#polanowyhacking :: Wykop.pl

Autor

Najlepsze

Archiwum

11.02.2020, 09:30:53

9

SysmonTools

Checksumming in filesystems, and why ZFS is doing it right

awesome-cyber-security

Top Ten security settings for a secure Windows 10 Computer

Reverse engineering Blind's API and client side encryption

Threat Hunting with Windows Event Logs & Sysmon

#polanowyhacking

źródło: comment_1581413440R9pLdWb1QPcpZkUwWOQLdl.jpg

10.02.2020, 09:49:41

4

Audio over Bluetooth: most detailed information about profiles, codecs, and devices

Jaeles v0.4 - The Swiss Army Knife For Automated Web Application Testing

The Internals of AppLocker - Part 1 - Overview and Setup pozostałe party w tekście

From memory corruption to disable_functions bypass: understanding PHP exploits

Forging SWIFT MT Payment Messages for fun and pr... research!

FPGA Tomu Workshop¶

#polanowyhacking

źródło: comment_1581328170uXgYabG37bq6Kav9peqDNH.jpg

07.02.2020, 11:29:22

4

MindShaRE: Dealing with encrypted router firmware

Identifying the Modern Attack Surface: Part 1

David Weston - Keeping Windows Secure - Bluehat IL 2019.pdf

Reverse engineering my router's firmware with binwalk

Sysmon Threat Analysis Guide

Misp-Dashboard - A Dashboard For A Real-Time Overview Of Threat Intelligence From MISP Instances

BruteX - Automatically brute force all services running on a target

#polanowyhacking

źródło: comment_1581074954Kttz6ZE9eOzgYRQKUeQzrc.jpg

06.02.2020, 11:11:11

3

Fake browser update pages are "still a thing"

nfstream: a flexible network data analysis framework

Turning a Hotel Key Into a Stolen Credit Card

Exploiting LDAP Server NULL Bind

Download OSINT Bookmarks

OSINT Tools

Pass the Hash

#polanowyhacking

źródło: comment_1580987200b6oDO1OVWq5yUu866VQMt5.jpg

31.01.2020, 11:33:25

3

RiceTeaCatPanda CTF 2020 Write-Up

Linux kernel 0days without code auditing

Say hello to OpenSK: a fully open-source security key implementation

SNMP Config File Injection to Shell

Dell, HP Memory-Access Bugs Open Attacker Path to Kernel Privileges

An Information Security Reference That Doesn't Suck

#polanowyhacking

źródło: comment_5VrLSVbw9fcsfeB3bUepCpyAKWUdt0ca.jpg

29.01.2020, 11:58:12

3

(Ab)using Kerberos from Linux

How to handle session expiration in BURP with macros?

LoRaWAN Encryption Keys Easy to Crack, Jeopardizing Security of IoT Networks

x86-manpages

xHunt Campaign: New PowerShell Backdoor Blocked Through DNS Tunnel Detection

SpiderFoot, the most complete OSINT collection and reconnaissance tool.

Docker for IT Pros and System Administrators

HEVD Exploits – Windows 7 x86 Arbitrary Writ

#polanowyhacking

źródło: comment_1x61zOvrOlE7FkN4O8s5R3Ww2UnPHApc.jpg

29.01.2020, 14:57:07

1

@konik_polanowy: Dobra robota. Czasem wpadają tu ciekawsze rzeczy #security niż na #unknownews. Chyba jakieś małe zasięgi masz...

konik_polanowy

29.01.2020, 14:59:30

0

@absolutnie: tagu #security używać nie mogę, gdyż tamtejsza gawiedź (która nic nie postuje) była niezadowolona z mojego działania

28.01.2020, 11:28:32

3

Awesome Honeypots

SiemensS7-Bootloader

[[Dual-Pod-Shock] Emotional abuse of a DualShock](https://sensepost.com/blog/2020/dual-pod-shock-emotional-abuse-of-a-dualshock/)

AWS Data Exposed on GitHub

Some Notes on IPv6 Bogon Filtering

Reversing XignCode3 Driver – Part 1 – Identifying the Driver Entry Point

#polanowyhacking

źródło: comment_AyyzdnyI5Kak28li9s4uCQpE2Q7FNXPw.jpg

27.01.2020, 10:02:49

6

OSINT Resource List

THC's favourite Tips, Tricks & Hacks (Cheat Sheet)d

CVE-2019-14615: The iGPU-Leak Vulnerability

Red_Team - Some scripts useful for red team activities

Windows Red Team Cheat Sheet

#polanowyhacking

źródło: comment_MMb6QdOr9npDmJyjjCUrUn81mjWegvxX.jpg

24.01.2020, 09:28:54

5

Anatomy of a Facebook-Hosted Phishing Attack

I2C in a Nutshell

thc-1001-tips-and-tricks

AIL framework - Framework for Analysis of Information Leaks

Windows / Linux Local Privilege Escalation Workshop

KeyHacks shows ways in which particular API keys found on a Bug Bounty Program can be used, to check if they are valid.

