Happy Hacking8

打卡

中秋节快乐，一周总结9.13~9.19 和知识点 本周活跃星友前三是 @Posi0n  @shangzeng @Samaritan 一周知识 - GitHub - klezVirus/inceptor: Template-Driven AV/ED... - 一个免杀的框架，它的思想和工作流才应该是武器化应有的样子。 - php文件包含漏洞Getshell的不同姿势 - 安全客，安全资讯平台 - php文件包含利用的各种姿势，这篇总结的不错，可以收藏一下...

帮助广大研究/分析人员从捕捉到的数据包文件（pcap）中筛选出其中有价值或值得分析的流量数据。

复习半年准备迎接专升本考试了。各位师傅半年后见。

The supply chain is something most people take for granted—until something goes wrong. The pandemic highlighted just how quickly business can grind to a halt if the supply chain is disrupted. Organizations have found that edge computing makes the supply chain run more efficiently, but this move to the edge requires a new approach to..
The post Securing the Edge in the Supply Chain appeared first on Security Boulevard.

Ransomware is no longer just targeting low-hanging fruit, nor can good backups alone protect you. IT organizations need to create a multilayered defense that goes beyond cybersecurity to incorporate modern data management strategies, particularly for unstructured file data. Aside from the pandemic, ransomware has become one of the gravest threats to the global economy.  It..
The post Ransomware Defense: The File Data Factor appeared first on Security Boulevard.

McAfee 最近发现了一种新的 Android 恶意软件 Elibomi 针对印度纳税人展开攻击。该恶意软件伪装成报税应用程序，通过网络钓...

Subnetting — A Networking Concept
Hello Folks, Ayush this side, today I’m gonna tell you about an important concept of networking i.e Subnetting.
Before reading further , you should aware of some basic networking concepts like IP address, CIDR(/24,/16,/8), etc.
So without wasting time, let’s get started :)
https://medium.com/media/975851c6df4832089efab1cced9feb58/href
Now what is subnetting ?
Subnetting is nothing but dividing the network into different parts, suppose you have an network in your shop or company and you want to divide your network in 4 parts , so there we use subnetting.
Before moving into actual part you should know about below given cheatsheet, this will help you to convert ip into binary and binary into ip.If you are aware of IP address then you know an Ip addreess is splitted into 32 bits into 1s and 0s.
128 64 32 16 8 4 2 1 — Cheatsheet
Now let’s take an example suppose you have and IP 192.168.1.12 and it’s binary form is 11000000 10101000 00000001 00001100
How we did this , we did it wit

python logo enhanced by behance
A virtual environment as the name goes works as a virtual machine as well whereby the installed operating system is separate from the actual operating system. During updates and upgrades, it affects just the virtual machine and not the actual system. This concept works the same with a virtual environment whereby an isolated runtime environment helps a user or an application to install and upgrade python packages without messing with other application built with python on the system. Due to how python packages are stored on systems in different location for instance, most system packages are stored in a child directory of the path stored in sys.prefix.
For instance; In the creation of an application, app A may have a particular library with a different version whilst app B also has a different version lets say 2.0. In the cases of using these two applications, one might meet the requirement of a particular module and the other might not which tends to introduce the need for pyth

Hey all,
I’m a beginner in bug bounty hunting. Even though my bachelors was in electronics, I got fascinated with cyber security while reading about computer networks in my bachelors. As my interest grew, I got to know more about network security & web security by reading and practicing them. I was aware of bug bounties by reading articles related to them but at the start, I was not confident enough to find bugs if a target was given to me. I’m not attracted to the bounties which people post on social media and I always firmly believe that constant learning, perseverance and sharing whatever you’ve learnt matters in all walks of life. Imagine if google search was restricted only to the employees of google :P, we wouldn’t be here LOL.
After learning a bit, I thought to give it a try and after few attempts, I got a lot of N/As & duplicates. I was fuming to myself and I decided to enhance my skills properly and get back to it later. After some time, when I started to hunt for bugs again, I picked a site that was

Hey all,
I’m a beginner in bug bounty hunting. Even though my bachelors was in electronics, I got fascinated with cyber security while reading about computer networks in my bachelors. As my interest grew, I got to know more about network security & web security by reading and practicing them. I was aware of bug bounties by reading articles related to them but at the start, I was not confident enough to find bugs if a target was given to me. I’m not attracted to the bounties which people post on social media and I always firmly believe that constant learning, perseverance and sharing whatever you’ve learnt matters in all walks of life. Imagine if google search was restricted only to the employees of google :P, we wouldn’t be here LOL.
After learning a bit, I thought to give it a try and after few attempts, I got a lot of N/As & duplicates. I was fuming to myself and I decided to enhance my skills properly and get back to it later. After some time, when I started to hunt for bugs again, I picked a site that was

It happens all the time: Organizations get hacked because there isn't an obvious way for security researchers to let them know about security vulnerabilities or data leaks. Or maybe it isn't entirely clear who should get the report when remote access to an organization's internal network is being sold in the cybercrime underground.
In a bid to minimize these scenarios, a growing number of major companies are adopting "Security.txt," a proposed new Internet standard that helps organizations describe their vulnerability disclosure practices and preferences.
The post Does Your Organization Have a Security.txt File? appeared first on Security Boulevard.

