Cybersecurity information flow

vulnerabilities, CPE dictionary etc.distributed by National Vulnerability Database (NVD) implemented by rust

Clash Nyanpasu! (∠・ω< )⌒☆

ESET安全社区专家Jake Moore为探索人工智能语音克隆欺诈进行了模拟攻击试验，揭示了人工智能技术可能带来的破坏性影响。

Category: Ransomware Content: Group claims to have downloaded 50 GB of organization data. Source: tor Source Link: http://mblogci3rudehaagbryjznltdp33ojwzkq6hn2pckvjq33rycmzczpid.onion/blog/040c040c85339ebb4b2a8f8d865b4d2c5c83121b48c8dfde5436a78b113919fa/ Threat Actor: MONTI Victimology Country : USA Industry : Real Estate Organization : tryax realty management, inc.

Category: DDoS Attack Content: Proof of downtime: https://check-host.net/check-report/13b91306kba5 Source: telegram Source Link: https://t.me/layer4legion/50 Threat Actor: Layer Legion Victimology Country : Ukraine Industry : Electrical & Electronic Manufacturing Organization : ukr mil tech

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security a…

Synapse: Matrix homeserver written in Python/Twisted.

Category: Data Breach Content: Group claims to have unauthorized access to the database of CGW abrasives. Source: telegram Source Link: https://t.me/CyberToufan/104 Threat Actor: Cyber Toufan Operations Victimology Country : USA Industry : Manufacturing Organization : cgw abrasives

Category: Defacement Content: Hacktivist of Garuda claims to have defaced the website of Dinas Ketenagakerjaan Transmigrasi dan Energi Provinsi DKI Jakarta Source: telegram Source Link: https://t.me/HacktivistOfGarudaOfficial/1205 Threat Actor: Hacktivist of Garuda Victimology Country : Indonesia Industry : Government Administration Organization : dinas tenaga kerja, transmigrasi dan energi provinsi dki jakarta

Want to Learn Real Hacking? If so, you are in the right place. The Reason why i have written this article is Because a lot of people randomly approach me and i have to spend at least 10 minutes on every person trying to explain them how to learn hacking and giving the some good resources to learn from.
If you are serious about learning Ethical Hacking or perhaps making a career in cybersecurity as a hacker/penetration tester, I highly recommend you to read this article carefully. This article is about my personal path. The things i have learnt and the resources that helped me gain the knowledge I have today.
So let’s get started. assume you are a beginner and a “script kiddie” (if you don’t know what this word is, Google it!!). Firstly stay curious and clear your basics about computers, computer hardware, how OS works, basic networking and get yourself familiar with using Linux commands.
[STEP 1]
Watch and finish this playlist by Hackersploit. It is one of the best YouTube playlist to learn hacking from scrat

This open-source security tool, often hailed as a swiss army knife for pen testers, is designed to find vulnerabilities in web…
Continue reading on InfoSec Write-ups »

Nikto is designed to detect over 6,700 potentially dangerous files/CGIs, checks for outdated versions of over 1,250 servers, and…
Continue reading on InfoSec Write-ups »

56.4% of developers report encountering security issues with AI-generated code — 80% admit to bypassing AI security policies — 87% Are…
Continue reading on InfoSec Write-ups »

This challenge is a classic representation of using MD5 hashes in a real-life cybersecurity scenario, demonstrating their application and…
Continue reading on InfoSec Write-ups »

If you’ve ever wished for a guided tour through the menacing and murky world of cyber threats, you’ve clicked on the right article.
Continue reading on InfoSec Write-ups »

Welcome to this comprehensive guide where we will unpack the risks associated with XSS (Cross-Site Scripting) vulnerabilities and…
Continue reading on InfoSec Write-ups »

