Habr<p>Начинаем в багбаунти: топ-10 (или нет?) инструментов для профессионального похека</p><p>Привет, Хабр! На связи Сергей Зыбнев aka poxek. Начинал свой путь в багбаунти как сисадмин, потом заведовал WAF'ами в МТС, затем несколько пентестерских компаний, а теперь работаю в Бастионе и профессионально ломаю то, что раньше защищал. Последние четыре года веду Telegram-канал Похек , где рассказываю про найденные уязвимости и про то, как можно было предотвратить их эксплуатацию. В этой статье — главные инструменты для поиска уязвимостей, которые я использую в ежедневной работе. Это не подборка ради подборки: для каждого инструмента приведу пример из собственной практики, чтобы было понятно, где и как их применять. Если хотите понять, какие инструменты выбрать и как эффективно применять их в реальных пентестах — добро пожаловать под кат!</p><p><a href="https://habr.com/ru/companies/pt/articles/929628/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">habr.com/ru/companies/pt/artic</span><span class="invisible">les/929628/</span></a></p><p><a href="https://zhub.link/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://zhub.link/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://zhub.link/tags/bugbounty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bugbounty</span></a> <a href="https://zhub.link/tags/%D1%81%D0%B7%D0%B8" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>сзи</span></a> <a href="https://zhub.link/tags/%D0%B1%D0%B0%D0%B3%D0%B1%D0%B0%D1%83%D0%BD%D1%82%D0%B8" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>багбаунти</span></a> <a href="https://zhub.link/tags/%D0%BF%D0%B5%D0%BD%D1%82%D0%B5%D1%81%D1%82" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>пентест</span></a> <a href="https://zhub.link/tags/%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F_%D1%82%D0%B5%D1%81%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>автоматизация_тестирования</span></a> <a href="https://zhub.link/tags/%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F_%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>информационная_безопасность</span></a></p>
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software.
If you wish to join, contact us for an invite.
Administered by:
Server stats:
8.8Kactive users
fosstodon.org: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.2
#pentest
7 posts · 7 participants · 1 post today
nickbearded<p>Where TX shines 💥<br>TX outperformed Kali and X on the most relevant real-world hashes:</p><p>🔐 WPA2<br>💻 NTLM<br>🧱 SHA2-256<br>📦 ZIP AES<br>🧊 BitLocker</p><p>These are the hashes that matter, and TX crushes them.<br>No fluff. No noise. Just raw cracking power 👊</p><p><a href="https://mastodon.social/tags/hashcat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hashcat</span></a> <a href="https://mastodon.social/tags/bashcore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bashcore</span></a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://mastodon.social/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://mastodon.social/tags/benchmark" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>benchmark</span></a> <a href="https://mastodon.social/tags/BashCoreTX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BashCoreTX</span></a> <a href="https://mastodon.social/tags/Kali" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kali</span></a></p>
r1cksec<p>Seamless remote browser session control demonstrating the impact of XSS without the need for stealing cookies (weaponized adaptation of the OpenReplay project)🕵️♂️</p><p><a href="https://github.com/EgeBalci/evilreplay" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/EgeBalci/evilreplay</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/xss" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>xss</span></a></p>
Redhotcyber<p>🔥 CORSO "ACTIVE DIRECTORY PENETRATION TEST". APERTE LE PRE ISCRIZIONI E AVVIATA LA PROMO🔥</p><p>💥OFFERTA ESCLUSIVA entro il 31 AGOSTO! -15% sul prezzo già scontato del corso (in quanto è la prima live class su questo argomento) a chi effettua la pre-iscrizione entro l 31 di Agosto!</p><p>Informazioni di dettagli del corso: 📩 Per info e iscrizioni scrivi a formazione@redhotcyber.com oppure su WhatsApp al 393791638765 <a href="https://www.redhotcyber.com/servizi/academy/live-class-active-directory-ethical-hacking/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redhotcyber.com/servizi/academ</span><span class="invisible">y/live-class-active-directory-ethical-hacking/</span></a></p><p>📩 Per info e iscrizioni scrivi a formazione@redhotcyber.com oppure su WhatsApp al 393791638765</p><p>🔥 Diventa un ethical hacker professionista ora! Non perdere tempo!