Risk Discovery

	[ News \| Blogs \| Reddits \| Lists \| Media \| ? ] HoneyDB

/r/netsec - Information Security News & Discussion

How I “found” the database of the Donald Daters App

Authentication bypass in libssh

Forging Trusts for Deception in Active Directory

Finding XXE in IBM's MaaS360 Platform

Adversarial Reprogramming of Neural Networks

How I hacked modern Vending Machines

buckets.grayhatwarfare.com - open s3 buckets search engine is updated!

Vectorized Emulation: Hardware accelerated taint tracking at 2 trillion instructions per second

Deobfuscating PowerShell: Putting the Toothpaste Back in the Tube

picoCTF'18 writeups

Malware Analysis & Reports

Gettkng into the field.

How to collect malicious office documents

How is windows malware in C/C++ actually written?

Forensic analysis of new TeleBots activity by ESET links Industroyer to NotPetya

Hikit

Rapidly Evolving Ransomware GandCrab Version 5 Partners With Crypter Service for Obfuscation

LIVE FORENSIC COLLECTION AND TRIAGE USING CYLR, CDQR AND SKADI

Malware keeps detecting Procmon?

Fake photo editing app with over 10,000 installs impersonates "Store Update" app with Google Play icon.

Cooking with CyberChef (X-Post)

blackhat library: Documenting blackhat hacking techniques

Money

Shellab - a Linux and Windows shellcode enrichment utility

Free CTF launched by AttackDefense: Kali in the Browser

Essay - Images, Video & Thoughts: Professional Hacker, 2011 to Present

12 Linux Privilege Escalation Challenges on AttackDefense.com (free Account)

From VNC to reverse shell

Safari Crash - A Small HTML exploit kit that allows for rapid deployment and prototyping

Low-cost USB Rubber Ducky pen-test tool for $3 using Digispark and Duck2Spark

Onliner Spambot list?

How I did not get a shell

Discussion and Disclosure of Web Vulnerabilities

Fuel4Media: Responsive Website Design Company in India

Cara Memasang SSL dan HTTPS di cPanel dan WordPress

Cheap password alternatives wanted!

Facebook gave more than 60 companies ‘deep access' to its users' data

Some interesting facts

Cybersecurity is becoming more and more expensive

Are Social Logins already outdated?

Why some computer viruses refuse to die

Hollywood hack strikes Instagram accounts

Microsoft 'halts Russian political hack'

Computer Forensics

Salary Survey: How much do you get paid, what are your primary duties, and in what location?

Need help on duplicating a infected harddrive

Forensic Readiness Logging Best Practies

can someone help me with this? this has been bugging me since reformatting my hard disk

Smartwatch forensics

Question about IR and Malware Investigations

jqplay - a web based JSON query sandbox built on top of jq

Stuck - decrypt files using DDPE in Encase

EXIF Data - best medium?

How to use Belksoft with Autopsy?

XSS - Cross Site Scripting

5 Practical Scenarios for XSS Attacks

Ultimate member stored XSS

FontStruct - Break the font InfraSTRUCTure!

Reflected XSS at Philips.com – Jonathan Bouman – Medium

XSS Vulnerabilities in Multiple iFrame Busters Affecting Top Tier Sites

How to use Google's CSP Evaluator to bypass CSP

xxs Training?

XSS vulnerability in Universal Studios Singapore's website

Cross-Site Scripting Flaw in Apache ActiveMQ

Practical Web Cache Poisoning

pwned

Google+ shutting down after data exposed

The 42M Record kayo.moe Credential Stuffing Data

Facebook Network Breach Impacts Up to 50 Million Users

DoorDash hacked, customers report unauthorised orders

NCIX Data breach (EVERYTHING)

Newegg Hacked In Data Breach

Bristol Airport systems offline in suspected ransomware attack

Wegmans Suffers From A Supply Chain Attack

#BugBounty — How Naaptol (India’s popular home shopping company) Kept their Millions of User Data at Risk!

Were you affected by the recent T-mobile data breach? Here's everything you need to know.

Cryptography news and discussions

Key Derivation Function by hand?

Hashing several Diffie Hellman shared secrets with HChacha20

Cryptography books from the late 60s

Messenger systems compared by security, privacy, compatibility, and features

Thank you u/Natanael_L

Major browsers simultaneously drop support for old security standards (TLS 1.0, 1.1)

How to crack pbkdf2-sha256 and argon2?

Is it possible to decrypt a DES encrypted message (64 bit key) without knowing the actual key?

If no more encryption programs will be developed or updated from now on, will encryption still be possible in hundreds of years?

AWS SideTrail: How Amazon verifies AWS cryptography code and protects against side-channel attacks

Hack Bloc

What is Mutual aid [now on peertube] a(A)a

DNL #14: INFILTRATION. Panel "INFILTRATION: Mapping The International Far Right" [a(A)a] - hacktivism

Tutorial Darknet server for I2p TOR and anything you want to tunnel into, remotely. • r/anarcho_hackers

Guardians Of The New World (Hacking Documentary) - Real Stories [very good, not infosec capitalist shit]

Ghost In The Cell - How an inmate hacker turned a prison upside down

Be Warned: The Latest MEGA Chrome Extension Will Steal Your Monero

Psstt, the Syndicate Collective's DiscordDump project is up and online. Featuring chat logs from over 100 servers ranging from conspiracy theorist, alt-right, fascist, white supremacists and more, totaling around 5 million messages. : anarcho_hackers

Dark Web Hackers Sell Data Of 130 Million Consumers For 8 Bitcoin (BTC)

Popular open source project bans companies that assist ICE in their license agreement.

Statement in support of Cameron Crowley, alleged to be hacktivist “Vigilance”