unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
AI Hacking Games (Jailbreak CTFs)
The world of AI is developing pretty fast and new tools and plugins that leverage the power of...
2023-5-15 15:40:58 | 阅读: 44 |
收藏
|
Security Café - securitycafe.ro
reverse
llms
chatbot
adventure
prompts
Bypassing Application Whitelisting
Application whitelisting is a very effective protection mechanism, but it can be difficult to m...
2023-5-2 14:30:0 | 阅读: 31 |
收藏
|
Security Café - securitycafe.ro
applocker
bypassing
software
enforces
7 lesser-known AWS SSM Document techniques for code execution
A deep dive into AWS SSM Run Command shows that there are multiple documents attackers can use...
2023-4-19 14:30:0 | 阅读: 48 |
收藏
|
Security Café - securitycafe.ro
ssm
reverse
github
rundocument
ec2
Mobile Pentesting 101 – How to set up your Android Environment
Continuing with the Mobile Pentesting 101 series, this article gives an idea about how your And...
2023-4-3 14:30:0 | 阅读: 33 |
收藏
|
Security Café - securitycafe.ro
apktool
security
github
drozer
rooted
EC2StepShell: A Tool for Getting Reverse Shells on Instances with Network Restrictions
A tool for getting reverse shells in EC2 instances where network communication to your host is...
2023-3-8 15:30:0 | 阅读: 38 |
收藏
|
Security Café - securitycafe.ro
ec2
ssm
reverse
sendcommand
A Complete Kubernetes Config Review Methodology
The are many resources out there that tap into the subject of Kubernetes Pentesting or Configur...
2023-2-27 16:16:0 | 阅读: 29 |
收藏
|
Security Café - securitycafe.ro
pods
kubernetes
security
kubectl
rbac
Our DefCamp 2022 talks are here!
Both presentations we held this year at DefCamp are now available online (reco...
2023-2-1 15:30:0 | 阅读: 23 |
收藏
|
Security Café - securitycafe.ro
cloud
defcamp
youtube
held
network
AWS ssm:SendCommand or network agnostic built-in RCE as root
Post-exploitation in cloud can be fun and easy if you have the right permissions. There is no o...
2023-1-18 02:53:15 | 阅读: 41 |
收藏
|
Security Café - securitycafe.ro
ssm
ec2
privileges
sendcommand
network
AWS Enumeration – Part II (Practical enumeration)
We hackers love cheat sheets so here are mine for AWS IAM, EC2, S3 Buckets and Lambda Functions...
2022-12-14 15:30:0 | 阅读: 20 |
收藏
|
Security Café - securitycafe.ro
ec2
s3api
ssh
gateways
buckets
AWS Enumeration – Part I (Where to start, Approaches and Tools)
This article is covering multiple ways to enumerate the resources within an AWS environment. We...
2022-11-1 16:30:0 | 阅读: 28 |
收藏
|
securitycafe.ro
github
security
subcommand
cloud
pacu
Practical Network Penetration Tester (PNPT): Real-life Penetration Testing exam – Tips & Tricks to pass the exam
Seeing how this evolved, I wanted to provide you with a thorough review of The Cyber Mentor‘s n...
2022-10-4 13:37:59 | 阅读: 102 |
收藏
|
securitycafe.ro
pnpt
network
heath
debrief
client
Mobile Pentesting 101 – Bypassing Biometric Authentication
As mobile devices and mobile applications increase, so does the risk of using mobile applicatio...
2022-9-5 14:30:0 | 阅读: 62 |
收藏
|
securitycafe.ro
biometric
fingerprint
bypass
keystore
Certified Hybrid Multi-Cloud Red Team Specialist – Review and Tips
You might not be familiar with this one, but it is a certification offered by Cyberwarfare Labs...
2022-8-1 14:30:0 | 阅读: 52 |
收藏
|
securitycafe.ro
cloud
premises
security
trainers
Web Cache Deception attacks
Do you have vulnerabilities that you just love to exploit? I know I have a few and one of them...
2022-7-1 14:30:0 | 阅读: 40 |
收藏
|
securitycafe.ro
caching
deception
vcl
client
Security Source Code Review – Manual Approaches
Performing security source code reviews is part of the penetration tester’s life. Either that t...
2022-6-6 14:30:0 | 阅读: 35 |
收藏
|
securitycafe.ro
security
diagram
usermodel
php
Active Directory – Delegation Based Attacks
What is Kerberos delegation?As stated by Microsoft, “delegation is one of the most importan...
2022-5-16 14:30:0 | 阅读: 48 |
收藏
|
securitycafe.ro
delegation
rubeus
machine
constrained
Pentesting Azure: RECON Techniques
Even though Microsoft Azure is the second largest cloud solution after Amazon Web Services (AWS...
2022-4-29 15:53:51 | 阅读: 50 |
收藏
|
securitycafe.ro
acr
microburst
powershell
deployments
IoT Pentesting 101: How to Hack MQTT – The Standard for IoT Messaging
As almost every industry uses at least one of those tiny embedded devices called Smart Things,...
2022-4-8 15:48:14 | 阅读: 168 |
收藏
|
securitycafe.ro
mosquitto
mqtt
broker
publisher
Gone Phishing – Part #1
What is social engineering?The term “social engineering” refers to a wide range of mali...
2022-3-24 16:0:0 | 阅读: 142 |
收藏
|
securitycafe.ro
mailgun
fiercephish
evilginx2
picked
phish
Runtime Mobile Security (RMS) – How To Instrument Android Java Classes And Methods At Runtime
Runtime Mobile Security (RMS) is a powerful web interface powered by Frida that helps you manip...
2022-3-7 16:51:54 | 阅读: 113 |
收藏
|
securitycafe.ro
rms
bypass
encryption
hooking
Previous
2
3
4
5
6
7
8
9
Next