</p><p><a href="https://mastodon.bida.im/tags/redhotcyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redhotcyber</span></a> <a href="https://mastodon.bida.im/tags/formazione" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>formazione</span></a> <a href="https://mastodon.bida.im/tags/formazioneonline" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>formazioneonline</span></a> <a href="https://mastodon.bida.im/tags/ethicalhacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ethicalhacking</span></a> <a href="https://mastodon.bida.im/tags/hacker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacker</span></a> <a href="https://mastodon.bida.im/tags/activedirectory" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>activedirectory</span></a> <a href="https://mastodon.bida.im/tags/microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>microsoft</span></a> <a href="https://mastodon.bida.im/tags/ethicalhacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ethicalhacking</span></a> <a href="https://mastodon.bida.im/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.bida.im/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://mastodon.bida.im/tags/penetrationtesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>penetrationtesting</span></a> <a href="https://mastodon.bida.im/tags/corsoonline" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>corsoonline</span></a> <a href="https://mastodon.bida.im/tags/corsodiformazione" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>corsodiformazione</span></a> <a href="https://mastodon.bida.im/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.bida.im/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a></p>
r1cksec<p>Find, analyze, and check for exposed IP cameras with open ports, known vulnerabilities, and weak login credentials🕵️♂️</p><p><a href="https://github.com/spyboy-productions/CamXploit" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/spyboy-productions/</span><span class="invisible">CamXploit</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
r1cksec<p>Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking🕵️♂️</p><p><a href="https://github.com/rtecCyberSec/SpeechRuntimeMove" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/rtecCyberSec/Speech</span><span class="invisible">RuntimeMove</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
Who Let The Dogs Out 🐾<p>Наручный деаутентификатор WiFi сетей DSTIKE</p><p><a href="https://mastodon.ml/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://mastodon.ml/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.ml/tags/wristband" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wristband</span></a> <a href="https://mastodon.ml/tags/deauthingattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deauthingattack</span></a> </p><p>Гаджет основан на небезызвестной ESP8266 и обвеса в виде дисплея, кнопок, аккумулятора, RGB индикатора режима работы и прочих компонентов. Для тех кто дружит с ардуино, вот [исходники](<a href="https://github.com/SpacehuhnTech/esp8266_deauther" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/SpacehuhnTech/esp82</span><span class="invisible">66_deauther</span></a>), а вот [официальный сайт автора](<a href="https://spacehuhn.com/#projects" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">spacehuhn.com/#projects</span><span class="invisible"></span></a>).</p><p>Этот деаутентификатор работает на программном уровне. Он реализует атаку типа «отказ в обслуживании», отправляя на роутер фрейм деаутентификации от имени подключенных к сети устройств. Поскольку этот фрейм никак не шифруется, устройству достаточно узнать MAC-адреса устройств, поснифав трафик в сети.<br>Обычно деаутентификация — это часть комплексной атаки на сеть. Она используется при создании «злого двойника» точки доступа либо для перехвата хендшейка, что затем позволяет расшифровать пароль.</p><p><a href="https://youtu.be/TPFs4mueUtk" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/TPFs4mueUtk</span><span class="invisible"></span></a></p><p><a href="https://mysku.club/blog/china-stores/76881.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mysku.club/blog/china-stores/7</span><span class="invisible">6881.html</span></a></p>
r1cksec<p>An article that describes how access to a Confluence database with read and insert privilege can be used to create a rogue token for any user🕵️♂️</p><p><a href="https://blog.quarkslab.com/a-story-about-confluence-and-tokens.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.quarkslab.com/a-story-abo</span><span class="invisible">ut-confluence-and-tokens.html</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/confluence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>confluence</span></a></p>
Neo-ainmichte<p><span>Hey folks,<br><br>Decided it was time for a fresh alias, so here’s my </span><a href="https://calckey.world/tags/introduction" rel="nofollow noopener" target="_blank">#introduction</a><span>. I’m a creatively driven fellow with a passion for privacy, cybersecurity, Linux, and free and open source software. I enjoy gaming, creative writing, and technology—the latter of which inspired me to pursue cybersecurity and system administration.<br><br>I embarked on this journey around the start of the pandemic, when the sudden surplus of free time gave me the opportunity to try Manjaro, a distribution of Linux based on Arch. With the release of the Steam Deck, I moved over to NixOS, which I’ve been using ever since while studying cybersecurity in higher education.