Content curation / Veille informationnelle


    Feed has no items.

    Feed has no items.

Hacking Articles Raj Chandel's Blog

  • Tokyo Ghoul TryHackMe Walkthrough
    par Raj Chandel le 10 avril 2021 à 10 h 27 min

    Today we’re going to solve another boot2root challenge called “Tokyo Ghoul “. It’s available at TryHackMe for penetration testing practice. This lab is of medium difficultly if we have the right basic knowledge to break the labs and are attentive to all the details we find during the reconnaissance. The The post Tokyo Ghoul TryHackMe Walkthrough appeared first on Hacking Articles.

  • Metasploit for Pentester: Mimikatz
    par Raj Chandel le 8 avril 2021 à 11 h 50 min

    This article will showcase various attacks and tasks that can be performed on a compromised Windows Machine which is a part of a Domain Controller through Metasploit inbuilt Mimikatz Module which is also known as kiwi. We covered various forms of Credential Dumping with Mimikatz in our Series but we The post Metasploit for Pentester: Mimikatz appeared first on Hacking Articles.

  • PowerShell Empire for Pentester: Mimikatz
    par Raj Chandel le 6 avril 2021 à 19 h 23 min

    This article will showcase various attacks and tasks that can be performed on a compromised Windows Machine which is a part of a Domain Controller through PowerShell Empire inbuilt Mimikatz Module. Table of Content Introduction DC Sync Attack DC Sync Hash Dump Golden Tickets Extracting Tickets Domain Cache Mimikatz Commands The post PowerShell Empire for Pentester: Mimikatz appeared first on Hacking Articles.

RSS - Actualité CNIL.fr Fil RSS des actualités de la Commission Nationale de L'Informatique et des Libertés (CNIL)


Internet Society Working for an Internet that is open, globally connected, and secure.

  • After Two Decades, the Party Is Ready for the IXP in El Salvador
    par Israel Rosas le 9 avril 2021 à 15 h 55 min

    The history of El Salvador’s Internet exchange point (IXSal) is perhaps the longest and most complex, beginning at the end of the last century, in 1999, explains its founder, Lito Ibarra, with a smile. “It started out as a utopia after I started hearing about the experiences of other countries.” Ibarra wrote proposals and received The post After Two Decades, the Party Is Ready for the IXP in El Salvador appeared first on Internet Society.

  • Sarantaporo.gr Community Network: Connecting Communities Is a Marathon, Not a Race
    par Vassilis Chryssos le 7 avril 2021 à 17 h 58 min

    Last week we shared the story of how the Sarantaporo.gr Community Network worked with the community of Sykea to help with a pressing problem. Like many other villages in the Thessaly region in central Greece, it lacked access to the Internet. When an alternative solution to Sykea’s connectivity challenges was found, an opportunity opened up The post Sarantaporo.gr Community Network: Connecting Communities Is a Marathon, Not a Race appeared first on Internet Society.

  • The Week in Internet News: Biden Wants Broadband for All
    par Grant Gross le 5 avril 2021 à 13 h 27 min

    Filling the gaps: U.S. President Joe Biden has proposed spending $100 billion over eight years to bring broadband to all areas of the country, CNet reports. The broadband spending is part of a $2.25 trillion infrastructure proposal, which would also include repair of roads and bridges and improvements to the water supply and electrical grids. The post The Week in Internet News: Biden Wants Broadband for All appeared first on Internet Society.


Security.NL maakt Nederland veilig Security.NL maakt Nederland veilig


Naked Security Computer Security News, Advice and Research


Security Weekly Security Market Validation

  • Using the ATT&CK Matrix in real-time to understand threats and attacks
    par Adrian Sanabria le 16 mars 2021 à 17 h 38 min

    The MITRE ATT&CK Framework is widely recognized as instrumental in providing a common language and framework for describing attack techniques and effectively sharing information across organizations. However, we’re just starting to see the potential benefits this matrix can provide when integrated directly into security tools. Uptycs recently announced a major release of its product that The post Using the ATT&CK Matrix in real-time to understand threats and attacks appeared first on Security Weekly.

