Olivia
Online
Daniel
@0xdsm
unintentional software vulnerability stumbler
{::}
Joined January 2022
434 Following
221 Followers
58 Posts
@K4L1_FS @r0nycosta Sobre a detecção, o artigo fala que não da pra detectar de forma nativa (Event Log Viewer, por exemplo), e sim temos que usar soluções de monitoramento que suportem o tráfego LDAP. Ele fala sobre o Netwrix Threat Prevention já que o artigo é deles, mas devem haver outras opções
@K4L1_FS @r0nycosta - Artigo sobre a ferramenta
https://t.co/1UoGqvnbJ1
- Documentação da Microsoft sobre o LDAP Ping
https://t.co/MZnKSSNcq1
@K4L1_FS @r0nycosta Analisando o código do repositório, ele aparentemente usa o mecanismo de "LDAP Ping" do Active Directory. No fim, ele faz a seguinte pesquisa:
(&(NtVer=\06\00\00\00)(AAC=\10\00\00\00)(User=user))
E compara os hex da resposta, onde "17 00" se existe e "19 00" se não.
Our member @MatheuzSecurity ' article is also available now in the fourth edition of tmpout, follow the link to check it out.
https://t.co/MUb7oS2zXJ
A little tip if you want to start two emulated devices with Objection and don't know how. Since Objection does not have a flag for specifying the device, you can forward the 27042/3 ports and start multiple Objection instances.
Giving bug bounty another chance, let's see how it goes. All reports are for public programs since I don't have access to private programs yet xD
2 mobile
2 web
@llucasduartee O dono do post apareceu e esclareceu que era em programa de bug bounty. Se não tivesse seria crime ué kkkkkk
@pqcorvo No início do post está bem exposto que era em um programa de bug bounty, acho que faltou leitura da sua parte.
Uma dúvida, o correto então é criar contas falsas em instituições financeiras então? Não entendi a ideia ainda.
Bypassing protections of a banking app just to learn: https://t.co/rNECIiS2zb
I recently wrote two articles for a community that I'm a member of. If you're interested, you can read them through the links below and join the community via our Discord link: https://t.co/gNlaF91dOz
Discovering a 0-day Authenticated RCE on my router: https://t.co/uF13KQ4g7H
We have now an open Discord community! Feel free to join us to learn and share your knowledge with other computing enthusiasts.
Join us on Discord:
https://t.co/4b9CALdzFm
Per aspera ad inferi!
I tested it on a website that uses https://t.co/GwhLj8vjJW as a protection feature, I don't know if this applies to other libraries.
If you're having problems using DevTools on websites that do not allow its use through libraries, such as disable-devtool, use DevTools itself and block the URL in the Network tab 🤓
@raphamorims Esse tipo de feature, nesse caso, poder usar o mouse para clicar sobre o comando, selecionar o texto e poder apagar, enfim... como se fosse um "editor de texto".
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers