Hacking8 安全信息流Cybersecurity information flow
干净的信息流推送工具,偏向安全圈的点点滴滴,为安全研究人员每日发现优质内容.
推荐
| 时间 | 节点 | |
|---|---|---|
| 2023年3月31日 13:01 | freebuf |
随着信息技术和汽车技术的发展,车辆网络(Vehicle Network)作为一种新型的交通信息系统,逐渐发展起来。
👀
2
👍
1
👎
1
|
| 2023年3月31日 03:34 | Trustwave Blog |
Tax season is a busy time of year for taxpayers and threat actors. Consumers and businesses focus on filing their taxes and getting excited over possible refunds, while cybercriminals roll out both their tried-and-true tax scams along with implementing new efforts.
👀
2
|
| 2023年3月30日 10:11 | 腾讯玄武实验室推送 |
Gold Digger 是一种工具,可扫描文件夹和文件以查找 gold.json 文件中的内容匹配项,并生成包含扫描结果的日志文件。该工具已被证明可以在处理数千个文件时提高工作效率
👍
1
|
| 2023年3月27日 19:51 | 腾讯玄武实验室推送 |
泄漏后Twitter迅速向在线协作平台GitHub发送侵犯版权通知,要求其删除泄露的代码。 GitHub删除了泄漏的代码。本次泄漏的来源不排除是前雇员
😄
2
|
| 2023年3月22日 14:31 | Sploitus Exploit | |
| 2023年3月22日 11:51 | Github关注 | |
| 2023年3月22日 09:37 | malware.news |
The creator of a Remote Access Trojan (RAT), responsible for compromising more than 10,000 computers, has been arrested by law enforcement in Ukraine. At the time of the arrest, the developer still had real-time access to 600 PCs. According to the announcement, the RAT could tell infected devices to: Download and upload files Install and uninstall programs Take screenshots Capture sound from microphones Capture video from cameras Once data was harvested by the RAT, some of it was put to further use: Account theft and withdrawal of electronic funds contained in compromised balances are both mentioned in the police release. Unfortunately, the release makes no mention as to how the file was distributed other than as “applications for computer games”. Bleeping Computer suggests that the campaign resembles malware distribution involving bogus YouTube videos promoting game cheats and modifications. With this in mind, what can you do to try and avoid rogue files such as these? Steering clear of bogus applications Be
🎉
1
|
| 2023年3月22日 00:32 | Github关注 |
GPT长文本批处理工具,Batch Processing tools for GPT
👍
1
|
| 2023年3月21日 11:31 | 先知社区 |
👍
1
|
| 2023年3月19日 21:01 | Github_POC |
[GitHub]Discord bot which monitors for and deletes images vulnerable to the Acropalypse exploit (CVE-2023-21036)
👍
2
|
| 2023年3月16日 23:01 | Packet Storm | |
| 2023年3月16日 23:01 | Packet Storm | |
| 2023年3月15日 16:02 | Github关注 |
A client implementation for ChatGPT and Bing AI. Available as a Node.js module, REST API server, and CLI app.
👀
1
|
| 2023年3月15日 16:02 | Github关注 |
😍FeHelper--Web前端助手(Awesome!Chrome & Firefox & MS-Edge Extension, All in one Toolbox!)
