美国司法部再出手，取缔黑市SlilPP美国司法部再出手，取缔黑市SlilPP近日，美国司法部联合德国、荷兰及罗马尼亚的执法机构，扣押了专门于暗网中出售被窃凭证的黑市SlilPP的域名名称与服务器。美国联邦调查局（FBI）与其它国家的执法机关合作，找出托管SlilPP市场的服务器及域名名称，再经由美国及国际的法律程 ...全文

记一次网关设备的pwn记一次网关设备的pwn本文为看雪论坛精华文章看雪论坛作者ID：零加一一、前言在这次出差时，对甲方办公网备进行了渗透测试。 期间搞断网了好几次，最后在领导的要求下就没在用真实设备来做测试了。所以此次pwn测试使用了qemu进行模拟. 由于真实设备没路子搞到，也不知道 ...全文

发布了头条文章：《社工与加密的完美组合，造就了FBI史上浩大的“钓鱼”工程》  社工与加密的完美组合，造就了FBI史上浩大的“钓鱼”工程

Nebula - Cloud C2 Framework, Which At The Moment Offers Reconnaissance, Enumeration, Exploitation, Post Exploit...

TChopper - Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine

社工

RT this person does not exist:  Re @defcon @thedarktangent We get signal. Main screen turn on!

RT Zwesty: Was thinking about #DEFCON earlier today, and I'm both super excited to go but also semi-anxious since I'm going solo and don't really know...

#defcon29 in-person update from @thedarktangent: In-person DC29 is a GO. Attendance numbers have been cautiously predicted, badge orders are in, confe...

Re @Grifter801 @2600 @SAINTCON @the_adept @grifter801 has apparently located the swimming pool from the movie ‘Cocoon’ and has kept it from all of u...

RT DCG 201 👩‍🔬 Folding@home Team: 241960: Hey everyone! Our staff at #DCG201 have had to do adulting and self care stuff for the past couple of...

Re @alicanact60 No mercy Ali 😀🥲

Use vim and strings to search for sensitive data in .swap files! Thank you very much @D0rkerDevil for the #BugBountyTip!  #BugBountyTips

100个设计中，废土、赛伯朋克和未来/外星场景占据了绝大多数。人物中有接近1/3是宇航员或半机械体。其实有超过50个场景是雷同的。人类的想象力当然绚烂，但细细想就会觉得我们的想象力一定程度上也是被影响和塑造的，大多数人其实贫瘠而雷同……

话说KS这些短视频平台上的确有个视频流派就是“教你混社会”。致力于传递一些看起来似乎有道理但怎么看怎么觉得奇怪的知识。比如“客不带客”啥的。有趣的是，这些视频里的人在谈到这些原则的时候，都表情坚毅目光深邃，仿佛在谈论一件非常神圣的事情，就好像你不知道这个规矩你就完了，就必然被唾弃， ...全文

大家为什么会喜欢看体育赛事？其实就是大家在期待着看到不断创造记录创造历史的过程。在体育竞技里面，靠投机取巧是混不下去的，你必须靠实力靠毅力。大家对于以小打大以弱打强从来不吝啬掌声，你面对的是所有人不看好，然后你用结果让全场甚至全世界会为你欢呼。人生有了一次，你也就赢了这辈子。

博士被辞退后很消沉，后来他看到微软的招聘启事，就去试着应聘，结果成了微软技术专家，年薪900万，而且随时能感受到做人的尊严。

“绝绝子”是他妈什么意思？

关于旷野之息续作的分析，塞学家也算实至名归了……（图10好）

Re @Carlos_Perez @martinsohndk @zeropointsecltd lol don’t think you need it dude

RT Kevin Robertson: [New Release] Inveigh 2.0: Rebuilt for C#, cross-platform (Windows, Linux, macOS), new listeners (SMB, LDAP, WebDAV, HTTPS), impro...

RT Martin Sohn: Passed CRTO by @_RastaMouse and @zeropointsecltd. Practiced the usual AD attacks, got comfortable with C2, learned some bypasses and h...

Re @LiveOverflow Damnit forgot: #cisotips

Re @LiveOverflow Also lure them into clicking on the link to receive a gift because of the stressful covid times and then don't actually give them any...

RT Adversary Village: Hey folks,  CFP for Adversary Village at DEF CON 29 closes on 25th June.  Hurry up with your submissions!! CFP URL:  @defcon #Ad...

Re @gmalca @Tesla True, we somewhat overcompensated on Bluetooth antenna capability haha. Will work on turning it down near your destination.

！值了！

A2P2V - Automated Attack Path Planning and Validation

Finding Privilege Escalation Vulnerabilities in Windows using Process Monitor :

SharpHook - Offensive api hooking tool written in C# :

RT Dirk-jan: It's been long overdue, but my part 2 blog on Active Directory forest trusts is finally here! This blog is about trust transitivity and o...

Mistune — iOS Remote code execution vulnerabilities that have been hiding for a decade :

Stealing tokens, emails, files and more in Microsoft Teams through malicious tabs :  Demo :

Open-Source Insecurities : On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits :

Re @BillyM2k 🤣🤣

拭目以待#哪吒请你指点江山#

我们团队招2个岗位，如图，安全策略工程师和安全开发工程师。办公地点：北京或杭州我们的工作比较轻松，不加班，有自己的时间研究东西，工作内容也很有趣。如果有师傅厌倦了安服岗位每天写报告，对攻防产品感兴趣，微博私聊我叭。

“我好菜啊”招财猫茶杯上架啦！呼唤已久的朋友看过来！快去我们店铺瞅瞅吧，这个猫猫你值得拥有~

RT Vulmon Vulnerability Feed: CVE-2018-7700 DedeCMS 5.7 has CSRF with an impact of arbitrary code exec...  Don't wait vulnerability scanning results:

Re @halfhooman_ @ndasmu___ Alah kontoll

From the top of Starbase high bay

Stacking Super Heavy Aft Section

RT CleanTechnica: Jay Leno Breaks World Record In Tesla’s New Plaid Model S — “I Love This Car”

RT Khyron ✊✊🏻✊🏼✊🏽✊🏾✊🏿:  Re @defcon has an official #MUD this year!! Fam, you wanna start a guild?! **Little know fact, I FUCKING ...

RT wallofsheep: Do you hack packet, or does packet hack you? Come to the #phv at @defcon and get your learning on. Whether you're a seasoned expert or...

👀

RT DefCon ScavHunt:  Re @ErisErisian @defcon @discord Yes, we are going to be both in-person and online.

RT Worcester DEFCON Group: Next meet will be on Zoom on the 27th June at 7pm BST. • Toast will present “API Economy, For Security Professionals”. ...

RT DEF CON VotingVillage: Got something to say about #ElectionSecurity? The #VotingVillage CFP is open! We're looking for speakers/presenters @DEFCON ...

defenselessV1 - Just Another Vulnerable Web Application