Contribuez à SecuObs en envoyant des bitcoins ou des dogecoins.
Nouveaux articles (fr): 1pwnthhW21zdnQ5WucjmnF3pk9puT5fDF
Amélioration du site: 1hckU85orcGCm8A9hk67391LCy4ECGJca
Tips: DLovLUzkYsFNbAT5xwewQ6BAWztH4MtDgn

Contribute to SecuObs by sending bitcoins or dogecoins.
New content (en): 1pwnwwLjiu8U6jgqEchPXibM2dJA2CqQq
New website: 1hckU85orcGCm8A9hk67391LCy4ECGJca

44i3VeDHHoL5U6cULcgP6gPWw4p2oCoSGZXepBSDV42mGuLpuSbn5Kh3uGJ8Z9YqkaRwbQqq8op4nShvptRMByNxQFfBvVd
Chercher :
Newsletter :  

Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- Secuobs




Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- USBsploit
- Commentaires

Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top bi-hebdo:
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs

Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

RSS/XML :
- Articles
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter

RSS SecuObs :
- sécurité
- exploit
- windows
- attaque
- outil
- microsoft

RSS Revue :
- security
- microsoft
- windows
- hacker
- attack
- network

RSS Videos :
- curit
- security
- biomet
- metasploit
- biometric
- cking

RSS Twitter :
- security
- linux
- botnet
- attack
- metasploit
- cisco

RSS Comments :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

RSS OPML :
- Français
- International



Revue de presse francophone :
- Appaloosa AppDome nouent un partenariat pour accompagner les entreprises dans le déploiement et la protection des applications mobiles
- D-Link offre une avec un routeur VPN sans fil AC
- 19 mai Paris Petit-Déjeuner Coreye Développer son business à l'abri des cyberattaques
- POYNTING PRESENTE LA NOUVELLE ANTENNE OMNI-291, SPECIALE MILIEU MARITIME, CÔTIER ET MILIEU HUMIDE
- Flexera Software Les utilisateurs français de PC progressent dans l'application de correctifs logiciels, mais des défis de tailles subsistent
- Riverbed lance SD-WAN basé sur le cloud
- Fujitsu multi-récompensé VMware lui décerne plusieurs Partner Innovation Awards à l'occasion du Partner Leadership Summit
- Zscaler Private Access sécuriser l'accès à distance en supprimant les risques inhérents aux réseaux privés virtuels
- QNAP annonce la sortie de QTS 4.2.1
- Une enquête réalisée par la société de cyber sécurité F-Secure a décelé des milliers de vulnérabilités graves, potentiellement utilisables par des cyber criminels pour infiltrer l'infrastru
- Trouver le juste équilibre entre une infrastructure dédiée et cloud le dilemme de la distribution numérique
- 3 juin - Fleurance - Cybersécurité Territoires
- Cyber-assurances Seules 40 pourcents des entreprises françaises sont couvertes contre les violations de sécurité et les pertes de données
- Des étudiants de l'ESIEA inventent CheckMyHTTPS un logiciel qui vérifie que vos connexions WEB sécurisées ne sont pas interceptées
- Les produits OmniSwitch d'Alcatel-Lucent Enterprise ALE gagnent en sécurité pour lutter contre les cyber-attaques modernes

Dernier articles de SecuObs :
- DIP, solution de partage d'informations automatisée
- Sqreen, protection applicative intelligente de nouvelle génération
- Renaud Bidou (Deny All): "L'innovation dans le domaine des WAFs s'oriente vers plus de bon sens et d'intelligence, plus de flexibilité et plus d'ergonomie"
- Mises à jour en perspective pour le système Vigik
- Les russes ont-ils pwn le système AEGIS ?
- Le ministère de l'intérieur censure une conférence au Canada
- Saut d'air gap, audit de firmware et (in)sécurité mobile au programme de Cansecwest 2014
- GCHQ: Le JTRIG torpille Anonymous qui torpille le JTRIG (ou pas)
- #FIC2014: Entrée en territoire inconnu
- Le Sénat investit dans les monnaies virtuelles

Revue de presse internationale :
- VEHICLE CYBERSECURITY DOT and Industry Have Efforts Under Way, but DOT Needs to Define Its Role in Responding to a Real-world Attack
- Demand letter served on poll body over disastrous Comeleak breach
- The Minimin Aims To Be The Simplest Theremin
- Hacking group PLATINUM used Windows own patching system against it
- Hacker With Victims in 100 Nations Gets 7 Years in Prison
- HPR2018 How to make Komboucha Tea
- Circuit Bender Artist bends Fresnel Lens for Art
- FBI Director Suggests iPhone Hacking Method May Remain Secret
- 2016 Hack Miami Conference May 13-15, 2016
- 8-bit Video Wall Made From 160 Gaming Keyboards
- In An Era Of Decline, News Sites Can t Afford Poor Web Performance
- BeautifulPeople.com experiences data breach 1m affected
- Swedish Air Space Infringed, Aircraft Not Required
- Why cybercriminals attack healthcare more than any other industry
- Setting the Benchmark in the Network Security Forensics Industry