👀
1
|
| 2023年3月15日 10:42 | Github关注 |
新一代root,挑战全网root检测手段,跟面具完全不同思路,摆脱面具被检测的弱点,完美隐藏root功能,全程不需要暂停SELinux,实现真正的SELinux 0%触碰,通用性强,通杀所有内核,不需要内核源码,直接patch内核,兼容安卓APP直接JNI调用,稳定、流畅、不闪退。
👍
1
👎
1
|
| 2023年3月13日 13:12 | Stories by SAFARAS K A on Medi |
Hello and welcome to the IOT protocols video series. Photo by Markus Spiske on Unsplash With this video series, we will get to know the protocols used in the internet of things, IOT pentest, scada pentest. These protocols are: MQTT CoAP AMQP WebSocket Canbus Modbus Profibus DNP3 BACNet XMPP UPnP UART SPI I2C 1-wire https://medium.com/media/f5b8e44176f6be425cfac65cb39e484c/href MQTT MQTT is used in the automotive, logistics, manufacturing, smart home and transportation industries. The OASIS standard version of MQTT v3.1 is MQTTV311, ISO/IEC 20922. They are designed for IOT devices communicating with limited bandwidth. It is a transfer protocol that provides sequential, lossless, bidirectional communication over TCP. It can also work over Websockets. By default, it communicates with TLS over port 1883 over port 8883. It was first used to monitor SCADA control systems. MQTT-SN (MQTT for Sensor Networks) is a variant of the mainstream protocol targeting battery-powered embedded devices on non-TCP/IP networks such
❤
1
👎
1
|
| 2023年3月13日 05:36 | Sploitus Exploit | |
| 2023年3月9日 08:11 | freebuf |
最近在学习研究RedTeam方面的相关知识,第一步是做一个安全的C2设施。
👍
1
|
| 2023年3月8日 15:11 | Github关注 |
基于 ChatGPT API 的划词翻译 Chrome 插件
👍
1
|
| 2023年3月5日 15:44 | Data Breach – Security Affairs |
The Play ransomware gang has finally begun to leak the data stolen from the City of Oakland in a recent attack. The Play ransomware gang has begun to leak data they have stolen from the City of Oakland (California) in a recent cyberattack. Oakland is the largest city in the East Bay region of the […] The post Play Ransomware gang has begun to leak data stolen from City of Oakland appeared first on Security Affairs.
👍
1
|
| 2023年3月5日 14:31 | Sploitus Exploit | |
| 2023年3月5日 10:31 | god_Zeo的博客 |
YApi是一个可本地部署的、打通前后端及QA的、可视化的接口管理平台。YApi 是高效易用功能强大的 api 管理平台,旨在为开发、产品、测试人员提供更优雅的接口管理服务。可以帮助开发者轻松创建、发布、维护 API,YApi 还为用户提供了优秀的交互体验,开发人员只需利用平台提供的接口数据写入工具以及简单的点击操作就可以实现接口的管理。在其1.12.0版本之前,存在一处NoSQL注入漏洞,通过该漏洞攻击者可以窃取项目Token,并利用这个Token执行任意Mock脚本,获取服务器权限。
👍
1
|
| 2023年3月4日 00:11 | malware.news |
Article Link: Malware-Traffic-Analysis.net - 2023-02-27 - Pcap for an ISC diary (BB17 Qakbot) 1 post - 1 participant Read full topic
👍
1
|
| 2023年2月28日 21:49 | 最新CVE |
IBM MQ for HPE NonStop 8.1.0 is vulnerable to a denial of service attack due to an error within the CCDT and channel synchronization logic. IBM X-Force ID: 235727.
👎
1
|
| 2023年2月28日 10:31 | Sploitus Exploit | |
| 2023年2月24日 22:00 | Github关注 |
Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE)
👍
1
|
| 2023年2月24日 14:31 | Github关注 |
✨ Finder Toolbar app for macOS to open the current directory in Terminal, iTerm, Hyper or Alacritty.
👍
2
|
| 2023年2月20日 13:11 | freebuf |
通过对栈溢出的原理分析到动态实现展示一个漏洞产生到利用的全过程,更深入的体会漏洞的魅力。
👍
1
|
| 2023年2月17日 00:01 | Packet Storm |
Atrocore version 1.5.25 suffers from a remote shell upload vulnerability.
👍
2
|
| 2023年2月16日 14:31 | freebuf |
预估有 380 万辆现代汽车和 450 万辆起亚汽车收到影响。
👍
1
|