Stii ca drumul pana la tranzistori este pavat cel putin cu Binary, Assembly si C++, deci ai nevoie de o cale de traducere din literatura in una din cele trei, insa, fie nu exista, fie nu o cunosti. Asadar, daca nu ai o cale directa, poti adauga inca un translator in proces. - Astfel iti amintesti ca toate conceptele fizicii pot fi reprezentate matematic, asa ca iti pregatesti formulele si incerci din nou sa le traduci in una din cele 3. - Observi ca poti traduce foarte usor matematica in C++. - Din C++, compilatorul il traduce in Assembly. - Un alt compilator il traduce apoi in limbajul tranzistorilor, Binary. Te gandesti la fizica, matematica si info ca fiind lucruri total diferite, insa in realitate sunt doar cai diferite de comunicare, pe care le folosim in functie de capacitatile receptorului.
  17. 3 points
    A team of academics has successfully developed and tested malware that can exfiltrate data from air-gapped computers via power lines. The team —from the Ben-Gurion University of the Negev in Israel— named their data exfiltration technique PowerHammer. PowerHammer works by infecting an air-gapped computer with malware that intentionally alters CPU utilization levels to make the victim's computer consume more or less electrical power. By default, computers extract power from the local network in a uniform manner. A PowerHammer attack produces a variation of the amount of power a victim's PC sucks from the local electrical network. This phenomena is known as a "conducted emission." By altering the high and low power consumption levels, PowerHammer malware can encode binary data from a victim's computer into the power consumption pattern. There are two types of PowerHammer attacks To retrieve this data, an attacker must tap a victim's electrical network so it can read the power consumption variation and decode the binary data hidden inside. Based where the attacker places his tapping rig, two types of PowerHammer attacks exists, with two different exfiltration speeds. The first is "line level power-hammering," and this occurs when the attacker manages to tap the power cable between the air-gapped computer and the electrical socket. The exfiltration speed for a line level hammering is around 1,000 bits/second. The second is "phase level power-hammering," this version of the attack occurs when the intruder taps the power lines at the phase level, in a building's electrical panel. This version of the PowerHammer attack is more stealthy but can recover data at only 10 bits/second, mainly due to greater amount of "noise" at the power line phase level. Attack uses off-the-shelf electrical equipment The tapping device isn't anything super-advanced, being a mundane split-core current transformer that can be attached to any electrical line. This is a non-invasive probe which is clamped around the power line and measures the amount of current passing through it (Fig. 10). The non-invasive probe behaves like an inductor which responds to the magnetic field around a current-carrying cable (Fig. 10 b). The amount of current in the coil is correlated with the amount of current flowing in the conductor. For our experiments we used SparkFun’s split core current transformer ECS1030-L72. The tapping device (probe) is also capable of sending the recorded data to a nearby computer via WiFi, making data collection easier from afar, without the attacker having to physically connect to the tapping probe. Attack works on desktops, servers, IoT devices Experiments revealed the attack is successful for stealing data from air-gapped desktops, laptops, servers, and even IoT devices, but the speed exfiltration speed is slower for the latter. Another observation is that exfiltration speed gets better the more cores a CPU possesses. Mitigations and more details for our technically inclined users are available in the research team's paper, entitled "PowerHammer: Exfiltrating Data from Air-Gapped Computers through Power Lines." It also must be said that this malware is only an experiment and if ever deployed in the wild, such a tool would only be found in the arsenal of intelligence agencies and not something that normal users would see every day. The research center from the Ben-Gurion University of the Negev who came up