  • How to Defend Linux from Attacks
    par Matt Alderman le 25 février 2021 à 19 h 37 min

    Although Linux is still a fraction of the market share of Microsoft Windows and Mac OS X, its growth continues to accelerate.  Linux will continue to grow at compounded annual growth rate (CAGR) of 19.2% through 2027.  Some of the primary factors for this growth include: Cloud computing infrastructure, Containerization of applications, and Microsoft’s support The post How to Defend Linux from Attacks appeared first on Security Weekly.

  • Reading the Application Security Tea Leaves – How to Interpret the Analyst Reports
    par Matt Alderman le 16 février 2021 à 16 h 52 min

    There are a number of industry analyst reports on application security.  Each analyst firm and report takes its own slice of the market to analyze and report on vendors within that market.  For example, the Forrester Wave focuses on Static Application Security Testing, the Gartner Magic Quadrant focuses on Application Security Testing as a whole, The post Reading the Application Security Tea Leaves – How to Interpret the Analyst Reports appeared first on Security Weekly.


  • Hello world!
    par liquidmatrix le 28 novembre 2015 à 23 h 35 min

    Welcome to WordPress. This is your first post. Edit or delete it, then start writing!


  • Blind ROP ARM - ECSC Préquals 2019 - Secure Vault - Writeup
    par Geluchat le 22 mai 2019 à 16 h 00 min

    Dans le cadre des préqualifications de l'ECSC, j'ai eu l'occasion de tester un challenge original dans la catégorie pwn : le challenge Secure Vault. La mention "aucun binaire n'est fourni avec ce challenge" nous indique que le challenge va être intéressant ! Pour commencer, on se connecte au challenge : root@Miaou:/# nc …

  • Exploitation d'un programme 64 bits sous Windows 10
    par Geluchat le 15 mai 2018 à 12 h 30 min

    Introduction Lorsque l'on débute dans le domaine de l'exploitation de binaire, notre choix se tourne le plus souvent vers Linux. En effet, beaucoup de challenges ont été développés sous Linux et la documentation sur l'exploitation Linux ne manque pas. Néanmoins, créer des exploits pour Linux n'a pas le même impact …

  • Les Server Side Request Forgery : Comment contourner un pare-feu
    par Geluchat le 15 septembre 2017 à 22 h 40 min

    Qu'est ce que les Server Side Request Forgery ? Les Server Side Request Forgery, ou en abrégé SSRF, sont des vulnérabilités Web permettant de lire des fichiers sur le serveur local. Il ne faut pas les confondre avec les CSRF (Cross Site Request Forgery), qui, elles, ont pour but l'exécution d'une …


IT Security Guru The Site for our Community

  • Data belonging to over 500 million LinkedIn users sold online to hackers
    par The Gurus le 9 avril 2021 à 14 h 47 min

    It has been revealed today that social media platform LinkedIn is the latest to suffer a website scraping attack at the hands of cyber criminals. Data belonging to over 500 million of its users has been posted online and is reportedly being sold to hackers. The news comes only days after it was revealed that The post Data belonging to over 500 million LinkedIn users sold online to hackers appeared first on IT Security Guru.

  • Cyber-attacks have potential to spark armed conflict
    par SaskiaEpr le 9 avril 2021 à 11 h 40 min

    Mike McGuire a senior lecturer in criminology at the University of Surrey has conducted a study, called Nation States, Cyberconflict and the Web of Profit using publicly available reports into state-sponsored attacks along with interviews with various experts. The study reveals that the world is coming increasingly close to nation state retaliating against cyber-attacks with The post Cyber-attacks have potential to spark armed conflict appeared first on IT Security Guru.

  • LinkedIn Users’ details being sold online
    par SaskiaEpr le 9 avril 2021 à 10 h 58 min

    Analysts stumbled across a scraped data set from LinkedIn, in which the data from over half a billion users is being sold online. This marks the second major cybersecurity incident in the past week. The information scraped includes the full names, email addresses, phone numbers, professional titles and other work-related data. CyberNews analysts have been The post LinkedIn Users’ details being sold online appeared first on IT Security Guru.


    Feed has no items.

    Feed has no items.

CERT-FR Centre gouvernemental de veille, d'alerte et de réponse aux attaques informatiques