Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by Usr6

  1. Python is an amazing language with a strong and friendly community of programmers. However, there is a lack of documentation on what to learn after getting the basics of Python down your throat. Through this book I aim to solve this problem. I would give you bits of information about some interesting topics which you can further explore. The topics which are discussed in this book open up your mind towards some nice corners of Python language. This book is an outcome of my desire to have something like this when I was beginning to learn Python. If you are a beginner, intermedia
  2. Photonic Side Channel Attacks Against RSA Elad Carmon, Jean-Pierre Seifert, Avishai Wool Abstract This paper describes the first attack utilizing the photonic side channel against a public-key crypto-system. We evaluated three common implementations of RSA modular exponentiation, all using the Karatsuba multiplication method. We discovered that the key length had marginal impact onresilience to the attack: attacking a 2048-bit key required only 9% more decryption attempts than a 1024-bit key. We found that the most dominant parameter impacting the attacker’s effort is the
  3. Image: byrev / Pixabay If you wanted an exhaustive reference for all the command line tools and utilities available in Windows, "/h" was as good as it got. Well, that was until last month, when Microsoft published a whopping big PDF with information on every single terminal command the operating system has to offer. The document, released on April 18, comes in at 4.6MB and 948 pages and covers the following platforms: Windows Server (Semi-Annual Channel) Windows Server 2016 Windows Server 2012 R2 Windows Server 2012 Wi
  4. Syhunt Huntpad is a notepad application with features that are particularly useful to penetration testers and bug hunters - a collection of common injection string generators, hash generators, encoders and decoders, HTML and text manipulation functions, and so on, coupled with syntax highlighting for several programming languages. Huntpad borrows many features from Syhunt Sandcat's QuickInject sidebar. Like its cousin, it is focused on File Inclusion, XSS and SQL Injection and comes with the following options: Syntax Highlighting - supporting HTML, JavaScript, CSS, XML, PHP, Ruby, S
  5. I’m tired of saying, “Be careful, it’s speculative.” Then, “Be careful, it’s gambling.” Then, “Be careful, it’s a bubble.” Okay, I’ll say it: Bitcoin is a scam. In my opinion, it’s a colossal pump-and-dump scheme, the likes of which the world has never seen. In a pump-and-dump game, promoters “pump” up the price of a security creating a speculative frenzy, then “dump” some of their holdings at artificially high prices. And some cryptocurrencies are pure frauds. Ernst & Young estimates that 10 percent of the money raised for initial coin offerings has been stolen. The loser
  6. As before, the CrackMe is dedicated to malware analysts and to those who want to practice becoming them. That’s why it is not just a set of some abstract riddles, but an exercise that walks through selected tricks that were used in real malware. (Expect some original schemes designed just for this game, too.) Of course, all is demonstrated on harmless examples, but we still recommend you use VM for reversing it so that it will not interfere with any antivirus protection. Rules of the contest There are two CrackMe contests: Capture the flag. The first three submitted flags w
  7. My personal challenge for 2016 was to build a simple AI to run my home -- like Jarvis in Iron Man. My goal was to learn about the state of artificial intelligence -- where we're further along than people realize and where we're still a long ways off. These challenges always lead me to learn more than I expected, and this one also gave me a better sense of all the internal technology Facebook engineers get to use, as well as a thorough overview of home automation. So far this year, I've built a simple AI that I can talk to on my phone and computer, that can control my home, includ
  8. A team of academics has successfully developed and tested malware that can exfiltrate data from air-gapped computers via power lines. The team —from the Ben-Gurion University of the Negev in Israel— named their data exfiltration technique PowerHammer. PowerHammer works by infecting an air-gapped computer with malware that intentionally alters CPU utilization levels to make the victim's computer consume more or less electrical power. By default, computers extract power from the local network in a uniform manner. A PowerHammer attack produces a variation of the amount of power a victim
  9. A study funded by DARPA increased the possibility of memory-enhancing brain prosthetics. The animal research done previously showed successful results after which the study was conducted on patients at Wake Forest Baptist Medical Center. The patients there were already having brain implants as a part of their epilepsy treatment. They experienced major improvements in both short-term and long-term memory. The patients were asked to play a memory-related computer game in which they were asked to remember specific things. When the patients were trying to remember those things, the researcher
  10. Usr6

