Content curation / Veille informationnelle


    Feed has no items.

    Feed has no items.

Hacking Articles Raj Chandel's Blog

  • Scriptkiddie HackTheBox Walkthrough
    par Raj Chandel le 23 septembre 2021 à 17 h 21 min

    Script Kiddie is a CTF hosted on Hack the Box with Beginner categories. The objective for the participant is to identify the files user.txt and root.txt on the victim’s system. Penetration Methodlogies Recon Nmap Enumeration Exploit Generating apk Netcat Reverse Connection Post Enumeration Capture User.txt Abusing writeable script Privilege Escalation The post Scriptkiddie HackTheBox Walkthrough appeared first on Hacking Articles.

  • MSSQL for Pentester: Hashing
    par Raj Chandel le 20 septembre 2021 à 20 h 44 min

    In this article, we will learn about multiple ways to get hashes of MSSQL users. Every version of MSSQL has different hashes. We have performed our practical on SQL Server 2016 version. Once we find the hashes, we will use JohnTheRipper to crack them. Table of Content Introduction to Hashing The post MSSQL for Pentester: Hashing appeared first on Hacking Articles.

  • MSSQL for Pentester: Stored Procedures Persistence
    par Raj Chandel le 13 septembre 2021 à 5 h 42 min

    In this article, we will learn one of many ways to gain persistence in SQL servers.  This article is an addition to our MSSQL for Pentesters series. Gaining persistence is one of the significant steps when performing Red Team operations. And when performing such operations on MSSQL, there are possibilities The post MSSQL for Pentester: Stored Procedures Persistence appeared first on Hacking Articles.

RSS - Actualité CNIL.fr Fil RSS des actualités de la Commission Nationale de L'Informatique et des Libertés (CNIL)


Internet Society Working for an Internet that is open, globally connected, and secure.

  • At the 2021 Asia-Pacific Community Networks Summit: Innovating Policymaking to Connect the Unconnected
    par Rajnesh Singh le 22 septembre 2021 à 17 h 22 min

    Asia-Pacific, home to over half the world’s population, is the largest and most diverse region of the globe. Four of its countries (China, India, Indonesia, Japan) also account for more than half of the world’s mobile subscriber base. Yet a significant part of the population remains unconnected. The current global pandemic has made the role The post At the 2021 Asia-Pacific Community Networks Summit: Innovating Policymaking to Connect the Unconnected appeared first on Internet Society.

  • The Week in Internet News: Internet Service Through Beams of Light
    par Grant Gross le 20 septembre 2021 à 14 h 36 min

    Light speed Internet: The BBC has a story about an Alphabet X (formerly Google X) project to provide Internet service through wireless optical communications. Project Taara is focusing on fixing a “particularly stubborn connectivity gap” between African cities Brazzaville in the Republic of the Congo and Kinshasa in the Democratic Republic of Congo. The cities The post The Week in Internet News: Internet Service Through Beams of Light appeared first on Internet Society.

  • New MANRS Equipment Vendor Program Launched To Improve Internet Routing Security
    par Andrei Robachevsky le 15 septembre 2021 à 22 h 01 min

    Today, we’re announcing a new MANRS Equipment Vendor Program. Founding participants include global leaders in network equipment Arista, Cisco, Huawei, Juniper, and Nokia, with others expected to join soon. Since 2014, the Mutually Agreed Norms for Routing Security (MANRS) initiative has grown to include three programs, each contributing to routing security in its own way. The post New MANRS Equipment Vendor Program Launched To Improve Internet Routing Security appeared first on Internet Society.


Security.NL maakt Nederland veilig Security.NL maakt Nederland veilig


Naked Security Computer Security News, Advice and Research


Security Weekly Security Market Validation

  • Building a More Secure AppDev Process
    par Bill Brenner le 20 septembre 2021 à 20 h 52 min

    Enterprises that integrate security testing into their CI/CD pipeline fix 91.4 percent of new issues, according to a progress report from ShiftLeft. Recent software supply chain attacks illustrate the growing risks businesses, their partners, and customers face. But a recent report suggests better outcomes for those who put security at the heart of app development. Data from The post Building a More Secure AppDev Process appeared first on Security Weekly.

