Переводы статей для xss.pro

[neopaket]

SEAdm1n ,tabac, weaver, может у ваа есть что-то на примете для перевода

 

[SEAdm1n]

SEAdm1n ,tabac, weaver, может у ваа есть что-то на примете для перевода

Скучно стало ?? :smile46::smile46:

Накидаю статеек скоро..

 

[SEAdm1n]

SEAdm1n ,tabac, weaver, может у ваа есть что-то на примете для перевода

GitHub - rmusser01/Infosec_Reference: An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version. - rmusser01/Infosec_Reference

github.com

Тонна информации на выбор. из любого раздела, так сказать что понравится то и выбирай. Тут все годное.

 

[SEAdm1n]

SEAdm1n ,tabac, weaver, может у ваа есть что-то на примете для перевода

Я думаю ты устанешь это переводить, но если вдруг, как и сейчас, тебе станет скучно, то вот ссылка. Думаю многим будет интересно почитать.

DNM-related arrests, 2011–2015

A census database of all publicly-reported arrests and prosecutions connected to the Tor-Bitcoin drug darknet markets 2011–2015, and analysis of mistakes.

www.gwern.net

 

[admin]

Новые статьи, из новеньких.

https://versprite.com/blog/application-security/reverse-proxy-attack/

https://grsecurity.net/reports_of_cves_death_greatly_exaggerated

https://github.com/fuzzitdev/jsfuzz

https://buer.haus/2019/10/18/a-tale-of-exploitation-in-spreadsheet-file-conversions/

https://x-c3ll.github.io/posts/CSS-Injection-Primitives/

https://www.shielder.it/blog/exploiting-an-old-novnc-xss-cve-2017-18635-in-openstack/

(Better) USB Injection with Rawcoon

Introduction For those of us who are not already familiar with USB keystroke injection, the concept is pretty simple: a USB device resembling a common flash drive, but acting as a keyboard sends a sequence of keystrokes when plugged in. This allows triggering some actions on any computer it’s...

0x00sec.org

 

[SEAdm1n]

Предлагаю материал для перевода.

HA Joker Vulnhub Walkthrough

Today we are going to solve our Boot to Root challenge called “HA: Joker” We have developed this lab for the purpose of online penetration practices. Solving this lab is not that tough if you have proper basic knowledge of Penetration testing. Let’s start and learn how to breach it. Download...

www.hackingarticles.in

HA: ISRO Vulnhub Walkthrough - Hacking Articles

Today we are going to solve our CTF challenge called “HA: ISRO” We have developed this lab for the purpose of online penetration practices. Solving

www.hackingarticles.in

 

[Newt]

Я тут недавно, но пока возьму вот это.

По возможности постараюсь всю серию осилить, по мере публикации.

дофига времени прошло. Я еще тут, со временем запарка.

 

[BabaDook]

Предлагаю материал для перевода.

HA Joker Vulnhub Walkthrough

Today we are going to solve our Boot to Root challenge called “HA: Joker” We have developed this lab for the purpose of online penetration practices. Solving this lab is not that tough if you have proper basic knowledge of Penetration testing. Let’s start and learn how to breach it. Download...

www.hackingarticles.in

HA: ISRO Vulnhub Walkthrough - Hacking Articles

Today we are going to solve our CTF challenge called “HA: ISRO” We have developed this lab for the purpose of online penetration practices. Solving

www.hackingarticles.in

Там переводить нечего, всё на скринах предельно понятно. Люблю таких авторов.Респект им

 

[tabac]

How I was able to hunt a rare bug in a private program

Hello, this is ABIDA Fahd from JAVA~DRINK3RS TEAM and today I will show you how I was able to find a way to upload TXT, PNG, XML files in…

medium.com

How I paid 2$ for 1054$ XSS bug + 20 chars blind XSS payloads

Hey there :)

medium.com

HTTP Request Smuggling (CL.TE)

Special thanks to James Kettle @albinowax

memn0ps.github.io

The awaiting Roboto Botnet

Background introduction On August 26, 2019, our 360Netlab Unknown Threat Detection System highlighted a suspicious ELF file (4cd7bcd0960a69500aa80f32762d72bc) and passed along to our researchers to take a closer look, upon further analysis, we determined it is a P2P bot program. Fast forwarded...

