GitHub - gabriellandau/PPLFault
https://github.com/gabriellandau/PPLFault
List of potential quasar servers · GitHub
https://gist.github.com/embee-research/76b7d937270158e4b4ba1c1691b7f5bb
GitHub - SySS-Research/smbcrawler: smbcrawler is no-nonsense tool that takes credentials and a list of hosts and 'crawls' (or 'spiders') through those shares
https://github.com/SySS-Research/smbcrawler
GitHub - hackerhouse-opensource/CompMgmtLauncher_DLL_UACBypass: CompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist
https://github.com/hackerhouse-opensource/CompMgmtLauncher_DLL_UACBypass
CS:GO: From Zero to 0-day — Neodyme
https://neodyme.io/blog/csgo_from_zero_to_0day/
Sign in to Microsoft Azure
http://intune.microsoft.com
Mari0n on Twitter: "All our BlackHoodie registrations are going really slow. I'll be tweeting a lot the next couple weeks 😊" / Twitter
https://twitter.com/pinkflawd/status/1657114522023342080
Malware-IOCs/2023-05-13_Qakbot_C2_Shodan at main · CronUp/Malware-IOCs · GitHub
https://github.com/CronUp/Malware-IOCs/blob/main/2023-05-13_Qakbot_C2_Shodan
Offensive Windows IPC Internals 3: ALPC · csandker.io
https://csandker.io/2022/05/24/Offensive-Windows-IPC-3-ALPC.html
Conspirador Norteño on Twitter: "FYI the "My Twitter Worth" thing that a lot of people are tweeting today is part of the Round Year Fun set of malware apps. DO NOT DO IT, and if you already have, revoke its access to your account so it doesn't take unwanted actions on your behalf. https://t.co/ibXSV5FSZb https://t.co/CEKQinlVkk" / Twitter
https://twitter.com/conspirator0/status/1657534186167697413
Practical Introduction to BLE GATT Reverse Engineering: Hacking the Domyos EL500 · Hack The World
https://jcjc-dev.com/2023/03/19/reversing-domyos-el500-elliptical/
Germán Fernández on Twitter: "#Qakbot C2 servers from Shodan. Relation: IP → Country → SSL fake domain 🔦 [+] https://t.co/WRWh6ez3YQ Some SSL fake domains: seiauoalth[.]info apeiome[.]mobi apeiome[.]mobi arinu[.]biz aotineabvut[.]biz ghnxsrb[.]org aiea[.]mobi hayvygpxclb[.]mobi axajn[.]info jkjea[.]info… https://t.co/zcHuRmWL4r" / Twitter
https://twitter.com/i/web/status/1657506155801763840![Germán Fernández on Twitter: "#Qakbot C2 servers from Shodan. Relation: IP → Country → SSL fake domain 🔦 [+] https://t.co/WRWh6ez3YQ Some SSL fake domains: seiauoalth[.]info apeiome[.]mobi apeiome[.]mobi arinu[.]biz aotineabvut[.]biz ghnxsrb[.]org aiea[.]mobi hayvygpxclb[.]mobi axajn[.]info jkjea[.]info… https://t.co/zcHuRmWL4r" / Twitter](/image/screenshot/bc10e94038f46a6a60cfba3f4e38246d.webp)
Writing Network Templates with Nuclei
https://blog.projectdiscovery.io/writing-network-templates-with-nuclei/
Paul M. on Twitter: "@chompie1337 Ah women only, that’s unfortunate." / Twitter
https://twitter.com/rezalas/status/1657393647849971714
Stop the passing of the Online Safety Bill - Petitions
https://petition.parliament.uk/petitions/634725
Offensive Windows IPC Internals 1: Named Pipes · csandker.io
https://csandker.io/2021/01/10/Offensive-Windows-IPC-1-NamedPipes.html
First Look: Ghidra 10.3 Emulator. Ghidra 10.3 dropped this week with a… | by Craig Young | May, 2023 | Medium
https://medium.com/@cy1337/first-look-ghidras-10-3-emulator-7f74dd55e12d
GitHub - Mr-xn/BLACKHAT_Asia2023: Black Hat Asia 2023 PDF Public
https://github.com/Mr-xn/BLACKHAT_Asia2023
Hackers use public exploit to attack vulnerable WordPress sites
https://www.bleepingcomputer.com/news/security/hackers-use-public-exploit-to-attack-vulnerable-wordpress-sites/
Offensive Windows IPC Internals 2: RPC · csandker.io
https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html
Prompt injection explained, with video, slides, and a transcript
https://simonwillison.net/2023/May/2/prompt-injection-explained/
Backup Quotes
http://backup.zip
Analysis of VirtualBox CVE-2023-21987 and CVE-2023-21991
https://qriousec.github.io/post/vbox-pwn2own-2023/
Personal info of 90k hikers leaked by French tourism company La Malle PostaleSecurity Affairs
https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html
mRr3b00t on Twitter: "This seems odd from its title… https://t.co/LQmaQ1kN8O" / Twitter
https://twitter.com/UK_Daniel_Card/status/1657417677978193920
Discord suffered a data after third-party support agent was hackedSecurity Affairs
https://securityaffairs.com/146171/data-breach/discord-suffered-data-breach.html
Tal Be'ery on Twitter: "1/ It's important to note that #Twitter encrypted DMs are *NOT* be protected against MITM attacks, as explicitly admitted by @twittersecurity @elonmusk when can we have a paper on encrypted DMs crypto, to allow the community to see what it actually means? https://t.co/EETNK9hAid" / Twitter
https://twitter.com/TalBeerySec/status/1657039185092440065
GitHub - awakecoding/wireshark-rdp: Wireshark RDP resources
https://github.com/awakecoding/wireshark-rdp
abby on Twitter: "from the ashes, a hero rises https://t.co/EK9FdOXiHO" / Twitter
https://twitter.com/abby4thepeople/status/1657702516891721730
GitHub - PaperMtn/slack-watchman: Slack enumeration and exposed secrets detection tool
https://github.com/PaperMtn/slack-watchman
RAX30 Patch Diff Analysis & Nday Exploit for ZDI-23-496 | hyprblog
https://blog.coffinsec.com/nday/2023/05/12/rax30-patchdiff-nday-analysis.html
WhatsApp-Security-Whitepaper.pdf
https://www.whatsapp.com/security/WhatsApp-Security-Whitepaper.pdf
Latest variant of RapperBot botnet adds cryptojacking capabilitiesSecurity Affairs
https://securityaffairs.com/146207/malware/rapperbot-botnet-adds-cryptojacking.html