Canyoupwnme

Posts

Date Content Media
2023-12-25 14:42:52
Prompt Firewallhttps://promptfirewall.com/index.html
2023-11-22 13:00:56
SwaggerParser-BurpExtensionhttps://github.com/Trendyol/swagger-parser-burp-extension
2023-06-15 22:15:35
Security checklist app for your Machttps://github.com/paretoSecurity/pareto-mac/
2023-06-15 22:10:45
ThreatIngestorhttps://github.com/InQuest/ThreatIngestor
2023-06-15 12:53:59
Microsoft June “Patch Tuesday” Addresses 73 Vulnerabilitieshttps://securityboulevard.com/2023/06/microsoft-june-patch-tuesday-addresses-73-vulnerabilities/
2023-06-15 12:52:56
Dynamic Linq Injection Remote Code Execution Vulnerability (CVE-2023-32571)https://research.nccgroup.com/2023/06/13/dynamic-linq-injection-remote-code-execution-vulnerability-cve-2023-32571/
2023-06-15 12:51:34
Российские хакеры анонсировали мощную атаку на западную финансовую систему в ближайшие 48 часов. Задача номер один — парализовать работу SWIFT.По нашей информации, ради этой кампании объединились ребята из группировок KillNet, Revil и Anonymous Sudan. Планируют "дать отпор безумцам по формуле «нет денег — нет оружия — нет киевского режима»". Среди целей: банки Европы и США, Swift и Федеральная резервная система США (аналог нашего Центрального банка). Для справки: Revil считается одним из самых активных мобов среди хакеров по всему миру. Ребята прославились тем, что похищали схемы будущих продуктов Apple, взламывали органы местного управления Техаса и атаковали крупнейшего поставщика мяса в мире — JBS. Теперь они будут работать с ребятами из KillNet, которые в августе прошлого года сломали сайт ведущей американской оборонной корпорации Lockheed Martin и доказали, что агенты ФБР любят куколд-порно. Ну а про "анонимусов" вы слышали. Deus Vult 1001100😋 Подписывайся на Mash
2023-02-08 14:02:21
GreenTunnel is an anti-censorship utility designed to bypass the DPI system that is put in place by various ISPs to block access to certain websites.https://github.com/SadeghHayeri/GreenTunnel
2023-02-08 14:01:49
GoodbyeDPI — Deep Packet Inspection circumvention utility (for Windows)https://github.com/ValdikSS/GoodbyeDPI
2023-02-03 21:51:50
Security Bulletin: IBM WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2023-23477)https://www.ibm.com/support/pages/node/6891111
2023-02-03 21:46:32
High-Severity Privilege Escalation Vulnerability Patched in VMware Workstationhttps://www.securityweek.com/high-severity-privilege-escalation-vulnerability-patched-in-vmware-workstation/https://www.vmware.com/security/advisories/VMSA-2023-0003.html
2023-02-03 21:41:17
Jira Service Management Server and Data Center Advisory (CVE-2023-22501)https://confluence.atlassian.com/jira/jira-service-management-server-and-data-center-advisory-2023-02-01-1188786458.html
2023-02-03 21:38:58
Django contains Uncontrolled Resource Consumption via cached headerhttps://github.com/advisories/GHSA-q2jf-h9jm-m7p4
2023-02-03 21:38:30
A Vulnerability in vBulletin Could Allow for Remote Command Executionhttps://www.cisecurity.org/advisory/a-vulnerability-in-vbulletin-could-allow-for-remote-command-execution_2023-013
2023-02-03 21:37:21
Exploitation attempts for Oracle E-Business Suite flaw observed after PoC releasehttps://securityaffairs.com/141782/hacking/oracle-e-business-suite-flaw-poc.html
2023-01-29 10:24:03
PHP Development Server <= 7.4.21 - Remote Source Disclosurehttps://blog.projectdiscovery.io/php-http-server-source-disclosure/
2023-01-22 17:56:43
CVE-2020-36109 PoC causing DoShttps://github.com/sunn1day/CVE-2020-36109-POC
2023-01-22 12:26:34
2022 Microsoft Teams RCEhttps://blog.pksecurity.io/2023/01/16/2022-microsoft-teams-rce.html
2023-01-22 12:26:30
GTA Online New Hack allows Remotely Modify Users PC Datahttps://www.cyberkendra.com/2023/01/gta-online-new-hack-allows-remotely.html