VulnHub — FristiLeaks 1.3 Writeup — by dollarboysushil
Vulnhub FristiLeaks https://www.vulnhub.com/entry/fristileaks-13,133/
A small VM made for a Dutch informal hacker meetup called Fristileaks. Meant to be broken in a few hours without requiring debuggers, reverse engineering, etc..
After download the vm from vulnhub. Make sure the network is set to NAT and set MAC address as 08:00:27:A5:A6:76
Lets start
You should get the IP address of the machine, 192.168.21.140 in my case
Nmap Scanning
nmap -sC -sV {victim ip}
-sC for default scripts and -sV for version enumeration.
nmap scan result shows there is only one service running , that is http on port 80
lets run gobuster to do some directory bruteforcing
using go buster reveals two directories /images and /beer
/images contains image directory and /beer contains a image.
well this directory are not much of use. Looking at the theme of the lab and the website i tried manually entering /fristileaks , /fristi and other directory. Among which /fristi worked
We hav

Hi all, this write-up is about a vulnerability founded by collaborating with my friend Hasanka AKA WrathfulDiety.
Continue reading on InfoSec Write-ups »

Download
Here’s a summary of the key points of Download HTB machine:
Difficulty Level: HARD
Vulnerabilities and Techniques:
LFR (Local File Read): The presence of a Local File Read vulnerability suggests that an attacker can read files on the system, potentially accessing sensitive information.
ORM Injection: In an ORM injection attack, the attacker manipulates data inputs to deceive the ORM system and execute unintended database operations. This type of attack is similar in concept to SQL injection but targets the abstraction layer provided by the ORM.
TTY (Teletypewriter) hijacking: This is a technique where an attacker simulates the typing of characters into the terminal, essentially pushing back input as if it were entered by the user.
Let’s add download.htb to our hosts file:
hosts
Enumeration
nmap -sCV -p- — min-rate 10000 10.10.11.226
nmap
Two ports are open:80,22. let’s open port 80:
we can upload a file through upload module.
upload file
Let’s perform directory fuzzing using Gobuster to discover any 

Mass Google Dorking Techniques
Many things have changed over the years, and the Google search engine is not the same anymore. It does not show many query results as previously, and it’s becoming harder and harder to use many working google search techniques. Having that in mind, there are still some good bounties being made everyday by the help of famous search engine. It is possible to find some pretty severe information disclosure vulnerabilities or get some leads about some juicy endpoints. On this article, I will cover some unusual ways that could help you find some high or critical severity vulnerabilities that not many people know about. I will show how it is possible to utilize some mass google dorking with the help of Google products themselves.
Technique #1: Firefox Plugins to Build URL Wordlist
As previously discussed in the Mass Cross Site Scripting article, I prefer to collect URL endpoints before testing for XSS and other vulnerabilities. I outlined two methods for accomplishing this: host crawli

The tracking cookie in this Application is vulnerable to SQL injection. The results of the SQL query are not returned, and the application does not respond any differently based on whether the query returns any rows or causes an error, it is possible to trigger conditional time delays to infer information. The database contains a different table called users, with columns called username and password. Find out the password of the administrator user | Karthikeyan Nagaraj
Description
This lab contains a blind SQL injection vulnerability. The application uses a tracking cookie for analytics, and performs a SQL query containing the value of the submitted cookie.
The results of the SQL query are not returned, and the application does not respond any differently based on whether the query returns any rows or causes an error. However, since the query is executed synchronously, it is possible to trigger conditional time delays to infer information.
The database contains a different table called users, with columns ca

The tracking cookie in this Application is vulnerable to SQL injection. The results of the SQL query are not returned, and the application does not respond any differently based on whether the query returns any rows or causes an error. Since the query is executed synchronously, it is possible to trigger conditional time delays to infer information. To solve the lab, exploit the SQL injection vulnerability to cause a 10-second delay | Karthikeyan Nagaraj
Description
This lab contains a blind SQL injection vulnerability. The application uses a tracking cookie for analytics, and performs a SQL query containing the value of the submitted cookie.
The results of the SQL query are not returned, and the application does not respond any differently based on whether the query returns any rows or causes an error. However, since the query is executed synchronously, it is possible to trigger conditional time delays to infer information.
To solve the lab, exploit the SQL injection vulnerability to cause a 10-second delay.