    Fun stuff

    Sursa pozei si linkuri catre discutia de pe twitter: https://www.reddit.com/r/sysadmin/comments/8aem4n/tmobile_plaintext_password_data_breach_thought_to/
  11. Over 80 recipes that will take your PHP 7 web development skills to the next level! This is the most up-to-date book in the market on PHP It covers the new features of version 7.x, best practices for server-side programming, and MVC frameworks The recipe-based approach will allow you to explore the unique capabilities that PHP offers to web programmers Link: https://www.packtpub.com/packt/offers/free-learning
  12. Canon has just released this new 3-minute video showing the power of its 120-megapixel CMOS sensor, which it first announced in September 2015 and then showed off at an expo in May 2016. The sensor is called the 120MXS, and it has an ultra-high-resolution of 13280×9184, or about 60 times the resolution of Full HD video. Physically, the sensor is an APS-H sensor (29.22×20.20mm), which falls between full frame (36×24 mm) and APS-C crop (22.5x15mm): “Ultra-high-resolution is made possible by parallel signal processing, which reads signals at high speed from multiple pixels,” Can
  13. Sublime has highly customizable build systems that can add to your productivity if you learn how to use them to your advantage. You can define one for your project and whenever you are editing any file, you can run certain commands on the source file and see the output in the sublime console, without leaving the editor. I mostly use IntelliJ for development but still find myself switching to sublime text time to time, depending upon the nature of the project. I mainly use sublime when I have to write some small script or a library, and when I use it I prefer to setup the build system to m
  14. Documents obtained by The Washington Post indicate that the National Security Agency is collecting billions of records a day to track the location of mobile phone users around the world. This bulk collection, performed under the NSA’s international surveillance authority, taps into the telephony links of major telecommunications providers including some here in the United States. The NSA collects this location and travel habit data to do “target development” — to find unknown associates of targets it already knows about To accomplish this, the NSA compiles information on a vast database o
  15. We tested 3 popular VPNs: Hotspot Shield, PureVPN, and Zenmate with accredited researchers to find if the VPNs could leak data. While we hoped to find zero leaks, we regretfully found that all of them leak sensitive data. On the positive side, after we contacted the VPN vendors, we saw one that was fast to respond and release a patch within days. We are still waiting to hear from the other two VPN vendors, and have decided to publish the information in hope that they will hurry up and fix the underlying issues for the benefit of their users. Here’s a is a summary of our findings
  16. In just one night a Russian crime gang stole 3.8 million slopes (860,000 euros) from 32 ATMs belonging to the Raiffeisen Romania bank. Cybercriminals stole 3.8 million slopes (860,000 euros) from 32 ATMs belonging to the Raiffeisen Romania bank using an infected RTF document. The criminal organization led by Dmitriy Kvasov operated in Romania, the gang stole the money in just one night in 2016. “One night Raiffeisen Bank lost control of all ATMs in Romania • Although it seems impossible, the control of ATMs across the country was taken over by a group of Russian hackers • It is
  17. # TOR Browser 0day : JavaScript Exploit ! ## Works on Firefox versions 41 - 50 ### The critical vulnerability is believed to affect multiple Windows versions of the open source Firefox web browser as far back as Firefox version 41, and up to Firefox version 50. When exploit opened by a Firefox or Tor Browser with Javascript enabled on a Windows computer, it leverage a memory corruption vulnerability in the background to make direct calls to kernel32.dll, which allows malicious code to be executed on computers running Windows. <i>Makes redirect to '/member.php' after code execut
  18. hai sa mai incercam ceva regshot (https://sourceforge.net/projects/regshot/postdownload?source=dlp) ii dai la scan dir c:\, dai 1st shot, astepti sa termine, deschizi programu ala astepti cateva minute, te intorci in regshot ii dai 2nd shot astepti sa termine si dupa dai compare. ar trebui sa-ti ofere o lista cu toate fisierele care au aparut pe c:\ intre cele doua shoturi
  19. tie respectivul program iti dezarhiveaza arhiva da? - te-ai uitat in temp? ( fisierele dezarhivate trebuie depozitate, macar temporar, undeva), daca nu-s in temp, vezi tot din procexp uite te dupa un fisier din arhiva respectiva da prop pe el si vezi path - mai poti incerca sa atasezi ida pe procesul programului dupa ce termina de dezarhivat si sa te uiti iar dupa parola Nu cumva este vorba de un program cu licenta care trimite niste date de identificare (hwid) catre un server si iti deschide arhiva doar in cazul in care iti este recunoscut pc-ul?
  20. Network programming in python This is a quick guide/tutorial on socket programming in python. Socket programming python is very similar to C. To summarise the basics, sockets are the fundamental "things" behind any kind of network communications done by your computer. For example when you type www.google.com in your web browser, it opens a socket and connects to google.com to fetch the page and show it to you. Same with any chat client like gtalk or skype. Any network communication goes through a socket. In this tutorial we shall be programming tcp sockets in python. You c
  21. The Process Environment Block (PEB) is a wonderful thing, and I’d be lying if I told you that I didn’t love it. It has been present in Windows since the introduction of the Win2k (Windows 2000) and it has been improved through newer versions of Windows ever since. On earlier versions of Windows, it could be abused to do some nasty things like hiding loaded modules present within a process (to prevent them from being found – obviously this is not a beautiful thing though). What is this magic so-called “Process Environment (PEB)”? The PEB is a structure which holds data about the current pr
  22. Schimbai numele din ida.exe in orice.exe, prima data uite te in stringuri dupa chestii interesante"Shift+F12" p.s. Exista sanse ca parola sa fie plain text in fisier/memorie - ruleaza programu - deschide procexp, click dreapta pe procesul tau > Properties >Strings - alegi Image si dai save (salvezi stringurile din fisier) -alegi Memory si dai save (salvezi stringurile din memorie) uitate prin cele 2 fisiere dupa orice poate semana a parola (plain text, hex, base64) Daca crezi ca isi ia parola de pe server te poti uita dupa conxiunile
  23. This is the first in a series of articles about reverse engineering Android applications. In this series I will cover the anatomy of the APK and AAR package formats and few tools commonly used to reverse engineering or inspecting applications: aapt, dex2jar, apktool and Androguard. Part 1 – APK and AAR format Part 2 – aapt Part 3 – dex2jar Part 4 – apktool Part 5 – Androguard
  24. poti sa-ti faci cont si cu email normal daca doresti sa participici doar pt challenge
  • Create New...