unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Azure CloudQuarry: Searching for secrets in Public VM Images
After the initial investigation entitled “AWS CloudQuarry: Digging for secrets in Public AMIs”...
2024-11-19 18:12:13 | 阅读: 1 |
收藏
|
Security Café - securitycafe.ro
ais
marketplace
disks
costs
Chained Vulnerabilities in Web Applications
IntroductionVulnerability chaining, also known as exploit chaining, is the process of combi...
2024-10-25 17:39:14 | 阅读: 3 |
收藏
|
Security Café - securitycafe.ro
attacker
malicious
security
victim
injection
Mobile Pentesting 101: How to Install Split APKs
Understanding Split APKsIn modern mobile app development, split APKs are b...
2024-10-7 19:9:44 | 阅读: 11 |
收藏
|
Security Café - securitycafe.ro
apks
mmsf
splitapk
apk
decompile
Red Team Finds A Way – (IN)Secure By Design
In our previous post, Red Team Finds A Way – Exploiting The Human Factor, we explored how the...
2024-9-11 20:3:36 | 阅读: 8 |
收藏
|
Security Café - securitycafe.ro
security
teaming
attacker
network
AWS vs Azure: A “Secure by default” comparison
Whether you are in charge of deciding what Cloud solution to choose for your organization or yo...
2024-9-3 17:22:10 | 阅读: 11 |
收藏
|
Security Café - securitycafe.ro
cloud
security
ssrf
ec2
mistakes
An ex psychologist’s journey into Cyber Security
How it all startedWhat if I told you that the machines with 99 percentage fail chance would...
2024-7-29 19:28:2 | 阅读: 12 |
收藏
|
Security Café - securitycafe.ro
oscp
feeling
felt
luck
knew
Red Team Finds A Way – Exploiting The Human Factor
Red Teaming is a comprehensive approach that involves the use of various tactics, technique...
2024-7-2 16:5:10 | 阅读: 7 |
收藏
|
Security Café - securitycafe.ro
phishing
teaming
identify
username
security
AWS CloudQuarry: Digging for Secrets in Public AMIs
Money, secrets and mass exploitation: This research unveils a quarry of sensitive data stored i...
2024-5-8 14:30:0 | 阅读: 10 |
收藏
|
Security Café - securitycafe.ro
amis
ami
cloud
sem
CVE-2024-28344 & CVE-2024-28345 in Sipwise C5
CVE-2024-28344 – Open RedirectAn Open Redirect vulnerability was found in...
2024-3-21 18:22:31 | 阅读: 13 |
收藏
|
Security Café - securitycafe.ro
journal
28345
28344
malicious
1443
How to Install .ipa Files on iPhone Without Jailbreak
Diving into the realm of iOS beyond the confines of the App Store requires a grasp of the impor...
2024-3-12 15:30:0 | 阅读: 20 |
收藏
|
Security Café - securitycafe.ro
ipa
resorting
sit
WinRAR RCE Vulnerability Spotlight: APT29’s Zero-Day Tactics
IntroductionThe AttackSocio-Political ImplicationsExploiting CVE-2023-38831Make sure you are us...
2024-2-19 17:16:31 | 阅读: 31 |
收藏
|
Security Café - securitycafe.ro
winrar
m4
bmw
38831
payload
Can Someone Really Hack Traffic Lights?
We’ve all seen the scenes in movies or games where attackers hack traffic lights to set the col...
2024-2-7 15:55:10 | 阅读: 17 |
收藏
|
Security Café - securitycafe.ro
lights
tlc
sensors
vehicles
Passing Your OSCP In 2023 (or 2024)
I am aware that the internet is full of videos, blog and forum posts, GitHub pages (and the lis...
2023-10-30 16:27:32 | 阅读: 24 |
收藏
|
Security Café - securitycafe.ro
oscp
moreover
mindset
stress
Trench Tales: The College Account Takeover That Never Happened
DisclaimerIntroductionThe VulnerabilityMethodologyShodanLdapsearchBashPythonEthical DilemmasCas...
2023-10-16 13:53:31 | 阅读: 23 |
收藏
|
Security Café - securitycafe.ro
ldapsearch
anonymous
security
python
Secure Your Mobile World: A Guide for Cyber Security Awareness Month
October marks Cyber Security Awareness Month, a time when individuals and organizations around...
2023-10-5 15:35:31 | 阅读: 15 |
收藏
|
Security Café - securitycafe.ro
security
software
passwords
tips
phishing
Mobile Pentesting 101 – Introducing to MMSF (Massive Mobile Security Framework)
Sometimes it can be harder to choose one tool over another when it comes to mobile pentesting....
2023-9-18 14:0:0 | 阅读: 30 |
收藏
|
Security Café - securitycafe.ro
mmsf
usemodule
bypass
python3
Remote Code Execution – Basics
In this blog post you will learn how to identify basic Remote Code Execution vulnerabilities an...
2023-9-13 20:30:14 | 阅读: 43 |
收藏
|
Security Café - securitycafe.ro
php
cmdshell
remote
popen
attacker
IAMActionHunter in action
Let’s take a look at the latest cloud tool published by Rhino Security Labs: IAMActionHunter....
2023-7-27 21:44:45 | 阅读: 25 |
收藏
|
Security Café - securitycafe.ro
ssm
sendcommand
scoutsuite
engagement
Command and Control Frameworks: Metasploit and Havoc
1. OverviewIn this blog post we will be talking about Command and Control (C&C or C2) Serve...
2023-7-3 14:30:0 | 阅读: 35 |
收藏
|
Security Café - securitycafe.ro
havoc
payload
windows
agents
msfvenom
DLL Hijacking – Finding Vulnerabilities in PEStudio 9.52
Lately, I have reported multiple DLL Hijacking vulnerabilities. These are quit...
2023-6-19 14:30:0 | 阅读: 30 |
收藏
|
Security Café - securitycafe.ro
hijacking
pestudio
loaded
windows
sensapi
Previous
-17
-16
-15
-14
-13
-12
-11
-10
Next