171 private links
Avec nos bug bounties, c’est précisément ce que nous faisons : vous vendre les bugs de sécurité présents dans votre IT, selon une fourchette de prix que vous avez vous-même déterminée.
Si vous comparez ce modèle économique avec les campagnes de pentesting classiques de votre fournisseur de service habituel, notre proposition est déroutante, mais elle est simple et évidente.
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
For the people not familiar with challenge sites, a challenge site is mainly a site focussed on offering computer-related problems. Users can register at such a site and start solving challenges. There exist lots of different challenge types.
Commix (short for [comm]and [i]njection e[x]ploiter) has a simple environment and it can be used, from web developers, penetration testers or even security researchers to test web applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or string. Commix is written in Python programming language.
wiki de la communauté Zenk-Security
Repositories, Challenges, Writeups, Audit, Technique, ...
PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment. PowerSploit is comprised of the following modules and scripts:
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security, penetration testing and red teaming. Nishang is useful during all phases of penetration testing.
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples.
With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns.
Each description, a.k.a rule, consists of a set of strings and a boolean expression which determine its logic.
captf.com / capture.thefl.ag
This site is primarily the work of psifertex since he needed a dump site for a variety of CTF material and since many other public sites documenting the art and sport of Hacking Capture the Flag events have come and gone over the years.
© 2004 - 2015 (SHS) Secret Hackers Society
"Wise men don't need advice. Fools won't take it." ~ Benjamin Franklin
My name is Essa Alkuwari. I'm from Qatar. I rarely write in here. I play CTFs with DefConUA.
Currently studying BSCS in the U.S. and certified in the following courses: OSCE, OSCP, OSWP, Linux+, LPIC-{1,2}, Novell CLA, Novell DCTS, ..., and some other shit certs I can't even remember.
Some contributions I’ve made to the community include the Brainpan challenges, and handful of exploits. I also participate in CTF events as a member of the VulnHub CTF Team.
Computer Security, Incident Response, Forensics, Malware and Cybercrime
This Website Contains Information On IT Security Inclusive Are Standards/Policies/Procedures/Advisories/Exploits/Vulns/Countermeasures/ reverse engineering/Privacy Etc., , Risk Analysis & Governance Spanning Multiple Industries, And Finally Research Papers Written By Myself or others On A Multitude Of Subjects.. Enter a search and you shall find almost any topic on security.
Threat Research and Response
This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).
Podcast dédié à la cyber sécurité
Cross-site scripting (XSS) attacks, for example, bypass the same origin policy by tricking a site into delivering malicious code along with the intended content. This is a huge problem, as browsers trust all of the code that shows up on a page as being legitimately part of that page’s security origin.
HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications.
Offres d’Emploi Securité & Missions en Sécurité.