█████╗ ██████╗ ██████╗ ███████╗███████╗ ██████╗    ███████╗███████╗██╗███╗   ██╗███████╗
██╔══██╗██╔══██╗██╔══██╗██╔════╝██╔════╝██╔════╝    ██╔════╝╚══███╔╝██║████╗  ██║██╔════╝
███████║██████╔╝██████╔╝███████╗█████╗  ██║         █████╗    ███╔╝ ██║██╔██╗ ██║█████╗  
██╔══██║██╔═══╝ ██╔═══╝ ╚════██║██╔══╝  ██║         ██╔══╝   ███╔╝  ██║██║╚██╗██║██╔══╝  
██║  ██║██║     ██║     ███████║███████╗╚██████╗    ███████╗███████╗██║██║ ╚████║███████╗
╚═╝  ╚═╝╚═╝     ╚═╝     ╚══════╝╚══════╝ ╚═════╝    ╚══════╝╚══════╝╚═╝╚═╝  ╚═══╝╚══════╝
###  Week: 14 | Month: April | Year: 2016 | Release Date: 08/04/2016 | Edition: 112º  ###


'  ╔╦╗┬ ┬┌─┐┌┬┐  ╔═╗┌─┐┌─┐
'  ║║║│ │└─┐ │   ╚═╗├┤ ├┤ 
'  ╩ ╩└─┘└─┘ ┴   ╚═╝└─┘└─┘
'  Something that's really worth your time!


URL: http://www.mbsd.jp/blog/20160407.html
Description: Information theft attacks abusing browser's XSS filter.

URL: https://hackerone.com/reports/73480
Description: Arbitrary file Upload on AirMax - 18k Reward (Impact is everything!).

URL: https://whitton.xyz/articles/obtaining-tokens-outlook-office-azure-account/
Description: Obtaining Login Tokens for an Outlook, Office or Azure Account.


'  ╦ ╦┌─┐┌─┐┬┌─
'  ╠═╣├─┤│  ├┴┐
'  ╩ ╩┴ ┴└─┘┴ ┴
'  Some Kung Fu Techniques.


URL: https://github.com/danielmiessler/RobotsDisallowed
Description: A harvest of the Disallowed directories from the robots.txt.

URL: https://gist.github.com/compoterhacker/c1a3b15fe2a47393083b
Description: Old irssi-otr plugin heap overflow PoC.

URL: https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
Description: Java-Deserialization-Cheat-Sheet.

URL: https://github.com/hfiref0x/SyscallTables
Description: Windows NT x64 Syscall tables.

URL: https://github.com/gavia/subsearch
Description: A subdomain brute force tool.

URL: https://github.com/google/binexport
Description: IDA plugin for exporting for BinNavi databases and to Protocol Buffers.

URL: https://github.com/HackerFantastic/Public/blob/master/exploits/cve-2016-1531.sh
Description: CVE-2016-1531 exim <= 4.84-3 local root exploit.

URL: http://www.nirsoft.net/utils/wifi_history_view.html
Description: Wifi Forensic Investigation using Wifihistoryview.

URL: https://github.com/SkyLined/BugId
Description: Python module to detect, analyze and id application bugs (Windows).

URL: https://github.com/lyle-nel/siga
Description: Population based metaheuristic for password cracking.


'  ╔═╗┌─┐┌─┐┬ ┬┬─┐┬┌┬┐┬ ┬
'  ╚═╗├┤ │  │ │├┬┘│ │ └┬┘
'  ╚═╝└─┘└─┘└─┘┴└─┴ ┴  ┴ 
'  All about security issues.


URL: http://en.wooyun.io/2016/01/28/Bypass-Windows-AppLocker.html
PoC: https://github.com/3gstudent/Bypass-Windows-AppLocker
Description: Bypass Windows AppLocker.

URL: http://l.avala.mp/blog/ghost-got-secrets-ghostbins-guts-part-1/ (...-part-2)
Description: Scraping Ghostbin.

URL: https://goo.gl/EGlZTe (+)
Description: ropasaurusrex - A primer on return-oriented programming (ROP "101").

URL: https://gist.github.com/nishimunea/5d06bf899198eb104238
Description: Cross-origin Data leakage in Chrome (CVE-2014-6759).

URL: https://labs.detectify.com/2016/04/04/csp-bypassing-form-action-with-reflected-xss/
Description: CSP - bypassing form-action with reflected XSS.

URL: http://d0cs4vage.blogspot.pt/2015/08/pfp-python-interpreter-for-010-templates.html
Description: PFP - A Python Interpreter for 010 Templates.

URL: http://www.labofapenetrationtester.com/2016/02/kautilya-easy-reverse-shells.html
Description: Hacking with Human Interface Devices - Easy Reverse Shells.

URL: http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html
Description: Unlimiting the stack not longer disables ASLR (CVE-2016-3672).

URL: http://www.sphaero.org/blog:2012:0418_am_i_hacked_oh_it_s_just_vodafone
Description: Am I hacked? Oh, it's just Vodafone.

URL: http://goo.gl/BNPZLU (+)
Description: The perils of Java deserialization.


'  ╔═╗┬ ┬┌┐┌
'  ╠╣ │ ││││
'  ╚  └─┘┘└┘
'  Spare time?


URL: http://www.su-tesla.space/
Description: Rooting a Tesla Model S (Why not?).

URL: http://yifan.lu/2016/03/28/3ds-code-injection-through-loader/
Description: 3DS Code Injection through "Loader".

URL: http://blog.dewhurstsecurity.com/2016/04/07/google-chrome-protocol-handler-fun.html
Description: Google Chrome Protocol Handler Fun.


'  ╔═╗┬─┐┌─┐┌┬┐┬┌┬┐┌─┐
'  ║  ├┬┘├┤  │││ │ └─┐
'  ╚═╝┴└─└─┘─┴┘┴ ┴ └─┘
'  Content Helpers (0x)

52656e61746f20526f64726967756573202d204073696d7073306e202d20687474703a2f2f706174686f6e70726f6a6563742e636f6d

http://pathonproject.com/zb/?e44c0b358744f6db#Eri9Omr+HbnpE6qkyyS2UMXtswMOIc09ebm/ZD6kMyo=