#polanowyhacking

źródło: comment_TCqZ7BQ3rCiUbW7CN3OaYMzo7gvRNsRM.jpg

24.01.2020, 10:15:43

1

@konik_polanowy: Dziękuję Pan Konik

konik_polanowy

23.01.2020, 11:48:54

8

CTF framework and exploit development library

[Snoop on Bluetooth Devices Using Kali Linux [Tutorial]](https://www.youtube.com/watch?v=JmQk4Yp9bww&feature=emb_logo)

Adversary Tactics - PowerShell.pdf

How to Build an Automated Recon Pipeline with Python and Luigi - Part I (Setup and Scope)

Hitchhiker's guide to Ghidra - Solving Hitcon 2019 Core Dumb - Part 2

Super Easy All-In-One DevOps Platform

#polanowyhacking

źródło: comment_8Q4G2AFypNMHQQWlei9Jsi3beZa7LIaE.jpg

22.01.2020, 10:08:49

4

Kernels 101 – Let’s write a Kernel

Hello world from a bootloader

SIM Hijacking

Build a Desktop Arcade Machine with Raspberry Pi 3 and Retropie: Super Turbo Pro Edition

PowerShell Obfuscation using SecureString

How to Snoop on Bluetooth Devices Using Kali Linux

#polanowyhacking

źródło: comment_mCIe5ps2X1AoiibWk7AAOfbO3SeohjrP.jpg

21.01.2020, 10:49:21

4

Privilege Escalation Cheatsheet (Vulnhub)

Day in the Life of a Japanese Game Programmer

From Hyper-V Admin to SYSTEM

Facebook's Coordinated Inauthentic Behavior - An OSINT Analysis

Expert found a hardcoded SSH public key in Fortinet ’s Security Information and Event Management FortiSIEM that can allow access to the FortiSIEM Supervisor.

Case Study of Chrome Sandbox Escape

#polanowyhacking

źródło: comment_yzQ5HCg0q6DwUuaPwVsZ4nSWoRffAExD.jpg

20.01.2020, 10:09:40

5

DevOps Questions & Exercises

Windows-Kernel-Explorer

Docker for Pentesters

How Malware Gains Trust by Abusing the Windows CryptoAPI Flaw

IDA plugin for UEFI analysis

Research programming language for concurrent ownership

The Odd History of the SD Logo

systemd service sandboxing and security hardening 101

#polanowyhacking

źródło: comment_nfYONx047Huw5KcZdJThI9K7yNYmcrAz.jpg

20.01.2020, 10:13:06

7

@konik_polanowy: dziwny i nielogiczny ten mem xD

17.01.2020, 12:17:57

3

"Control Flow Integrity in the Linux Kernel" - Kees Cook (LCA 2020)

Red Teaming/Adversary Simulation/Explicitly Pen testing stuff

Critical Cisco Flaws Now Have PoC Exploit

macOS Security Updates Part 2 | Running Diffs on Apple’s MRT app

Reverse Engineering a Philips TriMedia CPU based IP Camera - Part 3

Summing up CVE-2020-0601, or the Let?s Decrypt vulnerability

Exploiting the Windows CryptoAPI Vulnerability

Analyzing Magecart Malware – From Zero to Hero

#polanowyhacking

źródło: comment_o9tg2dTaAmjq9XYy794DmSsDHDp3yFS0.jpg

16.01.2020, 09:39:36

4

NSA Codebreaker Challenge 2019 write-ups

Get SSH login notification on Telegram - Updated

Hitchhiker's guide to Ghidra - Solving Hitcon 2019 Core Dumb - Part 1

MMD-0065-2020 - Linux/Mirai-Fbot's new encryption explained

everse engineering course by Z0F. Focuses on x64 Windows.

#polanowyhacking

źródło: comment_DYmJt7YRPlEIL33tGgwDKT8sHADYQp1m.jpg

15.01.2020, 12:54:48

5

Brute-Force SSH, FTP, VNC & More with BruteDum

Burp Suite roadmap for 2020

Intel Fixes High-Severity Flaw in Performance Analysis Tool

SWFPFinder - SWF Potential Parameters Finder

Attacking SSL VPN - Part 1: PreAuth RCE on Palo Alto GlobalProtect, with Uber as Case Study!

