Telegram-канал "exploit.org" — @exploitorg

exploit.org

8 Apr, 15:01

SECURITY ALERT ⚠️

Possible RCE was detected in Telegram's media processing on Windows platform.
This issue expose users to malicious attacks through specially crafted media files, such as images or videos.

For security reasons disable auto-download feature. Please follow these steps:
1. Go to Settings.
2. Tap on Data and Storage.
3. Under the Automatic Media Download section, disable auto-download for "Photos", "Videos", and "Files" across all network types (Mobile Data, Wi-Fi, and Roaming).

182 56 20 9 7

exploit.org

8 Apr, 13:00

Pivoting is one of the post-exploitation processes where an attacker tries to expand its presence in the network infrastructure. In this article, I will demonstrate a method of pivoting on Linux using TailScale to get into the internal infrastructure

Caster - Defect VIP

https://blog.exploit.org/defectvip

54 0 0 4

exploit.org

7 Apr, 15:58

Pivoting is one of the stages of post-exploitation, in a sense it is extreme network administration. In my article I will demonstrate pivoting on Windows using TailScale

Caster - Defect

https://blog.exploit.org/defect

53 0 1 3

exploit.org

7 Apr, 01:40

Everything Lit: Ways to achieve UEFI persistence.

Just one view of "extreme" techniques. Imagination and knowledge is all you need!

https://blog.exploit.org/everything-lit/

56 0 1 5

exploit.org

25 Mar, 10:45

Pivoting against Windows is a fairly complex post-exploitation process. In this article I will demonstrate my new method of link layer pivoting using SoftEther and without a virtual machine

Caster — Witchhammer

https://blog.exploit.org/witchhammer

95 0 1 2

exploit.org

7 Mar, 18:45

New version of Above v2.5 sniffer

+ The tool now handles all frames and packets in the air
+ New 5 protocols support: EAPOL, ARP, IGMP, DHCP, ICMPv6
+ New visual output of packets
+ Completely rewritten and simplified code, removed threads, removed dependency on pcap_analyzer
+ Fixed code for some protocols for error handling

https://github.com/casterbyte/Above/releases/tag/v2.5

Release Above v2.5 (Codename: Ayrton Senna) · casterbyte/Above

The tool now handles all frames and packets in the air New 5 protocols support: EAPOL, ARP, IGMP, DHCP, ICMPv6 New visual output of packets Completely rewritten and simplified code, removed threads...

149 0 2 6

exploit.org

7 Mar, 18:13

Beyond the Code: Exposing in Disguise

In this article we will review the usage of such techniques as TLS (JA3) Fingerprinting, HTTP/2 Fingerprinting in a use case of malicious client detection.

https://blog.exploit.org/exposing-in-disguise/

125 0 2 7

exploit.org

3 Mar, 22:46

NetArmor v1.1 released

+ Fixed ClientHello packet detection in TLS Fingerprinting

+ Advanced HTTP/2 Fingerprinting according to Akamai's White Paper

+ JDK 11 and upper support

+ ALPN support in Reactor Netty Provider

Github

129 0 2 9

exploit.org

18 Feb, 23:07

Beyond the Code: Art of AppSec in Java: Part 1

Master your knowledge of application security, follow best practices and become stronger with us.

https://blog.exploit.org/java-appsec/

183 0 0 3

exploit.org

18 Feb, 22:40

Release of an article on the experimental vector of pivoting against Windows

Caster - Windows Nightmare

https://blog.exploit.org/windows-nightmare

161 0 0

Почему вы не набираете подписчиков?

Бесплатный онлайн интенсив, 3 урока!

Надо было вчера

exploit.org

Гео и язык канала

Категория

exploit.org

exploit.org

exploit.org

exploit.org

exploit.org

exploit.org

exploit.org

exploit.org

exploit.org

exploit.org

44

Язык сайта

Почему вы не набираете подписчиков?

Бесплатный онлайн интенсив, 3 урока!

Надо было вчера

exploit.org

Гео и язык канала

Категория

44