[ News | Blogs | Reddits | Lists | Media | ? ] HoneyDB

/r/netsec - Information Security News & Discussion
Flask api with anime theme to get information regarding ip
New speculation vulnerability, Cacheout
More RIDL variants that remain unpatched by Intel
SWAPGS PoC released
MSBuild without MSBuild.exe
Locking down the Instance Metadata Service: Announcing imds-filterd
Exploiting email address parsing with AWS SES
Wide open banking: PSD2 and us
Tool release - SpiderFoot 3.0
[CVE-2019-14615] iGPU Leak: An Information Leakage Vulnerability on Intel Integrated GPU
Malware Analysis & Reports
Weak Ransomware Samples
Setting up a cuckoo sandbox is quite the challenge
IDA Pro Automated String Decryption For REvil Ransomware (OALabs Tutorial)
Jokra.exe Malware Analysis
A small python script I made that uses the VirusTotal API to identify potentially malicious samples
Mistyped URL (youbico vs yubico) and got presented with malware.
Ticket resellers infected with a credit card skimmer
U.S. Government Targeted in Spear-Phishing Attacks
Looking for a complete sample of SpySheriff malware
Emotet file hashes, Compromised IP addresses and domains, and malicious powershell artifacts
blackhat library: Documenting blackhat hacking techniques
Where to find data breaches
iMessage
Cost of a 51% Attack for Different Cryptocurrencies
[CVE-2019-14615] iGPU Leak: An Information Leakage Vulnerability on Intel Integrated GPU
(Theory) Gain Remote Access To To Phone Using WhatsApp Status
Critical Authentication Bypass Vulnerability in InfiniteWP Client Plugin (+POC)
Need opinions/sources on how create a database of phished passwords
Interactive hacking demo of TikTok XSS vulnerability
REing software that requires a login to be activated. Anyway around that?
Does anyone know of a good file gathering script or service, Im looking for something that will search through multiple different file hosters for a specific file. Thank you
Discussion and Disclosure of Web Vulnerabilities
Certificate Authorities That Offer Free SSL Certificates
WpScan Web Interface with Additional Features
Easy way to migrate from HTTP to HTTPS...
Secure authentication using JWT
Exploiting TWIG SSTI with WAF
How Does IoT (Internet of Things) Security Relate to Web Security?
What Type of SSL Certificate Does Your Website Actually Need?
Ok Google! Please reveal everyone’s public calendar.
Parameter Pollution in Share Button
Awesome Free WAF for NGINX with API and Personal Cabinet
Computer Forensics
Metadata from a .exe file?
Cellebrite Full File System - New Release - UFED 7.28
Some useful forensics tools for your forensics investigation
Flight attendant to... computer forensics? Is this crazy? XD
Can SIFT do everything that FTK can
How to use OODA in #DFIR Series: Post 2 - Observe
How to convince my work to use OPEN SOURCE CyLR/CDQR for Rapid Response?
How to prevent that?
FTI Has Published their Forensic Report on Jeff Bezos' Hacked iPhone
Software / Services Wish List
XSS - Cross Site Scripting
Zero-Day Research: Mechanical Keyboard Finder Version 4.31
Top 100 XSS dorks – OpenBugBounty Blog
What does this "Filler" mean in the following payload ???
Bootstrap XSS Collection
XSS in username in Sakai
Great writeup on DOM clobbering
Cross-site scripting (XSS) cheat sheet
Serious XSS Vulnerability Found In Avast Desktop Antivirus For Windows
Easy XSS (XSS Challenge by terjanq)
XSS to Account Takeover - Tomi - Medium
pwned
Buchbinder Car Renter Exposes Info of Over 3 Million Customers
Jeff Bezos's Phone Hacked by Saudi Crown Prince
Hacker defaces some Iranian gov sites and puts PS752 victims names there as memorial
Las Vegas city officials assessing impact after cyber attack - The city faces an average of 279,000 attempts to breach its systems every month
Louisiana Community College System Hit with Ransomware - remaining grades from the last semester must be entered manually
Ransomware Hits Maastricht University in Netherlands - All Systems Taken Down and Offline for At Least A Week
Blue-Chip MSP Synoptek Hit By Ransomware, Paid Ransom To 'Extortionists' - the cyber attack disrupted operations at many of Synoptek’s clients
U.S. Coast Guard says Ryuk Ransomware took down entire IT network of Maritime Facility for over 30 hours
Malware Hits Travelex Currency Exchange Service - the New Year's Eve malware attack forced Travelex employees to resort to manual operations
US government agency website hacked and defaced by group claiming to be from Iran
Cryptography news and discussions
Releasing files after some time?
Is it possible to distinguish the used crypto method, if you have the decrypted as well as the encrypted version of an image?
If I XOR'd cipher-text results of AES-256-CTR against its plain-text what would I get?
How to Check this Bcrypt Hash?
I am struggling with MD6-512 speeds: Dox claim 61.8–120.8MB/s on 64-bit, I have managed 8MB/s.. way off target.
Authentication, What The Fuck?
Questions on Webauthn/FIDO2 (warning: newbie question)
How do known answer tests work for key encapsulation?
I've written an article "Anti-Data-Leak Pattern", to prevent data leak from web sites (+ example project)
https://aesencryption.net/ Is this website real encryption?
Hack Bloc
The Blockchain Socialist | Yang’s Got a Blockchain Identity Crisis - "You’ve just received your Freedom Dividend in your USA Blockchain Wallet. You’re now 2000 YangBucks richer which are worth $900 on Coinbase. Hey, at least they’re not worth $800 like last month."
Hackers hack into Amazon's Ring cameras
Hack Back! by Phineas Fisher (print)
How to download images from a page that doesn't have the option to download them (zenfolio).
The Blockchain Socialist | Very Big Announcement - Patreon, Discord, and more!
BIOS hack to change cpuid
Any way I can logout fron my Google account or wipe all data with a button combination on android ? I need it in case I have to erase some personal data from the phone fast and without anyone noticing. (I know i can do it with tasker but I'm trying to keep my bootloader unlocked, for OTA updates)
Yolo names??
OS of choice
The Blockchain Socialist | The Material Evolution of Digital Currency and Crypto (Part 2) - " ...the thesis, represented by corrupt corporate capitalism relying on trust in centralized institutions, gave birth to its proposed antithesis, bitcoin which offered a 'decentralized' alternative."