Now that everyone's using Zoom, here are some privacy risks you need to watch out for - CNET Link to post
HOW to KEEP Your Packages SAFE (better than a glitter bomb) - YouTube Link to post
Hardware Solutions To Highly-Adversarial Environments - Whitebox Crypto vs TPM vs TEE vs Secure Enclaves vs Secure Elements vs HSM vs CloudHSM vs KMS - Part 1 Link to post
Password stealer Trojan – Malware Analysis | Malware Analysis Link to post
Incident: Melbourne IT services firm Geidi hit by REvil ransomware | iTWire - Australian Information Security Awareness and Advisory Link to post
Windows Portable Apps: Multi One Password Link to post
Friday Squid Blogging: Squid Can Edit Their Own Genome - Schneier on Security Link to post
JavaScript without parentheses using DOMMatrix | PortSwigger Research Link to post
While US Fights COVID-19, 83 Percent of Healthcare Systems Run Outdated Software | PCMag Link to post
Czech hospital hit by cyberattack while in the midst of a COVID-19 outbreak | ZDNet Link to post
Digital rights activists raise money for billboard criticizing Schiff over surveillance fight | TheHill Link to post
Story of Gus Weiss - Schneier on Security Link to post
FCC: Watch Out for Robocall Scams Offering Fake Coronavirus Test Kits | PCMag Link to post
Working From Home | How to Use Zoom, Slack and Other Remote Software Safely | SentinelOne Link to post
Massive Pin Tumbler Lock. How Locks Work. FarmCraft101 - YouTube Link to post
Stalker | Frida • A world-class dynamic instrumentation framework Link to post
Ransomware Gangs to Stop Attacking Health Orgs During Pandemic - Geeks Gyaan Link to post
GitHub - m0bilesecurity/RMS-Runtime-Mobile-Security: Runtime Mobile Security (RMS) is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime Link to post
[011] Iseo F6 Extra S - pick + gut - YouTube Link to post
[5] Illinois Duo Cabinet Lock Picked - YouTube Link to post
Unidentified Database Exposes 200 Million Americans | CyberNews Link to post
Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics | ZDNet Link to post
Detailed Audit of Voatz' Voting App Confirms Security Flaws Link to post
Hackers are targeting your kids to infect Android and Chromebook devices with malware | Laptop Mag Link to post
A call to developers (as a developer) - Benedikt Berger - Medium Link to post
CVE#: CVE-2020-10245 Published Date: 2020-03-26 CVSS: NO CVSS Description: CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.
CVE#: CVE-2020-10508 Published Date: 2020-03-27 CVSS: NO CVSS Description: Sunnet eHRD, a human training and development management system, improperly stores system files. Attackers can use a specific URL and capture confidential information.
CVE#: CVE-2020-10509 Published Date: 2020-03-27 CVSS: NO CVSS Description: Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack.
CVE#: CVE-2020-10510 Published Date: 2020-03-27 CVSS: NO CVSS Description: Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data.
CVE#: CVE-2020-10607 Published Date: 2020-03-27 CVSS: NO CVSS Description: In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
CVE#: CVE-2020-10817 Published Date: 2020-03-27 CVSS: NO CVSS Description: The custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued.
CVE#: CVE-2020-10823 Published Date: 2020-03-26 CVSS: NO CVSS Description: A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 1 of 3).
CVE#: CVE-2020-10824 Published Date: 2020-03-26 CVSS: NO CVSS Description: A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 2 of 3).
CVE#: CVE-2020-10825 Published Date: 2020-03-26 CVSS: NO CVSS Description: A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 3 of 3).
CVE#: CVE-2020-10826 Published Date: 2020-03-26 CVSS: NO CVSS Description: /cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode.
CVE#: CVE-2020-10827 Published Date: 2020-03-26 CVSS: NO CVSS Description: A stack-based buffer overflow in apmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.
CVE#: CVE-2020-10828 Published Date: 2020-03-26 CVSS: NO CVSS Description: A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.
CVE#: CVE-2020-10939 Published Date: 2020-03-27 CVSS: NO CVSS Description: Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation.
CVE#: CVE-2020-10940 Published Date: 2020-03-27 CVSS: NO CVSS Description: Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service.
CVE#: CVE-2020-10952 Published Date: 2020-03-27 CVSS: NO CVSS Description: GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.
CVE#: CVE-2020-10953 Published Date: 2020-03-27 CVSS: NO CVSS Description: In GitLab EE 11.7 through 12.9, the NPM feature is vulnerable to a path traversal issue.
CVE#: CVE-2020-10954 Published Date: 2020-03-27 CVSS: NO CVSS Description: GitLab through 12.9 is affected by a potential DoS in repository archive download.
CVE#: CVE-2020-10955 Published Date: 2020-03-27 CVSS: NO CVSS Description: GitLab EE/CE 11.1 through 12.9 is vulnerable to parameter tampering on an upload feature that allows an unauthorized user to read content available under specific folders.
CVE#: CVE-2020-10956 Published Date: 2020-03-27 CVSS: NO CVSS Description: GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a project import note feature.
CVE#: CVE-2020-10968 Published Date: 2020-03-26 CVSS: NO CVSS Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).
CVE#: CVE-2020-10969 Published Date: 2020-03-26 CVSS: NO CVSS Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.
CVE#: CVE-2020-10990 Published Date: 2020-03-27 CVSS: NO CVSS Description: An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component.
CVE#: CVE-2020-10991 Published Date: 2020-03-27 CVSS: NO CVSS Description: Mulesoft APIkit through 1.3.0 allows XXE because of validation/RestXmlSchemaValidator.java
CVE#: CVE-2020-10992 Published Date: 2020-03-27 CVSS: NO CVSS Description: Azkaban through 3.84.0 allows XXE, related to validator/XmlValidatorManager.java and user/XmlUserManager.java.
CVE#: CVE-2020-10993 Published Date: 2020-03-27 CVSS: NO CVSS Description: Osmand through 2.0.0 allow XXE because of binary/BinaryMapIndexReader.java.
CVE#: CVE-2020-1764 Published Date: 2020-03-26 CVSS: NO CVSS Description: A hard-coded cryptographic key vulnerability in the default configuration file was found in Kiali, all versions prior to 1.15.1. A remote attacker could abuse this flaw by creating their own JWT signed tokens and bypass Kiali authentication mechanisms, possibly gaining privileges to view and alter the Istio configuration.
CVE#: CVE-2020-1769 Published Date: 2020-03-27 CVSS: NO CVSS Description: In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
CVE#: CVE-2020-1770 Published Date: 2020-03-27 CVSS: NO CVSS Description: Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
CVE#: CVE-2020-1771 Published Date: 2020-03-27 CVSS: NO CVSS Description: Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). When agent opens the link, JavaScript code is executed due to the missing parameter encoding. This issue affects: ((OTRS)) Community Edition: 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
CVE#: CVE-2020-1772 Published Date: 2020-03-27 CVSS: NO CVSS Description: It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
CVE#: CVE-2020-1773 Published Date: 2020-03-27 CVSS: NO CVSS Description: It's possible that an authenticated user guess other session IDs based on its own. Also it's possible to guess a password reset token or an automated password generated. This issue affects ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS; 7.0.15 and prior versions.
CVE#: CVE-2020-1800 Published Date: 2020-03-26 CVSS: NO CVSS Description: HUAWEI smartphones P30 with versions earlier than 10.0.0.185(C00E85R1P11) have an improper access control vulnerability. The software incorrectly restricts access to a function interface from an unauthorized actor, the attacker tricks the user into installing a crafted application, successful exploit could allow the attacker do certain unauthenticated operations.
CVE#: CVE-2020-3920 Published Date: 2020-03-27 CVSS: NO CVSS Description: UltraLog Express device management interface does not properly perform access authentication in some specific pages/functions. Any user can access the privileged page to manage accounts through specific system directory.
CVE#: CVE-2020-3921 Published Date: 2020-03-27 CVSS: NO CVSS Description: UltraLog Express device management software stores user’s information in cleartext. Any user can obtain accounts information through a specific page.
CVE#: CVE-2020-3936 Published Date: 2020-03-27 CVSS: NO CVSS Description: UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL command.
CVE#: CVE-2020-4276 Published Date: 2020-03-26 CVSS: NO CVSS Description: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. X-Force ID: 175984.
CVE#: CVE-2020-5129 Published Date: 2020-03-26 CVSS: NO CVSS Description: A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000 Version 12.1.0-06411 and earlier.
CVE#: CVE-2020-5339 Published Date: 2020-03-26 CVSS: NO CVSS Description: RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript code through the Security Console web interface. When other Security Console administrators open the affected report page, the injected scripts could potentially be executed in their browser.
CVE#: CVE-2020-5340 Published Date: 2020-03-26 CVSS: NO CVSS Description: RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript code through the Security Console web interface. When other Security Console administrators attempt to change the default security domain mapping, the injected scripts could potentially be executed in their browser.
CVE#: CVE-2020-5857 Published Date: 2020-03-27 CVSS: NO CVSS Description: On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, undisclosed HTTP behavior may lead to a denial of service.
CVE#: CVE-2020-5858 Published Date: 2020-03-27 CVSS: NO CVSS Description: On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, users with non-administrator roles (for example, Guest or Resource Administrator) with tmsh shell access can execute arbitrary commands with elevated privilege via a crafted tmsh command.
CVE#: CVE-2020-5859 Published Date: 2020-03-27 CVSS: NO CVSS Description: On BIG-IP 15.1.0.1, specially formatted HTTP/3 messages may cause TMM to produce a core file.
CVE#: CVE-2020-5860 Published Date: 2020-03-27 CVSS: NO CVSS Description: On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, in a High Availability (HA) network failover in Device Service Cluster (DSC), the failover service does not require a strong form of authentication and HA network failover traffic is not encrypted by Transport Layer Security (TLS).
CVE#: CVE-2020-5861 Published Date: 2020-03-27 CVSS: NO CVSS Description: On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorrectly optimizes stored data resulting in memory errors.
CVE#: CVE-2020-5862 Published Date: 2020-03-27 CVSS: NO CVSS Description: On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. This issue does not affect any other platforms, hardware or virtual, or any other cloud provider since the affected driver is specific to AWS.
CVE#: CVE-2020-5863 Published Date: 2020-03-27 CVSS: NO CVSS Description: In NGINX Controller versions prior to 3.2.0, an unauthenticated attacker with network access to the Controller API can create unprivileged user accounts. The user which is created is only able to upload a new license to the system but cannot view or modify any other components of the system.
CVE#: CVE-2020-6095 Published Date: 2020-03-27 CVSS: NO CVSS Description: An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.
CVE#: CVE-2020-6999 Published Date: 2020-03-26 CVSS: NO CVSS Description: In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer.
CVE#: CVE-2020-7260 Published Date: 2020-03-26 CVSS: NO CVSS Description: DLL Side Loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder.
CVE#: CVE-2020-7918 Published Date: 2020-03-27 CVSS: NO CVSS Description: An insecure direct object reference in webmail in totemo totemomail 7.0.0 allows an authenticated remote user to read and modify mail folder names of other users via enumeration.
CVE#: CVE-2020-7944 Published Date: 2020-03-26 CVSS: NO CVSS Description: In Continuous Delivery for Puppet Enterprise (CD4PE) before 3.4.0, changes to resources or classes containing Sensitive parameters can result in the Sensitive parameters ending up in the impact analysis report.
CVE#: CVE-2020-8551 Published Date: 2020-03-27 CVSS: NO CVSS Description: The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.
CVE#: CVE-2020-8552 Published Date: 2020-03-27 CVSS: NO CVSS Description: The Kubernetes API server component in versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.
CVE#: CVE-2020-8910 Published Date: 2020-03-26 CVSS: NO CVSS Description: A URL parsing issue in goog.uri of the Google Closure Library versions up to and including v20200224 allows an attacker to send malicious URLs to be parsed by the library and return the wrong authority. Mitigation: update your library to version v20200315.
CVE#: CVE-2020-8923 Published Date: 2020-03-26 CVSS: NO CVSS Description: An improper HTML sanitization in Dart versions up to and including 2.7.1 and dev versions 2.8.0-dev.16.0, allows an attacker leveraging DOM Clobbering techniques to skip the sanitization and inject custom html/javascript (XSS). Mitigation: update your Dart SDK to 2.7.2, and 2.8.0-dev.17.0 for the dev version. If you cannot update, we recommend you review the way you use the affected APIs, and pay special attention to cases where user-provided data is used to populate DOM nodes. Consider using Element.innerText or Node.text to populate DOM elements.
CVE#: CVE-2020-9065 Published Date: 2020-03-26 CVSS: NO CVSS Description: Huawei smart phone Taurus-AL00B with versions earlier than 10.0.0.203(C00E201R7P2) have a use-after-free (UAF) vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the availability.
CVE#: CVE-2020-9066 Published Date: 2020-03-26 CVSS: NO CVSS Description: Huawei smartphones OxfordP-AN10B with versions earlier than 10.0.1.169(C00E166R4P1) have an improper authentication vulnerability. The Application doesn't perform proper authentication when user performs certain operations. An attacker can trick user into installing a malicious plug-in to exploit this vulnerability. Successful exploit could allow the attacker to bypass the authentication to perform unauthorized operations.
CVE#: CVE-2020-9467 Published Date: 2020-03-26 CVSS: 2.7 Description: Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function.
CVE#: CVE-2020-9468 Published Date: 2020-03-26 CVSS: NO CVSS Description: The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for which they do not have permission, by manipulating the image_id parameter.
CVE#: CVE-2020-9521 Published Date: 2020-03-26 CVSS: NO CVSS Description: An SQL injection vulnerability was discovered in Micro Focus Service Manager Automation (SMA), affecting versions 2019.08, 2019.05, 2019.02, 2018.08, 2018.05, 2018.02. The vulnerability could allow for the improper neutralization of special elements in SQL commands and may lead to the product being vulnerable to SQL injection.
----Hacking Updates----
willshiao updated CheaterBeater. This repo has 3 stars and 1 watchers. This repo was created on 2020-03-28. --- LA Hacks 2020 project. Link to Repo
adrianblancode updated Cheddar. This repo has 14 stars and 3 watchers. This repo was created on 2015-07-25. --- Hacker News reader for Android Link to Repo
walterli97 updated LAHackCoronaVirus. This repo has 0 stars and 2 watchers. This repo was created on 2020-03-28. --- LA Hack code repo Link to Repo
Frederick-S updated sp-hacker-news. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-25. --- A simple Hacker News client for SharePoint Online. Link to Repo
Kaosam updated HTBWriteups. This repo has 2 stars and 2 watchers. This repo was created on 2020-02-08. --- Writeups of Hack The Box machines, Italian and English languages Link to Repo
vasuadari updated hacker_news_alert. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-28. --- Email alert for Hacker News. Link to Repo
hackerrishad updated Facebook-Hacking-Framework. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-29. --- None Link to Repo
gits-lit updated place.it. This repo has 0 stars and 4 watchers. This repo was created on 2020-03-28. --- We are hacking LA Hacks 2020 Link to Repo
SimonCropp updated SetStartupProjects. This repo has 19 stars and 5 watchers. This repo was created on 2015-05-16. --- Setting Visual Studio startup projects by hacking the suo Link to Repo
peterbartels updated dutch-hacking-health-corona-15. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-27. --- Hackathon for Dutch Hacking Health so that people can share their knowledge and profile so that they can contribute in helping combat COVID-19 Link to Repo
tim-nguyen-cs updated cuarantine-collab-compete. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-28. --- LA Hacks 2020 Link to Repo
noplacenoaddress updated RNMnetwork. This repo has 0 stars and 1 watchers. This repo was created on 2019-07-15. --- The worldwide neural monitoring network. The "Illuminati" facility, a fraud. Organized harassment. Humans hacking. A site full of violence. The ELF SLF and MF noble present middle age. Where all the people that I know have tortured me. Link to Repo
sushmithaat updated 100daysofcode-hackerrank. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-26. --- Solve the problems on Hacker Rank->Problem Solving->Algorithms Link to Repo
Ultimate-Hosts-Blacklist updated The-Big-List-of-Hacked-Malware-Web-Sites. This repo has 3 stars and 3 watchers. This repo was created on 2018-04-04. --- Test of https://github.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites/blob/master/hacked-domains.list Link to Repo
wyqdgggfk updated Note-For-Hacking-with-macOS. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-20. --- This is just a note for Hacking with macOS,I create this repository for macOS App develop learning,the original author is Paul Hudson,everyone can buy his ebook on hackingwithswift.com Link to Repo
kauxheek updated Message-Automation-In-facebook. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-29. --- It contains python script to automate messaging in facebbok without any api Link to Repo
givo-io updated covid19hack2020. This repo has 0 stars and 2 watchers. This repo was created on 2020-03-26. --- Hacking together on the webportal for GIVO Link to Repo
CoditEU updated htc-social-connect. This repo has 1 stars and 4 watchers. This repo was created on 2020-03-25. --- A cloud based application that we build for Hack The Crisis, an attempt to leverage cloud technology to help elderly people in isolation Link to Repo
sc2-mkr updated hack_at_home_java. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-27. --- 28/03/2020 Hack@Home competition Java backend part Link to Repo
mitchellkrogza updated Suspicious.Snooping.Sniffing.Hacking.IP.Addresses. This repo has 12 stars and 2 watchers. This repo was created on 2018-04-12. --- A daily updated list of suspicious, snooping, sniffing and hacking attempts from IP addresses against services like SSH, HTTP and Wordpress Hack Attempts Link to Repo
INDIATECHYOUTUBE updated Phishcan-windows. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-26. --- HACK 18 SOCIAL ACCOUNT IN WINDOWS Link to Repo
telvinni97 updated CovidScreening. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-28. --- LA Hacks 2020 Link to Repo