<br><br>The majority of my posts will be set to follower-only, so feel free to throw a follow my way if anything of mine has piqued your curiosity at all.<br><br>Look forward to interacting with you all in the future! ^^<br><br></span><b>Tags:</b> <a href="https://calckey.world/tags/privacy" rel="nofollow noopener" target="_blank">#privacy</a>, <a href="https://calckey.world/tags/cybersecurity" rel="nofollow noopener" target="_blank">#cybersecurity</a>, <a href="https://calckey.world/tags/cybersec" rel="nofollow noopener" target="_blank">#cybersec</a>, <a href="https://calckey.world/tags/hacker" rel="nofollow noopener" target="_blank">#hacker</a>, <a href="https://calckey.world/tags/pentest" rel="nofollow noopener" target="_blank">#pentest</a>, <a href="https://calckey.world/tags/pentester" rel="nofollow noopener" target="_blank">#pentester</a>, <a href="https://calckey.world/tags/infosec" rel="nofollow noopener" target="_blank">#infosec</a>, <a href="https://calckey.world/tags/linux" rel="nofollow noopener" target="_blank">#linux</a>, <a href="https://calckey.world/tags/foss" rel="nofollow noopener" target="_blank">#foss</a>, <a href="https://calckey.world/tags/gaming" rel="nofollow noopener" target="_blank">#gaming</a>, <a href="https://calckey.world/tags/creativewriting" rel="nofollow noopener" target="_blank">#creativewriting</a>, <a href="https://calckey.world/tags/writing" rel="nofollow noopener" target="_blank">#writing</a>, <a href="https://calckey.world/tags/technology" rel="nofollow noopener" target="_blank">#technology</a>, <a href="https://calckey.world/tags/sysadmin" rel="nofollow noopener" target="_blank">#sysadmin</a>, <a href="https://calckey.world/tags/archlinux" rel="nofollow noopener" target="_blank">#archlinux</a>, <a href="https://calckey.world/tags/steamdeck" rel="nofollow noopener" target="_blank">#steamdeck</a>, <a href="https://calckey.world/tags/nix" rel="nofollow noopener" target="_blank">#nix</a>, <a href="https://calckey.world/tags/nixOS" rel="nofollow noopener" target="_blank">#nixOS</a>.</p>
Tanya Janca | SheHacksPurple :verified: :verified:<p>🎥 Missed one of my past conference talks? Let’s fix that.</p><p>I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.</p><p>“DIY Azure Security Assessment" - with Teri Radichel<br>📽️ <a href="https://twp.ai/4iodU5" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">twp.ai/4iodU5</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/SecurityAwareness" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityAwareness</span></a> <a href="https://infosec.exchange/tags/azure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>azure</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a></p>
r1cksec<p>C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral movements, pivot and more🕵️♂️ </p><p><a href="https://github.com/MythicAgents/Kharon" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/MythicAgents/Kharon</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
Chema Alonso :verified:<p>El lado del mal - Hacking & Pentesting con Inteligencia Artificial. Nuestro nuevo libro en 0xWord <a href="https://www.elladodelmal.com/2025/07/hacking-pentesting-con-inteligencia.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">elladodelmal.com/2025/07/hacki</span><span class="invisible">ng-pentesting-con-inteligencia.html</span></a> <a href="https://ioc.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://ioc.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> <a href="https://ioc.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentest</span></a> <a href="https://ioc.exchange/tags/IA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IA</span></a> <a href="https://ioc.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://ioc.exchange/tags/libro" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>libro</span></a> <a href="https://ioc.exchange/tags/0xWord" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>0xWord</span></a></p>
kingthorin_rm<p>Time for <a href="https://infosec.exchange/tags/WednesdayWins" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WednesdayWins</span></a>. Let's hear your stories everyone. Big or small.</p><p>I don't even have one to share right now, so I could really use a pick-me-up from hearing others.</p><p><a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://infosec.exchange/tags/BugBounty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BugBounty</span></a> <a href="https://infosec.exchange/tags/PenTest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenTest</span></a></p>
r1cksec<p>How to use Chrome Remote Desktop for Red Team operations (require local administrator privileges)🕵️♂️ </p><p><a href="https://trustedsec.com/blog/abusing-chrome-remote-desktop-on-red-team-operations-a-practical-guide" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">trustedsec.com/blog/abusing-ch</span><span class="invisible">rome-remote-desktop-on-red-team-operations-a-practical-guide</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a></p>
