Search results

😂 Cybercrime 2024: The Most High-Profile Cases of the Year 2024 was a significant year for the world of cybersecurity, marked by numerous cyberattacks, data leaks, the emergence of new threat groups, and the discovery of zero-day vulnerabilities. Among the many events, several notable cases...

❗️ MiTM Attack Tool SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS-encrypted network connections. ⚠️ Connections are transparently intercepted via the address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates new SSL/TLS connections to...

❗️ MiTM Attack Tool SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS-encrypted network connections. ⚠️ Connections are transparently intercepted via the address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates new SSL/TLS connections to...

🎃 A Complete Guide to OpenSSL OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping and authenticate the identity of the user on the other end. Guide Contents: 1. OpenSSL: Usage Guide and Security Audit 2. What is OpenSSL...

😂 Exploit for a critical Windows vulnerability has been published: just one request is enough to destroy any infrastructure A proof-of-concept exploit for a vulnerability in the Windows Lightweight Directory Access Protocol (LDAP), patched in December 2024, was recently published online. The...

👴 Automated Wireless Attack Tool Wifite2 is a tool for auditing encrypted WEP or WPA wireless networks. It uses tools like aircrack-ng, pyrit, reaver, and tshark to conduct the audit. This tool can be configured automatically with just a few arguments. Wifite aims to be a "set it and forget...

🥷 The Whonix Guide Guide Contents: 1. Quick Start with Whonix 2. What is Whonix 3. Which to Choose: Whonix, Tails, Tor Browser… 4. Which Whonix Version to Download 5. How to Install Whonix 6. What is Whonix-Gateway and Whonix-Workstation 7. Whonix Startup Instructions 8. What is the Default...

👁‍🗨 Google tracks you even after you opt out A US federal judge has denied Google's motion to dismiss a class action lawsuit alleging invasion of privacy for users who opted out of having their web and app activity recorded. The lawsuit concerns the Web & App Activity (WAA) settings, which...

🥷 "The Anatomy of Anonymous Attacks" — How Do Anonymous Work? ⚠️ American company Imperva, which develops data security solutions, has published a 17-page report examining the work of the notorious hacktivist group Anonymous. While the report doesn't reveal the dark secrets of the underground...

👩‍💻 Domain Name Permutation Tool dnstwist is a domain name permutation engine for detecting similar domain squatting, phishing attacks, fraud, and corporate espionage. The program will find similar-looking domains that adversaries can use to attack you. Key features of dnstwist: ⏺A wide range...

😩 Thai Scam Mobile: How a Pair of "Tour Guides" Sent 30,000 Phishing SMS Two Chinese citizens suspected of organizing a large-scale SMS fraud scheme have been arrested in Bangkok. — They posed as tour guides and used sophisticated equipment to send fake messages. 🖥 The scheme involved using...

📝 SSH Cheat Sheet This article describes advanced OpenSSH features that make life much easier for system administrators and programmers who aren't afraid of Shell. Unlike most guides, which don't cover anything beyond switches and -L/D/R options, I've tried to compile all the interesting...

💻 OpenVAS Vulnerability Scanner OpenVAS (Open Vulnerability Assessment System), originally known as GNessUs, is a framework consisting of several services and utilities that allows for scanning network nodes for vulnerabilities and managing them. All OpenVAS products are free software. Most...

❗️ XSS Post-Exploitation: Advanced Defenses and Methods This document presents an in-depth study of the threats posed by XSS vulnerabilities and their simplified exploitation, as well as options for protecting against XSS attacks that can be implemented as a precaution. 🟢 Next, we'll exploit...