Attacking SSL VPN - Part 2: Breaking the Fortigate SSL VPN

Attacking SSL VPN - Part 3: The Golden Pulse Secure SSL VPN RCE Chain, with Twitter as

źródło: comment_0RuYyzYQCDhrUmYDHvej0WnMUBZALlbx.jpg

09.01.2020, 10:30:31

10

Awesome-Linux-Software

New SHA-1 Attack

Reversing and Exploiting with Free Tools: Part 1

Reversing and Exploiting with Free Tools: Part 2

Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)

The Basics of Packed Malware: Manually Unpacking UPX Executables

Reversing XignCode3 Driver – Part 1 – Identifying the Driver Entry Point

#polanowyhacking

źródło: comment_yishjGXblM5uA9knBLGAyPssNlYfePJp.jpg

08.01.2020, 10:14:12

4

Tik or Tok? Is TikTok secure enough?

Facebook Cracks Down on Deepfake Videos

PGP keys, software security, and much more threatened by new SHA1 exploit

What is the Linux Auditing System (aka AuditD)?

Many roads to IAT

Ethical Hacking Lessons — Building Free Active Directory Lab in Azure

#polanowyhacking

źródło: comment_z1LEzdS3THT0wVKxolOtHeSnulAS6oeM.jpg

07.01.2020, 12:47:38

4

Real-Time Bidding. Twoje dane sprzedawane za $0.0005, w mniej niż 100 milisekund.

Multiscanner - Modular File Scanning/Analysis Framework

Make a C# DLL and use it from Excel VBA code ~ 2013

List of Free Python Resources

Reverse engineering UEFI firmware updater

Forensic Investigation of Social Networking Evidence using IEF

Win32.Stuxnet : Part 1 - Introduction, Installation and Infection

Win32.Stuxnet : Part 2 - Using Software Restriction Policy as a Mitigation

#polanowyhacking

źródło: comment_MA3nkGyGxVBDlB8qKd8oYKO3h6X2bes9.jpg

03.01.2020, 10:55:07

3

Lesser-known Tools for Android Application PenTesting

Introducing BusKill: A Kill Cord for your Laptop

Out-of-band Attacks

New evasion techniques found in web skimmers

Web Cache Poisoning Lab

Resources-for-Beginner-Bug-Bounty-Hunters

Backdoored Phishing Kits are still popular

AVCLASS++ - Yet Another Massive Malware Labeling Tool

#polanowyhacking

źródło: comment_p0dFmXGn4gvYY5wmYQLDSyf1vg8qeT03.jpg

02.01.2020, 10:04:11

5

The Mac Malware of 2019

Pentest Tips and Tricks

awesome-burp-suite

Exploiting Wi-Fi Stack on Tesla Model S

Ransomware in Node.js

The Secret History of Hacking (Hacker Documentary)

Ghidra Cheat Sheet

#polanowyhacking

źródło: comment_cEKS6LWr6kP2LC05wkggvw6byE5pYEke.jpg

31.12.2019, 10:32:52

5

Using Azure Automation Accounts to Access Key Vaults

Password Spraying Dell SonicWALL Virtual Office

Reversing Web Assembly (WASM)

Resources for browser fingerprinting

#polanowyhacking

źródło: comment_AWJXUXoK5R58kRf3t83XFupAXxrMs7PP.jpg

30.12.2019, 10:00:53

4

Awesome Rat

Active Directory Visualization for Blue Teams and Threat Hunters

CPU Introspection: Intel Load Port Snooping

Guide To Using Reverse Image Search For Investigations

Top 20 Most Popular Hacking Tools in 2019

#polanowyhacking

źródło: comment_ZnLxIw0hQph090XdJN7pqRoPmRJz0kq3.jpg

27.12.2019, 09:41:13

3

BadUSB-Cable (Evil Crow Cable)

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Why npm lockfiles can be a security blindspot for injecting malicious modules

What I Learned from Reverse Engineering Windows Containers

WHID Elite is a GSM-enabled Open-Source Multi-Purpose Offensive Device

Interactive Beginner's Guide to ROP

#polanowyhacking

źródło: comment_yYsQEwDgUzswXniE2ysAe51WpYyDQgx5.jpg

24.12.2019, 12:16:53

3

ANY.RUN malicious database provides free access to more than 1,000,000 public reports submitted by the malware research community.

CTF Design Guidelines

Investigating ARM Cortex® M33 core – Dual Core debug tutorial

Reversing Windows Internals (Part 1) – Digging Into Handles, Callbacks & ObjectTypes

Powershell for exploitation and post exploitation

#polanowyhacking

źródło: comment_Y8POEZjf34fQCOq4hFORUiQMx1FR7dcA.jpg