@PentestingN profile picture
Pentesting News @PentestingN
Joined November 2021
  • Tweets 12,993
  • Following 1
  • Followers 5,280
8,156 Photos and videos
Pentesting News retweeted
HackGit@hack_git
20 May 2024
Castrick An #OSINT SaaS platform offering powerful email, username, and phone lookup tools. Empowering users to effortlessly gather and analyze open-source intelligence. castrickclues.com/ #cybersecurity #infosec @castrickclues
15
59
8,281
Coyote: A multi-stage banking Trojan abusing the Squirrel installer securelist.com/coyote-multi-…

Coyote: A multi-stage banking Trojan abusing the Squirrel installer

We will delve into the workings of the infection chain and explore the capabilities of the new Trojan that specifically targets users of more than 60 banking institutions, mainly from Brazil.

securelist.com
2
6
2,519
Bypassing EDR Hooks Part 1 - An Introduction to Bypassing User Mode EDR Hooks malwaretech.com/2023/12/an-i… Part 2 - Silly EDR Bypasses and Where To Find Them malwaretech.com/2023/12/sill…

An Introduction to Bypassing User Mode EDR Hooks

Understanding the basics of user mode EDR hooking, common bypass techniques, and their limitations.

malwaretech.com
1
4
1,913
Characterization and Detection of Cross-Router Covert Channels github.com/orenshva/Characte…

GitHub - orensv/Characterization-and-Detection-of-Cross-Router-Covert-Channels: This repository...

This repository includes the source code used in the "Characterization and Detection of Cross-Router Covert Channels" paper. - orensv/Characterization-and-Detection-of-Cross-Route...

github.com
3
2
997
CVE-2023-4427 Out of bounds memory access in V8 github.com/tianstcht/CVE-202… #cve #cybersecurity #infosec

GitHub - tianstcht/CVE-2023-4427

Contribute to tianstcht/CVE-2023-4427 development by creating an account on GitHub.

github.com
1
1
892
CVE-2023-43261 Milesight IoT router UR5X, UR32L, UR32/35/41 Credential Leakage packetstormsecurity.com/file… #cve #cybersecurity #infosec
1
2
749
CVE-2023-5178 NVMe-oF TCP vulnerability github.com/rockrid3r/CVE-202… #cve #cybersecurity #infosec
2
3
647
New features of the Raspberry Robin worm research.checkpoint.com/2024…

Raspberry Robin Keeps Riding the Wave of Endless 1-Days - Check Point Research

Key Findings Introduction Raspberry Robin is a widely distributed worm first reported by Red Canary in 2021. Its capabilities and evasions in addition to its very active distribution made it one of...

research.checkpoint.com
2
1
460
Conditional Love for AWS Metadata Enumeration blog.plerion.com/conditional…
2
1
410
Spinning Webs - Unveiling Arachne for Web Shell C2 posts.specterops.io/spinning…

Blog

Your new best friend: Introducing BloodHound Community Edition!

specterops.io
2
1
426
Java applet serialization in 2024! What could go wrong? security.humanativaspa.it/ja…
2
1
348
Pwning the Domain: Credentialess/Username hadess.io/pwning-the-domain-…

Pwning the Domain: Credentialess/Username - HADESS

Reconnaissance Reconnaissance is an important step when engaging in a red teaming/penetration testing assessment. It may provide you the information you need later on while it may not seem so...

hadess.io
1
2
356
MediaTek WLAN Driver Memory Corruption packetstormsecurity.com/file…
1
2
371
HTTP Downgrade attacks with SmuggleFuzz moopinger.github.io/blog/smu…

HTTP Downgrade attacks with SmuggleFuzz

Place to store my thoughts on all things information-security related. Hopefully you find something of interest. Ramblings are my own. Charlton Smith

moopinger.github.io
2
2
316
Secure Code Review: Finding XML vulnerabilities in Code​ muqsitbaig.com/blog/security…
3
2
314
Exploiting a vulnerable Minifilter Driver to create a process killer antonioparata.blogspot.com/2…
1
1
341
HijackLoader Expands Techniques to Improve Defense Evasion crowdstrike.com/blog/hijackl…
2
1
383
Puckungfu 2: Another NETGEAR WAN Command Injection research.nccgroup.com/2024/0…

Cyber Security Research

Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.

nccgroup.com
2
1
571
JSON Smuggling: A far-fetched intrusion detection evasion technique grimminck.medium.com/json-sm…

JSON Smuggling: A far-fetched intrusion detection evasion technique

TL:DR Insignificant whitespaces in the JSON standard can be used to encode data without breaking the format. This could aid malicious…

grimminck.medium.com
1
2
2
1,234
Tumblr Subdomain Takeover infosecwriteups.com/tumblr-s…

Tumblr Subdomain Takeover

Write up about how I successfully took over the subdomain of an Tumblr blog.

infosecwriteups.com
1
1
1,284
Load more