■■□□□ RISC-V Instruction-Set Cheatsheet (Overview of the RV32I base instruction-set of RISC-V processors including an comparison with the AVR instruction-set). https://itnext.io/risc-v-instruction-set-cheatsheet-70961b4bbe8 RISC-V Instruction-Set: https://blog.translusion.com/images/posts/RISC-V-cheatsheet-RV32I-4-3.pdf (pdf) https://t.me/cKure/11527
All posts by cK-bot
June 25, 2022 at 11:17PM
■■■■□ HTTPLoot: An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and “loot” secrets out of the client-facing code of sites. https://github.com/redhuntlabs/HTTPLoot https://t.me/cKure/11526
June 25, 2022 at 11:16PM
■■■□□ This repo contains information about EDRs that can be useful during red team exercise. https://github.com/Mr-Un1k0d3r/EDRs https://t.me/cKure/11524
June 25, 2022 at 11:06PM
Spyware: The curious tale of a fake Carrier.app targeting users from Italy and Kazakhstan https://googleprojectzero.blogspot.com/2022/06/curious-case-carrier-app.html https://t.me/cKure/11523
June 25, 2022 at 10:55PM
■■■■■ Zero-Day: Cybersecurity researchers have detailed a recently patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution. Tracked as CVE-2022-25845 (CVSS score: 8.1), the issue relates to a case of deserialization of untrusted data in a supported feature called “AutoType.” It was patched by the…
June 25, 2022 at 01:57PM
■■■■■ Good bye to XSS. // this is safe by default document.body.setHTML(‘unsafe HTML here’) Firefox: about:config#dom.security.sanitizer.enabled Chrome: chrome://flags#enable-experimental-web-platform-features More info here: https://wicg.github.io/sanitizer-api/#dom-element-sethtml https://t.me/cKure/11521
June 24, 2022 at 09:26AM
■■■■□ An OOB interaction gathering server and client library. https://github.com/projectdiscovery/interactsh https://t.me/cKure/11520
June 24, 2022 at 12:39AM
■■□□□ Data-Leak: Conti breached around 40 organisations last month and even created a site for employees to search through the data. https://t.me/cKure/11519
June 23, 2022 at 11:27AM
■■■□□ A threat actor has leaked 800GB of data from Bahra cables company and Electric house, a Saudi Arabian company. The companies serve the needs of many industrial companies engaged in real estate construction, electric utilities, transport, petrochemical and marine industries. The threat actor published some samples in his onion blog. https://t.me/cKure/11518
June 22, 2022 at 12:34PM
■■■□□ New DFSCoerce NTLM Relay attack allows Windows domain takeover. https://www.bleepingcomputer.com/news/microsoft/new-dfscoerce-ntlm-relay-attack-allows-windows-domain-takeover/ https://t.me/cKure/11517