Step by step, @FortyNorthSec takes you through the attacker lifecycle and captures best practices that you can follow to protect your foothold within ...

Re @uuallan Thank you =D

Re @rj_chap Thank you for the very kind words:)

We've created (and are actively updating) a massive malware database. This malware database is crowdfunded. If you'd like information on our malware d...

CVE-2021-41609 SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of

CVE-2021-41608 A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of

CVE-2022-22294 A SQL injection vulnerability exists in ZFAKA<=1.43 which an attacker can use to complete SQL injection in the foreground and add a bac...

CVE-2021-45899 SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote code execution.

CVE-2021-45898 SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows local file inclusion.

CVE-2021-45897 SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows remote code execution.

CVE-2021-34073 A Cross Site Scripting (XSS) vulnerabilty exists in Sourcecodester Gadget Works Online Ordering System in PHP/MySQLi 1.0 via the Catego...

CVE-2022-23863 Zoho ManageEngine Desktop Central before 10.1.2137.10 allows an authenticated user to change any user's login password.

CVE-2022-23098 An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data i...

CVE-2022-23097 An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bou...

CVE-2022-23096 An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of...

CVE-2020-25905 An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via the email parameter in (1) login.php or ...

CVE-2021-44249 Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection attack within the login portal. This can l...

CVE-2021-45435 An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System using PHP/OOP 1.0 via the username field ...

Re @hacksplained @intigriti I didn't!

Re @WonderU360 Yeah, you are right 😅 We know that feeling!  We'll do more of those!

Re @WonderU360 It was recorded :) Just hit the play button 😇

Re @GrumpinouT @pudsec Ohh sorry, people who speak are using their phone 😅

Re @LeonVQZ_ Thanks a lot for sharing! #SharingIsCaring

Re @0xConda We can tell that it's warm 🔥

Re @pudsec Everyone is just using their phone 👀

Re @renniepak @hacksplained Glad you did not!

Re @BeeFaauBee09 We'll definitely have them more often ❤️

If you missed today's @intigriti space, we got you covered!  Listen to the recording at any time 😇

Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.

RT Devansh (⚡, 🥷): A list of interesting payloads, tips and tricks for bug bounty hunters.   #bugbounty #hacking #cybersecurity

RT Raihan: Cloudflare #XSS WAF Bypass @nav1n0x Payload: "%2Bself[%2F*foo*%2F'alert'%2F*bar*%2F](self[%2F*foo*%2F'document'%2F*bar*%2F]['domain'])%2F...

#FF @FindingUrPasswd

RT Alvaro Muñoz: Just merged @mwulftange new gadget into #YSoSerialNet. Make sure to read his great blog post 👇🏼

I'm sure Notepad++ plugins have been abused before.  This is nothing special, but kinda fun.

RT Joe Helle, Mayor of Hacktown, First of His Name: You asked and I answered. Check out my first Python3 tutorial where we go over the process and pro...

RT Christophe: 📢 Today, I'm thrilled to announce "Stratus Red Team", an open-source adversary emulation tool for the cloud! Comes with a catalog of...

Re @Tesmanian_com Excited for future of solar at Tesla!

Re @stevenmarkryan Tesla will support FSD licensing by other manufacturers

Disney in the streets, Euphoria in the sheets

Re @archillect I have one

这么说吧，2017年我也一样但是我不懂事，你赶紧珍惜

We've updated the vx-underground collection with more APT papers, samples, and regular malware samples. Included in this update is Deadbolt Ransomware...

Re @arr0way This video shows details of setting up the Live tasks, if you include the Intruder tool, the results will be picked up by the task: I hope...

Re @arr0way Would a new Live Passive Crawl task to inspect items processed by the Intruder help in your scenario? If not can you email support@portswi...

ROP Chaining: Return Oriented Programming (study notes)

FunctionStomping: new shellcode injection technique

US Bans Telecom Giant China Unicom Over Spying Concerns

转发微博

回复@Cyber幻影:若见诸相非相，即见如来//@Cyber幻影:看教主的微博才会觉得这个社会及没有那么好，也没有那么糟。//@tombkeeper:Done. 查看图片

FACT - A Tool To Collect, Process And Visualise Forensic Data ...