Annuaire des videos
- FUZZING ON LINE PART THREE
- Official Maltego tutorial 5 Writing your own transforms
- Official Maltego tutorial 6 Integrating with SQL DBs
- Official Maltego tutorial 3 Importing CSVs spreadsheets
- install zeus botnet
- Eloy Magalhaes
- Official Maltego tutorial 1 Google s websites
- Official Maltego tutorial 4 Social Networks
- Blind String SQL Injection
- backdoor linux root from r57 php shell VPS khg crew redc00de
- How To Attaque Pc With Back Track 5 In Arabique
- RSA Todd Schomburg talks about Roundup Ready lines available in 2013
- Nessus Diagnostics Troubleshooting
- Panda Security Vidcast Panda GateDefender Performa Parte 2 de 2
- MultiPyInjector Shellcode Injection

Revue Twitter
- RT @fpalumbo: Cisco consistently leading the way ? buys vCider to boost its distributed cloud vision #CiscoONE
- @mckeay Looks odd... not much to go on (prob some slideshow/vid app under Linux)
- [SuggestedReading] Using the HTML5 Fullscreen API for Phishing Attacks
- RT @BrianHonan: Our problems are not technical but cultural. OWASP top 10 has not changed over the years @joshcorman #RSAC
- RT @mikko: Wow. Apple kernels actually have a function called PE_i_can_has_debugger:
- [Blog Spam] Metasploit and PowerShell payloads
- PinkiePie Strikes Again, Compromises Google Chrome in Pwnium Contest at Hack in the Box: For the second time thi...
- @mikko @fslabs y'all wldn't happen to have lat/long data sets for other botnets, wld you? Doing some research (free/open info rls when done)
- RT @nickhacks: Want to crash a remote host running Snow Leopard? Just use: nmap -P0 -6 --script=targets-ipv6-multicast-mld #wishiwaskidding
- An inexpensive proxy service called is actually a front for #malware distribution -

Mini-Tagwall
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone

+ de mots clés pour la revue de presse
Annuaires des videos : curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit

+ de mots clés pour les videos
Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall

+ de mots clés pour la revue Twitter

Top bi-hebdo des articles de SecuObs
- [Ettercap – Partie 2] Ettercap par l'exemple - Man In the Middle et SSL sniffing
- [Infratech - release] version 0.6 de Bluetooth Stack Smasher
- [IDS Snort Windows – Partie 2] Installation et configuration
- [Infratech - vulnérabilité] Nouvelle version 0.8 de Bluetooth Stack Smasher
- Mises à jour en perspective pour le système Vigik
- USBDumper 2 nouvelle version nouvelles fonctions !
- EFIPW récupère automatiquement le mot de passe BIOS EFI des Macbook Pro avec processeurs Intel
- La sécurité des clés USB mise à mal par USBDUMPER
- Une faille critique de Firefox expose les utilisateurs de Tor Browser Bundle
- Installation sécurisée d'Apache Openssl, Php4, Mysql, Mod_ssl, Mod_rewrite, Mod_perl , Mod_security

Top bi-hebdo de la revue de presse
- StackScrambler and the Tale of a Packet Parsing Bug

Top bi-hebdo de l'annuaire des videos
- DC++ Botnet. How To DDos A Hub With Fake IPs.
- Comment creer un server botnet!!!!(Réseau de pc zombies)
- Defcon 14 Hard Drive Recovery Part 3

Top bi-hebdo de la revue Twitter
- RT @secureideas: I believe that all the XSS flaws announced are fixed in CVS. Will test again tomorrow if so, release 1.4.3. #BASESnort
- Currently, we do not support 100% of the advanced PDF features found in Adobe Reader... At least that's a good idea.
- VPN (google): German Foreign Office Selects Orange Business for Terrestrial Wide: Full
- @DisK0nn3cT Not really, mostly permission issues/info leak...they've had a couple of XSS vulns but nothing direct.
- Swatting phreaker swatted and heading to jail: A 19-year-old American has been sentenced to eleven years in pris..
- RT @fjserna You are not a true hacker if the calc.exe payload is not the scientific one... infosuck.org/0x0035.png

