Hiding in the Shadows at ‘ManagedBy’ Attribute

Hiding in the Shadows at ‘’ManagedBy’’ Attribute

#HackThePlanet

---

Unprotected MongoDB leaks 188m users’ data from sensitive search engine

Unprotected MongoDB leaks 188m users’ data from sensitive search engine

#HackThePlanet

---

Awesome Mainframe Hacking
https://github.com/samanL33T/Awesome-Mainframe-Hacking
#HackThePlanet

---

Discovering CVE-2019-13504, CVE-2019-13503 and the importance of API Fuzzing

Discovering CVE-2019-13504, CVE-2019-13503 and the importance of API Fuzzing

#HackThePlanet

---

Second order SQL injection in ZoneMinder
https://www.qbit.nl/blog/second-order-sql-injection-in-zoneminder/
#HackThePlanet

---

Awesome-Cellular-Hacking
https://github.com/W00t3k/Awesome-Cellular-Hacking
#HackThePlanet

---

Mosca – Manual Static Analysis Tool To Find Bugs

Mosca – Manual Static Analysis Tool To Find Bugs

#HackThePlanet

---

D-Link Agrees to 10 Years of Security Audits to Settle FTC Charges
https://thehackernews.com/2019/07/ftc-d-link-router-security.html
#HackThePlanet

---

China’s Border Guards Secretly Installing Spyware App on Tourists’ Phones
https://thehackernews.com/2019/07/xinjiang-fengcai-spyware.html
#HackThePlanet

---

Cloudflare’s recent 502 Bad Gateway outage blamed on bad software

Cloudflare’s recent 502 Bad Gateway outage blamed on bad software

#HackThePlanet

---

Magento 2.3.1: Unauthenticated Stored XSS to RCE
https://blog.ripstech.com/2019/magento-rce-via-xss/
#HackThePlanet

---

Debugging the Samsung Android Kernel part 1
https://medium.com/@alex91ar/debugging-the-samsung-android-kernel-part-1-ab2a9b87c162
#HackThePlanet

---

Debugging the Samsung Android Kernel part 2
https://medium.com/@alex91ar/debugging-the-samsung-android-kernel-part-2-cebac7069863
#HackThePlanet

---

Debugging the Samsung Android Kernel part 3
https://medium.com/@alex91ar/debugging-the-samsung-android-kernel-part-3-c27e916c9a7d
#HackThePlanet

---

Evading Cisco AnyConnect Blocking LAN Connections

Evading Cisco AnyConnect blocking LAN connections

#HackThePlanet

---

Is Your VPN Provider in a 14 Eyes Country? (What is 14 Eyes?)

Is Your VPN Provider in a 14 Eyes Country? (What is 14 Eyes?)

#HackThePlanet

---

Hacker deletes entire student newspaper website of University of Ottawa

Hacker deletes entire student newspaper website of University of Ottawa

#HackThePlanet

---

Richelieu – List of the most common French passwords
https://github.com/tarraschk/richelieu
#HackThePlanet

---

Nuget/Squirrel uncontrolled endpoints leads to arbitrary code execution
https://medium.com/@reegun/nuget-squirrel-uncontrolled-endpoints-leads-to-arbitrary-code-execution-80c9df51cf12
#HackThePlanet

---

amass — Automated Attack Surface Mapping
https://danielmiessler.com/study/amass/
https://github.com/OWASP/Amass
#HackThePlanet

---

ASREQRoast – From MITM to hash
http://dumpco.re/blog/asreqroast
#HackThePlanet

---

A Collection of Awesome Penetration Testing Resources
https://github.com/wtsxDev/Penetration-Testing/blob/master/README.md#books
#HackThePlanet

---

The Bug Bounty Bucket List
The Bug Bounty Bucket List
#HackThePlanet

---

A mini-education thread on Twitter about port scanning

Port scan education thread! Today we'll debunk some myths about stealth and clue you in to what a port scan actually IS, and why it matters. #infosec #introsec #noobsec 1/9 pic.twitter.com/pv3VwhH3ca

— Daniel Miller ✝ (@bonsaiviking) July 2, 2019

#HackThePlanet

---

Broadcast Signal Intrusion with RPi Zero and an old rusty Guitar String

Broadcast Signal Intrusion with RPi Zero and an old rusty Guitar String

#HackThePlanet

---

Crooks steal $28M in crypto using Google Adwords & spoofed domains

Crooks steal $28M in crypto using Google Adwords & spoofed domains

#HackThePlanet

---

All DEF CON 27 Speakers are Live!
https://defcon.org/html/defcon-27/dc-27-speakers.html
#HackThePlanet

---

Slurp – Amazon AWS S3 Bucket Enumerator

Slurp – Amazon AWS S3 Bucket Enumerator

#HackThePlanet

---

Knocking the IDOR
https://medium.com/bugbountywriteup/knocking-the-idor-6f80e8126ee4
#HackThePlanet

---

Words Of Wisdom of the Fucking Day
You spend most of your life inside your head. Make it a nice place to be.
#HackThePlanet

---

Repo for the SigInt Tablet (2019 CircleCityCon)
https://gitlab.com/crankylinuxuser/siginttablet/
#HackThePlanet

---

GOTCHA: Taking phishing to a whole new level
https://medium.com/intigriti/gotcha-taking-phishing-to-a-whole-new-level-72eda9e30bef
#HackThePlanet

---

The not so ultra lock

The not so ultra lock

#HackThePlanet

---

Vulnerable Containers, a list of vulnerable Top 1000 containers and their vulnerabilities
https://vulnerablecontainers.org/
#HackThePlanet

---

Mozilla’s ‘Track This’ lets you choose fake identity to deceive advertisers

Mozilla’s ‘Track This’ lets you choose fake identity to deceive advertisers

#HackThePlanet

---

Mozilla Server Side TLS Configuration Guide v5.0

Mozilla Server Side TLS Configuration Guide v5.0 from netsec

#HackThePlanet

---