31.2 C
Sunday, August 14, 2022

ShortByte Edition: 1




### Month: February | Year: 2022 | Release Date: 18/02/2022 | Edition: #1 ###

Must See Something that’s really worth your time!

URL: https://edoverflow.com/2022/bypassing-razers-dom-based-xss-filter/
Description: What Bypassing Razer’s DOM-based XSS Patch Can Teach Us.

URL: https://jub0bs.com/posts/2022-02-08-cve-2022-21703-writeup/
Description: Cross-origin request forgery against Grafana (CVE-2022-21703).

‘ ╦ ╦┌─┐┌─┐┬┌─
‘ ╠═╣├─┤│ ├┴┐
‘ ╩ ╩┴ ┴└─┘┴ ┴
‘ Some Kung Fu Techniques.

URL: https://github.com/fofapro/fapro/
Description: Fake Protocol Server.

URL: https://github.com/punk-security/SMBeagle
Description: Fileshare auditing tool.

URL: https://github.com/mufeedvh/moonwalk
Description: Cover your tracks during Linux Exploitation.

URL: https://github.com/xm1k3/cent
Description: Community edition nuclei templates organizer.

URL: https://voidsec.com/windows-drivers-reverse-engineering-methodology/
Description: Windows Drivers Reverse Engineering Methodology.

URL: https://github.com/paazmaya/shuji
Description: Reverse Engineering JavaScript and CSS sources from sourcemaps.

Read Also  Why Programming is important for Hackers?

URL: https://github.com/PwnDexter/Invoke-EDRChecker
Description: Find known defensive products such as AV’s, EDR’s and logging tools.

URL: https://github.com/mgeeky/PackMyPayload
Description: Emerging Threat of Containerized Malware – MOTW (Mark of the Web) Bypass.

URL: https://github.com/ncc-erik-steringer/Aerides
Blog: https://bit.ly/3JmCsQa (+)
Description: An implementation of infrastructure-as-code scanning using dynamic tooling.

URL: https://github.com/FortyNorthSecurity/C2concealer
Description: CLI that generates randomized C2 malleable profiles for use in Cobalt Strike.

URL: https://www.x86matthew.com/view_post?id=stack_scraper
Description: Capturing sensitive data using real-time stack scanning against a remote process.

URL: https://github.com/wspr-ncsu/mininode
Description: CLI tool to reduce the attack surface of the Node.js apps by using static analysis.

‘ ╔═╗┌─┐┌─┐┬ ┬┬─┐┬┌┬┐┬ ┬
‘ ╚═╗├┤ │ │ │├┬┘│ │ └┬┘
‘ ╚═╝└─┘└─┘└─┘┴└─┴ ┴ ┴
‘ All about security issues.

Read Also  JS (Javascript) For Hackers

URL: https://sensepost.com/blog/2022/sim-hijacking/
Description: SIM Hijacking.

URL: https://bit.ly/3LpO4Ud (+)
Description: Hunting for Persistence in Linux – Series.

URL: https://link.medium.com/aEYw1qdbrnb
Description: How to audit Solana smart contracts – Series.

URL: https://sector7.computest.nl/post/2022-02-coronacheck/
Description: CoronaCheck App TLS certificate vulnerabilities.

URL: https://medium.com/cider-sec/ppe-poisoned-pipeline-execution-34f4e8d0d4e9
Description: Running malicious code in your CI, without access to your CI.

URL: https://blog.projectdiscovery.io/abusing-reverse-proxies-metadata/
More: https://blog.projectdiscovery.io/abusing-reverse-proxies-internal-access/
Description: Abusing Reverse Proxies.

URL: https://bit.ly/3oHzuOe (+)
Description: Code Execution on Apache via an Integer Underflow (CVE-2021-44790).

URL: https://research.checkpoint.com/2022/invisible-cuckoo-cape-sandbox-evasion/
Description: Invisible Sandbox Evasion.

URL: https://bit.ly/3sAiWso (+)
PoC: https://github.com/ly4k/SpoolFool
Description: SpoolFool – Windows Print Spooler Privilege Escalation (CVE-2022-21999).

URL: https://kazet.cc/2022/02/03/fuzzing-wordpress-plugins.html
Description: A technique to semi-automatically find vulnerabilities in WordPress plugins.

Read Also  ShortByte Edition: 2

URL: https://github.com/michalbednarski/ReparcelBug2
Description: Writeup/exploit for installed app to system PE on Android 12 Beta (CVE-2021-0928).

‘ ╔═╗┬ ┬┌┐┌
‘ ╠╣ │ ││││
‘ ╚ └─┘┘└┘
‘ Spare time?

URL: https://sha256algorithm.com/
Description: Sha256 Algorithm Explained.

URL: https://127001.me/post/ten-years-of-thinkpadding/
Description: Ten years of ThinkPadding.

URL: https://sethmlarson.dev/blog/utf-8
Description: How does UTF-8 turn “😂” into “F09F9882”?

About the author

Pro MCrackerhttps://hackbyte.org
I Am MCracker From India, I Am A Pentester And A Blogger.

Add a comment

Related posts