Bill<p>Here's a new-to-me password spray tool that looks a hell of a lot more functional that Burp Intruder.</p><p><a href="https://github.com/blacklanternsecurity/TREVORspray" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/blacklanternsecurit</span><span class="invisible">y/TREVORspray</span></a></p><p><a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authorization</span></a></p>
LMG Security<p>How do attackers go from file shares to full domain admin access without ever stealing a password? In this real-world case study, we'll share how a single misconfiguration opened the door to a full network compromise, and how our <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> team exploited hidden file shares (with that sneaky $ at the end) to uncover sensitive data most IT teams don’t realize is exposed. </p><p>We'll share:<br>• How attackers exploit hidden file shares<br>• Why misconfigured Windows Deployment Services are a major risk<br>• The exact relay attack path that led to domain dominance<br>• What red flags to look for in your environment</p><p>Watch: <a href="https://youtu.be/78L2Zz2Ttbs" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/78L2Zz2Ttbs</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/PenetrationTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenetrationTesting</span></a> <a href="https://infosec.exchange/tags/DomainAdmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DomainAdmin</span></a> <a href="https://infosec.exchange/tags/NetworkSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetworkSecurity</span></a> <a href="https://infosec.exchange/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> <a href="https://infosec.exchange/tags/LMGSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LMGSecurity</span></a> <a href="https://infosec.exchange/tags/RedTeam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RedTeam</span></a> <a href="https://infosec.exchange/tags/ITSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITSecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISO</span></a></p>
r1cksec<p>Scan for secrets in dangling commits on GitHub using GH Archive data🕵️♂️ </p><p><a href="https://github.com/trufflesecurity/force-push-scanner" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/trufflesecurity/for</span><span class="invisible">ce-push-scanner</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/git" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>git</span></a></p>
r1cksec<p>A good overview of windows coercion techniques🕵️♂️</p><p><a href="https://blog.redteam-pentesting.de/2025/windows-coercion" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.redteam-pentesting.de/202</span><span class="invisible">5/windows-coercion</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>windows</span></a></p>
r1cksec<p>Kingfisher is a fast tool for scanning secrets (forked from Nosey Parker - extends with live secret validation via cloud APIs, augments regex detection and adds GitLab support)🕵️♂️ </p><p><a href="https://github.com/mongodb/kingfisher" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/mongodb/kingfisher</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/github" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>github</span></a> <a href="https://infosec.exchange/tags/git" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>git</span></a></p>
Habr<p>[Перевод] Обходим CSP nonce через дисковый кеш браузера</p><p>Эта статья описывает изощренную технику обхода Content Security Policy (CSP) на основе nonce-значений через эксплуатацию механизмов кеширования браузера. Автор демонстрирует, как комбинация CSS-инъекций, CSRF-атак и особенностей работы bfcache и дискового кеша может привести к выполнению произвольного JavaScript-кода даже при наличии строгой CSP.</p><p><a href="https://habr.com/ru/articles/926614/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">habr.com/ru/articles/926614/</span><span class="invisible"></span></a></p><p><a href="https://zhub.link/tags/bugbounty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bugbounty</span></a> <a href="https://zhub.link/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://zhub.link/tags/web" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>web</span></a> <a href="https://zhub.link/tags/csp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>csp</span></a> <a href="https://zhub.link/tags/xss" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>xss</span></a> <a href="https://zhub.link/tags/csrf" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>csrf</span></a> <a href="https://zhub.link/tags/css" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>css</span></a> <a href="https://zhub.link/tags/nonce" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nonce</span></a> <a href="https://zhub.link/tags/%D1%80%D0%B0%D0%B7%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B0" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>разработка</span></a> <a href="https://zhub.link/tags/%D1%81%D0%B0%D0%B9%D1%82" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>сайт</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload