█████╗ ██████╗ ██████╗ ███████╗███████╗ ██████╗ ███████╗███████╗██╗███╗ ██╗███████╗ ██╔══██╗██╔══██╗██╔══██╗██╔════╝██╔════╝██╔════╝ ██╔════╝╚══███╔╝██║████╗ ██║██╔════╝ ███████║██████╔╝██████╔╝███████╗█████╗ ██║ █████╗ ███╔╝ ██║██╔██╗ ██║█████╗ ██╔══██║██╔═══╝ ██╔═══╝ ╚════██║██╔══╝ ██║ ██╔══╝ ███╔╝ ██║██║╚██╗██║██╔══╝ ██║ ██║██║ ██║ ███████║███████╗╚██████╗ ███████╗███████╗██║██║ ╚████║███████╗ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚══════╝╚══════╝ ╚═════╝ ╚══════╝╚══════╝╚═╝╚═╝ ╚═══╝╚══════╝ ### Week: 06 | Month: February | Year: 2015 | Release Date: 06/02/2015 | Edition: 52º ### ' ╔╦╗┬ ┬┌─┐┌┬┐ ╔═╗┌─┐┌─┐ ' ║║║│ │└─┐ │ ╚═╗├┤ ├┤ ' ╩ ╩└─┘└─┘ ┴ ╚═╝└─┘└─┘ ' Something that really worth your time! URL: http://innerht.ml/blog/ie-uxss.html Original PoC: http://www.deusen.co.uk/items/insider3show.3362009741042107/ Description: Bypass of the Same-Origin Policy (SOP) on Internet Explorer. 😈 URL: http://www.bulbsecurity.com/more-book-exercises-guessable-credentials-apache-tomcat/ Description: Guessable Credentials-Apache Tomcat. URL: http://wiki.secarmour.com/2013/02/ssi-injection-attack.html Description: SSI Injection Attack. ' ╦ ╦┌─┐┌─┐┬┌─ ' ╠═╣├─┤│ ├┴┐ ' ╩ ╩┴ ┴└─┘┴ ┴ ' Some Kung Fu Techniques. URL: https://github.com/StalkR/dns-reverse-proxy Blog: http://blog.stalkr.net/2015/01/dns-reverse-proxy.html Description: DNS Reverse Proxy. URL: https://github.com/dotcppfile/DAws Description: Advanced Web Shell. URL: https://github.com/ant4g0nist/lisa.py Description: An Exploit Dev Swiss Army Knife. URL: https://binjitsu.readthedocs.org/en/latest/ Description: Binjitsu is a CTF framework and exploit development library. URL: https://github.com/diafygi/webrtc-ips Description: STUN IP Address requests for WebRTC, get local and external IP. URL: https://github.com/rurapenthe/hashfind Description: Tool to search files for matching password hash types and other data. URL: https://github.com/USArmyResearchLab/Dshell Description: Dshell is a network forensic analysis framework. ' ╔═╗┌─┐┌─┐┬ ┬┬─┐┬┌┬┐┬ ┬ ' ╚═╗├┤ │ │ │├┬┘│ │ └┬┘ ' ╚═╝└─┘└─┘└─┘┴└─┴ ┴ ┴ ' All about security issues/problems. URL: http://0x00string.com/hacktionary/index.php?title=AllShare_Cast Description: AllShare Cast Security Research. URL: http://securitycafe.ro/2015/01/05/understanding-php-object-injection/ Description: Understanding PHP Object Injection. URL: http://argus-sec.com/blog/remote-attack-aftermarket-telematics-service/ Description: A remote attack on an aftermarket telematics service (Car Hacking). URL: https://blog.netspi.com/advisory-xxe-injection-oracle-database-cve-2014-6577/ Description: XXE Injection in Oracle Database (CVE-2014-6577). URL: http://www.davidlitchfield.com/Privilege_Escalation_via_Oracle_Indexes.pdf Description: Privilege Escalation via Oracle Indexes. URL: http://h30499.www3.hp.com/t5/Fortify-Application-Security/Owning-SQLi-vulnerability-with-SQLmap/ba-p/6698577 Description: Owning SQLi vulnerability with SQLmap. URL: http://drops.wooyun.org/papers/4762 Description: Linux symbolic link attacks. ' ╔═╗┬ ┬┌┐┌ ' ╠╣ │ ││││ ' ╚ └─┘┘└┘ ' Spare time ? URL: http://keygenmusic.net/ Description: Music from keygens, cracks, trainers, intros. URL: https://github.com/madrobby/secure.js Description: Better and more secure JavaScript! URL: http://shipyourenemiesglitter.com/ Description: We send glitter to the people you hate. 😸 ' ╔═╗┬─┐┌─┐┌┬┐┬┌┬┐┌─┐ ' ║ ├┬┘├┤ │││ │ └─┐ ' ╚═╝┴└─└─┘─┴┘┴ ┴ └─┘ ' Content Helpers (0x) 52656e61746f20526f64726967756573202d204073696d7073306e202d20687474703a2f2f706174686f6e70726f6a6563742e636f6d