KKovs updated SpellFire. This repo has 1 stars and 2 watchers. This repo was created on 2019-09-22. --- World of Warcraft hacking framework Link to Repo
anderson-tsai updated Drive-Safe. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-28. --- Submission for LA Hacks 2020. Created by Anderson Tsai, Brad Byun, Christopher Mouri, and Kevin Tu. Link to Repo
dead-hosts updated The-Big-List-of-Hacked-Malware-Web-Sites_git_mitchellkrogza. This repo has 5 stars and 2 watchers. This repo was created on 2018-01-10. --- Test of https://github.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites Link to Repo
----Security Updates----
slegga updated nginx-security. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-19. --- guard and login perl scripts to use in nginx auth_request system. Link to Repo
edoardottt updated pwd-safety. This repo has 2 stars and 0 watchers. This repo was created on 2020-03-14. --- 🔒command line tool checking password safety🔒 Link to Repo
2cloudlab updated module_security. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-05. --- None Link to Repo
Jasleen1493 updated code-done-right. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-28. --- End to end software application development with CI/CD, cloud deployment and security enabled Link to Repo
secdev updated scapy. This repo has 5025 stars and 183 watchers. This repo was created on 2015-10-01. --- Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3. Link to Repo
Peergos updated Peergos. This repo has 730 stars and 53 watchers. This repo was created on 2013-08-23. --- A decentralised, secure file storage and social network Link to Repo
birdhan updated NetworkSecurity. This repo has 1 stars and 0 watchers. This repo was created on 2019-07-01. --- 渗透测试工具 Link to Repo
complexorganizations updated wireguard-manager. This repo has 416 stars and 12 watchers. This repo was created on 2019-02-13. --- Self-hosted Wireguard Installer / Manager for CentOS, Debian, Ubuntu, Arch, Fedora, Redhat, Raspbian Link to Repo
1170301027 updated Network_Security. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-25. --- This repo is about hit network security course lab. Link to Repo
dunwu updated spring-security-template. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-29. --- None Link to Repo
Psy367 updated Psy-Plosion. This repo has 1 stars and 1 watchers. This repo was created on 2019-10-24. --- "Salute in salutations world‐wisely, electric air‐wavers, temporal materialists, the bloody dirty and non for we all swim in Sol. Alleviated we, Quasi‐Satya⸗Empyrean‐Theatre modifying in intent extend our reach into the abysmal‐abyssal of the deepest quarks to the incredibly expansive superstar‐clusters. You may all rest in peace your security is assured. Prestigious, of heightest order our leveraging solicitors and hardened, bleach marshal‐militant enforcers will claim existence."(+∞-~∞)psy367. Link to Repo
eugenp updated tutorials. This repo has 20149 stars and 1422 watchers. This repo was created on 2013-04-29. --- Just Announced - "Learn Spring Security OAuth": Link to Repo
phax updated ph-commons. This repo has 21 stars and 3 watchers. This repo was created on 2014-08-18. --- Java 1.8+ Library with tons of utility classes required in all projects Link to Repo
M66B updated FairEmail. This repo has 867 stars and 72 watchers. This repo was created on 2018-08-02. --- Fully featured, open source, privacy friendly email app for Android Link to Repo
Hack23 updated sonar-cloudformation-plugin. This repo has 3 stars and 1 watchers. This repo was created on 2019-05-31. --- Sonar cloudformation plugin Link to Repo
ayumi-cloud updated oc-security-module. This repo has 4 stars and 4 watchers. This repo was created on 2019-12-04. --- Repo to gather security enhancement ideas and monitor progress on the security module (part of several modules making up the October II update). Link to Repo
kvravikumar updated eSecurityNew. This repo has 0 stars and 2 watchers. This repo was created on 2020-03-26. --- None Link to Repo
abhishekkundlas updated SpringBoot2.x-2020. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-15. --- A multi maven sample project with Spring Boot 2.x + JWT security +Spring data jpa ( PostgreSQL BD ) + log4j2 + global exception handling + Sonarqube + Swagger technology Link to Repo
ramureddymca updated spring-boot-security-jwt. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-29. --- Spring-Boot Security Sample Rest with JWT and H2 database example Link to Repo
Baeldung updated spring-security-oauth. This repo has 1233 stars and 137 watchers. This repo was created on 2016-03-02. --- Just Announced - "Learn Spring Security OAuth": Link to Repo
bokuwagaijin updated security-strategy-essentials. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-29. --- None Link to Repo
fcrisanti updated fc-project-management. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-18. --- Project Portfolio Management made with Spring, Hibernate, JS, Thymeleaf, PostgreSQL, Spring Security (work in progress) Link to Repo
elohopea updated security-in-microservices. This repo has 0 stars and 1 watchers. This repo was created on 2019-12-22. --- My Bachelor's thesis. Aalto University. Computer Science. Security in Microservices. Link to Repo
Captain-Sangam updated Arduino-Based-Home-Security-System. This repo has 0 stars and 0 watchers. This repo was created on 2016-10-15. --- A completer Home Security system based on Arduino with multiple sensors to monitor status, pin based entry and locking, GSM shield to give instrusion alerts via SMS. Read Read_me.txt for Additional Details and How to use the project. Link to Repo
romeliotavasjr updated go-crypto. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-29. --- Implementing SHA-512 for an Information Security Class Link to Repo
----PoC Updates----
rajagurunath updated Active-Learning-in-Text-classification. This repo has 2 stars and 1 watchers. This repo was created on 2018-12-22. --- A Small Proof of concepts to illustrate Active learning in Text classification usecases Link to Repo