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Webshag, un outil d'audit de serveur web
- Les navigateurs internet, des mini-systèmes d’exploitation hors de contrôle ?
- Yellowsn0w un utilitaire de déblocage SIM pour le firmware 2.2 des Iphone 3G
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission
- Nessus 4.0 placé sous le signe de la performance, de l'unification et de la personnalisation
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- [IDS Snort Windows – Partie 1] Introduction aux IDS et à SNORT
- Origami pour forger, analyser et manipuler des fichiers PDF malicieux

Les Tweets pour hdmoore
Si vous voulez bloquer un compte Twitter ou nous en proposer un

Menu > Elements de la revue Twitter : - l'ensemble [tous] - par mots clé [tous] - par compte [tous] - le tagwall [voir]
S'abonner au fil RSS global de la revue Twitter

Suivants


Les Tweets filtrés pour "hdmoore" (1615 résultats)
S'abonner au fil RSS SecuObs pour le compte Twitter hdmoore


[2012-10-10] - 05:01:19 - @DanRaywood @ABridgwater @leonward by who is the real question; hosting providers as far back as 1993/1994 with BSD, 1998+ Linux

[2012-10-10] - 05:01:19 - @info_dox @metasploit @rapid7 thanks, it should be passing a --config-dir parameter pointing to our cached SSL pubkey

[2012-10-06] - 12:46:40 - @0xcharlie meterpreter negotiates SSL once the TCP side is staged, but you can also use reverse_https to get end-to-end SSL

[2012-10-06] - 12:46:40 - @D4rk0TheBoss most of metasploit is still aimed at initial connectivty vs persistent access, SET has some tools for this though

[2012-10-06] - 12:46:40 - @D4rk0TheBoss definitely, but they dont help until the payload is staged, is there a reason to use AES vs SSL?

[2012-10-06] - 12:46:40 - @D4rk0TheBoss non-standard protocols and IPSEC are tough to get through a corprorate firewall, is there a benefit vs SSL?

[2012-10-06] - 12:46:40 - @Mephux neat! just saw it, wooo ruby :)

[2012-10-06] - 12:46:40 - Woohoo! A new Burp Suite release (v1.5rc2): http://t.co/ND3xF5QI

[2012-10-06] - 12:46:40 - RT @kerouanton: @hdmoore so it's time to write an article on a new BurpSuite plugin for Hakin9 ;) @endrazine Posted: http://t.co/glHxnz7Q

[2012-10-05] - 07:37:35 - @Balgan actual scans are nmap + udpblast, processing is ruby+elastic+mongo

[2012-10-05] - 07:37:35 - RT @mubix: {blog} Meet ?q?? Free Metasploit Exploit Pack http://t.co/dspuspKh No backlash, great to see them find a home

[2012-10-03] - 02:02:09 - The Kaspersky article on Brazil DSL calls this CSRF, but this is actually a password reset/default flaw: http://t.co/baqRITT4

[2012-10-03] - 02:02:09 - @Souley the weird thing is the CSRF exploit screenshot; it's not actually related to the shell script exploit ( no pass vs default pas)

[2012-10-03] - 02:02:09 - @kaito834 CSRF is a victim-driven action and has no bearing on the default password exploit used

[2012-10-01] - 04:56:43 - @markofu I also do a lot of mongoexport to JSON and Hadoop-style CLI procesing with Ruby + GNU Parallel, easy with 200Gb of RAM

[2012-09-29] - 12:33:41 - @myanis007 there isnt a public network, but you can use Metasploitable2 and other VMs to get up to speed

[2012-09-29] - 12:33:41 - @chort0 @andrewsmhay counterpoint; disable ssh password authentication (pubkey only), dont allow php applications, change the ssh port

[2012-09-29] - 12:33:41 - RT @_juan_vazquez_: Just added #Metasploit mod Samba SetInformationPolicy AuditEventsInfo Heap Overflow (CVE-2012-1182) Screenshot: http ...

[2012-09-22] - 05:32:39 - RT @egyp7: Overview of how Metasploit payloads work: https://t.co/sanKQOul

[2012-09-22] - 05:32:39 - @secmoose I would tell you a joke about ruby, but you would only ask which one?

[2012-09-21] - 05:35:28 - Microsoft Fix-IT for IE 0-day, but verify with #metasploit first (the fix may not work): http://t.co/tgKhoInp https://t.co/MGybNcqC

[2012-09-21] - 05:35:28 - @prakharprasad Metasploit provides source code, you provide OBFUSCATE. Seriously though, we do in many cases, but no approach is universal

[2012-09-21] - 05:35:28 - @jstevensen @netbiosX ~8000+ Ubuntu machines still havent applied the patch and have MySQL open to the world

[2012-09-21] - 05:35:28 - @netbiosX @jstevensen looked at scan results from the last 30 days, grepped ubuntu, mapped patches/packages to banners, crunched

[2012-09-21] - 05:35:28 - @erickolb @jodieswafford OS dependencies are tricky, IE8/IE9 on Windows 7 requires Java 6 for the ROP chain

[2012-09-19] - 05:39:29 - RT @kaithomsen: Oh, and that new IE 0-day Metasploit module works even better than the Java 0-day from two weeks ago. Might replace SCCM ...

