Gixposed 📍
CLI tool to search the commit history of Git repositories for sensitive information, such as API keys and access tokens.
Author: WH1T3-E4GL3
Source: https://t.co/5ue9QmwkNv
CVE-2024-43532 : Call and Register - Relay Attack on WinReg RPC Client
Akamai has discovered a vulnerability in the MS-RPC client, enabling an NTLM Relay attack. RPC serves as a critical component of Windows, supporting numerous services.
https://t.co/nL7khewP1J
#CyberSec
Offensive Security Tool: TerminatorZ
TerminatorZ is developed by Chris Abou-Chabké from Black Hat Ethical Hacking and is an efficient web security tool designed to scan for potential vulnerabilities in your web applications. It uses a combination of advanced techniques and popular tools like 'waybackurls' and 'curl', to perform passive and quick scans, providing a rapid overview of potential issues. The results are displayed in an easy-to-read format in the terminal, with only the vulnerable findings saved for further investigation.
🟢New Version 2.0 Released!
This update includes 8 NEW Proofs of Concept (POCs), bringing the total to 24 POCs, along with several other enhancements.
➡️New POCs:
◾File Upload Vulnerability
◾Command Injection
◾Host Header Injection
◾HTTP Parameter Pollution (HPP)
◾Clickjacking
◾CORS Misconfiguration
◾Sensitive Data Exposure
◾Session Fixation
Read the post: https://t.co/1SflpxpwNN
Installation
git clone https://t.co/BdEcCAZynl
cd TerminatorZ
chmod +x https://t.co/oxhnV3RQOp
./TerminatorZ
#securityassessments #pentesting #bugbounty #hacking #infosec #informationsecurity #cybersecurity #offensivesecurity #redteam
Pihak @bankbsi_id sempat memberikan penawaran sebesar $100.000 (Rp. 1,48M) tapi dari LockBit meminta tebusan sebesar $20.000.000 (Rp. 297M).
Lalu dari BSI memberikan penawaran $10.000.000 namun kemudian tak berlanjut. Akhirnya data tersebut dipublish karena negosiasinya gagal.
Seorang guru honorer di Banyuwangi, BAG (25), ditangkap dan ditetapkan sebagai tersangka peretasan dan penjualan data milik Badan Kepegawaian Negara.
Pelaku mendapatkan data dengan meretas situs BKN pada Agustus lalu dan kemudian menjualnya ke breachforum.
Pihak kepolisian menyatakan, motif tersangka menjual data tersebut adalah karena motif ekonomi. Pelaku memperoleh keuntungan sekitar US$8 ribu atau sekitar Rp121 juta dari penjualan data tersebut.
Tersangka dijerat UU Perlindungan data Pribadi, UU ITE, dan UU Pencegahan dan Pemberantasan TPPU.
#Peretasan #Data #BKN #Banyuwangi #Asumsico
supervision, the open-source library I created a year ago, has crossed 20,000 stars on GitHub this weekend!
thank you to everyone who helped me build this project!
it took us 3,500+ commits, 850+ PRs and 80+ contributors to do it.
repository: https://t.co/xXMRaS3Guk