Ciusss89 updated gtip-thesis. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-29. --- Proof of concept: protocol to scan nodes and instaurate a fault-tolerant communication Link to Repo
edwinRNDR updated poc-orx-keyframer. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-29. --- Proof-of-concept for a reusable keyframer Link to Repo
Salabar updated dynamic_graph. This repo has 4 stars and 3 watchers. This repo was created on 2019-08-17. --- proof-of-concept graphs library for Rust Link to Repo
jeffreykhong1 updated AID.One-App-Demo. This repo has 0 stars and 1 watchers. This repo was created on 2019-09-09. --- A proof-of-concept mobile implementation of a validated artificial intelligence based personalized dosing platform intended for clinician use. Link to Repo
Immueggpain updated forwardproto. This repo has 2 stars and 2 watchers. This repo was created on 2018-08-14. --- A naive forwarding protocol. This is a proof of concept (PoC). Link to Repo
zrrrzzt updated lndr-poc. This repo has 0 stars and 1 watchers. This repo was created on 2019-12-29. --- Proof of concept for lndr Link to Repo
mrfaildeveloper updated alt-prng. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-06. --- # Alt-PRNG is a Proof of Concept POC not to use the Computer and to go full Autonomic Retard (prng*7.8*prng) … Link to Repo
findinpath updated postgres-spring-boot-dynamicpropertysource. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-29. --- Proof of concept for using the `DynamicPropertySource` spring annotation in tests requiring PostgreSQL Link to Repo
abaplint updated transpiler. This repo has 5 stars and 4 watchers. This repo was created on 2020-02-26. --- Proof of Concept - Very much work in progress Link to Repo
lxman updated WinformRemoteControl. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-29. --- A proof of concept to demonstrate a relatively unobtrusive way to remote control a winform app Link to Repo
mmcc1 updated BitcoinECDSA. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-29. --- Proof of concept GANN-based cracker of Bitcoin ECDSA Link to Repo
acrosman updated electronForce. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-23. --- This is a basic proof-of-concept level wrapper of Electron around JSForce. The intention is to do more interesting things in the future, but first having a simple cross-platform application to run Salesforce API calls in an interface seems useful. Link to Repo
vikiarora updated VNinAction. This repo has 1 stars and 1 watchers. This repo was created on 2020-03-29. --- Vishal Nagpal repository to do proof of concept for DevOps, Data Science and Python Link to Repo
digital-land updated map-templates. This repo has 0 stars and 3 watchers. This repo was created on 2020-03-17. --- A proof-of-concept for splitting out maps into templates to be consumed by Nunjucks Link to Repo
sceptre12 updated Cesium-React-Wrapper. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-28. --- Creating a small proof of concept. for integrating cesium with react. Link to Repo
vivichrist updated TestingApp. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-04. --- Proof of concept Google login page Link to Repo
jonnyohjonnyo updated codequality-poc. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-28. --- Code Quality Proof Of Concept Link to Repo
dynamoRando updated FrostDB. This repo has 0 stars and 1 watchers. This repo was created on 2019-09-25. --- A proof of concept project of a Cooperative Database System Link to Repo
jlfwong updated stardew-valley-save-editor. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-28. --- A really simple proof of concept of editing Stardew Valley save files totally in-browser Link to Repo
JonathanMaccollum updated AstroPatchwork. This repo has 1 stars and 1 watchers. This repo was created on 2020-02-01. --- Project Patchwork DZI Proof Of Concept Link to Repo
imbsky updated coq-to-ocaml-to-js. This repo has 16 stars and 2 watchers. This repo was created on 2019-10-24. --- Proof of concept to generate safe and fast JavaScript Link to Repo
HerCerM updated gdhe_arch_prototype. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-28. --- Quick and small prototype as a proof of concept for an MVC architecture Link to Repo
arontolentino updated managing-local-markets. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-18. --- A proof of concept web app for matching local bank offers Link to Repo
aarona updated dja_example. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-27. --- A proof-of-concept site utilizing devise_jwt_auth Link to Repo
----#MALWARE----
SamuelRF1981 --> RT @AEPD_es: Los ciberdelincuentes utilizan el #Coronavirus para realizar ataques de #phishing o #malware a través de apps de mensajería in…
mercaderd --> RT @AEPD_es: Los ciberdelincuentes utilizan el #Coronavirus para realizar ataques de #phishing o #malware a través de apps de mensajería in…
SeVConsulting1 --> The latest SeV Consulting : Digital Leadership & Information Technology! https://t.co/TxtN9SauX7 and for more great… https://t.co/BFRMBC3w8e Link with TweetLink with Tweet
CyberSecCare --> RT @AuCyble: Indonesia-based, Strategic Intelligence Company, left their Kibana engine open on the internet exposing over 300 million recor…
cybersec_feeds --> RT @AuCyble: Indonesia-based, Strategic Intelligence Company, left their Kibana engine open on the internet exposing over 300 million recor…
ReasonCSecurity --> Attackers are leveraging the #coronavirus pandemic with fake donation webpages, credit card phishing, PayPal integr… https://t.co/a1yvU4dVOL Link with Tweet
trabajosdiscapa --> RT @guardiacivil: 🔊 Detectada campaña de SMS, con asunto “ERTE”, en los que se suplanta al Servicio Público de Empleo (SEPE). Informan de u…