The General Data Protection Regulation (GDPR) Act is a broad set of data privacy rules that define how an organization must handle and protect the personal data of citizens of the European Union (EU). The Regulation also outlines the way that organizations can report a data breach. Articles 33 and 34 outline the requirements for breach […]… Read More
The post How to Report a Data Breach per GDPR appeared first on The State of Security.
The post How to Report a Data Breach per GDPR appeared first on Security Boulevard.

Data breaches have reached a fever pitch over the last few years. The rapid frequency of successful attacks coupled with the rising costs to businesses has raised attention at the highest levels of global governments. In the past, breaches were relatively “localized,” that is, they affected the targeted company only. However, the newer attacks have disrupted […]… Read More
The post Cybersecurity Maturity Model Certification (CMMC) – A Model for Everyone appeared first on The State of Security.
The post Cybersecurity Maturity Model Certification (CMMC) – A Model for Everyone appeared first on Security Boulevard.

Security researchers discovered an unsecured database exposed online containing the personal information of millions of visitors to Thailand. The popular cybersecurity research Bob Diachenko discovered his personal data online stored on an unprotected Elasticsearch database containing the personal details of more than 106 million visitors to Thailand. The expert discovered the unsecured database on August […]
The post Data of 106 million visitors to Thailand leaked online appeared first on Security Affairs.

一名巴基斯坦男子穆罕默德·法赫德（Muhammad Fahd）被美国判处12年监禁。

Overview In the last blog post in this series, we created a tool to make it easy to build our custom payloads and extract them.  However, what if we want to test them before trying to use them?  It seems like a good idea to make sure it works before you include it in an …
Linux X86 Assembly – How To Test Custom Shellcode Using a C Payload Tester Read More »
The post Linux X86 Assembly – How To Test Custom Shellcode Using a C Payload Tester appeared first on Professionally Evil Insights.
The post Linux X86 Assembly – How To Test Custom Shellcode Using a C Payload Tester appeared first on Security Boulevard.

Amazon Web Services (AWS) has a shared responsibility model that brings new cybersecurity challenges to organizations and professionals learning how to manage cloud security. As your business grows and data increases, the complexity of managing so much information across teams…
The post Detecting AWS Unauthenticated Cross-Account Attacks  appeared first on LogRhythm.
The post Detecting AWS Unauthenticated Cross-Account Attacks  appeared first on Security Boulevard.

中间件连接着网络和系统接触着越来越多的关键数据，渐渐成为单位公共安全中最具有战略性的资产。

Hi everyone,
I recently came across to the entire portfolio of SANS Threat Intelligence Summit presentations which are currently online at YouTube and I've decided to take the time and effort to go through them and offer practical and relevant threat intelligence and OSINT advice and recommendations which I hope will come handy to the presenters including anyone currently working in the field or interested in making an impact as a threat intelligence analyst.
Sample presentations from the Summit include:
- Analyzing Chinese Information Operations with Threat Intelligence - this is a pretty informative presentation that offers practical and relevant Information Operations advice including a pretty decent case study on the topic of a high-profile information leak campaign based in China
- Collections and Elections: How The New York Times built an intel collections program in 2020 - this is a pretty informative presentation that offers an in-depth and relevant advice on building threat intelligence capabilities 

From this.
Currently active free VPN servive domains courtesy of the NSA known to have been participating in the campaign:
bluewebx.com
bluewebx.us
irs1.ga
iranianvpn.net
IRSV.ME
DNSSPEEDY.TK
ironvpn.tk
ironvpn.pw
irgomake.win
make-account.us
make-account.ir
IRANTUNEL.COM
JET-VPN.COM
newhost.ir
homeunix.net
vpnmakers.com
hidethisip.info
uk.myfastport.com
witopia.net
worldserver.in
music30ty.net
misconfused.org
privatetunnel.com
aseman-sky.in
Related domains known to have been involved in the campaign:
gaysexvideo.us
keezmovies.us
hitporntube.com
enjoyfreesex.com
allfreesextube.com
thegaytubes.com
sextubeshop.com
pornfetishexxx.com
ebonypornox.com
freepornpig.com
marriagesextube.com
searchporntubes.com
suckporntube.com
darlingmatures.com
pornretrotube.com
teensexfusion.net
rough18.us
teendorf.us
1retrotube.com
typeteam.com
biosextube.com
hadcoreporntube.com
reporntube.com
telltake.com
asianprivatetube.com
hostednude.com
alfaporn.com
sexbring.com
porntubem.com
newerotictube.com
firstretrotube.com
oralsexlove.co

