Responsive image

()
Tags:

Command and Control with WebSockets WSC2

(blackhillsinfosec.com)
this all started with a conversation I was having with a few other BHIS testers. At the time, I was testing a web application that used WebSockets. The app was giving me headaches, and I was venting my frustration. Penetration testers, red teams, and baddies are always looking for new ways to sneak by defenses.
Tags: security,pentest,c&c,websockets

Exploiting Second Order SQLi Flaws by using Burp & Custom Sqlmap Tamper

(pentest.blog)
Web applications evolved in the last century from simple scripts to single page applications. Such complex web applications are prone to different types of security vulnerabilities. One type of vulnerability, named as secondorder, occurs when an attack payload is first stored by the application on the web server and then later on used in a security-critical operation.
Tags: security,web,pentest,sqli

Reversing ALPC: Where are your windows bugs and sandbox escapes?

(blogspot.com)
The goal of this post is to understand my process for finding bugs (which are generally done through any means necessary), so it’s important to note they aren’t indicative of mastery in any given subject. As always, if you find any errors, or corrections, feel free to contact me. This is a personal hobby of mine and do not profess to being a professional vulnerability researcher.
Tags: windows,alpc,sandbox,exploit

Introduction to Linux interfaces for virtual networking

(redhat.com)
Linux has rich virtual networking capabilities that are used as basis for hosting VMs and containers, as well as cloud environments. In this post, I will give a brief introduction to all commonly used virtual network interface types.
Tags: linux,network

The Ethernaut is a Web3/Solidity based wargame inspired on overthewire.org, played in the Ethereum Virtual Machine. Each level is a smart contract that needs to be 'hacked'.

(zeppelin.solutions)
The game is 100% open source and all levels are contributions made by other players. Do you have an interesting idea? PRs are welcome at github.com/OpenZeppelin/ethernaut. Are you interested in smart contract development or security? Does securing the world’s blockchain infrastructure sound exciting to you? We are hiring!
Tags: security,pentesting,blockchain

THE ESP8266 HONEYPOT: A PROJECT TO TRAP SCRIPT KIDDIES EVERYWHERE!!

(github.com)
This is a honeypot programmed in Micropython for the ESP8266
Tags: honeypot,security,esp

Practical Web Cache Poisoning

(portswigger.net)
Web cache poisoning has long been an elusive vulnerability, a 'theoretical' threat used mostly to scare developers into obediently patching issues that nobody could actually exploit.
Tags: burp,exploit,method,cache,security

NTLM Credentials Theft via PDF Filesned

(checkpoint.com)
Just a few days after it was reported that malicious actors can exploit a vulnerability in MS outlook using OLE to steal a Windows user’s NTLM hashes, the Check Point research team can also reveal that NTLM hash leaks can also be achieved via PDF files with no user interaction or exploitation.
Tags: exploit,pdf,CVE-2018-4993

How to Read an RFC

(mnot.net)
For better or worse, Requests for Comments (RFCs) are how we specify many protocols on the Internet. These documents are alternatively treated as holy texts by developers who parse them for hidden meanings, then shunned as irrelevant because they can’t be understood. This often leads to frustration and – more significantly – interoperability and security issues.
Tags: rfc