blog.netlab.360.com

 

[webchk]

How I was able to hunt a rare bug in a private program

Hello, this is ABIDA Fahd from JAVA~DRINK3RS TEAM and today I will show you how I was able to find a way to upload TXT, PNG, XML files in…

medium.com

могу эту перевести

 

[neopaket]

Что то позабылась родная тема. Не очень у меня вышло с авторками. Слишком мало текста, да и кроме фактического код ничего не могу придумать. Поднаберусь ума, да и может быть дальше лучше пойдёт.

 

[neopaket]

Нашёл одного очень амбициозного человека с интересными статьями по Программированию, физике, линейной математике и всему прочему. Советую взглянуть https://johnflux.com/

 

[weaver]

Creating a Rootkit to Learn C

Background Information This post is my solution for the last assignment in my Learning-C repository. I thought a good way to cap off a repo designed to introduce people to very basic C programming would be to take those very basic techinques and make a simple yet powerful security related...

h0mbre.github.io

 

[neopaket]

Creating a Rootkit to Learn C

Background Information This post is my solution for the last assignment in my Learning-C repository. I thought a good way to cap off a repo designed to introduce people to very basic C programming would be to take those very basic techinques and make a simple yet powerful security related...

h0mbre.github.io

Взял, информации довольно много. Примерно через три дня смогу сделать.

 

[admin]

Поднимем временно забытую инициативу =)

Hacking GitHub with Unicode's dotless 'i'.

From combining emoji marks and astral planes, Unicode is under appreciated and poorly understood. One lesser known attack vector is Unicode Case Mapping Collisions— an edge case that many of the best devs don't understand— even at Github.

eng.getwisdom.io

CVE-2019-18935: Remote Code Execution via Insecure Deserialization in Telerik UI

Telerik UI for ASP.NET AJAX insecurely deserializes JSON objects resulting in arbitrary RCE. Learn how to patch and securely configure this software.

know.bishopfox.com

 

[admin]

Redirecting…

Using WebRTC ICE Servers for Port Scanning in Chrome

To everything (TURN! TURN! TURN!)

medium.com

Android Root Detection Bypass Using Objection and Frida Scripts

This article is a follow up to the previous article. If you guys haven’t checked it out, feel free to visit it.

medium.com

Out-of-band Attacks [EN] | Omer Citak's Blog | Om3rCitak

ömer çıtak, omer citak, om3rcitak, security, development, php, vulnerability, ethical hacking

omercitak.com

 

[neopaket]

Я премного извиняюсь за своё долгое отсутствие, я довольно сильно болен и мне буквально сложно сидеть за компьютером. Но я уже готовлю для вас новую партию статеек.

 

[SEAdm1n]

Я премного извиняюсь за своё долгое отсутствие, я довольно сильно болен и мне буквально сложно сидеть за компьютером. Но я уже готовлю для вас новую партию статеек.

Не торопись, главное в нашем деле, это здоровье, поэтому выздоравливай. Как будет возможность так и переведешь.

 

[webchk]

Redirecting…

Using WebRTC ICE Servers for Port Scanning in Chrome

To everything (TURN! TURN! TURN!)

medium.com

Android Root Detection Bypass Using Objection and Frida Scripts

This article is a follow up to the previous article. If you guys haven’t checked it out, feel free to visit it.

medium.com

Out-of-band Attacks [EN] | Omer Citak's Blog | Om3rCitak

ömer çıtak, omer citak, om3rcitak, security, development, php, vulnerability, ethical hacking

omercitak.com

могу взять эти на перевод, если еще никто на брал?

 

[admin]

Microsoft Edge (Chromium) - Elevation of Privilege to Potential Remote Code Execution

How we hacked one of the worlds largest Cryptocurrency Website – Strynx

strynx.org

Reversing a real-world 249 bytes backdoor!

A wild backdoor has appeared. Press 1 to ptrace :D

anee.me

Peerlyst

www.peerlyst.com