2023-01-16 08:23:42
CVE-2023-22602: Apache Shiro Authentication Bypass Vulnerabilityhttps://securityonline.info/cve-2023-22602-apache-shiro-authentication-bypass-vulnerability/
2023-01-13 10:25:11
Bad things come in large packages: .pkg signature verification bypass on macOShttps://sector7.computest.nl/post/2023-01-xar/#apple #macOS
2023-01-11 13:20:42
Microsoft's first Patch Tuesday of 2023 delivers a massive 98 fixeshttps://www.zdnet.com/article/microsofts-first-patch-tuesday-of-2023-delivers-a-massive-98-fixes/#ftag=RSSbaffb68https://www.computerweekly.com/news/252529073/Microsoft-fixes-EoP-zero-day-on-January-Patch-Tuesday
2023-01-11 13:20:34
Unpatchable Hardware Vulnerability Allows Hacking of Siemens PLCshttps://nationalcybersecurity.com/unpatchable-hardware-vulnerability-allows-hacking-of-siemens-plcs-hacking-cybersecurity-infosec-comptia-pentest-hacker/
2023-01-11 13:20:20
Disclosing a New Vulnerability in JWT Secret Poisoning (CVE-2022-23529)https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/
2023-01-06 17:45:40
SIEM Traininghttps://gist.github.com/isaqueprofeta/d14f394d8679fce0a11d7961d514fcdd
2023-01-05 20:02:05
CVE-2022-47523: ManageEngine Password Manager Pro, PAM360 and Access Manager Plus SQL Injection Vulnerability https://www.tenable.com/blog/cve-2022-47523-manageengine-password-manager-pro-pam360-and-access-manager-plus-sql-injection
2023-01-05 20:01:04
USN-5788-1: curl vulnerabilitieshttps://ubuntu.com/security/notices/USN-5788-1
2022-12-27 04:59:31
WebKitGTK and WPE WebKit Security Advisory WSA-2022-0011https://seclists.org/oss-sec/2022/q4/241
2022-12-27 04:58:29
ZEROBOT BOTNET CAN NOW HACK INTO APACHE, APACHE SPARK SERVERShttps://www.securitynewspaper.com/2022/12/26/zerobot-botnet-can-now-hack-into-apache-apache-spark-servers/
2022-12-27 04:56:59
Password Manager for IIS 2.0 has a cross-site scripting (XSS) vulnerability. CVE-2022-36664https://nvd.nist.gov/vuln/detail/CVE-2022-36664
2022-12-26 13:13:08
CVE-2019-25085https://nvd.nist.gov/vuln/detail/CVE-2019-25085
2022-12-26 13:10:37
Critical Citrix ADC and Gateway zero-day exploited by hackershttps://medium.com/@dtacsec/critical-citrix-adc-and-gateway-zero-day-exploited-by-hackers-8710b4530b68
2022-12-26 12:06:20
Uncovering a Bug I Found in Outlook: How Could an Account Has Been Compromised?https://cems.fun/2022/12/26/CVE-2017-8758.html
2022-12-26 07:42:39
CVE-2022-46175: JSON5 Prototype Pollution Vulnerabilityhttps://securityonline.info/cve-2022-46175-json5-prototype-pollution-vulnerability/
2022-12-25 22:00:09
Check Point response to CVE-2021-26414 - "Windows DCOM Server Security Feature Bypass"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176148
2022-12-23 11:32:22
Linux Kernel ksmbd RCEhttps://seclists.org/oss-sec/2022/q4/228https://securityonline.info/critical-remote-code-execution-vulnerability-in-linux-kernel/
2022-12-23 11:31:53
Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Servicehttps://jvn.jp/en/vu/JVNVU96679793/
2022-12-23 11:31:45
CVE-2021-32692 Detailhttps://nvd.nist.gov/vuln/detail/CVE-2021-32692
2022-12-23 11:18:31
Zerobot botnet upgrade targets unpatched Apache servershttps://siliconangle.com/2022/12/22/zerobot-botnet-upgrade-targets-unpatched-apache-servers/
2022-12-23 11:18:20
Threat Brief: OWASSRF Vulnerability Exploitationhttps://unit42.paloaltonetworks.com/threat-brief-owassrf/
2022-12-23 11:17:50
Ghost CMS vulnerable to critical authentication bypass flawhttps://www.bleepingcomputer.com/news/security/ghost-cms-vulnerable-to-critical-authentication-bypass-flaw/
2022-12-14 09:54:04
ImgBackdoorHide your payload into .jpg filehttps://github.com/Tsuyoken/ImgBackdoor
2022-12-14 09:46:59
Announcing OSV-Scanner: Vulnerability Scanner for Open Sourcehttps://security.googleblog.com/2022/12/announcing-osv-scanner-vulnerability.html?m=1
