unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
From 500 to Account Takeover
IntroductionWhat seemed like a regular Cross-site Scripting (XSS) vulnerability on an HTT...
2021-03-03 04:24:02 | 阅读: 93 |
收藏
|
sensepost.com
bypass
gaimage
webapp
victim
payload
on ios binary protections
I just got off a call with a client, and realised we need to think about how we report binary...
2021-03-02 23:22:01 | 阅读: 150 |
收藏
|
sensepost.com
protections
arc
library
macho
canaries
dwn – a docker pwn tool manager experiment
Years ago I learnt docker basics because I just couldn’t get that $ruby_tool to install. The...
2021-02-08 18:42:28 | 阅读: 128 |
收藏
|
sensepost.com
dwn
network
semgrep
mappings
containers
Android Application Specific Proxies, Easy Mode
In this post I want to share two things. First, a quick primer on how you would you go about...
2021-01-29 20:33:26 | 阅读: 62 |
收藏
|
sensepost.com
objection
proxy
github
pinning
sensepost
Duo Two-factor Authentication Bypass
It’s too easy when hacking, to assume something is invulnerable and not interrogate it. This...
2021-01-28 17:39:54 | 阅读: 76 |
收藏
|
sensepost.com
duo
attacker
bypass
victim
txid
sconwar – sensecon 2020
Much like other events in 2020, our annual internal hackathon took a remote format this year,...
2020-11-24 03:01:33 | 阅读: 89 |
收藏
|
sensepost.com
client
sconwar
players
played
jameel
DualSense Reverse Engineering
Ciao belli!On the 19th of November 2020, SONY finally released the new PlayStation 5 in t...
2020-11-23 18:52:32 | 阅读: 142 |
收藏
|
sensepost.com
dualsense
dual
shock
buttons
speaker
sensecon 2020 ex post facto
When we finally decided on a date, sensecon 2020 was little over a month away. Unlike our pub...
2020-11-14 01:21:41 | 阅读: 112 |
收藏
|
sensepost.com
hackathon
sensecon
night
client
sconwar
Szensecon Discord Bot
We have written a lot about SenseCon by now, but there is one more thing we can talk about! I...
2020-11-10 02:47:01 | 阅读: 81 |
收藏
|
sensepost.com
otp
sneaky
emoji
sensecon
thumbscr-ews – a python EWS tool
Something I have found myself doing more and more often is using Exchange Web Services (EWS)...
2020-11-04 23:39:55 | 阅读: 83 |
收藏
|
sensepost.com
exchangelib
ews
mails
thumbscr
gal
More On Foreign Hashes
This is an update on this previous post on foreign NT hashes where I got things a little wron...
2020-10-08 16:40:14 | 阅读: 81 |
收藏
|
sensepost.com
arabic
utf16le
jameel
d9
jameel1
Pass-the-hash WiFi
Thanks to a tweet Dominic responded to, I saw someone mention Passing-the-hash when I think t...
2020-10-02 23:29:44 | 阅读: 105 |
收藏
|
sensepost.com
eap
octet
0x74
0x6e
0x69
Let me store that for you
A while ago Jonas Lykkegaard disclosed a zeroday that could be used to create files in the SY...
2020-09-12 00:44:51 | 阅读: 71 |
收藏
|
sensepost.com
windows
payload
jonas
webio
storvsp
building a hipster-aware pi home server
The end of the year is getting closer, fast, so I figured it was a perfect time to talk about...
2020-09-03 00:48:23 | 阅读: 165 |
收藏
|
sensepost.com
influxdb
smokeping
network
pihole
netdata
DirectAccess and Kerberos Resource-based Constrained Delegation
BackgroundAre you tired of working from home due to COVID? While this is quite a unique s...
2020-08-20 00:16:21 | 阅读: 101 |
收藏
|
sensepost.com
rubeus
machine
cifs
client
NTHashes and Encodings
If you’ve ever cracked a hash with hashcat, you’ll know that sometimes it will give you a $HE...
2020-08-19 20:44:40 | 阅读: 134 |
收藏
|
sensepost.com
iconv
hexstr
colon
16le
fromhex
Routopsy – Hacking Routing with Routers
This is a summary of our BlackHat USA 2020 talk.IntroductionOn some of our engagement...
2020-08-04 03:23:23 | 阅读: 98 |
收藏
|
sensepost.com
network
routopsy
routes
drp
SensePost is now an ethical hacking team of Orange Cyberdefense
Reading time ~5 min...
2020-07-31 16:35:23 | 阅读: 104 |
收藏
|
sensepost.com
sensepost
orange
security
africa
ACE to RCE
tl;dr: In this writeup I am going to describe how to abuse a GenericWrite ACE misconfiguratio...
2020-07-24 21:28:26 | 阅读: 113 |
收藏
|
sensepost.com
rcm
remote
windows
payload
powershell
Seeing (Sig)Red
After the SigRed (CVE-2020-1350) write-up was published by Check Point, there was enough deta...
2020-07-20 23:01:31 | 阅读: 100 |
收藏
|
sensepost.com
suricata
malicious
windows
sigred
network
Previous
3
4
5
6
7
8
9
10
Next