COLIBRI01751374 --> RT @guardiacivil: 🔊 Detectada campaña de SMS, con asunto “ERTE”, en los que se suplanta al Servicio Público de Empleo (SEPE). Informan de u…
vvalvazquez --> RT @guardiacivil: 🔊 Detectada campaña de SMS, con asunto “ERTE”, en los que se suplanta al Servicio Público de Empleo (SEPE). Informan de u…
Recuerda que tu banco nunca te avisaría de un problema en tu cuenta a través de email o sms.
✔No pinch…
Manolo67554861 --> RT @guardiacivil: 🔊 Detectada campaña de SMS, con asunto “ERTE”, en los que se suplanta al Servicio Público de Empleo (SEPE). Informan de u…
FernandoGodino --> RT @guardiacivil: 🔊 Detectada campaña de SMS, con asunto “ERTE”, en los que se suplanta al Servicio Público de Empleo (SEPE). Informan de u…
SamuelRF1981 --> RT @AEPD_es: Los ciberdelincuentes utilizan el #Coronavirus para realizar ataques de #phishing o #malware a través de apps de mensajería in…
Silvest65725088 --> RT @guardiacivil: 🔊 Detectada campaña de SMS, con asunto “ERTE”, en los que se suplanta al Servicio Público de Empleo (SEPE). Informan de u…
ShaheenBaberCI --> RT @PSsafercomms: If you choose to do more online shopping at this time, follow the NCSC guidance for 'Shopping Online Securely - Don't get…
auroraf80 --> RT @guardiacivil: 🔊 Detectada campaña de SMS, con asunto “ERTE”, en los que se suplanta al Servicio Público de Empleo (SEPE). Informan de u…
tihagoaquin --> RT @guardiacivil: 🔊 Detectada campaña de SMS, con asunto “ERTE”, en los que se suplanta al Servicio Público de Empleo (SEPE). Informan de u…
figlesi_ --> RT @guardiacivil: 🔊 Detectada campaña de SMS, con asunto “ERTE”, en los que se suplanta al Servicio Público de Empleo (SEPE). Informan de u…
Primi_tonni --> RT @guardiacivil: 🔊 Detectada campaña de SMS, con asunto “ERTE”, en los que se suplanta al Servicio Público de Empleo (SEPE). Informan de u…
AnaMartinezCCOO --> RT @guardiacivil: 🔊 Detectada campaña de SMS, con asunto “ERTE”, en los que se suplanta al Servicio Público de Empleo (SEPE). Informan de u…
gameiro1991 --> RT @guardiacivil: 🔊 Detectada campaña de SMS, con asunto “ERTE”, en los que se suplanta al Servicio Público de Empleo (SEPE). Informan de u…
----#OSINT----
WebSecurityIT --> RT @dessantx: Now you can identify logos and symbols in images with Search by Image using the newly added search engines for finding tradem…
_twitwork --> RT @G_Karayannis: So, we got this spot-on >> #Hubei residents appear to attack police as travel restrictions relaxed https://t.co/6xFzasi4N…
WebSecurityIT --> RT @G_Karayannis: So, we got this spot-on >> #Hubei residents appear to attack police as travel restrictions relaxed https://t.co/6xFzasi4N…
tshirtman --> RT @dessantx: Now you can identify logos and symbols in images with Search by Image using the newly added search engines for finding tradem…
G_Karayannis --> So, we got this spot-on >> #Hubei residents appear to attack police as travel restrictions relaxed… https://t.co/cnYXTBxeFq Link with Tweet
WebSecurityIT --> RT @BelevgEvgeny: A good #OSINT post and guide from @chihebchebbi201 https://t.co/KmqdsJNgOB Link with Tweet
_twitwork --> RT @BelevgEvgeny: A good #OSINT post and guide from @chihebchebbi201 https://t.co/KmqdsJNgOB Link with Tweet
0xswapnil --> RT @0xdotexe: Excel up your twitter search in few tweets [ 1/n ]
"abcdef" -> Search exact phrase
OR/AND -> Logical operators
- (dash) -> E…
chewiekibkib --> RT @BelevgEvgeny: A good #OSINT post and guide from @chihebchebbi201 https://t.co/KmqdsJNgOB Link with Tweet
sectest9 --> RT @BenOwen42: Oh to be on the road again travelling the world with @DanniGBrooke ✈️🛫 #cybersecurity #OSINT https://t.co/EURH3aZT9f
RDSWEB --> RT @BelevgEvgeny: A good #OSINT post and guide from @chihebchebbi201 https://t.co/KmqdsJNgOB Link with Tweet
CyberSecurityN8 --> RT @BenOwen42: Oh to be on the road again travelling the world with @DanniGBrooke ✈️🛫 #cybersecurity #OSINT https://t.co/EURH3aZT9f
RDSWEB --> RT @BenOwen42: Oh to be on the road again travelling the world with @DanniGBrooke ✈️🛫 #cybersecurity #OSINT https://t.co/EURH3aZT9f
cephalopodluke2 --> RT @BenOwen42: Oh to be on the road again travelling the world with @DanniGBrooke ✈️🛫 #cybersecurity #OSINT https://t.co/EURH3aZT9f
gdprAI --> RT @3XS0: Hackers targeting employees who are working from home due to coronavirus #CyberSec #Security #ThreatIntel #cybersecurity #datapro…
sectest9 --> RT @3XS0: Hackers targeting employees who are working from home due to coronavirus #CyberSec #Security #ThreatIntel #cybersecurity #datapro…
CyberSecurityN8 --> RT @3XS0: Hackers targeting employees who are working from home due to coronavirus #CyberSec #Security #ThreatIntel #cybersecurity #datapro…
BorskiKay --> RT @3XS0: Hackers targeting employees who are working from home due to coronavirus #CyberSec #Security #ThreatIntel #cybersecurity #datapro…
3XS0 --> Hackers targeting employees who are working from home due to coronavirus #CyberSec #Security #ThreatIntel… https://t.co/D1UulTtIsw Link with Tweet
asfakian --> RT @CYINT_dude: @sroberts Copy to New Graph > Transform(s) > Prune nodes > Merge new relevant nodes back to original graph > pick a new bra…
WebSecurityIT --> RT @RedPacketSec: Home Routers Hijacked to Deliver Info-Stealing Malware 'Oski' - https://t.co/sJhFZlVX2x
cybersec_feeds --> RT @javier_carriazo: Dark web hosting firm quits after hackers delete its database #CyberSec #Security #ThreatIntel #cybersecurity #datapro…
cybersec_feeds --> RT @dancho_danchev: Missing Koobface? Check out my Keynote on Tracking down and Taking Down the Koobface botnet circa 2016 - https://t.co/q…
sushmitakumar7 --> RT @cyberreport_io: Why Closing Cybersecurity Skill Gap Topmost Priority For IT In 2020 - Inc42 Media https://t.co/cCqObp5RpP #cybersecurit… Link with Tweet
cyberreport_io --> Why Closing Cybersecurity Skill Gap Topmost Priority For IT In 2020 - Inc42 Media https://t.co/cCqObp5RpP… https://t.co/snlw9jo3Ku Link with TweetLink with Tweet
----#RANSOMWARE----
