digitalcourage.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Diese Instanz wird betrieben von Digitalcourage e.V. für die Allgemeinheit. Damit wir das nachhaltig tun können, erheben wir einen jährlichen Vorausbeitrag von 1€/Monat per SEPA-Lastschrifteinzug.

Server stats:

855
active users

#pentesting

4 posts4 participants0 posts today

From day one, TShark has been an essential part of #BashCore. It’s not just a substitute for Wireshark—it’s the same powerful engine, but fully command-line. If you’re serious about network analysis and pentesting, mastering TShark is a must.

It has nothing less than Wireshark, just no GUI. Learn it, and you’ll have full control over packet capture and analysis, even on minimal systems.

wireshark.org/docs/man-pages/t

www.wireshark.orgtshark(1)

FIN7 *again*? Seriously, these guys just don't quit, do they? 🙄

Heads up – they've cooked up an Anubis backdoor using Python. And nope, *it's not* the Android Trojan people know. It's pretty wild what this thing packs: we're talking remote shell capabilities, file uploads, messing with the registry... 🤯 Basically, the keys to the kingdom!

And let me tell you from a pentester's perspective: Just relying on AV? That's *definitely* not gonna cut it anymore. We all know that, right?

Looks like they're slipping in through compromised SharePoint sites now? Yikes. The nasty part? A Python script decrypts the payload *directly in memory*, making it incredibly tough to spot! 🥴 Plus, their command and control chats happen over a Base64-encoded TCP socket.

So, keep a *sharp eye* on those ZIP attachments! Double-check your SharePoint sites' integrity. You'll also want to monitor network traffic closely (especially that TCP activity!). And make sure your endpoint security is actually up to snuff – remember, they love finding ways to bypass defenses!

How are *you* tackling threats like this one? What are your go-to tools and strategies for defense? 🤔 Let's share some knowledge!

Whoa, just stumbled onto something pretty wild: "Atlantis AIO." Heard it called the Swiss Army knife for credential stuffing! 🔪

Not sure what that is? Okay, picture this: hackers grab massive batches of leaked passwords. Then, they just systematically try those logins *everywhere*. Atlantis AIO basically automates that whole nasty process, making it super efficient for them.

And yeah, that means your Netflix, your email, even your online banking could be in the crosshairs! 🎯

Now, speaking from my experience as a pentester, it's frighteningly common to see how effective credential stuffing is, *especially* when people aren't using MFA. Sure, complex password rules are a start, but honestly, they often just aren't enough on their own.

Multi-Factor Authentication (MFA)? *That's* the real gamechanger here. 🔑 Seriously, turning it on wherever you can makes a massive difference.

Anyway, curious to hear from you all – have any of you run into attacks like this before, or seen the fallout? What happened? Drop your stories below!

Seriously, Broadcom... what's the deal lately? 🤯

First up, we've got CVE-2025-22230 hitting VMware Tools for Windows. This nasty bug basically lets standard users inside a VM escalate their privileges to admin level. Yikes! 😬 With a CVSS score of 7.8, you'll want to jump on this fix ASAP. It impacts versions 11.x.x and 12.x.x, so upgrading to 12.5.1 needs to be right at the top of your list!

But wait, there's more. CrushFTP is also sounding the alarm about unauthenticated access vulnerabilities lurking on HTTP(S) ports in versions 10 and 11. It's definitely time to double-check those DMZ configurations. Rapid7 has confirmed that exploits are out there, allowing unauthorized access. Pretty intense, right?

Stuff like this is a stark reminder: while automated scans have their place, they just don't cut it alone. Real-deal penetration testing is absolutely essential. Those manual checks are what uncover the sneaky issues that automated tools often breeze right past.

What's your take on this recent wave? How are you keeping your own environments locked down tight? Let's talk 👇

When I started the IC_Null channel the idea was to cover topics primarily about #cybersecurity, #hacking, #pentesting etc. from a #blind perspective. Blind as in #screenReader user, that is. But an overarching topic is showing off what jobs are (up to a point) doable for this demographic and where the obstacles are. Today's stream leans that way: we'll be looking at the premier #translation and #localization tool, Trados Studio. Supposedly they have upped their #accessibility as of late. I'll be the judge of that 💀
I'll see you all on #youtube and #twitch just under 1.5 hours from now. https://twitch.tvic_null youtube.com/@blindlyCoding #selfPromo #stream #trados

youtube.comBefore you continue to YouTube

Whoa, the IT security world was on FIRE this week! 🤯 Open source supply chain attacks, malware sneaking into the Play Store, ransomware bypassing EDR... and is AI just pouring gasoline on the phishing flames?! Seriously intense! 😳 Cloud security's getting a raw deal and let's be real, backups are only as good as their security.

It's wild how rapidly the threat landscape's evolving, isn't it? Gotta stay sharp, folks! Automated vulnerability scans? They're definitely nice, but manual penetration tests are still essential. And AI? Awesome tech, but also seriously risky. Disinformation and manipulation are spiraling out of control. We've gotta stay vigilant!

So, what are *your* biggest IT security pain points right now? Spill the beans!

Okay, so CVE-2025-30066 might sound super niche, but it's actually a pretty significant supply chain attack that went down through GitHub Actions. 💥 Specifically, it targeted tj-actions/changed-files.

Basically, what happened was attackers managed to inject some malicious code and snag sensitive data like AWS keys and PATs. You know, the usual suspects. 🙄

Now, here's the kicker: Automated scans often miss stuff like this. It really underscores the need for a human pentester's eye. And, seriously folks, security by design is *crucial*. ☝️

To fix it, update to v46.0.1 ASAP, rotate your secrets, and always pin your GitHub Actions to specific commits. And honestly? Keep a close watch on that Open Source code! 👀

So, how do *you* secure your CI/CD pipelines? Let's chat! #infosec #pentesting #supplychain

New Open-Source Tool Spotlight 🚨🚨🚨

Sqlmap is an open-source tool for automating SQL injection detection and exploitation. It supports multiple databases like MySQL, PostgreSQL, Oracle, and more. Widely used for penetration testing, it includes features like database dumping, password cracking, and file system access.

Remember: powerful tools require responsible use. #CyberSecurity #PenTesting

🔗 Project link on #GitHub 👉 github.com/sqlmapproject/sqlmap

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️