with this new data exfiltration technique has a long history of innovative —and sometimes weird— hacks, all listed below: LED-it-Go - exfiltrate data from air-gapped systems via an HDD's activity LED SPEAKE(a)R - use headphones to record audio and spy on nearby users 9-1-1 DDoS - launch DDoS attacks that can cripple a US state's 911 emergency systems USBee - make a USB connector's data bus give out electromagnetic emissions that can be used to exfiltrate data AirHopper - use the local GPU card to emit electromagnetic signals to a nearby mobile phone, also used to steal data Fansmitter - steal data from air-gapped PCs using sounds emanated by a computer's GPU fan DiskFiltration - use controlled read/write HDD operations to steal data via sound waves BitWhisper - exfiltrate data from non-networked computers using heat emanations Unnamed attack - uses flatbed scanners to relay commands to malware infested PCs or to exfiltrate data from compromised systems xLED - use router or switch LEDs to exfiltrate data Shattered Trust - using backdoored replacement parts to take over smartphones aIR-Jumper - use security camera infrared capabilities to steal data from air-gapped networks HVACKer - use HVAC systems to control malware on air-gapped systems MAGNETO & ODINI - steal data from Faraday cage-protected systems MOSQUITO - steal data from PCs using speakers and headphones Sursa: https://www.bleepingcomputer.com/news/security/researchers-create-malware-that-steals-data-via-power-lines/
  18. 3 points
    Hooking Chrome’s SSL functions ON 26 FEBRUARY 2018 BY NYTROSECURITY The purpose of NetRipper is to capture functions that encrypt or decrypt data and send them through the network. This can be easily achieved for applications such as Firefox, where it is enough to find two DLL exported functions: PR_Read and PR_Write, but it is way more difficult for Google Chrome, where the SSL_Read and SSL_Write functions are not exported. The main problem for someone who wants to intercept such calls, is that we cannot easily find the functions inside the huge chrome.dll file. So we have to manually find them in the binary. But how can we do it? Chrome’s source code In order to achieve our goal, the best starting point might be Chrome’s source code. We can find it here: https://cs.chromium.org/ . It allows us to easily search and navigate through the source code. Articol complet: https://nytrosecurity.com/2018/02/26/hooking-chromes-ssl-functions/
  19. 3 points
    Salut, Va invit sa participati la un CTF destinat liceenilor interesati/pasionati de securitatea informationala, e un CTF destinat incepatorilor si intermediarilor. Puteti participa chiar daca nu sunteti liceean/liceeni la sectiunea "Just for fun". Link pentru mai multe detalii: https://contest.timisoaractf.com/home Multumesc!
  20. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  21. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  22. 3 points
    https://nytrosecurity.com/2018/03/31/netripper-at-blackhat-asia-arsenal-2018/
  23. 3 points
    Daca sunteti interesati de studierea filozofiei si nu stiti de unde sa porniti, sau daca vreti sa aflati cum a aparut fiecare religie, va recomand podcast-ul Philosophize This! Trebuie ascultat de la inceput, pentru ca informatia e foarte bine organizata intr-un mod liniar. De asemenea, trebuie ascultat in mod activ, pentru ca nu e doar zgomot de fundal. Daca nu ati fost atenti, va sugerez sa reluati episodul. Are transcripturile fiecarui episod pe site, daca sunteti interesati de citate. Are si recomandari de carti in unele episoade. Si, desigur, puteti sa va informati singuri mai departe despre fiecare subiect al fiecarui episod. P.S. Nu are rost sa va fortati cu el, daca nu va place primul episod, nu o sa va placa nici restul.
  24. 3 points
    53R3N17Y | Python based script for Information Gathering. Operating Systems Tested OSX El Capitan 10.11 Ubuntu 16.04 Backbox 5 Install MacOSX (as root) git clone https://github.com/abaykan/53R3N17Y.git /usr/local/share/serenity >echo 'alias serenity="/usr/local/share/serenity && ./serenity"' > ~/.zshrc cd /usr/local/share/serenity pip install -r requirements.txt serenity -h Linux (as root) git clone https://github.com/abaykan/53R3N17Y.git /usr/local/share/serenity >echo 'alias serenity="/usr/local/share/serenity && ./serenity"' > ~/.bashrc cd /usr/local/share/serenity pip install -r requirements.txt serenity -h note: tested with Python 2.7.14 Sursa: https://github.com/abaykan/53R3N17Y
