█████╗ ██████╗ ██████╗ ███████╗███████╗ ██████╗ ███████╗███████╗██╗███╗ ██╗███████╗ ██╔══██╗██╔══██╗██╔══██╗██╔════╝██╔════╝██╔════╝ ██╔════╝╚══███╔╝██║████╗ ██║██╔════╝ ███████║██████╔╝██████╔╝███████╗█████╗ ██║ █████╗ ███╔╝ ██║██╔██╗ ██║█████╗ ██╔══██║██╔═══╝ ██╔═══╝ ╚════██║██╔══╝ ██║ ██╔══╝ ███╔╝ ██║██║╚██╗██║██╔══╝ ██║ ██║██║ ██║ ███████║███████╗╚██████╗ ███████╗███████╗██║██║ ╚████║███████╗ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚══════╝╚══════╝ ╚═════╝ ╚══════╝╚══════╝╚═╝╚═╝ ╚═══╝╚══════╝ ### Week: 09 | Month: March | Year: 2016 | Release Date: 04/03/2016 | Edition: 107º ### ' ╔╦╗┬ ┬┌─┐┌┬┐ ╔═╗┌─┐┌─┐ ' ║║║│ │└─┐ │ ╚═╗├┤ ├┤ ' ╩ ╩└─┘└─┘ ┴ ╚═╝└─┘└─┘ ' Something that really worth your time! URL: https://drownattack.com/ Advisory: https://www.openssl.org/news/secadv/20160301.txt Description: The DROWN Attack. URL: http://ownsecurity.blogspot.pt/2016/03/finding-xss-in-microsoft-oauth.html Description: Finding a XSS in Microsoft OAuth Interface. URL: http://goo.gl/y9to8s (+) Description: Widespread XSS Vulnerabilities in Ad Network Code. ' ╦ ╦┌─┐┌─┐┬┌─ ' ╠═╣├─┤│ ├┴┐ ' ╩ ╩┴ ┴└─┘┴ ┴ ' Some Kung Fu Techniques. URL: https://github.com/drego85/Joomla_Components_Scanner Description: Tool to find the components installed in Joomla CMS. URL: http://x42.obscurechannel.com/?p=263 Description: Privilege Escalation (SYSTEM) via Dolby’s DAX2_API Service (Win10). URL: https://github.com/schumilo/vUSBf Description: KVM/QEMU based USB-fuzzing framework. URL: https://github.com/google/kasan Description: KernelAddressSanitizer, a fast memory error detector for the Linux kernel. URL: https://github.com/rflynn/lanmap2 Description: Builds database/visualizations of LAN structure. URL: https://github.com/n0fate/volafox Description: Mac OS X Memory Analysis Toolkit. URL: https://github.com/nbshelton/bitdump Description: A tool to extract database data from a blind SQL injection vulnerability. URL: https://github.com/Ali-Razmjoo/OWASP-ZSC/ Description: OWASP ZCR Shellcoder. URL: https://blog.netspi.com/java-deserialization-attacks-burp/ Description: Java Deserialization Attacks with Burp. URL: https://github.com/brianwrf/hackUtils Description: It is a hack tool kit for pentest and web security research. ' ╔═╗┌─┐┌─┐┬ ┬┬─┐┬┌┬┐┬ ┬ ' ╚═╗├┤ │ │ │├┬┘│ │ └┬┘ ' ╚═╝└─┘└─┘└─┘┴└─┴ ┴ ┴ ' All about security issues/problems. URL: http://en.wooyun.io/2016/02/04/41.html Description: GPS hacking. URL: https://www.bastille.net/technical-details Description: MouseJack - wireless, non-Bluetooth keyboards and mice Pwn. URL: https://github.com/ethicalhack3r/owasp-asvs-markdown/blob/master/asvs.md Description: Application Security Verification Standard 3.0.1. URL: https://domenpk.github.io/lpc13xx_boot_analysis/ Description: LPC13xx Bootloader Reverse Engineering. URL: http://blog.mindedsecurity.com/2016/02/rce-in-oracle-netbeans-opensource.html Description: RCE in Oracle NetBeans - PrimeFaces 5.x Expression Language Injection. URL: https://goo.gl/LHeH3S (+) Description: ICMP and IP Network Mapping Tricks Every Pentester Needs To Know. URL: http://goo.gl/Wtvb4J (+) Description: eBay scripting flaws being actively exploited by fraudsters. URL: http://www.gracefulsecurity.com/command-injection-the-good-the-bad-and-the-blind/ Description: Command Injection - The Good, the Bad and the Blind. URL: http://www.davidlitchfield.com/AssessingOraclee-BusinessSuite11i.pdf Description: Assessing Oracle e­Business Suite 11i. URL: http://philippeharewood.com/abusing-facebook-graph-search/ Description: Abusing Facebook Graph Search using GraphQL. ' ╔═╗┬ ┬┌┐┌ ' ╠╣ │ ││││ ' ╚ └─┘┘└┘ ' Spare time? URL: http://supermarkupworld.daggasoft.com/ Description: Super Markup World URL: https://github.com/fulldecent/system-bus-radio Related: https://github.com/anfractuosity/musicplayer Description: Transmit radio on computer without radio transmitting hardware. URL: http://habrahabr.ru/post/268421/ Description: The USB Killer, Version 2.0. ' ╔═╗┬─┐┌─┐┌┬┐┬┌┬┐┌─┐ ' ║ ├┬┘├┤ │││ │ └─┐ ' ╚═╝┴└─└─┘─┴┘┴ ┴ └─┘ ' Content Helpers (0x) 52656e61746f20526f64726967756573202d204073696d7073306e202d20687474703a2f2f706174686f6e70726f6a6563742e636f6d http://pathonproject.com/zb/?952c79a0b435fb13#aJzpxKaQKzkH2upcr+EfIEraHC6Ktid/Xs1KUdh1o4I=