InfoSec Write-ups - Medium-- LAN Captive portal — beginners GuideCaptive Portals are a common security procedure, used consistently on your wifi network for guests or even when outsource employees work within your internal LAN, connecting through ethernet wall sockets.One way to do so is to enforce it by creating a VLAN ( virtual LAN ) on your subnet … Continue reading LAN Captive portal — beginners Guide
The Hacker News-- Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China. "Many mature and hard targets have been pwned on this year's contest," the event organizers said. "11 … Continue reading Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition
KitPloit - PenTest Tools!-- The ShowStopper project is a tool to help malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods. With this tool, you can attach a debugger to its process and research the debugger’s behavior for the techniques you need (the virtual … Continue reading ShowStopper – Anti-Debug tricks exploration tool
KitPloit - PenTest Tools!-- Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.Features Man-in-the-middle (MITM) HTTP/1.1 proxy with logs Project based database storage (SQLite) Scope support Headless … Continue reading Hetty – An HTTP Toolkit For Security Research
KitPloit - PenTest Tools!-- Using this script, you can configure a number of JavaScript files on websites that you want to monitor. Everytime you run this script, these files will be fetched and compared to the previously fetched version. If they have changed, you will be notified via Telegram with a message containing a link … Continue reading JSMon – JavaScript Change Monitor for BugBounty
Latest Hacking News-- Japanese game developer Capcom has suffered a cyberattack, potentially losing data to attackers. The firm has possibly fallen prey to Capcom Disclosed Cyberattack – Ransomware Involvement Suspected on Latest Hacking News. View original article on Latest Hacking News
KitPloit - PenTest Tools!-- Threagile (see https://threagile.io for more details) is an open-source toolkit for agile threat modeling: It allows to model an architecture with its assets in an agile fashion as a YAML file directly inside the IDE. Upon execution of the Threagile toolkit all standard risk rules (as well as individual custom rules … Continue reading Threagile – Agile Threat Modeling Toolkit
InfoSec Write-ups - Medium-- Understanding & Exploiting: Cross-Site Request Forgery — CSRF vulnerabilitiesCross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unintended actions on a web application in which they are currently authenticated. With a little social engineering, an attacker may force the users of a web application to execute actions of … Continue reading Understanding & Exploiting: Cross-Site Request Forgery — CSRF vulnerabilities
Null Byte « WonderHowTo-- Tech-savvy programmers and developers usually apply their unique talents exclusively to creating apps and websites—two high-paying and exciting pursuits that can open countless doors and opportunities in multiple fields. But you can also put these in-demand skills to use in the interconnected worlds of electrical engineering and robotics, and there's never … Continue reading Break into the World of Electrical Engineering with This Bundle
Hacker's Directory 