2022-12-13 09:28:58
OWASP KubeLighthttps://owasp.org/www-project-kubernetes-scanner/
2022-12-13 09:19:45
Crash Monitorhttps://github.com/talha/crash_monitor
2022-12-13 00:52:55
FortiOS - heap-based buffer overflow in sslvpndhttps://www.fortiguard.com/psirt/FG-IR-22-398
2022-12-12 17:09:43
FenrirSimple Bash IOC Scannerhttps://github.com/Neo23x0/Fenrir
2022-12-07 09:49:29
telerReal-time HTTP Intrusion Detection https://github.com/kitabisa/teler
2022-10-26 13:36:22
ClamAV 1.0.0 release candidate now availablehttps://blog.clamav.net/2022/10/clamav-100-release-candidate-now.html?m=1
2022-10-20 12:06:47
Microsoft fixes driver blocklist placing users at risk from BYOVD attackshttps://www.malwarebytes.com/blog/news/2022/10/microsoft-fixes-driver-blocklist-placing-users-at-risk-from-byovd-attacks
2022-10-14 10:27:00
CVE-2022-40684https://github.com/secunnix/CVE-2022-40684
2022-09-30 11:51:40
Critical 0-Day Alarm in Microsoft Exchange Serverhttps://brandefense.io/security-news/critical-0-day-alarm-in-microsoft-exchange-server/
2022-09-29 17:49:14
Burp Extension Yazma ve Kullanımı — Özel Bir Başlık Alanı Eklemehttps://medium.com/bilişim-hareketi/burp-extension-yazma-ve-kullanımı-özel-bir-başlık-alanı-ekleme-64712e2665f1
2022-09-29 17:48:07
Multiple Vulnerabilities Detected in Solarwinds Orionhttps://brandefense.io/security-news/multiple-vulnerabilities-detected-in-solarwinds-orion
2022-09-19 07:00:15
HermeticWiper Technical Analysis Reporthttp://docs.brandefense.io/HermeticWiper-Technical-Analysis-Report.pdf
2022-09-06 13:35:16
Vulnerable-Soap-Servicehttps://github.com/anil-yelken/Vulnerable-Soap-Service
2022-08-08 18:23:41
Dynamite Panda APT Grouphttps://brandefense.io/dynamite-panda-apt-group/
2022-08-04 12:03:58
MsfManiahttps://github.com/G1ft3dC0d3/MsfMania
2022-07-28 09:16:43
Hyper Service Transfer Protocol on EVMhttps://github.com/cagataycali/HSTP
2022-07-04 19:23:34
Multiple Critical Vulnerabilities Detected in Jenkinshttps://brandefense.io/multiple-critical-vulnerabilities-detected-in-jenkins/
2022-06-29 15:59:11
ATT&CK Powered Suithttps://chrome.google.com/webstore/detail/attck-powered-suit/gfhomppaadldngjnmbefmmiokgefjddd
2022-05-31 17:39:42
New MS Office zero-click code execution vulnerabilityhttps://fourcore.io/blogs/follina-ms-office-msdt-code-execution-zero-day-vulnerability
2022-05-31 17:38:54
Top Routinely Exploited Vulnerabilitieshttps://www.cisa.gov/uscert/ncas/alerts/aa21-209a
2022-05-17 08:56:23
Kali Linux 2022.2 Release (GNOME 42, KDE 5.24 & hollywood-activate)https://www.kali.org/blog/kali-linux-2022-2-release/
2022-05-11 14:09:15
Frappo: A New “Phishing-as-a-Service” On The Dark Webhttps://brandefense.io/flappo-a-new-phishing-as-a-service-on-the-darkweb/
2022-05-11 13:50:19
Kale İleri Teknoloji olarak ücretsiz Siber Güvenlik Analisti Eğitimi 26-27 Mayıs 2022 tarihlerinde şirketimiz bünyesindeki eğitim salonunda verilecektir. Eğitim 4.sınıf ve yeni mezunları kapsamaktadır. Kampta başarılı olan adaylara Kale İleri Teknoloji bünyesinde tam zamanlı olarak yerinde iş imkanı sağlanacaktır. Kamp kapsamında kampa katılan katılımcıların yol, konaklama ve yemek masrafları kendileri tarafından karşılanacaktır. Siber Güvenlik Analisti Eğitimi ön değerlendirme sınav linki: https://lnkd.in/d-zxuWtg Siber Güvenlik Analisti konularını ele alan içeriklere aşağıdaki linkler aracılığıyla ulaşabilirsiniz: https://lnkd.in/dcjSwdr https://lnkd.in/d_funF7a#ads
2022-05-04 10:45:24
Hacktrick ekosistemine dahil olmak ve güncel gelişmelerden haberdar olmak için Discord kanalımıza bekliyoruz!https://discord.gg/XpwhjNZdZR
2022-04-29 15:00:41
Colibri Loader's Unique Persistence Technique Using Get-Variable Cmdlethttps://fourcore.io/blogs/colibri-loader-powershell-get-variable-persistence