neoslabDev --> Doppelpaymer Ransomware was not distributed via Bluekeep Exploit #Doppelpaymer #Cryptominer #Botnet #Network… https://t.co/OkBQloXxfk Link with Tweet
CyberSecCare --> RT @AuCyble: Indonesia-based, Strategic Intelligence Company, left their Kibana engine open on the internet exposing over 300 million recor…
cybersec_feeds --> RT @AuCyble: Indonesia-based, Strategic Intelligence Company, left their Kibana engine open on the internet exposing over 300 million recor…
NCSbyHTCS --> #ransomware | #computerhacker | Oh-so-generous ransomware crooks vow to hold back from health organisations during… https://t.co/bru9wmt2NA Link with Tweet
cybersec_feeds --> RT @noikeanolife: 3 trends in #AI🧠#ML⚙️too important to miss @VentureBeat https://t.co/xASDtK2lNA #Cloud #OpenSource #CIO #GDPR #Algorithms… Link with Tweet
TimesNiger --> RT @keepnetlabs: #Hackers often use shortened links to manipulate you. https://t.co/GqY0iDgZcs #infosec #ransomware #malware #RIPTwitter #… Link with Tweet
sectest9 --> RT @bsmuir: With no end in sight, #covidー19 is the golden key to #cybercrime, posits @360TotalSec. #infosec #Cybersecurity #DFIR #CISO #mal…
CyberSecurityN8 --> RT @bsmuir: With no end in sight, #covidー19 is the golden key to #cybercrime, posits @360TotalSec. #infosec #Cybersecurity #DFIR #CISO #mal…
CSOCIntel --> RT @bsmuir: With no end in sight, #covidー19 is the golden key to #cybercrime, posits @360TotalSec. #infosec #Cybersecurity #DFIR #CISO #mal…
bsmuir --> Ever wonder how people who fall victim to #cybercrime (#phishing, #spam, #malspam) react? This researcher received… https://t.co/UI9XmlUdtS Link with Tweet
bsmuir --> With no end in sight, #covidー19 is the golden key to #cybercrime, posits @360TotalSec. #infosec #Cybersecurity… https://t.co/k3iMlsBY8a Link with Tweet
https://t.co/Pzwq304HWy https://t.co/YqG7zuIu7g Link with Tweet
PiratePartyINT --> RT @malware_traffic: 2020-03-26 - information_03_26.doc from German #malspam using password-protected zip attachments (password: 111) pushe…
https://t.co/Pzwq304HWy https://t.co/p9gbpB8… Link with Tweet
Slvlombardo --> #SicurezzaInformatica: come evitare attacchi di #phishing e #malspam https://t.co/bUdaZgVqiC Link with Tweet
MatteoMenicacc1 --> RT @Slvlombardo: Aumentano campagne #phishing, #malspam e attacchi cyber che, sfruttando paura di massa #coronavirus, diffondono pericolosi…
domenicoraguseo --> RT @Slvlombardo: Aumentano campagne #phishing, #malspam e attacchi cyber che, sfruttando paura di massa #coronavirus, diffondono pericolosi…
MatteoMenicacc1 --> RT @Slvlombardo: Aumentano campagne #phishing, #malspam e attacchi cyber che, sfruttando paura di massa #coronavirus, diffondono pericolosi…
domenicoraguseo --> RT @Slvlombardo: Aumentano campagne #phishing, #malspam e attacchi cyber che, sfruttando paura di massa #coronavirus, diffondono pericolosi…
NewsOnCyberSec --> RT @Slvlombardo: Aumentano campagne #phishing, #malspam e attacchi cyber che, sfruttando paura di massa #coronavirus, diffondono pericolosi…
CyberSecHub0 --> RT @Slvlombardo: Aumentano campagne #phishing, #malspam e attacchi cyber che, sfruttando paura di massa #coronavirus, diffondono pericolosi…
Slvlombardo --> Aumentano campagne #phishing, #malspam e attacchi cyber che, sfruttando paura di massa #coronavirus, diffondono per… https://t.co/GXugtXnVCz Link with Tweet
KanbeWorks --> RT @Cryptolaemus1: #emotet C2 update - binaries released ~16:20 UTC 20200327
新型コロナウイルスに便乗した攻撃メールに注意 「マスク無料送付」「保健所の通知」をかたるワナhttps://t.co/6fEiUXfeck Link with Tweet
itsme_alica --> #Emotet kennen einige von euch. Aber auch #TA505? Unser Sicherheitschef @Ttschersich warnt im Video davor, dass Kri… https://t.co/wCL0Fyl2dz Link with Tweet
新型コロナウイルスに便乗した攻撃メールに注意 「マスク無料送付」「保健所の通知」をかたるワナhttps://t.co/6fEiUXfeck Link with Tweet
AndreGironda --> RT @Cryptolaemus1: #emotet C2 update - binaries released ~16:20 UTC 20200327
small decrease in E1/E3 C2 count
no spamming or other activit…
-----#BUGBOUNTY----
acidphantomFTP --> RT @caseyjohnellis: REMINDER: this is NOT THE TIME to be doing unsanctioned, active testing security against healthcare organizations. if y…
SoumyadeepBas12 --> RT @YourNextBugTip: Self XSS to Account Takeover
- Logout Victim (CSRF)
- Login Attacker (CSRF)
- Stored Self XSS
- Logout Attacker (CSR…
THB_STX --> RT @YourNextBugTip: Self XSS to Account Takeover
- Logout Victim (CSRF)
- Login Attacker (CSRF)
- Stored Self XSS
- Logout Attacker (CSR…
loujennae --> RT @caseyjohnellis: REMINDER: this is NOT THE TIME to be doing unsanctioned, active testing security against healthcare organizations. if y…
CyberSecCare --> RT @tekkie: Fellow colleagues in #InfoSec. Please do not engage in Pen Tests or offer your #bugbounty services free of charge without sign-…
tekkie --> Fellow colleagues in #InfoSec. Please do not engage in Pen Tests or offer your #bugbounty services free of charge w… https://t.co/3cuNV9UJtf Link with Tweet
dhakal_ananda --> Saw this in a @Hacker0x01 private program.
Looking at how programs are becoming professional is really awesome an… https://t.co/FUxPDJvqbq Link with Tweet
sectest9 --> RT @YourNextBugTip: Self XSS to Account Takeover
- Logout Victim (CSRF)
- Login Attacker (CSRF)
- Stored Self XSS
- Logout Attacker (CSR…
CyberSecurityN8 --> RT @YourNextBugTip: Self XSS to Account Takeover
- Logout Victim (CSRF)
- Login Attacker (CSRF)
- Stored Self XSS
- Logout Attacker (CSR…
legend1337 --> RT @YourNextBugTip: Self XSS to Account Takeover
- Logout Victim (CSRF)
- Login Attacker (CSRF)
- Stored Self XSS
- Logout Attacker (CSR…
CyberSecCare --> RT @hacback17: My today's agenda - Learning about Amass, a #SwissArmyKnife for #pentesters and #bughunters. #bugbounty #hacking
If you've…
reedontech --> RT @hacback17: My today's agenda - Learning about Amass, a #SwissArmyKnife for #pentesters and #bughunters. #bugbounty #hacking
If you've…
RusticWind --> RT @mhamed_kchikech: I wrote this blog to answer some of your questions. Hope you'll enjoy it.