  25. 3 points
    Pentester Academy TV Publicat pe 28 mar. 2018 ABONEAZĂ-TE 21 K Today's episode of The Tool Box features NetRipper. We breakdown everything you need to know! Including what it does, who it was developed by, and the best ways to use it! Check out NetRipper here: Github - https://github.com/NytroRST/NetRipper Send your tool to: media@pentesteracademy.com for consideration Thanks for watching and don't forget to subscribe to our channel for the latest cybersecurity news! Visit Hacker Arsenal for the latest attack-defense gadgets! https://www.hackerarsenal.com/ FOLLOW US ON: ~Facebook: http://bit.ly/2uS4pK0 ~Twitter: http://bit.ly/2vd5QSE ~Instagram: http://bit.ly/2v0tnY8 ~LinkedIn: http://bit.ly/2ujkyeC ~Google +: http://bit.ly/2tNFXtc ~Web: http://bit.ly/29dtbcn
  26. 3 points
    Salvezi fisierul ca CSV. Va arata cam asa: nume coloana Buducnost D.18.03.2018. 15:00 Stuttgart16.03.2018. 21:30 Nashville SC17.03.2018. 21:00 Univ.Costa Rica26.03.2018. 00:00 Criciuma22.03.2018. 02:45 Werder 17.03.2018. 16:30 Norvegia U1924.03.2018. 13:00 Il deschizi in Notepad++ si dai find & replace cu regex activat: Search: \d{2}\.\d{2}\.\d{4}\. \d{2}:\d{2} Replace with: ,$0 Adaugi un nume de coloana pentru data pe primul rand: nume coloana,data Fisierul acum ar trebui sa arate cam asa: nume coloana,data Buducnost D.,18.03.2018. 15:00 Stuttgart,16.03.2018. 21:30 Nashville SC,17.03.2018. 21:00 Univ.Costa Rica,26.03.2018. 00:00 Criciuma,22.03.2018. 02:45 Werder ,17.03.2018. 16:30 Norvegia U19,24.03.2018. 13:00 Salvezi ca CSV si importi in Excel. Pentru data si ora separate: Search: (\d{2}\.\d{2}\.\d{4})\. (\d{2}:\d{2}) Replace with: ,$1,$2 Adaugi numele de coloane: nume coloana,data,ora
  27. 3 points
    https://www.hacker101.com/ Sessions Introduction The Web In Depth XSS and Authorization SQL Injection and Friends Session Fixation Clickjacking File Inclusion Bugs File Upload Bugs Null Termination Bugs Unchecked Redirects Password Storage Crypto series Crypto Crash Course Crypto Attacks Crypto Wrap-Up Vulnerabilities Clickjacking Command Injection Cross-Site Request Forgery (CSRF) Directory Traversal Local/Remote File Inclusion Improper Authorization Insecure Password Storage Improper Handling of Null Termination Padding Oracle Reflected Cross-Site Scripting (XSS) Session Fixation SQL Injection Stored Cross-Site Scripting (XSS) Stream Cipher Key Reuse Subdomain Takeover Unchecked Redirect
  28. 3 points
  29. 2 points
    Unele mai au seed; Sursa: http://tparser.org/Offensive-security Nu garantez ca sunt curate. Результатов по запросу: «Offensive security» 1-18 из 18 Имя торрента Z Размер Сидер Личер T M Offensive-Security PWK Penetration Testing with Kali Other (Other) 678 MB 10 6 Offensive-Security - OSWP - WiFu Other (Other) 843 MB 11 5 Offensive Security PWK v1.0.1 (2014) PDF Other (E-books) 17 MB 11 0 Offensive Security 101 - Videos & PDF Video (Movies) 308 MB 1 4 Offensive Security - Penetration Testing with BackTrack v3.2 Other (E-books) 10 MB 4 1 Offensive Security - Penetration Testing with BackTrack (Lab Gui Other (E-books) 9 MB 3 0 Offensive Security - Wireless Attacks ( WiFu) v2.0.pdf Other (E-books) 14 MB 3 0 Offensive Security Labs Other (Other) 308 MB 3 0 Offensive Security - BackTrack to the Max Cracking the Perimeter Other (E-books) 3 MB 3 0 Offensive.Security.PWB.v3.0.pdf Other (E-books) 9 MB 2 1 Pack Offensive Security complet - Backtrack Other (E-books) 104 MB 2 1 Offensive Security 101 Online Training Video (Movie clips) 341 MB 2 0 Offensive Security 101 [2008] Компьютерные сети и безопасность 313 MB 1 1 Offensive Security WIFU v2.0 Other (E-books) 14 MB 1 0 Offensive Security - Sample video Video (Movie clips) 13 MB 0 1 BackTrack - Offensive Security Other (E-books) 312 MB 0 1 Offensive Security - Advanced Windows Exploitation (AWE) v 1.1 Other (E-books) 33 MB 0 0 Offensive Security Lecture Videos FSU 2013 Video (Other) 2.97 GB 0 0
  30. 2 points
    Am sters un topic plin de replici si activity a ramas fara posturi recente. Se va repara cand apar altele noi.
