█████╗ ██████╗ ██████╗ ███████╗███████╗ ██████╗ ███████╗███████╗██╗███╗ ██╗███████╗ ██╔══██╗██╔══██╗██╔══██╗██╔════╝██╔════╝██╔════╝ ██╔════╝╚══███╔╝██║████╗ ██║██╔════╝ ███████║██████╔╝██████╔╝███████╗█████╗ ██║ █████╗ ███╔╝ ██║██╔██╗ ██║█████╗ ██╔══██║██╔═══╝ ██╔═══╝ ╚════██║██╔══╝ ██║ ██╔══╝ ███╔╝ ██║██║╚██╗██║██╔══╝ ██║ ██║██║ ██║ ███████║███████╗╚██████╗ ███████╗███████╗██║██║ ╚████║███████╗ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚══════╝╚══════╝ ╚═════╝ ╚══════╝╚══════╝╚═╝╚═╝ ╚═══╝╚══════╝ ### Week: 43 | Month: October | Year: 2014 | Release Date: 24/10/2014 | Edition: 37º ### ' ╔╦╗┬ ┬┌─┐┌┬┐ ╔═╗┌─┐┌─┐ ' ║║║│ │└─┐ │ ╚═╗├┤ ├┤ ' ╩ ╩└─┘└─┘ ┴ ╚═╝└─┘└─┘ ' Something that really worth your time! URL: http://www.websecuritylog.com/2014/10/facebook--bug-bounty.html Description: Facebook Web Security Bug Bounty - Directory Traversal Vulnerability-RCE In Parse.com. URL: http://brutelogic.wordpress.com/2014/10/14/an-ssh-short-story-hack/ Description: An SSH Short Story Hack (Don’t LEARN to hack, HACK to learn!). URL: http://blog.detectify.com/post/100600514143/hostile-subdomain-takeover-using-heroku-github-desk Description: Hostile Subdomain Takeover using Heroku/Github/Desk + more. ' ╦ ╦┌─┐┌─┐┬┌─ ' ╠═╣├─┤│ ├┴┐ ' ╩ ╩┴ ┴└─┘┴ ┴ ' Some Kung Fu Techniques. URL: https://corkami.googlecode.com/svn/trunk/src/angecryption/ PoC: https://github.com/cryptax/angeapk (Hide APK in Images BHEU14) Description: AES Tricks and Tips. URL: https://dutzi.github.io/tamper/ Description: Tamper locally edit files served from the web directly from devtools. URL: http://cyberarms.wordpress.com/2014/10/16/mana-tutorial-the-intelligent-rogue-wi-fi-router/ Description: Mana Tutorial - The Intelligent Rogue Wi-Fi Router. URL: http://digital-forensics.sans.org/community/downloads Description: SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3.0. URL: http://www.roe.ch/SSLsplit Description: Transparent and scalable SSL/TLS interception. URL: https://github.com/Konloch/bytecode-viewer Description: Bytecode Viewer is a Java Bytecode Viewer and More. ' ╔═╗┌─┐┌─┐┬ ┬┬─┐┬┌┬┐┬ ┬ ' ╚═╗├┤ │ │ │├┬┘│ │ └┬┘ ' ╚═╝└─┘└─┘└─┘┴└─┴ ┴ ┴ ' All about security issues/problems. URL: http://www.agarri.fr/blog/ Description: Bypassing blacklists based on IPy (Fuzz all the things). URL: https://ruxcon.org.au/slides/ Description: Ruxcon 2014 Materials (Dump). URL: https://ruxconbreakpoint.com/slides/ Description: Breakpoint 2014 Materials (Dump). URL: http://securityaffairs.co/wordpress/29302/hacking/serious-flaw-addthis.html Description: How to gain control of any Addthis user account. URL: https://blog.prakharprasad.com/2014/10/hackerone-vulnerability-common-response.html Description: HackerOne Vulnerability - Common Response Title Leak through Triggers. URL: http://www.securitysift.com/passive-reconnaissance/ Description: Passive Reconnaissance. URL: https://github.com/fix-macosx/yosemite-phone-home Description: Corpus of data automatically shared with Apple by a standard installation of OS X Yosemite. ' ╔═╗┬ ┬┌┐┌ ' ╠╣ │ ││││ ' ╚ └─┘┘└┘ ' Spare time ? URL: http://cylonjs.com/ Description: Next generation robotics framework with support for 27 different platforms. URL: https://amp.twimg.com/v/7cb46f6d-9589-43c1-9ac9-3ac1ab697413 Description: $AMMi is world’s best hacker ever. You never catch me. I have mysterious ways. 😆 ' ╔═╗┬─┐┌─┐┌┬┐┬┌┬┐┌─┐ ' ║ ├┬┘├┤ │││ │ └─┐ ' ╚═╝┴└─└─┘─┴┘┴ ┴ └─┘ ' Content Helpers (0x) 52656e61746f20526f64726967756573202d204073696d7073306e202d20687474703a2f2f706174686f6e70726f6a6563742e636f6d