[ News | Blogs | Reddits | Lists | Media | ? ] HoneyDB

/r/netsec - Information Security News & Discussion
Cracking passwords to prevent credential stuffing
Nov 21 live webinar: The OWASP API Security Top 10
A Guide to Common Linux Backdoors and Rootkits
Snek - Integrating Python in PowerShell
SCShell - Fileless lateral movement tool for Windows
Beginner Network Pentesting
Introducing iVerify, the security toolkit for iPhone users
The Alexander the Great Guide to InfoSec for the C-Suite
CVE-2019-12758 - Symantec Endpoint Protection - Self-Defense Bypass and Potential Usages
PoC for CVE-2019-1405 and CVE-2019-1322 (Privilege Escalation)
Malware Analysis & Reports
Malware Analysis | Salseo Reverse Shell Backdoor [Video]
Breach affecting 1 million was caught only after hacker maxed out target’s storage
A Glimpse into Glimpse: Analysis of APT34 DNS Tunneling Malware (x-post from /r/ReverseEngineering)
VirusTotal API to check user’s quota usage
Dionaea Honeypot capturing mostly Wannacry still and a lot of attacks on port 1433
AMAs Wanted: Calling any and all professional reverse engineers, malware programmers, whitepaper authors or conference speakers!
Opensource tools for Security Operations
Up To Date Books on Rootkits
GUI debugger for reversing Linux ELF malware
Malware Analysis - Coinminer
blackhat library: Documenting blackhat hacking techniques
NET-UP: Network Dropper – Private-Locker Articles
jaeles-project/jaeles: The Swiss Army knife for automated Web Application Testing
Windows Privilege Escalation Guide
Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium
PoC for CVE-2019-1405 and CVE-2019-1322 (Privilege Escalation)
Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed JP2 Stream (2)
Malware Analysis | Salseo Reverse Shell Backdoor [video]
CMS - CMS Detection & Exploitation Suite
How can I find and replace hashes into plain text from another file?
What are some of the best and surprising pastebins?
Discussion and Disclosure of Web Vulnerabilities
How Does IoT (Internet of Things) Security Relate to Web Security?
What Type of SSL Certificate Does Your Website Actually Need?
Ok Google! Please reveal everyone’s public calendar.
Parameter Pollution in Share Button
Awesome Free WAF for NGINX with API and Personal Cabinet
Instead of enriching Google, try making a market for click work
How do you approach to a target without any user input taken?
RCE through open PHP-FPM ports
Imperva Blocks Our Largest DDoS L7/Brute Force Attack Ever (Peaking at 292,000 RPS) | Imperva
Nginx Free WAF: NAXSI vs Nemesida WAF Free
Computer Forensics
How Can I Become a Digital Forensics Analyst
Acquire image of OS running on Virtual Box for analysis [E01]? How should I go about it?
What are Law Enforcement SOP when dealing with encrypted devices?
how to do forensic in SSD drive ?
Is it possible for Magnet AXIOM to image Kernal level processes on Windows 10?
android pixel sailfish. any way to recover or carve data from bootloader unlock wipe?
Windows Event Log Ananlysis with Splunk / ELK
Different NTFS partitions that have the same value in $MFT start cluster
When you’re dealing with FDE in an investigation, what are procedural guidelines of dealing with it?
WebCacheV01.dat Question
XSS - Cross Site Scripting
Cross-site scripting (XSS) cheat sheet
Serious XSS Vulnerability Found In Avast Desktop Antivirus For Windows
How do I implement encoding to prevent XSS in my code
Easy XSS (XSS Challenge by terjanq)
XSS to Account Takeover - Tomi - Medium
What's the best way to avoid a <pre> tag?
Evade filter that removes <> brackets
Beginner Question: How can I XSS my website?
Stolen cookies aren’t working
How to cause the xss? The payload of "onerror、onxxx、javascript" keywords have been banned.
pwned
Breach affecting 1 million was caught only after hacker maxed out target’s storage
Ransomware attack at Mexico's state-owned petroleum company Pemex halts work, threatens to cripple computers
A Utah-based renewable energy company was the victim of a rare cyberattack that disrupted communications with several solar- and wind- power installations
Rogue worker at antivirus firm sold user data to scammers who targeted customers
McDonald's customers frustrated as 'Hamburglar' hacks more app accounts, ordering meals with owners' money
Hack of Chilean national police exposes more than 10,000 files, including intelligence
Bed Bath & Beyond admits in SEC filing that some of their users' accounts were accessed without authorization
City of Johannesburg, South Africa, hit by ransomware - again
NordVPN Hack - Everything You Need to Know (Updated Info)
Report: Travel Reservations Platform Leaks US Government Personnel Data (AWS - over 179GB of data)
Cryptography news and discussions
25519 and cyclic subgroups
NTRU cryptosystem
Is Boringssl slower than Openssl?
Advice on finding PhD's in Europe and the Americas
Why You Shouldn’t be Using BCrypt and Scrypt
Value of Rachet if already using Ephemeral Ephemeral ECDH
MPC Alliance - industry consortium for development of multiparty computation systems
Why does SHA hash function work like it does?
TPM-FAIL: TPM meets Timing and Lattice Attacks
Is trial and error fundamentally necessary for prime factorization?
Hack Bloc
Are you curious to learn more about blockchain in detail from a left wing perspective? I've started a blog to help!
Github has taken down Catalan app that had been used to mobilize protesters. This is the letter from Spain police.
Hispagatos - International Anarchist Hackers - Preparing for 36c3 - 1Komona - a(A)a
Want A FOSS Academic Search Engine That Does Not Track You
Video cameras equipped with facial recognition technology created by Chinese company Huawei are being rolled out across 100s of cities around world. In Belgrade, government surveillance system eventually will encompass 1,000 cameras in 800 locations across city to identify and track individuals.
Julian Assange - the case of the WikiLeaks founder | DW Documentary
Anarchist Hacker Jeremy Hammond Ruled in Contempt of Federal Grand Jury
Hackerñol-00010101 - Uno nomada, seco y sobrio [Spanish]
Open access manifesto translated to Spanish - Guerrilla del acceso libre a la información
Inmates built computers hidden in ceiling, connected them to prison network