  31. 2 points
  32. 2 points
    1d5abfc7c3677dfe1f3bee96dd16763f 91e0bcf1e4dcb62103fe4c4470349514 d05f65815a4c7214f1eca37c9b29b61a
  33. 2 points
    Sursa pozei si linkuri catre discutia de pe twitter: https://www.reddit.com/r/sysadmin/comments/8aem4n/tmobile_plaintext_password_data_breach_thought_to/
  34. 2 points
    Salutare tuturor, De multa vreme nimeni nu a mai postat pe aici si am decis sa fac o serie de CrackMe challenges. Voi incepe cu Android, pentru ca e mai simplu de facut reversing si pentru a vedea daca se gasesc persoane interesate... In caz ca se gasesc, fac si ceva mai avansat (Android, Windows, Linux). CrackMe 0x01 Reguli: Va rog, NU POSTATI flag-urile direct in topic; Comentati cu "Done" la finisarea challenge-ului; Fiecare flag m-il trimiteti prin mesaj privat; Dificultate: Incepator; Link download: https://drive.google.com/file/d/1WR9DNW9G0uriCziv0Yarn4fewJbb3GJy/view?usp=sharing Checksum: [SHA-256] 250e0cf1731736e1c4385ac119701d61a042fcf5a09b25ff3a89746979bfd314, [MD5] 0b06afd55faefce5273742d1a80b6b6a; VirusTotal: https://www.virustotal.com/#/file/250e0cf1731736e1c4385ac119701d61a042fcf5a09b25ff3a89746979bfd314/details P.S. Acest challenge e unul super super simplu, insa in caz ca aveti intrebari adresati-le direct in comentarii! Completed by: aml (https://rstforums.com/forum/profile/207155-aml/); BogdanNBV (https://rstforums.com/forum/profile/29134-bogdannbv/); theandruala (https://rstforums.com/forum/profile/172582-theandruala/);
  35. 2 points
    https://1.1.1.1/
  36. 2 points
  37. 2 points
    Sunt 100% sigur ca ce gasesti acolo a fost "imprumutat" din alte parti. Asta e forum d-ala de hecheri pericolosi.
  38. 2 points
    Over 80 recipes that will take your PHP 7 web development skills to the next level! This is the most up-to-date book in the market on PHP It covers the new features of version 7.x, best practices for server-side programming, and MVC frameworks The recipe-based approach will allow you to explore the unique capabilities that PHP offers to web programmers Link: https://www.packtpub.com/packt/offers/free-learning
  39. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  40. 2 points
    Target audience
  41. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  42. 2 points
  43. 2 points
    https://www.facebook.com/help/223786757631885?helpref=faq_content https://www.facebook.com/help/224562897555674?helpref=faq_content Baga - https://fundatiamereuaproape.ro/donatii-in-cont/
  44. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  45. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  46. 2 points
    =LEFT(text,LEN(text)-n) daca faci trim right ai nr fix de caractere incepand din dreapta. nu ai nevoie de regex. Sursa: https://exceljet.net/formula/remove-characters-from-right Unde n pare a fi 17.
  47. 2 points
    Documents obtained by The Washington Post indicate that the National Security Agency is collecting billions of records a day to track the location of mobile phone users around the world. This bulk collection, performed under the NSA’s international surveillance authority, taps into the telephony links of major telecommunications providers including some here in the United States. The NSA collects this location and travel habit data to do “target development” — to find unknown associates of targets it already knows about To accomplish this, the NSA compiles information on a vast database of devices and their locations. Most of those collected, by definition, are suspected of no wrongdoing. Officials say they do not purposely collect U.S. phone locations in bulk, but a large number are swept up “incidentally.” Using these vast location databases, the NSA applies sophisticated analytics techniques to identify what it calls co-travelers — unknown associates who might be traveling with, or meeting up with a known target. HERE IS HOW IT WORK: https://www.washingtonpost.com/world/national-security/nsa-tracking-cellphone-locations-worldwide-snowden-documents-show/2013/12/04/5492873a-5cf2-11e3-bc56-c6ca94801fac_story.html?utm_term=.aacc009d53c5
  48. 2 points
    M-am jucat putin cu https://www.captionbot.ai/Home/Magic -> https://www.captionbot.ai/ si e interesant, cel putin din punct de vedere al securitatii. De exemplu, bagati https://cdn.cnn.com/cnnnext/dam/assets/141110204938-kim-jong-un-horizontal-large-gallery.png prin captionbot. In 5-10 ani trecand imagini CCTV din centrul Londrei si detectand starea de spirit a populatiei intr-o anumita zona sau dupa ce vad o anumita reclama.... Combinat cu pozele si informatiile din social media (gen scandalul Cambridge Analytica) si poti afla aproape in timp real cum se simte o persoana suspectata de exemplu ca ar pregati atentate. Sa vezi daca merge spre depresie, (analiza faciala mai avansata decat captionbot dar poate fi bagat in machine learning, etc)
  49. 2 points
    Poti sa te duci in pula mea. Cu placere.
  50. 2 points
    Imagineaza-ti ca bagi un stick la o gagica si gata ai futut-o. Unde e placerea? I zici vrei protejat sexul, cu firewall sau neprotejat? Une vrei sa ne futem, in localhost sau online?
×