IT Security News Bulletin #82

IT Security News Bulletin #82

Latest Infosec News and Articles Tools to assess the DNS security of web applications  https://github.com/The-Login/DNS-Reset-Checker Decrypting VEEAM Passwords https://blog.checkymander.com/red%20team/veeam/decrypt-veeam-passwords/ Beanshooter - JMX Enumeration And Attacking Tool https://www.kitploit.com/2021/07/beanshooter-jmx-enumeration-and.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29 Android Hacking 101 Walkthrough: Part 1

IT Security News Bulletin #81

IT Security News Bulletin #81

Latest Infosec News and Articles meterpeter: C2 Powershell Command & Control Framework  https://securityonline.info/meterpeter-c2-powershell-command-control-framework/ domhttpx: google search engine dorker https://securityonline.info/domhttpx-google-search-engine-dorker/ reconmap: vulnerability assessment and penetration testing platform  https://securityonline.info/reconmap-vulnerability-assessment-and-penetration-testing-platform/ Getting Partial AWS Account IDs for

IT Security News Bulletin #80

IT Security News Bulletin #80

Latest Infosec News and Articles Remote Desktop Penetration Testing (Port 3389)  https://www.hackingarticles.in/remote-desktop-penetration-testing-port-3389/  PrintNightmare Network Analysis https://www.hackingarticles.in/remote-desktop-penetration-testing-port-3389/  Google dork cheatsheet https://gist.github.com/sundowndev/283efaddbcf896ab405488330d1bbc06  Invoke-DNSteal - Simple And Customizable DNS Data Exfiltrator https://www.kitploit.com/2021/07/invoke-dnsteal-simple-and-customizable.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29 VNC Penetration Testing https://www.hackingarticles.in/vnc-penetration-testing/ Fuzzing ImageMagick

IT Security News Bulletin #79

IT Security News Bulletin #79

Latest Infosec News and Articles IDOR (Insecure Direct Object Reference) https://notes.mufaddal.info/web/idor NExfil: OSINT tool written in python for finding profiles by username  https://securityonline.info/nexfil-osint-tool-written-in-python-for-finding-profiles-by-username/ Exploiting insecure deseralization vulnerabilties found in the wild  https://macrosec.tech/index.php/2021/06/22/exploiting-insecure-deserialization-vulnerabilities-found-in-the-wild/  Buffer

IT Security News Bulletin #78

IT Security News Bulletin #78

Latest Infosec News and Articles Proxy Windows Tooling via SOCKS https://posts.specterops.io/proxy-windows-tooling-via-socks-c1af66daeef3 How We Are Able To Hack Any Company By Sending Message - $20,000 Bounty [CVE-2021–34506] https://cyberxplore.medium.com/how-we-are-able-to-hack-any-company-by-sending-message-including-facebook-google-microsoft-b7773626e447 Binary instrumentation framework based on

IT Security News Bulletin #77

IT Security News Bulletin #77

Latest Infosec News and Articles YARA Rules Guide: Learning this Malware Research Tool https://www.varonis.com/blog/yara-rules/ Deep Dive into AWS Penetration Testing https://infosecwriteups.com/deep-dive-into-aws-penetration-testing-a99192a26898?source=rss----7b722bfd1b8d---4 emp3r0r v0.9.27 releases: linux post exploitation framework https://securityonline.info/emp3r0r-v0-9-27-releases-linux-post-exploitation-framework/ Web Applications and Internal

IT Security News Bulletin #76

IT Security News Bulletin #76

Latest Infosec News and Articles Finding SSRF via HTML Injection inside a PDF file on AWS EC2  https://blog.appsecco.com/finding-ssrf-via-html-injection-inside-a-pdf-file-on-aws-ec2-214cc5ec5d90  Attacking Azure, Azure AD, and Introducing PowerZure https://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a Memory Analysis For Beginners With Volatility

IT Security News Bulletin #75

IT Security News Bulletin #75

Latest Infosec News and Articles Memory Analysis For Beginners With Volatility Part 2  https://infosecwriteups.com/memory-analysis-for-beginners-with-volatility-coreflood-trojan-part-2-42bdb46683f2 Exploiting Windows RPC to bypass CFG mitigation: analysis of CVE-2021-26411 in-the-wild sample https://iamelli0t.github.io/2021/04/10/RPC-Bypass-CFG.html A repository of sysmon configuration

>