NFT God on Twitter: "Last night my entire digital livelihood was violated. Every account connected to me both personally and professionally was hacked and used to hurt others. Less importantly, I lost a life changing amount of my net worth" / Twitter
https://twitter.com/NFT_GOD/status/1614442000958324739
XSS Hunter
http://xsshunter.com
http://xss.ht
http://xss.ht
Easy XSSHunter Automation Setup Script | Adam J Sturge | Medium
https://adamjsturge.medium.com/d5a66039f7b6?sk=52394aa4a2d66779ffcaeaf7cab63af9
GitHub - lefayjey/linWinPwn: linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks
https://github.com/lefayjey/linWinPwn
NFT God on Twitter: "Yesterday afternoon I went to download OBS onto my personal desktop computer. OBS is industry standard video streaming software. I was excited to live stream some video games for the first time in my life. What I didn't realize was I clicked the sponsored link on google" / Twitter
https://twitter.com/NFT_GOD/status/1614442010773004288
XSS using postMessage in Google Cloud Theia notebooks [Google VRP]
https://blog.geekycat.in/xss-using-postmessage-in-google-cloud-theia-notebooks/![XSS using postMessage in Google Cloud Theia notebooks [Google VRP]](/image/screenshot/c777bd058b184a8a4394c542627c2025.webp)
CircleCI's hack caused by malware stealing engineer's 2FA-backed session
https://www.bleepingcomputer.com/news/security/circlecis-hack-caused-by-malware-stealing-engineers-2fa-backed-session/
iOS · GitBook
https://gloxec.github.io/CrossC2/zh_cn/usage/iOS.html
GitHub - trevormiller6/PowerShell-Deobfuscation-Exercise: An exercise to practice deobfuscating PowerShell Scripts.
https://github.com/trevormiller6/PowerShell-Deobfuscation-Exercise
Daring Fireball: If You Needed Any More Confirmation, Internal Slack Messages at Twitter Show That Cutting Off Third-Party Clients Was 'Intentional'
https://daringfireball.net/linked/2023/01/14/information-twitter-slack-confirmation
DLL Hijacking using Spartacus, outside of DllMain
https://www.pavel.gr/blog/dll-hijacking-using-spartacus-outside-of-dllmain
SSH key injection in Google Cloud Compute Engine [Google VRP]
https://blog.stazot.com/ssh-key-injection-google-cloud/![SSH key injection in Google Cloud Compute Engine [Google VRP]](/image/screenshot/b7354e2ade9e10edfceb07dcfc66259a.webp)
Yuri Diogenes on Twitter: "The latest episode of Overcome Podcast with @HackingDave is now live. This is a truly wake up call for many IT and #cybersecurity professionals that are living the same lifestyle that Dave was living. #wehackhealth Full episode at https://t.co/8s1ul2kZyh https://t.co/AyBl14glgg" / Twitter
https://twitter.com/i/web/status/1614650048091983872
<独自>ガソリンスタンドで新手カード不正 「1円承認」悪用で被害計9千万円 外国人グループ関与 - 産経ニュース
https://www.sankei.com/article/20230115-WMOA4NSWMRM6VHXRHDT73USG7I/
Restoring Dyld Memory Loading - XPN InfoSec Blog
https://blog.xpnsec.com/restoring-dyld-memory-loading/
YATAS - A Simple Tool To Audit Your AWS Infrastructure For Misconfiguration Or Potential Security Issues With Plugins Integration
https://www.kitploit.com/2023/01/yatas-simple-tool-to-audit-your-aws.html
Hacking Redis for fun and CTF points | by Emil Lerner | Jan, 2023 | Medium
https://medium.com/@emil.lerner/hacking-redis-for-fun-and-ctf-points-3450c351bec1
Mikael Thalen on Twitter: "Data from Cellebrite & MSAB, two companies that provide phone hacking tools to governments, has just been published online. The leak includes actual software as well as documentation. The tools have been used against journalists, activists, & dissidents across the globe. https://t.co/DJgES7VgSb" / Twitter
https://twitter.com/mikaelthalen/status/1614084479697702914
Malware Attack on CircleCI Engineer's Laptop Leads to Recent Security Incident
https://thehackernews.com/2023/01/malware-attack-on-circleci-engineers.html
whalechart.org on Twitter: "BREAKING: Google Chrome security vulnerability detected could lead to crypto wallet stealing" / Twitter
https://twitter.com/whalechart/status/1614649111654940673
SMB “Access is denied” caused by anti-NTLM relay protection | by Clément Notin [Tenable] | Tenable TechBlog | Jan, 2023 | Medium
https://medium.com/tenable-techblog/smb-access-is-denied-caused-by-anti-ntlm-relay-protection-659c60089895![SMB “Access is denied” caused by anti-NTLM relay protection | by Clément Notin [Tenable] | Tenable TechBlog | Jan, 2023 | Medium](/image/screenshot/6bd8b80371f71145aa727e75364898e9.webp)
GitHub - cisagov/ScubaGear: Automation to assess the state of your M365 tenant against CISA's baselines
https://github.com/cisagov/ScubaGear
Recovering from Attack Surface Reduction rule shortcut deletions - Microsoft Community Hub
https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/recovering-from-attack-surface-reduction-rule-shortcut-deletions/ba-p/3716011
Becoming the best version of yourself with Dave Kennedy - Overcome | Podcast on Spotify
https://open.spotify.com/episode/0nLhMUcCVA1mi3KdcxFNOJ?si=CKfzxhI6SCq8s-3gHcBy3w
NFT God on Twitter: "Last night my entire digital livelihood was violated. Every account connected to me both personally and professionally was hacked and used to hurt others. Less importantly, I lost a life changing amount of my net worth" / Twitter
https://twitter.com/nft_god/status/1614442000958324739
NFT God on Twitter: "I didn't sign anything with my wallet. I didn't execute a bad mint. A critical mistake on one technology led to my downfall on another. The file I downloaded from the ODS sponsored link was obviously malware. The first sponsored link I've ever clicked will certainly be my last" / Twitter
https://twitter.com/NFT_GOD/status/1614442062140637184