Dear blog readers,
This is Dancho. It's been a while since I've last posted a high-quality update and I've decided to post and elaborate on some of my current and upcoming security and hacking projects with the idea to touch base with the loyal audience that's been following my research since December, 2005 when I originally this blog and actually feature a personal and never-published before sample photo of the "office" also known as the "lab" circa 2006 when I originally launched this blog while working for - https://astalavista.com.
In this post I'll elaborate more on some of my current and upcoming projects including the recent re-launch of the original https://astalavista.box.sk which is the original search engine for hackers and security experts circa 1994 under my management including the re-launch of my personal online E-Shop for Intelligence Deliverables and elaborate more on some of the cool stuff that we're doing at one of my current employers which is WhoisXML API including to discuss in-depth my 

The pandemic has changed a lot of things, but one of its largest legacies will be its impact on the...
The post Top Cybersecurity Playbooks for the “Anywhere Operations” Era appeared first on Siemplify.
The post Top Cybersecurity Playbooks for the “Anywhere Operations” Era appeared first on Security Boulevard.

Identity systems—particularly Active Directory, which is the primary identity store for most businesses—are constantly under attack by cybercriminals because they are the gateway to an organization’s critical information systems, including valuable customer data. Here we’ll explore a little-known Discretionary Access Control List (DACL) tactic that attackers can use to hide infiltration into the DnsAdmins group ...
The post How Attackers Can Use Primary Group Membership to Infiltrate Active Directory appeared first on Semperis.
The post How Attackers Can Use Primary Group Membership to Infiltrate Active Directory appeared first on Security Boulevard.

When considering why hackers are attacking websites, you might think that there’s a specific reason they target you as a website owner—your business, your reputation, or your information. The truth is, while it feels personal to the victim, hackers rarely single out specific targets. Most of the time, hackers perform mass searches for specific vulnerabilities, and target these sites collectively.
Before we look at the psychology behind website hacks, we should first break our hackers out into groups based on their motivations.
Continue reading 5 Types of Hackers & Why They Hack at Sucuri Blog.
The post 5 Types of Hackers & Why They Hack appeared first on Security Boulevard.

Las organizaciones están haciendo el mejor uso de la analítica, las pruebas A / B y cosas más sorprendentes para trazar el recorrido perfecto del cliente. Aquí viene la pieza que falta para construir un viaje de usuario ideal: Internet …
The post Internet de los comportamientos: más allá del Internet de las cosas appeared first on ManageEngine Blog.
The post Internet de los comportamientos: más allá del Internet de las cosas appeared first on Security Boulevard.

安全运营就是调动一切的积极因素，把网络安全平台，设备，队伍，流程等统筹起来。

Building an effective application security program for your organization begins with establishing policies and processes.
The post How to cyber security: Butter knives and light sabers appeared first on Software Integrity Blog.
The post How to cyber security: Butter knives and light sabers appeared first on Security Boulevard.

Any modern device management solution should include remote software and OS update management capabilities to improve organizational security.
The post Remote Software & OS Update Management as Part of Modern Device Management appeared first on JumpCloud.
The post Remote Software & OS Update Management as Part of Modern Device Management appeared first on Security Boulevard.

Nos últimos anos, o teletrabalho, ou trabalho remoto, ganhou força significativa em uma ampla variedade de setores. De acordo com uma pesquisa recente conduzida pelo OWL Labs, 48 por cento dos funcionários trabalhavam em casa pelo menos uma vez por …
The post Acesso seguro a recursos críticos de negócios para sua força de trabalho remota appeared first on ManageEngine Blog.
The post Acesso seguro a recursos críticos de negócios para sua força de trabalho remota appeared first on Security Boulevard.

Our thanks to DEFCON for publishing their tremendous DEFCON Conference Cloud Village videos on the groups' YouTube channel.
Permalink
The post DEF CON 29 Cloud Village – Mazin Ahmed’s ‘Attack Vectors On Terraform Environments’ appeared first on Security Boulevard.

With server-side request forgery (SSRF) becoming a more important bug class in the era of microservices, I wanted to show why interactive application security testing (IAST) is the only tool for detecting SSRF accurately and why IAST results are more actionable.
The post IAST Is the Only Way to Accurately Detect SSRF appeared first on Security Boulevard.

影响厂商:GitHub Security Lab(https://hackerone.com/github-security-lab) 
Ihsinme: 为 CWE-758添加对未定义、未指定或实现定义行为的依赖的查询

影响厂商:GitHub Security Lab(https://hackerone.com/github-security-lab) 
新的实验查询: 基于剪贴板的 XSS