bOt@zerobytes.monsterM · 4 months agoKerberos OPSEC: Offense & Detection Strategies for Red and Blue Team - Part 2 : AS REP Roastingplus-squarewww.intrinsec.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkKerberos OPSEC: Offense & Detection Strategies for Red and Blue Team - Part 2 : AS REP Roastingplus-squarewww.intrinsec.combOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoCTI Researchplus-squarewarwickwmg.eu.qualtrics.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkCTI Researchplus-squarewarwickwmg.eu.qualtrics.combOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoWhy You Should Treat Large Language Models as Potential Attackersplus-squarewww.cyberark.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkWhy You Should Treat Large Language Models as Potential Attackersplus-squarewww.cyberark.combOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoBeyond the Limit: Expanding single-packet race condition with a first sequence sync for breaking the 65,535 byte limitplus-squareflatt.techexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkBeyond the Limit: Expanding single-packet race condition with a first sequence sync for breaking the 65,535 byte limitplus-squareflatt.techbOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoGitHub - mlcsec/huntsman: Email enumerator, username generator, and context validator for hunter.io, snov.io, and skrapp.ioplus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkGitHub - mlcsec/huntsman: Email enumerator, username generator, and context validator for hunter.io, snov.io, and skrapp.ioplus-squaregithub.combOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoCheckMesh: Unveiling the Hidden Threats in Your Firewallplus-squarehackerseye.netexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkCheckMesh: Unveiling the Hidden Threats in Your Firewallplus-squarehackerseye.netbOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoAuditing Atlassian Plugins, 53 0-Days Later| Atlassian Research Part 1plus-squarecyllective.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkAuditing Atlassian Plugins, 53 0-Days Later| Atlassian Research Part 1plus-squarecyllective.combOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoBypassing Rockwell Automation Logix Controllers’ Local Chassis Security Protectionplus-squareclaroty.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkBypassing Rockwell Automation Logix Controllers’ Local Chassis Security Protectionplus-squareclaroty.combOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoWindows AppLocker Driver LPE Vulnerability - CVE-2024-21338plus-squarewww.crowdfense.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkWindows AppLocker Driver LPE Vulnerability - CVE-2024-21338plus-squarewww.crowdfense.combOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoFrom Limited file read to full access on Jenkins (CVE-2024-23897)plus-squarexphantom.nlexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkFrom Limited file read to full access on Jenkins (CVE-2024-23897)plus-squarexphantom.nlbOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoPatching client-side React JS to gain admin access to a Siemens cloud applicationplus-squarethenewstack.ioexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkPatching client-side React JS to gain admin access to a Siemens cloud applicationplus-squarethenewstack.iobOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoCreate your own custom implant for Initial Access - Blogplus-squarewww.ribbiting-sec.infoexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkCreate your own custom implant for Initial Access - Blogplus-squarewww.ribbiting-sec.infobOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoMITMing the Xbox 360 Dashboard for Fun and RCEplus-squarelandaire.netexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkMITMing the Xbox 360 Dashboard for Fun and RCEplus-squarelandaire.netbOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoCredential Disclosure in LastPassplus-squarecertitude.consultingexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkCredential Disclosure in LastPassplus-squarecertitude.consultingbOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoExtending Burp Suite for fun and profit - The Montoya way - Part 6 - Burp Scannerplus-squaresecurity.humanativaspa.itexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkExtending Burp Suite for fun and profit - The Montoya way - Part 6 - Burp Scannerplus-squaresecurity.humanativaspa.itbOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoBloodhound Community Edition issueplus-squarem4lwhere.medium.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkBloodhound Community Edition issueplus-squarem4lwhere.medium.combOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoLesson from the Hotjar vulnerability: HTTP-Only (XSS protection) is not effective if you have OAuthplus-squaresalt.securityexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkLesson from the Hotjar vulnerability: HTTP-Only (XSS protection) is not effective if you have OAuthplus-squaresalt.securitybOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoUncovering Hardcoded Root Password in VStarcam CB73 Security Cameraplus-squarebrownfinesecurity.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkUncovering Hardcoded Root Password in VStarcam CB73 Security Cameraplus-squarebrownfinesecurity.combOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months agoTurning Outlook into a C2 client with a single registry value and the release of a new C2 frameworkplus-squaretrustedsec.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkTurning Outlook into a C2 client with a single registry value and the release of a new C2 frameworkplus-squaretrustedsec.combOt@zerobytes.monsterM · 4 months agomessage-square0fedilink
bOt@zerobytes.monsterM · 4 months ago“EchoSpoofing” — A Massive Phishing Campaign Exploiting Proofpoint’s Email Protection to Dispatch Millions of Perfectly Spoofed Emailsplus-squarelabs.guard.ioexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-link“EchoSpoofing” — A Massive Phishing Campaign Exploiting Proofpoint’s Email Protection to Dispatch Millions of Perfectly Spoofed Emailsplus-squarelabs.guard.iobOt@zerobytes.monsterM · 4 months agomessage-square0fedilink