Part 03 | What To Do After Choosing a Target? | Post Recon | Bug Bounty
Hello Everyone, Welcome to the 3rd Part of the series
In the last series we discussed about :
Google Dorking
Analyzing Js files
Content discovery
And with that we were done with Recon. So now the question comes up,
What to do after Recon ?
So, Let’s Start !
Setting Up a Proxy
So before beginning to scan the target manually we will need to setup a proxy, A proxy server acts as a gateway between you and the internet.
We have several apps that can help us do that like -:
Burp Suite
Owasp Zap
Today we are going to use BurpSuite, you can download the community edition which is free for everyone from the portswigger website
You will see something like this, You can setup the proxy with your external browser using these instructions:
Configuring Burp to work with an external browser
Now Let’s Begin the Manual Hunting!
Getting To Know The Application
The first thing I do after recon is just open the website and start using it like a normal user, 

How I Created an Advanced Web Code Analyzer Using ChatGPT
Hey everyone, I’m super excited to share something I’ve been working on for all of you. It’s an advanced web source code analyzer, but not just any analyzer. I’ve designed it specifically for folks like us — security researchers, bug bounty hunters, and really, anyone who dives into source code.
I know, I know — there are tons of tools out there, but here’s the thing. I was motivated to make something that uses the power of AI, especially ChatGPT, in a cool, practical way.
I’ve always been a fan of ChatGPT for speeding up various tasks. This realization led me to develop an analyzer that not only simplifies the initial stages of source code examination but also provides insightful starting points based on its findings. So, I said why not create something that does just that for all of us?
I got to work. The result? An analyzer that doesn’t just do the heavy lifting for us but also gives us a solid starting point to understand what’s going on in any pie

In this blog, we explore top-tier reconnaissance tools that empower bug bounty hunters. From Shodan’s IoT device insights to Waymore’s web application vulnerability identification, each tool in this arsenal plays a vital role in securing the digital landscape. Join us on a journey through cyber reconnaissance, where these tools are the keys to unveiling the secrets of secure systems.
Read Complete Article: https://securitycipher.com/2023/11/21/top-recon-tools-for-bug-bounty-hunters/
Top Recon Tools for Bug Bounty Hunters
OSINT Framework
https://osintframework.com/
OSINT Framework is a collection of open-source tools and resources for open-source intelligence gathering. It is a centralized platform that consolidates various tools, websites, and data sources that help bug bounty hunters collect information about their target. This information can include email addresses, domains, subdomains, IP addresses, and more.
Shodan
https://www.shodan.io/
Shodan is often referred to as the “search engine for the Internet 

Why authorization flaws are trendy and easier to discover
The latest OWASP Top 10 project was published two years ago. We saw broken access control (BAC) at the top, which was fifth in the previous list. Whenever we open social media, we observe people regularly receiving bounties for bugs like IDOR, Privilege Escalation, CSRF, etc. Here we will see the evolution of broken access control, exploring why it is prevalent and easier to discover. Finally, we will discuss how various professionals should address these issues. I wrote this article after researching broken access control for a long time. Hope you can take full advantage of my experience! Read till the end with patience.
Evolution
Evolution of Broken Access Control (OWASP Top 10 2013–2021)
The table above illustrates the evolution of broken access control over the years. The latest OWASP Top 10 merged 34 Common Weakness Enumerations (CWEs) into the broken access control category due to their similarity, elevating it to the top position. I assume the a

The post Talkin’ About Infosec News – 12/06/2023 appeared first on Black Hills Information Security.

Category: Ransomware Content: Group claims to have publish the organizations data within 13-14 days. Sample screenshots are provided in their darkweb portal. Source: tor Source Link: http://medusaxko7jxtrojdkxo66j7ck4q5tgktf7uqsqyfry4ebnxlcbkccyd.onion/detail?id=4399c4de0c687b068db7d859807cbef0 Threat Actor: MEDUSA Victimology Country : USA Industry : Education Organization : campbell county school district

Category: Defacement Content: Group claims to have defaced the website of EDainik-Azadi Source: telegram Source Link: https://t.me/systemadminbd/1038 Threat Actor: Systemadminbd Victimology Country : Bangladesh Industry : Newspapers & Journalism Organization : edainik-azadi

Category: DDoS Attack Content: Proof of downtime: https://check-host.net/check-report/13b7f69dk69d Source: telegram Source Link: https://t.me/testibbxstress/593 Threat Actor: Power Proof Victimology Country : Indonesia Industry : Network & Telecommunications Organization : dewabiz