RT @Fox0x01@twitter.com

For Pentesters and CTF players, here’s a list of useful payloads and bypasses, covering various WebApp attacks.

There are a lot of similar GitHub repos out there. What’s your personal favorite?

github.com/swisskyrepo/Payload

🐦🔗: twitter.com/Fox0x01/status/109

RT @jepayneMSFT@twitter.com

Windows Event ID 4624 displays a numerical value for the type of login that was attempted. These numbers are important from a forensic standpoint but also for understanding credential exposure and mitigating risks. Descriptions in replies.

🐦🔗: twitter.com/jepayneMSFT/status

RT @TinkerSec@twitter.com

~=8 Character Passwords Are Dead=~

New benchmark means that the entire keyspace, or every possible combination of:
- Upper
- Lower
- Number
- Symbol

...of an 8 character password can be guessed in:

~2.5 hours

(8x 2080 GPUs against NTLM Windows hash)
twitter.com/hashcat/status/109

🐦🔗: twitter.com/TinkerSec/status/1

RT @shishi0_@twitter.com

"Pwning WPA/WPA2 Networks With Bettercap and the PMKID Client-Less Attack "

Solid writeup for his tool (bettercap) @evilsocket@twitter.com.
Still need a big cracking ring to be interesting.

evilsocket.net/2019/02/13/Pwni

🐦🔗: twitter.com/shishi0_/status/10

RT @JusticeRage@twitter.com

New release: a Python script to catch careless intruders on your machines by "booby-trapping" binaries. github.com/JusticeRage/freedom

🐦🔗: twitter.com/JusticeRage/status

RT @Synacktiv@twitter.com

Synacktiv is hiring! We are looking for a sysadmin, a commercial as well as pentesters, reversers and developers. We also have internship positions (documents in French): synacktiv.com/en/company.html#

🐦🔗: twitter.com/Synacktiv/status/1

RT @sigsegv_event@twitter.com

Hello tout le monde, on se retrouve pour le prochain meet le 22 Février à partir de 18h30 (Paris intra-muros).

Comme d'habitude, le lieu sera communiqué sous peu, merci de vous inscrire pour prendre en compte le nombre de personnes 😀

framadate.org/iRB7s7mlC4OokeYj

🐦🔗: twitter.com/sigsegv_event/stat

RT @TestingPens@twitter.com

Wondering about Android and Apple phone security? Here's an objective chart to help you decide:

🐦🔗: twitter.com/TestingPens/status

RT @hackerfantastic@twitter.com

Privilege escalation on UFED touch, auxiliary is Admin and using a shared password. Shows how Operator can escalate privilege to Administrator and interfere with the unit.

🐦🔗: twitter.com/hackerfantastic/st

Show more
Mastodon

On « Tweet » sur Twitter ; on « Toot » sur Mastodon. Sur ce réseau social plein de libertés, TeDomum met à disposition une modeste instance. N'hésitez pas à nous solliciter pour la modération ou des ajustements de configuration.