█████╗ ██████╗ ██████╗ ███████╗███████╗ ██████╗ ███████╗███████╗██╗███╗ ██╗███████╗ ██╔══██╗██╔══██╗██╔══██╗██╔════╝██╔════╝██╔════╝ ██╔════╝╚══███╔╝██║████╗ ██║██╔════╝ ███████║██████╔╝██████╔╝███████╗█████╗ ██║ █████╗ ███╔╝ ██║██╔██╗ ██║█████╗ ██╔══██║██╔═══╝ ██╔═══╝ ╚════██║██╔══╝ ██║ ██╔══╝ ███╔╝ ██║██║╚██╗██║██╔══╝ ██║ ██║██║ ██║ ███████║███████╗╚██████╗ ███████╗███████╗██║██║ ╚████║███████╗ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚══════╝╚══════╝ ╚═════╝ ╚══════╝╚══════╝╚═╝╚═╝ ╚═══╝╚══════╝ ### Week: 15 | Month: April | Year: 2016 | Release Date: 15/04/2016 | Edition: 113º ### ' ╔╦╗┬ ┬┌─┐┌┬┐ ╔═╗┌─┐┌─┐ ' ║║║│ │└─┐ │ ╚═╗├┤ ├┤ ' ╩ ╩└─┘└─┘ ┴ ╚═╝└─┘└─┘ ' Something that's really worth your time! URL: https://github.com/BishopFox/cve-2016-1764 Description: Recovery of Plaintext iMessage Data Without Breaking Crypto (CVE-2016-1764). URL: https://goo.gl/xX9fB7 (+) Description: Google Account Recovery XSS. ' ╦ ╦┌─┐┌─┐┬┌─ ' ╠═╣├─┤│ ├┴┐ ' ╩ ╩┴ ┴└─┘┴ ┴ ' Some Kung Fu Techniques. URL: https://github.com/fvrmatteo/DeobfuscatorTest Description: Tool for obfuscation & de-obfuscation techniques (Research). URL: http://dfir-blog.com/2016/03/13/how-to-parse-windows-eventlog/ Description: How to parse Windows Eventlog (DFIR). URL: https://github.com/Rootkitsmm/cve-2016-0040 Description: PoC for CVE-2016-0040. URL: https://github.com/0xspx/armroper Description: ARM rop chain gadget searcher. URL: https://xisigr.com/x/cve-2016-1932/ Description: Web Notification Origin Spoof and FS DoS on win Firefox (CVE-2016-1932). URL: https://github.com/0x3d5157636b525761/DWF-2016-91000_poc/ Description: Bezeq Netgear DGN2200 exploit PoC (DWF-2016-91000). URL: https://github.com/dutchcoders/transfer.sh/ Description: Easy and fast file sharing from the command-line (https://transfer.sh). URL: https://github.com/s-rah/onionscan Description: Scan Onion Services for Security Issues. URL: https://github.com/xme/dshield-docker Description: Docker container running cowrie with DShield output enabled. URL: https://github.com/Raikia/CredSwissArmy Description: Check the validity of multiple user credentials across multiple servers. ' ╔═╗┌─┐┌─┐┬ ┬┬─┐┬┌┬┐┬ ┬ ' ╚═╗├┤ │ │ │├┬┘│ │ └┬┘ ' ╚═╝└─┘└─┘└─┘┴└─┴ ┴ ┴ ' All about security issues. URL: https://goo.gl/xt1a0r (+) PoC: https://github.com/hannob/pwncloud Description: Bad crypto in the Owncloud encryption module. URL: http://en.wooyun.io/2016/02/04/42.html Description: JavaScript Phishing. URL: https://hshrzd.wordpress.com/2016/03/31/petya-key-decoder/ Description: Petya (Ransomware) key decoder. URL: http://philippeharewood.com/swiping-facebook-official-access-tokens/ Description: Swiping Facebook Official Access Tokens URL: https://hackmag.com/uncategorized/deceiving-blizzard-warden PoC: https://github.com/xakepru/x14.08-coverstory-blizzard Description: Deceiving Blizzard Warden. URL: http://blog.vectranetworks.com/blog/turning-a-webcam-into-a-backdoor Description: Turning a Webcam Into a Backdoor. URL: http://securitygodmode.blogspot.pt/2016/03/bloatware-considered-harmful.html Description: Bloatware considered harmful (MSRs 101). URL: https://goo.gl/CwmMVX (+) Description: Multiple vulnerabilities found in Quanta LTE routers. URL: http://blog.techorganic.com/2016/03/08/radare-2-in-0x1e-minutes/ Description: Radare 2 in 0x1E minutes. URL: http://www.technopy.com/mongodb-injection---how-to-hack-mongodb.html Description: How To Hack MongoDB. ' ╔═╗┬ ┬┌┐┌ ' ╠╣ │ ││││ ' ╚ └─┘┘└┘ ' Spare time? URL: http://webkay.robinlinus.com/ Description: What every Browser knows about you. URL: https://github.com/amaboura/panama-papers-dataset-2016 Description: Structured data about Panama papers. URL: http://notoken.pl/ Description: "BadCSRF" - NoToken Bug. ' ╔═╗┬─┐┌─┐┌┬┐┬┌┬┐┌─┐ ' ║ ├┬┘├┤ │││ │ └─┐ ' ╚═╝┴└─└─┘─┴┘┴ ┴ └─┘ ' Content Helpers (0x) 52656e61746f20526f64726967756573202d204073696d7073306e202d20687474703a2f2f706174686f6e70726f6a6563742e636f6d http://pathonproject.com/zb/?95eb9dbf41028152#10psWNcpAPF4Bx9W2McydxW05MHdk7AhHzRHzPmSeQw=