We Hacked Apple for 3 Months: Here’s What We Found samcurry.net/hacking-apple/

Atlassian Jira unauthenticated user enumeration (CVE-2020-14181)! Versions affected: Jira < 7.13.6 8.0.0 ≤ Jira < 8.5.7 8.6.0 ≤ Jira < 8.12.0 Discovered by Mikhail Klyuchnikov. Advisory: jira.atlassian.com/browse/JRASERV… /secure/ViewUserHover.jspa?username=test The PoC ☝️

We continue our work of tracking Exploit developers and this time — PlayBit, whose 5 Windows LPE 1-Days were mostly sold to Ransomware groups like REvil and Maze. Eyal Itkin and I cover the technicalities of their exploits, their ads, and more. Read it @ research.checkpoint.com/2020/grapholog…

➡️Default creds for #redteam Cisco: cisco:cisco Citrix: nsroot:nsroot Dell iDRAC: root:calvin Juniper: super:juniper123 pfSense: admin:pfsense SAP: SAP*:06071992 Tomcat: tomcat:tomcat UniFi: ubnt:ubnt Weblogic: weblogic:weblogic1 Zabbix: Admin:zabbix #ptswarmTechniques

gsocket-TOR is on DOCKER: docker run --rm -it hackerschoice/gsocket-tor. Secure file transfer and backdoor access (via TOR) through Firewall/NATs. Encrypted. Secure. Private. #docker #hacking #privacy

FREE Reverse Engineering Course - x86, X64, 32-bit ARM and 64-bit ARM Architectures github.com/mytechnotalent…

New gadget chain for deserialization in Zend Framework applications. Triggers on __destruct(), gives RCE and works in PHP 7. gist.github.com/YDyachenko/6f6… #ptswarmTechniques

A cool vulnerability in FreeBSD ftpd thezdi.com/blog/2020/12/2…

Inspired by the work of 🔎Julia Evans🔍, I made a log parsing cheat sheet which is very handy during incident response or threat hunting! You can print it for your office!📌 #infosec #DFIR If you like it, follow me for more stuff like this in 2021! 🤓

Launched malvuln.com a week ago, all about vulnerabilities in Malware. Using the handle "malvuln"... feedback welcome.

Dumping lsass completely in memory without touching disk. Need an exfil BOF added to BOF.NET now to get that 55MB dump straight into #CobaltStrike.

THC RELEASE: 🔐SSH public keys can be infected 💉and backdoored.🚪 blog.thc.org/infecting-ssh-… #lulz #ssh #hacking

Telegram get remote IP Get IP address on other side audio call in #Telegram. This script is intended to be used to determine the IP address of the interlocutor in the telegram messenger. You must have tshark installed to use it. github.com/n0a/telegram-g… #OSINT #cybersecurity

I have posted my write-up of CVE-2023-34050 Spring AMQP Deserialization Remote Code Execution. Hope you like it!😊🌻 blog.pyn3rd.com/2023/11/03/CVE…

PoC Exploit Released for 0-day Windows Kernel of Privilege Vulnerability (CVE-2024-21338) : github.com/Nero22k/Exploi… github.com/hakaioffsec/CV… Details : hakaisecurity.io/cve-2024-21338…

proxychains + impacket = profit gatari.dev/posts/the-art-…

Wow... "We discover 119 vulnerabilities in LTE/5G core infrastructure...and some of which can be used to remotely compromise and access the cellular core..." cellularsecurity.org/ransacked nathanielbennett.com/publications/r…

Hacking the popular Newtec MDM2200 satellite modem: from jamming to RCE for less than $2,000. 📡🔬⚡ Link to post: linkedin.com/posts/dlaskov_…

THC Release 💥: The world’s largest IP<>Domain database: ip.thc.org All forward and reverse IPs, all CNAMES and all subdomains of every domain. For free. Updated monthly. Try: curl ip.thc.org/1.1.1.1 Raw data (187GB): ip.thc.org/docs/bulk-data… (The fine work