nopslide

Protecting Your System from Ransomware: Essential Prevention Strategies luminixlabs.com/2024/07/17/pro…

CVE-2023-7028 Account Takeover via Password Reset without user interactions A critical vulnerability in GitLab CE/EE (CVE-2023-7028) can be easily exploited by attackers to reset GitLab user account passwords. • github.com/RandomRobbieBF… • github.com/Vozec/CVE-2023… #cve #cybersecurity #infosec #pentesting #redteam #bugbounty

GitHub - machine1337/TelegramRAT: Cross Platform Telegram based RAT that communicates via telegram to evade network restrictions github.com/machine1337/Te…

GitHub - deepzec/Bad-Pdf: Steal Net-NTLM Hash using Bad-PDF github.com/deepzec/Bad-Pdf

A really cool writeup from @kevin_mizu about a bug in draw.io. It looks like the writeup has some of tricks learnt from my research! Super happy to see the real world applications of my techniques 😊 And thanks for the shout out! huntr.dev/bounties/4c1c5…

CVE-2023-23752 Joomla! < 4.2.8 - Unauthenticated information disclosure. github.com/Acceis/exploit… #cve #exploit #cybersecurity #infosec t.me/hackgit/8006

GitHub - duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC: CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator - github.com/duc-nt/CVE-202…

Can you find the token here? 10$ for first solver. 🔥💀 octagon.net/chal/6

GitHub - CsEnox/CVE-2022-2992: Authenticated Remote Command Execution in Gitlab via GitHub import - github.com/CsEnox/CVE-202…

✅iPhone 14 Pro ✅iOS 16 ✅Jailbroken

Spring4Shell: Security Analysis of the latest Java RCE '0-day' vulnerabilities lunasec.io/docs/blog/spri…

@toni_setark1998 @KomangSuryadana kill 3 hikz

@doctorthompson yes the same thing with polkit pkexec it has to be an old vulnerability but they bring this up now and the impact is pretty much the same.

@nopsIide How in the hell had none of us ever tried this before? I mean, it seems like it should have been discovered years ago, no? Ever hear a stand-up comedian ask, “Why didn’t I think of that joke?” … I get it.

The lowest user "nobody" could use this simple bash script and allows anybody to overwrite data in arbitrary read-only files (CVE-2022-0847) It is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit. dirtypipe.cm4all.com #infosec #CVE

GitHub - manuelz120/CVE-2021-45897: PoC for CVE-2021-45897 - github.com/manuelz120/CVE…

Find secrets in JS files: bash JSFScan.sh -l targets.txt -e -s -m -o outdir ref twitter.com/KathanP19 #bugbounty #bugbountytips

ROP Chaining: Return Oriented Programming ired.team/offensive-secu…

We've posted some in-depth guidance on how to make Turbo Intruder attacks go as fast as possible. If you think we're missing any tricks, let us know! #tuning" target="_blank" rel="nofollow noopener">portswigger.net/research/turbo…

@toni_setark1998 ampun suhu

yup.. Apache 2.4.50 ✅

@budanthara pen makan :)

@nopsIide ngeri bingits