  • Web App and API Security Needs to Be Modernized: Here’s How
    par Bill Brenner le 31 août 2021 à 22 h 25 min

    Applications are critical for doing business. They are also the weakest links in many an organization’s security chain. Many APIs continue to expose the personally identifiable information of customers, employees and contractors. As OWASP (Open Web Application Security Project) notes on its API Security Project homepage: “By nature, APIs expose application logic and sensitive data The post Web App and API Security Needs to Be Modernized: Here’s How appeared first on Security Weekly.

  • How The Best Defense Gets Better: Part 2
    par Bill Brenner le 5 août 2021 à 19 h 21 min

    For many enterprises, incident response is an exercise in chaos. Security teams scramble to figure out how a data breach happened and crash into brick walls as they try to collect information from different departments that are often siloed from everyone else. It doesn’t have to be that way. Advanced security teams have learned that The post How The Best Defense Gets Better: Part 2 appeared first on Security Weekly.


  • Hello world!
    par liquidmatrix le 28 novembre 2015 à 23 h 35 min

    Welcome to WordPress. This is your first post. Edit or delete it, then start writing!


  • Blind ROP ARM - ECSC Préquals 2019 - Secure Vault - Writeup
    par Geluchat le 22 mai 2019 à 16 h 00 min

    Dans le cadre des préqualifications de l'ECSC, j'ai eu l'occasion de tester un challenge original dans la catégorie pwn : le challenge Secure Vault. La mention "aucun binaire n'est fourni avec ce challenge" nous indique que le challenge va être intéressant ! Pour commencer, on se connecte au challenge : root@Miaou:/# nc …

  • Exploitation d'un programme 64 bits sous Windows 10
    par Geluchat le 15 mai 2018 à 12 h 30 min

    Introduction Lorsque l'on débute dans le domaine de l'exploitation de binaire, notre choix se tourne le plus souvent vers Linux. En effet, beaucoup de challenges ont été développés sous Linux et la documentation sur l'exploitation Linux ne manque pas. Néanmoins, créer des exploits pour Linux n'a pas le même impact …

  • Les Server Side Request Forgery : Comment contourner un pare-feu
    par Geluchat le 15 septembre 2017 à 22 h 40 min

    Qu'est ce que les Server Side Request Forgery ? Les Server Side Request Forgery, ou en abrégé SSRF, sont des vulnérabilités Web permettant de lire des fichiers sur le serveur local. Il ne faut pas les confondre avec les CSRF (Cross Site Request Forgery), qui, elles, ont pour but l'exécution d'une …


IT Security Guru The Site for our Community

  • Section 889: the US Regulation that extends far beyond the US
    par Guru Writer le 17 septembre 2021 à 9 h 20 min

    One of the largest security threats that countries face is the breach of sensitive government systems and data. With the world constantly developing and undergoing digital transformation, the devices we all rely on for both our personal and work lives are increasingly manufactured in countries considered potentially or even actively hostile toward our national interests. The U.S. The post Section 889: the US Regulation that extends far beyond the US appeared first on IT Security Guru.

  • Security Serious: Organizers aim to set new Guinness World Records® title for Viewership of an Online Security Lesson
    par Guru Writer le 16 septembre 2021 à 14 h 51 min

    Cybersecurity companies KnowBe4 and OneLogin have partnered with Security Serious in a bid to set a brand new Guinness World Records title for the Most views of a cyber security lesson video on YouTube in 24 hours. The record will be attempted on the 14th of October 2021, during European Cybersecurity Awareness Month and Security Serious Week, with the video available to view The post Security Serious: Organizers aim to set new Guinness World Records® title for Viewership of an Online Security Lesson appeared first on IT Security Guru.

  • Desiree Lee appointed as new CTO for Data at Armis
    par Guru Writer le 16 septembre 2021 à 14 h 44 min

    Armis, the unified asset visibility and security platform provider, has announced Desiree Lee as its new Chief Technology Officer (CTO) for Data, reporting directly to Nadir Izrael, co-founder and Global CTO at Armis. Lee’s appointment, the company says, reinforces its strategic commitment to ensuring total visibility of all assets and devices in its customers’ eco-systems. The post Desiree Lee appointed as new CTO for Data at Armis appeared first on IT Security Guru.


    Feed has no items.

    Feed has no items.

CERT-FR Centre gouvernemental de veille, d'alerte et de réponse aux attaques informatiques