Blog

Latest Infosec News and Articles Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock https://github.com/liamg/traitor Geowifi - Search WiFi Geolocation Data By BSSID And SSID

Latest Infosec News and Articles Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock https://github.com/liamg/traitor Geowifi - Search WiFi Geolocation Data By BSSID And SSID

Latest Infosec News and Articles Remote Code Execution in pfSense <= 2.5.2 https://t.co/BkeOJyQd1j Azure Privilege Escalation via Cloud Shell  https://www.netspi.com/blog/technical/cloud-penetration-testing/attacking-azure-cloud-shell/ Running Cobalt Strike BOFs from Python https://www.naksyn.com/injection/2022/02/16/running-cobalt-strike-bofs-from-python.html vortex: VPN Overall Reconnaissance, Testing, Enumeration

Latest Infosec News and Articles jwt-hack: tool for hacking/security testing to JWT https://securityonline.info/jwt-hack-tool-for-hacking-security-testing-to-jwt/ SharpCookieMonster - Extracts Cookies From Chrome https://www.kitploit.com/2022/02/sharpcookiemonster-extracts-cookies.html WELA: Windows Event Log Analyzer https://securityonline.info/wela-windows-event-log-analyzer/ GitBleed – Finding Secrets in Mirrored Git

Latest Infosec News and Articles Software Defined Radio, Part 6: Building a Cellphone IMSI Catcher (Stingray) https://www-hackers--arise-com.cdn.ampproject.org/c/s/www.hackers-arise.com/amp/software-defined-radio-part-6-building-a-imsi-catcher-stingraySIM Hijacking https://sensepost.com/blog/2022/sim-hijacking/ SpoolFool: Windows Print Spooler Privilege Escalation (CVE-2022–22718)  https://research.ifcr.dk/spoolfool-windows-print-spooler-privilege-escalation-cve-2022-22718-bf7752b68d81 Espionage - A Network Packet

Latest Infosec News and Articles Ipsourcebypass - This Python Script Can Be Used To Bypass IP Source Restrictions Using HTTP Headers  https://www.kitploit.com/2022/02/ipsourcebypass-this-python-script-can.html Multiple HTTP Redirects to Bypass SSRF Protections  https://infosecwriteups.com/multiple-http-redirects-to-bypass-ssrf-protections-45c894e5d41c  Linux内核利用资料精选  https://github.com/0x0021h/pwnlinux A

Latest Infosec News and Articles Bootkit sample for firmware attack  https://github.com/hardenedvault/bootkit-samples Attacks on JSON Web Token (JWT)  https://infosecwriteups.com/attacks-on-json-web-token-jwt-278a49a1ad2e TREVORproxy: randomizes your source IP address to avoid Smart Lockout https://securityonline.info/trevorproxy-randomizes-your-source-ip-address-to-avoid-smart-lockout/ Analyzing and Detecting a

A Beginner’s guide into Router Hacking and Firmware Emulation  https://secnigma.wordpress.com/2022/01/18/a-beginners-guide-into-router-hacking-and-firmware-emulation/A toolbox for extracting RSA private keys from public keys  https://github.com/b4den/rsacrackMajor release for CrackMapExec  https://mpgn.gitbook.io/crackmapexec/news-2022/major-release-for-crackmapexec Pwndora - Massive IPv4 Scanner, Find And

SpoofThatMail - Bash Script To Check If A Domain Or List Of Domains Can Be Spoofed Based In DMARC Records  https://www.kitploit.com/2022/01/spoofthatmail-bash-script-to-check-if.html  Exploit Kits vs. Google Chrome  https://decoded.avast.io/janvojtesek/exploit-kits-vs-google-chrome/ Espoofer - An Email Spoofing