What's new arround internet
Last one

Src Date (GMT) Titre Description Tags Stories Notes
Securifera.webp 2023-08-16 02:50:18 Feu de benne à ordures de science
ScienceLogic Dumpster Fire (lien direct)		 Cet article n'est en aucun cas affilié, parrainé ou approuvé avec / par Sciencelogic, Inc. Tous les graphiques sont affichés sous une utilisation équitable aux fins de cet article.Juste un autre jour lors d'un test de pénétration pour un client l'année dernière, notre équipe a identifié une cible remarquable qui a piqué notre intérêt.Une capture d'écran [...]
This article is in no way affiliated, sponsored, or endorsed with/by ScienceLogic, Inc. All graphics are being displayed under fair use for the purposes of this article. Just another Day During a penetration test for a client last year, our team identified a noteworthy target that piqued our interest. A screenshot [...]		 ★★★★
Securifera.webp 2023-04-24 14:36:14 Vocera Report Server pwage
Vocera Report Server Pwnage (lien direct)		 Cet article n'est en aucun cas affilié, parrainé ou approuvé avec / par Vocera Communications ou Stryker Corporation.Tous les graphiques sont affichés sous une utilisation équitable aux fins de cet article.Quest for RCE l'année dernière lors d'un test de pénétration de routine, notre équipe est tombée sur une cible intéressante appelée Vocera Report Server [...]
This article is in no way affiliated, sponsored, or endorsed with/by Vocera Communications or Stryker Corporation. All graphics are being displayed under fair use for the purposes of this article. Quest for RCE Last year during a routine penetration test, our team came across a interesting target called Vocera Report Server [...]		 ★★
Securifera.webp 2023-03-06 22:00:32 Attacking .NET Web Services (lien direct) This article is in no way affiliated, sponsored, or endorsed with/by Siemens Healthineers or Microsoft Corporation. All graphics are being displayed under fair use for the purposes of this article. Last year I spent some time looking for vulnerabilities in a commercial cardiovascular imaging web application called  Syngo Dynamics. This product is [...] ★★
Securifera.webp 2021-06-24 00:22:01 Operation Eagle Eye (lien direct) This article is in no way affiliated, sponsored, or endorsed with/by Fidelis Cybersecurity. All graphics are being displayed under fair use for the purposes of this article. Operation Eagle Eye Who remembers that movie about 15 years ago called Eagle Eye? A supercomputer has access to massive amounts of data, introduce [...]
Securifera.webp 2021-05-28 19:56:28 MesaLabs AmegaView: Information Disclosure to RCE (lien direct) During a recent assessment, I discovered multiple vulnerabilities in the MesaLabs AmegaView Continous Monitoring Software.  The vulnerabilities include command injection (CVE-2021-27447, CVE-2021-27449), improper authentication (CVE-2021-27451), authentication bypass (CVE-2021-27453), and privilege escalation (CVE-2021-27445).  In this blog post, I will go over the vulnerabilities and how they were discovered. Recon During assessments, we [...]
Securifera.webp 2021-05-26 17:41:32 Hacking Citrix Storefront Users (lien direct) This article is in no way affiliated, sponsored, or endorsed with/by Citrix Systems, Inc. All graphics are being displayed under fair use for the purposes of this article. Hacking Citrix Storefront Users With the substantial shift from traditional work environments to remote/telework capable infrastructures due to COVID-19, products like Citrix [...]
Securifera.webp 2021-03-08 02:31:26 BMC Patrol Agent – Domain User to Domain Admin – Part 2 (lien direct) **Securifera is in no way affiliated, sponsored, or endorsed with/by BMC. All graphics produced are in no way associated with BMC or it's products and were created solely for this blog post. All uses of the terms BMC, PATROL, and any other BMC product trademarks is intended only for identification purposes and is to [...]
Securifera.webp 2020-12-02 22:05:21 A 3D Printed Shell (lien direct) A 3D Printed Shell With 3D printers getting a lot of attention with the COVID-19 pandemic, I thought I'd share a post about an interesting handful of bugs I discovered last year. The bugs were found in a piece of software that is used to remotely manage 3D printers. Chaining these vulnerabilities [...]
Securifera.webp 2020-10-13 23:08:24 403 to RCE in XAMPP (lien direct) 403 to RCE in XAMPP Some of the best advice I was ever given at how to become more successful at vulnerability discovery is to always try and dig a little deeper. Whether you are a penetration tester, red teamer, or bug bounty hunter, this advice has always proven true.  Far too [...] Vulnerability
Securifera.webp 2020-09-05 14:22:19 Defcon 2020 Red Team Village CTF – Seeding Part 1 & 2 (lien direct) Defcon 2020 Red Team CTF - Seeding Part 1 & 2 Last month was Defcon and with it came the usual rounds of  competitions and CTFs. With work and family I didn't have a ton of time to dedicate to the Defcon CTF so I decided to check out the Red Team [...]
Securifera.webp 2020-06-25 12:20:15 Synack – Red Vs Fed Competition 2020 (lien direct) Preface Obligatory statement: This blog post is in no way affiliated, sponsored, or endorsed with/by Synack, Inc. All graphics are being displayed under fair use for the purposes of this article. Over the last few months Synack has been running a user engagement based competition called Red vs Fed. As can be deduced [...]
Securifera.webp 2020-06-12 20:27:40 A Year of Windows Privilege Escalation Bugs (lien direct) A Year of Windows Privilege Escalation Bugs Earlier last year I came across an article by Provadys (now Almond) highlighting several bugs they had discovered based on research by James Forshaw of Google's Project Zero. The research focused on the exploitation of Windows elevation of privilege (EOP) vulnerabilities using NTFS [...]
Securifera.webp 2019-09-10 16:17:03 PreAuth RCE on Palo Alto GlobalProtect Part II (CVE-2019-1579) (lien direct) Background Before I get started I want to clearly state that I am in no way affiliated, sponsored, or endorsed with/by Palo Alto Networks. All graphics are being displayed under fair use for the purposes of this article. I recently encountered several unpatched Palo Alto firewall devices during a routine red team [...]
Securifera.webp 2019-08-03 05:48:00 POC or Stop The Calc Popping Videos – CVE-2017-9830 – CVE-2019-7839 (lien direct) POC or STOP THE CALC POPPING VIDEOS As a red teamer / penetration tester / bug bounty hunter, I get exposed to a wide range of software products while performing customer engagements. Often times we find systems running outdated or unpatched services with publicly disclosed vulnerabilities only to find a video popping [...]
Securifera.webp 2019-06-11 15:46:01 HTTP screenshots with Nmap, Chrome, and Selenium (lien direct) HTTP screenshots with Nmap, Chrome, and Selenium Several months back I tweeted out a gist of a simple website screenshot python script I wrote as an attempt to fill a gap in tooling that I couldn't seem to find anywhere. The options I was presented with were either too complex, inconsistent, or outdated. [...]
Securifera.webp 2018-12-17 17:33:00 BMC Patrol Agent – Domain User to Domain Admin (lien direct) Domain User to Domain Admin Knowing the difference between user authentication and authorization when designing secure software can be extremely important to avoid common security pitfalls. Often times application software vendors subvert the overall security imposed by the operating system and domain by not properly authenticating or checking the authorization of a user [...]
Securifera.webp 2018-12-10 07:15:01 Metasploit Community CTF 2018 Writeup (lien direct) Last weekend I participated in the 2018 Metasploit Community CTF. It was a nice break from the Jeopardy style, exploitation heavy CTFs I tend to play in. The setup included two vulnerable VMs, 1 windows, 1 linux ( with a bunch of dockers), and one Kali attack VM. This was the first Metasploit CTF [...]
Securifera.webp 2018-10-07 23:27:05 serviceFu (lien direct) serviceFu In a recent assessment our team found itself in a somewhat new situation that resulted in a useful tool we wanted to share with the community. The assessment started with us gaining initial access into a customer's network. This particular customer had invested significant time and effort into [...] Tool
Securifera.webp 2018-04-15 21:56:01 AMD Gaming Evolved (Raptr – Plays.tv) Remote File Execution (lien direct) Background For anyone running an AMD GPU from a few years back, you've probably come across a piece of software installed on your computer from Raptr, Inc. If you don't remember installing it, it's because for several years it was installed silently along-side your AMD drivers. The software was marketed to the gaming [...]
Securifera.webp 2018-01-18 22:41:05 Nessus => Maltego (lien direct) Overview Visualizing, organizing, and processing information on large networks can be a difficult task. Often I find myself being given incomplete data or large amounts of scan results that can take forever to analyze. Recently I was handed a large collection of Nessus scan files for a network assessment and [...]
Last update at: 2024-04-19 21:10:32
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter