HoaxShell Beta – Integrated with RevShells.com
https://github.com/t3l3machus/hoaxshell https://www.revshells.com/ 😍🥰😻 submitted by /u/DrinkMoreCodeMore [link] [comments]
https://github.com/t3l3machus/hoaxshell https://www.revshells.com/ 😍🥰😻 submitted by /u/DrinkMoreCodeMore [link] [comments]
submitted by /u/DrinkMoreCodeMore [link] [comments]
submitted by /u/DrinkMoreCodeMore [link] [comments]
Cybersecurity vendor Fortinet has addressed two critical vulnerabilities impacting its FortiNAC and FortiWeb products. Cybersecurity firm Fortinet has released security updates to address two critical vulnerabilities in FortiNAC and FortiWeb solutions. The two vulnerabilities, tracked as CVE-2022-39952 and CVE-2021-42756, are respectively an external control of file name or path in Fortinet FortiNAC and a collection […]
The post Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb appeared first on Security Affairs.
submitted by /u/Edmotix [link] [comments]
submitted by /u/mauvehead [link] [comments]
Hello!
I work in a security/pentesting company and in the last year the demand for DDoS testing has dramatically increased. The issue is that the customer is not interested in what I call a mislabeled load test, but wants us to test the reaction time and reliability of the (almost always outsourced, mostly to their ISP) DDoS protection provider they are using for their applications, plus the impact of the countermeasures launched to reduce an ongoing attack (which are usually various blocking rules made by the DDoS protection provider).
I’ve identified several issues – figuring out from where to perform the test to still go though the DDoS protection provider (that’s very often an ISP guarding their perimeter), how to avoid affecting unrelated third parties, and how to scale up the attack to at least trigger the detection thresholds of the DDoS protection provider while still keeping the test legal and price in a reasonable ranges, since the cost-value tradeoff is still pretty important.
Since I’ve given it a lot of though and I was unable to come up with a solution, and there are legal companies (not counting the random sites that take payment in bitcoin, but legit security companies that you contact for a quote), I’m really intrigued about how they do it and what am I missing. Is there anyone here who has experience with similar kind of engagement?
I hope that cross-posting from security stackexchage is ok. Copying the text of the post, since it’s mine, here seems unnecessary, but if it is an issue I will fix it and paste the content here.
Here are more details, with more in-depth description of the approaches I’ve explored (and rejected), and ideas I’ve had for the solution:
How to test the reaction of an outsourced DDoS protection provider to a DDoS attack, similar to a red teaming engagement?
Thank you! The issue is bugging me and I honestly think that it’s a pretty interesting challenge to think about, that’s why I’m also posting it here.
submitted by /u/Mikina
[link] [comments]
Experts are investigating the failures of several German airports after some media attributed them to a possible hacking campaign. On Thursday, the websites of several German airports were unreachable, experts launched an investigation speculating a possible cyberattack on a large scale against the critical infrastructure. Ralph Beisel. chief executive of the ADV airport association, confirmed […]
The post German airport websites hit by DDos attacks once again appeared first on Security Affairs.
Yeah yeah i know that you can change proxies constantly and hide your server and all but like isnt it too less reward for too much work? Like all it takes for you to be caught is a guy to scan his outbound connections and find your backdoor and bam enj…
Hey guys,
I am an Onkyo Amp user ( yeah, ik sucks to be me). Bit of a backstory, I owned 2, one of them broke spend 75% of original cost to ship a replacement board from over 6000km away, coz I live in Sri Lanka.
The one I have the problem is with the Onkyo TX-NR646, somewhere around doing a software update it crashed… and you guessed I had to replace the WHOLE DAMN BOARD, coz onkyo thats why.
Past a year or so, everything is fine with the TX till yesterday, the remote and the front panel stopped working, at all. I have to say all the AMP features work 100%, I have connected it to Wi-Fi so I can use the Wi-Fi remote and it works perfectly. But the buttons on the front and the remote do nothing at all. I figured it was a loose ribbon so I opened it up and re connected stuff and still same issue. Somehow the front panel started working, for like 30 seconds and stopped. I resetted it in that time frame and regretted cause now I have no Wi-Fi control either. Somehow I managed to mess around and quickly connected to Wi-Fi before it became unresponsive.
Before anyone mentions, ik a lot about onkyo amps and their problems so I did the usual, power off, disconnect everything blah blah blah. Right not I am not sure if its a software or a hardware problem.
So I booted up my PC and decided to access the Linux Shell of the Amp (telnet). Worked fine, I found a github repo on some EISCRP commands, so it was easy to get by, but now I wanna try two things and that’s what I want your help on.
Thanks
submitted by /u/OkithaPROGZ
[link] [comments]