█████╗ ██████╗ ██████╗ ███████╗███████╗ ██████╗ ███████╗███████╗██╗███╗ ██╗███████╗ ██╔══██╗██╔══██╗██╔══██╗██╔════╝██╔════╝██╔════╝ ██╔════╝╚══███╔╝██║████╗ ██║██╔════╝ ███████║██████╔╝██████╔╝███████╗█████╗ ██║ █████╗ ███╔╝ ██║██╔██╗ ██║█████╗ ██╔══██║██╔═══╝ ██╔═══╝ ╚════██║██╔══╝ ██║ ██╔══╝ ███╔╝ ██║██║╚██╗██║██╔══╝ ██║ ██║██║ ██║ ███████║███████╗╚██████╗ ███████╗███████╗██║██║ ╚████║███████╗ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚══════╝╚══════╝ ╚═════╝ ╚══════╝╚══════╝╚═╝╚═╝ ╚═══╝╚══════╝ ### Week: 19 | Month: May | Year: 2015 | Release Date: 08/05/2015 | Edition: 65º ### ' ╔╦╗┬ ┬┌─┐┌┬┐ ╔═╗┌─┐┌─┐ ' ║║║│ │└─┐ │ ╚═╗├┤ ├┤ ' ╩ ╩└─┘└─┘ ┴ ╚═╝└─┘└─┘ ' Something that really worth your time! URL: http://blog.bentkowski.info/2015/05/xss-via-file-upload-wwwgooglecom.html Description: XSS via file upload - www.google.com (Postini Header Analyzer). URL: https://hackerone.com/reports/14883 Description: Twitter CSRF protection bypass via Google Analytics. ' ╦ ╦┌─┐┌─┐┬┌─ ' ╠═╣├─┤│ ├┴┐ ' ╩ ╩┴ ┴└─┘┴ ┴ ' Some Kung Fu Techniques. URL: https://github.com/hephaest0s/usbkill Description: Anti-forensic kill-switch USB based. URL: https://github.com/cea-sec/Sibyl Description: A Miasm2 based function divination (RE Helper). URL: https://github.com/wiire/pixiewps Helper: https://www.youtube.com/watch?v=8f6oClT7Wp4 Description: Tool for bruteforce offline the WPS pin (Not all routers). URL: https://github.com/ShawnDEvans/smbmap Description: SMBMap is a handy SMB enumeration tool. URL: https://github.com/x0r1/jellyfish Description: GPU rootkit PoC by Team Jellyfish. URL: https://github.com/x0r1/Demon Description: GPU keylogger PoC by Team Jellyfish. ' ╔═╗┌─┐┌─┐┬ ┬┬─┐┬┌┬┐┬ ┬ ' ╚═╗├┤ │ │ │├┬┘│ │ └┬┘ ' ╚═╝└─┘└─┘└─┘┴└─┴ ┴ ┴ ' All about security issues/problems. URL: https://www.firefart.at/how-to-crack-mifare-classic-cards/ Description: How to crack mifare classic cards (NFC). URL: https://blog.sucuri.net/2015/04/critical-persistent-xss-0day-in-wordpress.html Description: Critical Persistent XSS 0day in WordPress. URL: http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/ Description: Analyzing the Magento Vulnerability (Updated). URL: http://malware-unplugged.blogspot.ie/2015/01/hunting-and-decrypting-communications.html Description: Hunting and Decrypting Communications of Gh0st RAT in Memory. URL: http://www.vulnerability-lab.com/get_content.php?id=1474 Description: PayPal Inc Bug Bounty #114 - JDWP RCE Vulnerability. URL: http://synacktiv.ninja/ressources/synacktiv_drupal_xxe_services.pdf Description: Pre-authentication XXE vulnerability in the Services Drupal module. URL: http://blog.atx.name/reverse-engineering-radio-weather-station/ Description: Reverse engineering radio weather station. ' ╔═╗┬ ┬┌┐┌ ' ╠╣ │ ││││ ' ╚ └─┘┘└┘ ' Spare time ? URL: https://drive.google.com/a/ase/folderview?id=0B2G2LjIu7WbdfjhaUmVzc1lCR2hUdk5fZllCOHdtbFItbU5qYzdqZGVxdmlnRkJyYVQ4VU0 Epic: https://raw.githubusercontent.com/HackerFantastic/Public/master/exploits/leehseinloong.cpp (😂) Description: Prime minster of Singapore published a Sudoku solver C++ code (With a Stack Overflow 😈). URL: http://io.smashthestack.org/ Description: O wargame, one of the wargames of the smashthestack network. ' ╔═╗┬─┐┌─┐┌┬┐┬┌┬┐┌─┐ ' ║ ├┬┘├┤ │││ │ └─┐ ' ╚═╝┴└─└─┘─┴┘┴ ┴ └─┘ ' Content Helpers (0x) 52656e61746f20526f64726967756573202d204073696d7073306e202d20687474703a2f2f706174686f6e70726f6a6563742e636f6d