Technical Information Security Content & Discussion

8 readers
1 users here now

/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to...

founded 1 year ago
MODERATORS
[email protected]
listing: all - local
451
1
Bypassing Veeam Authentication CVE-2024-29849 (summoning.team)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/scopedsecurity on 2024-06-10 12:14:02.
452
1
Create your own VPN Service with Cableguard VPN and NEAR Protocol (medium.com)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/alanesmizi on 2024-06-10 11:25:55.
453
1
How to prevent domain verification bypasses of your server certificate (www.pentagrid.ch)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/fr0r on 2024-06-10 10:17:53.
454
1
Uncovering a Critical Vulnerability in Authentik's PKCE Implementation (CVE-2023-48228) | Offensity (www.offensity.com)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/Offensity on 2024-06-10 09:21:24.
455
1
Detection as Code (purpleteamsec.substack.com)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/netbiosX on 2024-06-10 07:07:18.
456
1
Unsecure time-based secret and Sandwich Attack - Analysis of my research and release of the "Reset Tolkien" tool (www.aeth.cc)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/PentesterLab on 2024-06-10 04:23:30.
457
1
Create your own C# Obfuscator to evade Static Analysis - Blog (www.ribbiting-sec.info)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/PersonalState343 on 2024-06-09 13:58:23.
458
1
No Way, PHP Strikes Again! (CVE-2024-4577) - watchTowr Labs (labs.watchtowr.com)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/dx7r__ on 2024-06-07 08:28:37.
459
1
How to Achieve Eternal Persistence Part 3: How to access and recover replicated secrets (www.huntandhackett.com)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/One-Assistance-8552 on 2024-06-06 21:56:07.
460
1
Frida 16.3 is out with CoreDevice/RemoteXPC support, new Service API, and many other improvements (frida.re)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/oleavr on 2024-06-05 16:32:11.
461
1
Analysis of CVE-2024-2738 Apache HugeGraph (blog.securelayer7.net)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/SL7reach on 2024-06-05 13:54:29.
462
1
In-memory sleeping technique using threads created in suspended state and timers that work with the ResumeThread function after context is set for execution. Each workers has its own stack and no ... (oldboy21.github.io)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/oldboy21 on 2024-06-05 06:58:53.

Original Title: In-memory sleeping technique using threads created in suspended state and timers that work with the ResumeThread function after context is set for execution. Each workers has its own stack and no need to modify the list of valid indirect call targets in CFG. Use case: Swappala with Reflective DLL

463
1
Malwarebytes Firewall (forums.malwarebytes.com)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/kelsey_41375 on 2024-06-04 19:02:03.

Today, I was asked to externally pen test my interning company’s internal network. I conducted a few Nmap scans and brute forcing a vulnerability, but every time I tried anything, their Malwarebytes firewall blocked my Kali VM’s IP. Now, I’m trying to learn more about the firewall, how it works, and its vulnerabilities/exploits, but I can’t find any information online. Do any of you have any resources I could look at or any insight on them? Any help would be much appreciated!!

This URL is the most informative source I’ve been able to find so far (I needed an attachment to post this thread)

For context, I’m a cybersecurity student in my junior year, and I’m interning this summer at a small local tech company. I have full permission to conduct pen testing, and openly present all of my findings.

464
1
Securing the Building Blocks: A Deep Dive into Dependency Security (www.devsecurely.com)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/imaibou on 2024-06-04 12:37:24.
465
1
CVE-2023-48788: Revisiting Fortinet FortiClient EMS to Exploit 7.2.X (www.horizon3.ai)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/scopedsecurity on 2024-06-04 12:16:06.
466
1
Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938 (androidoffsec.withgoogle.com)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/poltess0 on 2024-06-04 12:06:44.
467
1
Deep diving into F5 Secure Vault (offsec.almond.consulting)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/AlmondOffSec on 2024-06-04 10:06:16.
468
1
Identifying Container Image Vulnerabilities with Docker Scout (packagemain.tech)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/pliutau on 2024-06-04 10:01:52.
469
1
PHISHING LIKE A PRO: A GUIDE FOR PENTESTERS TO ADD SPF, DMARC, DKIM AND MX RECORDS TO EVILGINX (fortbridge.co.uk)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/adrian_rt on 2024-06-04 09:41:26.
470
1
Attacking NIST SP 800-108 (Loss of Key Control Security with CMAC in Counter Mode) (scottarc.blog)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/sarciszewski on 2024-06-04 07:57:57.
471
1
Molding lies into reality || Exploiting CVE-2024-4358 (summoning.team)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/juken on 2024-06-04 03:09:18.
472
1
Hackers use GitHub profiles to pose as 1Password (moonlock.com)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/moonlock_security on 2024-06-03 17:30:37.
473
1
GitHub Security Guide: How to Defend Your Organization and Repositories from Supply Chain Attacks - Rezonate (www.rezonate.io)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/Or1rez on 2024-06-03 11:33:11.
474
1
Hacking Millions of Modems (and Investigating Who Hacked My Modem) (samcurry.net)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/samwcurry on 2024-06-03 05:35:14.
475
1
Encryption At Rest: Whose Threat Model Is It Anyway? (scottarc.blog)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/sarciszewski on 2024-06-03 03:43:11.
view more: ‹ prev next ›