Is it me or does AutoRepeater no longer work in @Burp_Suite Professional (v2021.3.1)?

When choosing a tool for a hacking task do you ever take in account who coded it and his/her his ability to deal with the subject?

Swag alert! We've added a new a "pwnlo shirt" to our swag store. Want one? Climb up our leaderboard to earn swag vouchers, or participate in our conte...

Re

#geekpwn# #黑客# #极客# 位列世界三大黑客赛事的GeekPwn，原来是这样的是真的！GeekPwn 2021 选手报名今天开启！  GeekPwn的微博视频

如何识别糖衣炮弹？高级对抗技术教你通杀恶意程序如何识别糖衣炮弹？高级对抗技术教你通杀恶意程序本系列课程名为《恶意程序分析与高级对抗技术》，重点给大家介绍各种类型恶意程序的基本分析方法以及针对于某一批类似样本的高级对抗技术，利用高级查杀技术，从而实现对恶意程序的通杀。 为了使大家能够循序渐进地理解相应的 ...全文

iOS 14.5更新应用追踪透明度规则，违规应用将下架iOS 14.5更新应用追踪透明度规则，违规应用将下架今年2月份，苹果发布了新的 App Store 指南更新并增加了一条与 iOS 14.5 中的 App 追踪透明度要求有关的新规则，即开发者在追踪用户活动前必须征得明确许可。近日据《福布斯》报道，从iOS 14.5开始，苹果将下架不符合应用追踪 ...全文

小豚AI摄像头的完整分析小豚AI摄像头的完整分析本文为看雪论坛精华文章看雪论坛作者ID：胡一米一、简介本篇中，我们打算分享一下小豚AI摄像头，这也是我们在2020年某AIoT安全峰会上的分享内容。我们在去年某日收到了一批赞助，赞助内容为华为IoT终端奖励计划列表里面的大部分设备，如下图：

测试下新功能 这个功能在dork分享页面  网页链接 另外演示的这个dlink漏洞是去年我们捡到并报告的一个漏洞 目前那个泄露密码的还比较多[尴尬]

RT nixCraft: Anatomy of a typical Linux, macOS, and Unix command

作为网络空间测绘领域的代表 ZoomEye入选高校教材[调皮]  网页链接 果断入手一本

Re @maar10dv Whooohoo! Congratulations!

#geekpwn##网络安全# 没错，GewkPwn 2021报名开启啦！爆发你的能量，突破安全边界，展开无尽想象，实现无限可能。来跟PWN君一起走花路吧！一起超越无穷！ 是真的！GeekPwn 2021 选手报名今天开启！

And the winner is @lennaert89! Thank you all!

RT BlackRoomSec: Please let's make this a thing, tractor hackers.

#白帽汇的精分日常# 这群人，居然英文比我还烂…… Goby诚征海龟高材生

RT Youssef Sammouda: I had a crazy week in February in which i was able to find 3 interesting account takeovers in Facebook and resulted a total of $1...

A payload that works, surprisingly. Used to bypass filter. By @SSkylinearafat  <iframe/onload=aaajavascipt:alert(1)>

后死诸君多努力，捷报飞来当纸钱。//@Easy: //@巍峰: //@白城以北://@英勇善战李广利: //@卢诗翰 :冷知识：杨正是当时的中国驻美大使，所以，那句话的情绪可能比许多人想的还要深呀

网页链接 看起来P0的人很纠结！GG 自从默默去掉“不作恶”的slogan后，开始了“不作为”的slogan ？[呲牙]

RT Jin Wook Kim: [VMware] vRealize Operations Manager API SSRF (CVE-2021-21975) #1. Check vulnerability CVE-2021-21975 POST /casa/nodes/thumbprints HT...

RT Jafar Abo Nada: HackerOne Jira integration plugin Leaked JWT to unauthorized Jira users.  Bounty: $3,000  #hackerone #bugbounty

你悟了吗？

最近梅雨季，南方的朋友不常用的设备要经常加电用用，经常备份数据。昨天不常用的老MBP就莫名其妙打不开，拿去直营店说要5k+整体换主板，不保证恢复原数据。后来找了徐家汇的一家维修店，老板说是受潮之后电路烧坏了，梅雨季节这种情况非常多，重新焊了几个线路居然抢救了回来，不然就彻底变砖。还好 ...全文

Re @Zero_ChaosX @blackroomsec We noticed @thedarktangent adding some related hacking videos from DEF CON and CCC to the Farm Hacking section on the fo...

Re @raasa_cokelat Tumben pinter 😂

最近网上有个信息，大致意思是在最近的反对攻击亚裔的斗争中，美国华人还没组织就先乱了。于是有人往“精致利己”，往“劣根性”上联系。这个其实不一定是文化因素。去年有个调查：82% 的美国人如果不借钱的话，连 500 美元的紧急开支都拿不出来。在华人里肯定不是这个比例。当年搞革命的时候就 ...全文

Re @PythonResponder To the best of my knowledge no one in vx-underground uses this tool. However, to support people and things, we have donated $20. I...

We've extended our Windows Process Injection papers Process Injection Techniques - @ozanunll Process Injection Techniques used by Malware - @Angelysto...

Re @TebbaaX For a native speaker, yes. For Google Translate, no.

KICS - Find Security Vulnerabilities, Compliance Issues, And Infrastructure Misconfigurations Early In The Deve...

Re @Random_Robbie Damn I love that monitor .

RT DEFCON Group 5511: Bora conversar? Quarta 07/04 20h tem #MeetupDCG5511 com o @jb4ckstr33t, onde ele irá cantar sucessos como I Want It That W... n...

Re @pushrsp You'd almost assume it was April fools.

Re @wdormann Thx, I'll try and remember to fix it up when I get a chance.

RT Myria: I released my project to dump the PlayStation 2 "Dragon"-series Mechacon chips' firmware and secret keys! This should be interesting to hack...

SharpDPAPI -  A C# Port Of Some Mimikatz DPAPI Functionality

'underground', or the connotation of it, has no direct translation to Arabic. Hence, when vx-underground spoke with people from the Middle East it was...

Re @SecuritySense Good suggestion :)

Re @awakecoding @ProjectZeroBugs I agree that it's better than not doing it, but only if the attacker doesn't know that you are doing it. I guess it a...

Re @awakecoding @ProjectZeroBugs Unclear TBH, the magic of Hyper-V isolation (also used in Windows Sandbox and Application Guard) is that it's a speci...

Re @awakecoding @ProjectZeroBugs Well if you find a Hyper-V escape, that's a security issue MS will fix. If you only find a process isolation issue MS...

Re @awakecoding @ProjectZeroBugs Yes to escape a HV isolated container, you'd either find a direct HV escape or maybe need a container escape first to...

Re @halvarflake Well Windows Schannel can also use certs as authentication credentials from AD, and let's not forget PKU2U which _is_ basically Kerber...

Re @awakecoding @ProjectZeroBugs I didn't think I was trying to imply not to use Hyper-V isolation as well, just don't use containers in process isola...

New Video 0x01! ✨ Dangerous Functions | Binary Exploitation 0x01 🔗

[STREAM] C# for n00bs | Going live now

Re @G0053me Happy to hear that, congratulations!

Who Contains the Containers?

Re @renniepak don't you want our swag? 🥲