#Hacking #BugBounty #Bug #Bounty
https://t.c…
xtblg --> RT @caseyjohnellis: REMINDER: this is NOT THE TIME to be doing unsanctioned, active testing security against healthcare organizations. if y…
sectest9 --> RT @lgomezperu: Despite increasing #cybercrime and dependency on digital revenues, many CEOs operate in the dark. A stunning 63% of CISOs d…
CyberSecurityN8 --> RT @lgomezperu: Despite increasing #cybercrime and dependency on digital revenues, many CEOs operate in the dark. A stunning 63% of CISOs d…
CyberSecCare --> RT @AuCyble: Indonesia-based, Strategic Intelligence Company, left their Kibana engine open on the internet exposing over 300 million recor…
cybersec_feeds --> RT @AuCyble: Indonesia-based, Strategic Intelligence Company, left their Kibana engine open on the internet exposing over 300 million recor…
Secnewsbytes --> RT @PoliceDSC: Our cyber theme this month is ‘Managing a breach’. Have a look at our latest video explaining what actions to take if a data…
CyberSecCare --> RT @lgomezperu: Despite increasing #cybercrime and dependency on digital revenues, many CEOs operate in the dark. A stunning 63% of CISOs d…
cybersec_feeds --> RT @lgomezperu: Despite increasing #cybercrime and dependency on digital revenues, many CEOs operate in the dark. A stunning 63% of CISOs d…
cybersec_feeds --> RT @Fisher85M: The Internet of #Ransomware Things {Infographic}
Christianmockin --> Zal ‘internetseks’ toenemen, en daarmee mede het afpersen? #sextortion #corona #cybercrime https://t.co/dZOyl89sHb Link with Tweet
wlvunichaplains --> RT @wlv_uni: STUDENTS: While you're studying at home, be aware of online scams & fraud. Our Digital Services team have some tips for you to…
icyriljames --> Seen “Don't F**k with Cats: Hunting an Internet Killer” on Netflix yet? Amazing documentary. Great display of recon… https://t.co/HlwOCRIUSX Link with Tweet
TimesNiger --> RT @keepnetlabs: #Hackers often use shortened links to manipulate you. https://t.co/GqY0iDgZcs #infosec #ransomware #malware #RIPTwitter #… Link with Tweet
OttLegalRebels --> RT @SteveAmps: Six of the biggest security threats facing the remote workforce
cyb3rops: PentesterAcademy has reduced its prices 70% because of COVID-19 @SecurityTube
https://t.co/3fYbgzrgAn https://t.co/TYqdkpTKfL Link to Tweet
cyb3rops: Policy Analyzer
https://t.co/KNGk5c8rXK https://t.co/VJvPNVDtp4 Link to Tweet
RedDrip7: Our tool is different from @ollypwn (https://t.co/RqcvTgsc8R) which just checks protocol version to identify the vulnerability and hence becomes inaccurate after the patch. Our approach is different and is able to detect vulnerable systems accurately. https://t.co/mfkvBXSi4M Link to Tweet
inj3ct0r: #0daytoday #SharePoint Workflows XOML Injection #Exploit https://t.co/XPnwqbeuQa Link to Tweet
inj3ct0r: #0daytoday #Linux PTRACE_TRACEME Local Root #Exploit https://t.co/894Gz3y05y Link to Tweet
inj3ct0r: #0daytoday #Android Bluetooth Remote Denial Of Service #Exploit https://t.co/Zu6kiEwaIv Link to Tweet
inj3ct0r: #0daytoday #TPLink Archer C50 3 - Denial of Service #Exploit https://t.co/cOmagWZsbc Link to Tweet
malwrhunterteam: @virqdroid @CCNCERT The xn--covid19-gncelsalgnvakalar-nwc35l[.]com is covid19-güncelsalgınvakalar[.]com, that is the quoted tweet. Link to Tweet
malwrhunterteam: There were campaign like this before, with other languages. For example: https://t.co/6017t7Kxpg
cc @LukasStefanko @virqdroid https://t.co/fHoSSPh94U Link to Tweet
malwrhunterteam: @virqdroid Are these real "customers" or can be random people or researchers who registered to check it out after the tweets? Link to Tweet
blackorbird: Github problems,fake certificate.
https://t.co/yNjxLgDYgP https://t.co/7ze6ea6r6V Link to Tweet
blackorbird: Two report about
https://t.co/RLV4jrXlcW https://t.co/whY3noG0qC Link to Tweet
blackorbird: Exploit in wild? #0day
https://t.co/WkLfhP3Y9A https://t.co/RDiLTXcixn Link to Tweet
wugeej: [PoC] Liferay Portal JSON Web Service RCE Vulnerabilities CVE-2020-7961
https://t.co/WX6foF0EMI https://t.co/Ebe57Y7Cjf Link to Tweet
https://t.co/DiQnlRqH3e https://t.co/kRM6jzNQbN Link to Tweet
wugeej: Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service (PoC)
https://t.co/Tl6yUBsUri https://t.co/x6iD8Fs702 Link to Tweet
malware_traffic: @notwhickey Appreciate the assistance! Checking the reference, it's interesting that /60 has been around for a few years, since the beginning, really. I don't recall noticing it until now. I always see /81, /83, and /90 on the ones I routinely generate. Ah, well. Link to Tweet
malware_traffic: 2020-03-27 - I'm not familiar with the #Trickbot module that generates HTTP traffic over TCP port 8082 with a URL that ends in "/60/" - It's on a Win10 host, so I don't have any module names. Anyone know about this one? Infection generated with EXE from doha-media[.]com/QW5.exe https://t.co/yh71LHRgpo Link to Tweet
malware_traffic: 2020-03-27 - price_request_9830.doc pushes #IcedID (#Bokbot) - A very VM-aware infection chain - #pcap of the traffic, malware/artifacts, and the associated IOCs available at: https://t.co/VnzkGiIJjP https://t.co/cgGuFomjUD Link to Tweet
malware_traffic: @DynamicAnalysis I saw something similar as well--the #Valak, not the email - https://t.co/68BpLe3Mm1 Link to Tweet
malware_traffic: 2020-03-26 - information_03_26.doc from German #malspam using password-protected zip attachments (password: 111) pushes #ZLoader - #pcap of the infection traffic, email example, malware/artifacts, and IOCs at: https://t.co/UhU6RhhfrF https://t.co/8zJ8ZrmrDC Link to Tweet
James_inthe_box: If you're biggest concern about #COVID19 #CoronaVirus is how your country looks to the rest of the world (over your people), then maybe you shouldn't be in office...
cyb3rops: PentesterAcademy has reduced its prices 70% because of COVID-19 @SecurityTube
RedDrip7: Our tool is different from @ollypwn (https://t.co/RqcvTgsc8R) which just checks protocol version to identify the vulnerability and hence becomes inaccurate after the patch. Our approach is different and is able to detect vulnerable systems accurately. https://t.co/mfkvBXSi4M Link to Tweet
inj3ct0r: #0daytoday #Centreo 19.10.8 - (DisplayServiceStatus) Remote Code Execution #Exploit #RCE
malwrhunterteam: @virqdroid @CCNCERT The xn--covid19-gncelsalgnvakalar-nwc35l[.]com is covid19-güncelsalgınvakalar[.]com, that is the quoted tweet. Link to Tweet
blackorbird: Github problems,fake certificate.
wugeej: [PoC] Liferay Portal JSON Web Service RCE Vulnerabilities CVE-2020-7961
malware_traffic: @notwhickey Appreciate the assistance! Checking the reference, it's interesting that /60 has been around for a few years, since the beginning, really. I don't recall noticing it until now. I always see /81, /83, and /90 on the ones I routinely generate. Ah, well. Link to Tweet
James_inthe_box: If you're biggest concern about #COVID19 #CoronaVirus is how your country looks to the rest of the world (over your people), then maybe you shouldn't be in office...