2019-04-05 Random Interesting Shit

Categories Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn

Unpatched Flaw in Xiaomi’s Built-in Browser App Lets Hackers Spoof URLs
https://thehackernews.com/2019/04/xiaomi-browser-vulnerability.html
#hackerstuff #HackThePlanet


New malware can modify CT and MRI scan results

New malware can modify CT and MRI scan results


#hackerstuff #HackThePlanet


Hard Times for Cryptojacking

Hard Times for Cryptojacking


#hackerstuff #HackThePlanet


Handlebars template injection and RCE in a Shopify app
https://mahmoudsec.blogspot.com/2019/04/handlebars-template-injection-and-rce.html
#hackerstuff #HackThePlanet


2019-04-04 Random Interesting Shit

Categories Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn

Security in Sciter-based applications
https://www.tarlogic.com/en/blog/security-in-sciter-based-applications/
#hackerstuff #HackThePlanet


Assessing Unikernel Security
https://www.nccgroup.trust/us/our-research/assessing-unikernel-security/
#hackerstuff #HackThePlanet


CVE-2019–5418: on WAF bypass and caching
https://blog.pentesterlab.com/cve-2019-5418-on-waf-bypass-and-caching-10e93f9a1981
#hackerstuff #HackThePlanet


2019-04-03 Random Interesting Shit

Categories Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn

In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code
https://thehackernews.com/2019/04/js-sniffers-credit-card-hacking.html
#hackerstuff #HackThePlanet


Facebook Caught Asking Some Users Passwords for Their Email Accounts
https://thehackernews.com/2019/04/facebook-email-password.html
#hackerstuff #HackThePlanet


New Apache Web Server Bug Threatens Security of Shared Web Hosts
https://thehackernews.com/2019/04/apache-web-server-security.html
#hackerstuff #HackThePlanet


Is Flawless Anonymity Possible?

Is Flawless Anonymity Possible?


#hackerstuff #HackThePlanet


CARPE (DIEM): CVE-2019-0211 Apache Root Privilege Escalation
https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html
#hackerstuff #HackThePlanet


the-book-of-secret-knowledge – A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
https://github.com/trimstray/the-book-of-secret-knowledge
#hackerstuff #HackThePlanet


KatzKatz – Python script to parse txt files containing Mimikatz output
https://github.com/xFreed0m/KatzKatz
#hackerstuff #HackThePlanet


Wizard Labs – Devlife Write-up by 0xRick
https://0xrick.github.io/wizard-labs/devlife/
#hackerstuff #HackThePlanet


Web Security Academy
https://portswigger.net/web-security
#hackerstuff #HackThePlanet


540 Million Facebook User Records Found On Unprotected Amazon Servers
https://thehackernews.com/2019/04/facebook-app-database.html
#hackerstuff #HackThePlanet


Georgia Tech Data Breach Exposes 1.3 Million Users’ Personal Data
https://thehackernews.com/2019/04/georgia-tech-data-breach.html
#hackerstuff #HackThePlanet


2019-04-02 Random Interesting Crap

Categories Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn

Thousands of Unprotected Kibana Instances Exposing Elasticsearch Databases
https://thehackernews.com/2019/04/kibana-data-security.html
#hackerstuff #HackThePlanet


Pass Interface Parameters by Reference in Golang

Pass Interface Parameters by Reference in Golang


#hackerstuff #HackThePlanet


Toyota data breach: Hackers steal 3.1 million customers’ data

Toyota data breach: Hackers steal 3.1 million customers’ data


#hackerstuff #HackThePlanet


Inside job: Bithumb crypto exchange hacked again; loses $20 million

Inside job: Bithumb crypto exchange hacked again; loses $20 million


#hackerstuff #HackThePlanet


Circumventing SSL Pinning in obfuscated apps with OkHttp
Circumventing SSL Pinning in obfuscated apps with OkHttp
#hackerstuff #HackThePlanet


fireprox – AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
https://github.com/ustayready/fireprox
#hackerstuff #HackThePlanet


2019-03-28 Random Interesting Shit

Categories Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn

Elfin Hacking Group Targets Multiple U.S. and Saudi Arabian Firms
https://thehackernews.com/2019/03/apt33-cyber-espionage-hacking.html
#hackerstuff #HackThePlanet


New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps
https://thehackernews.com/2019/03/facebook-whitehat-setting-hackers.html
#hackerstuff #HackThePlanet


Security BSides San Francisco Playlist
https://www.youtube.com/BSidesSFTV?mc_cid=dfd16f0c14&mc_eid=ccd82f0038
#hackerstuff #HackThePlanet


A Pentester’s Guide – Part 1 (OSINT – Passive Recon and Discovery of Assets)

A Pentester’s Guide – Part 1 (OSINT – Passive Recon and Discovery of Assets)


#hackerstuff #HackThePlanet


50M_CTF_Writeup – $50 million CTF Writeup
https://github.com/manoelt/50M_CTF_Writeup/blob/master/README.md
#hackerstuff #HackThePlanet


automated-pentest – Minimal docker container of Parrot OS for running an automated scan & pentest report.
https://github.com/vishnudxb/automated-pentest
#hackerstuff #HackThePlanet


Resource Hacker – a freeware resource compiler & decompiler for Windows® applications
http://www.angusj.com/resourcehacker/
#hackerstuff #HackThePlanet