All posts in Uncategorized

■□□□□ CA/Browser Forum has approved a proposal to reduce the maximum validity of SSL/TLS certificates from the current 398 days to just 47 days by 2029. SSL/TLS Certificates Validity To Be Reduced From 398 Days to 47 Days

📝Bash script to find backdoors in FortiNet based on public IoC and symlinks. #!/bin/bash logfile=”check.txt” echo “[*] Backdoor Check Started: $(date)” > “$logfile” pause() { echo read -p “[Press Enter to continue to next step…]” echo } stage() { echo “==> $1” echo -e “\n==> $1” >> “$logfile” } # Stage 1: Check suspicious symlinks…

■□□□□ German state ditches Windows, Microsoft Office for Linux and LibreOffice. https://www.theregister.com/2024/04/04/germanys_northernmost_state_ditches_windows/

■■■■□ White House release on COVID-19 origins. 🦠 https://www.whitehouse.gov/lab-leak-true-origins-of-covid-19/

■■■■■ SIM hacking: Proactive commands. https://youtu.be/2ou_MxSmiVhttps://youtu.be/2ou_MxSmiVo https://docs.google.com/presentation/d/1rr9i5y9IzNo4tO0YLGBz-blq1aHc9lKHI1NVTW1qe2w/mobilepresent?slide=id.g2af615a6ba7_0_4

■■■■□ In a hearing last week, an NSO Group lawyer said that Mexico, Saudi Arabia, and Uzbekistan were among the governments responsible for a 2019 hacking campaign against WhatsApp users. This is the first time representatives of the spyware maker admit who its customers are.

🔤 SQLMap from Waybackurls. waybackurls target | grep -E ‘\bhttps?://\S+?=\S+’ | grep -E ‘\.php|\.asp’ | sort -u | sed ‘s/\(=[^&]*\)/=/g’ | tee urls.txt | sort -u -o urls.txt && cat urls.txt | xargs -I{} sqlmap –technique=T –batch -u “{}” Credits: Zlatan H

■■□□□ Ponpompurin: The tale.

■□□□□ CVE platform MITRE may go dark if the funding is stopped.

■■■□□ GARUDA: An Android Security Framework https://github.com/kikyps/GarudaDefender