[2012-09-19] - 05:39:29 - @ZeroDayLab: Nvidia puts Tesla K20 GPU coprocessor through its paces: http://t.co/GMmpNNH5 Dynamic Parallelism + Salted Hashes?

[2012-09-18] - 07:05:24 - RT @_sinn3r: Just added #Metasploit IE 0day (IE7/8/9): http://t.co/1bI4fmNP Thx @_juan_vazquez_, @binjo, @eromang

[2012-09-14] - 20:55:02 - @SpartanTango by authenticating to them using the pubkey module in metasploit ( w/o the public key )

[2012-09-14] - 20:55:02 - @SpartanTango the f5 web fingerprint was done by matching the 443 login (f5 networks configuration....), then ssh tested

[2012-09-14] - 20:55:02 - @SpartanTango not true; older versions shipped with ssh on by default, confirmed by F5

[2012-09-14] - 20:55:02 - @SpartanTango true, but 6500 appliances have ssh exposed regardless, if that goes against guidance, the guidance needs to be more explicit

[2012-09-14] - 20:55:02 - @yeleekneb ~750 of 13,500 total ( half of which have ssh open )

[2012-09-14] - 09:11:18 - @darkuncle @peakscale ssh is only on by default in older versions at least

[2012-09-13] - 11:06:48 - Random: 50% of F5 BigIPs have SSH open and 10% of those still allow root logins with the widely published SSH private key #unitedsummit

[2012-09-12] - 20:16:28 - RT @egyp7: Blog post about current_user_psexec Metasploit module I demo'd at #defcon - https://t.co/bBwYQ66w

[2012-09-12] - 06:22:17 - @spxza @hugoestuamigo ethics may be lose worrysome than law; most bruteforce sources are also owned boxes

[2012-09-12] - 06:22:17 - @postmodern_mod3 @Mephux someday Apple will ship a ruby interpreter that works..and open source their hardware, probably the same day :)

[2012-09-12] - 06:22:17 - @Carlos_Perez @Mephux @postmodern_mod3 Linux distros screw up Ruby too, but only Apple reversed endian order and linked libeditline vs rl

[2012-09-10] - 16:22:00 - @7h3linguist still waiting to here back from engineering, ill poke them with a stick again

[2012-09-10] - 16:22:00 - @D4rk0TheBoss thanks! its fed by the metasploit blog content at the moment

[2012-09-09] - 00:06:26 - RT @threatagent: My son (@ipwnstuff) wrote a Metasploit extract OSX pw from Keychhains @BLacKR1D3R @DaveMarcus http://t.co/AjYWttmm

[2012-09-08] - 03:25:00 - @7h3linguist still waiting to here back from engineering, ill poke them with a stick again

[2012-09-07] - 05:51:39 - @davidkl_ saw that - and username is phone number, pretty terrible. BlackBerries used to/still send their phone number in DHCP requests

[2012-09-07] - 05:51:39 - @vmamuaya you likely have the wrong target selected (java vs win32 native). Java targets need Java payloads

[2012-09-06] - 06:30:18 - RT @mubix: {blog} Completely In-memory Mimikatz with Metasploit http://t.co/OiBwyi4C

[2012-08-11] - 21:25:22 - fun with non-alphanumeric javascript: http://t.co/t35FeNxA

[2012-08-09] - 19:59:25 - @cBekrar An ironic statement considering VUPEN's customers :) Metasploit is open source and available to governments rebels alike

[2012-08-07] - 23:33:37 - @cryptoOCDrob best bet is an attack proxy or browser plugin (Paros, Burp, Tamper Data, etc)

[2012-08-07] - 23:33:37 - @zohraan_amin metasploit runs on windows, linux, bsd, android, and iOS (and able to a exploit a wide variety of platform types)

[2012-08-03] - 21:43:10 - A neat local privilege escalation for Linux systems using the nVidia driver: http://t.co/8CMZq3Gd

[2012-07-31] - 14:29:53 - So long, Las Vegas - great to see everyone at BSidesLV, BlackHat, and Defcon this year. Talk slides should be online later this week


Suivants

S'abonner au fil RSS global de la revue Twitter
Menu > Elements de la revue Twitter : - l'ensemble [tous] - par mots clé [tous] - par compte [tous] - le tagwall [voir]




SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :