phantasm_lab | Technologies

Telegram-канал phantasm_lab - @Phantasm_Lab

2721

- Red x Blue Security - Bug Bounty 💷 💵 - Exploitable tools - Programming Languages - Malware Analysis 🇺🇸 🇧🇷 🇪🇸 since 2017 © Parceiros: @TIdaDepressaoOficial @acervoprivado @ReneGadesx @G4t3w4y

Subscribe to a channel

@Phantasm_Lab

TI da Depressão

/channel/TIdaDepressaoOficial

Читать полностью…

@Phantasm_Lab

SpiderFoot - OSINT automation Tool

SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.

SpiderFoot has an embedded web-server for providing a clean and intuitive web-based interface but can also be used completely via the command-line.

https://github.com/smicallef/spiderfoot

Читать полностью…

@Phantasm_Lab

PiiScanner - Burp Suite Extension

A PiiScanner Extension é uma extensão para o Burp Suite desenvolvida para detectar informações de identificação pessoal (PII), especificamente CPFs do Brasil, em requisições e respostas HTTP. Esta extensão utiliza o Montoya API e implementa validações para garantir que CPFs válidos e inválidos sejam registrados, auxiliando na identificação de possíveis exposições de dados sensíveis.

https://github.com/vanguard-threat-seekers/vanguard-burp-pii-scanner

Читать полностью…

@Phantasm_Lab

https://www.udemy.com/course/new-the-complete-ethical-hacking-course-2024zero-to-hero/?couponCode=HACK4GOOD

Читать полностью…

@Phantasm_Lab

ALGUNS CURSOS PARA VOCES

Читать полностью…

@Phantasm_Lab

🔎 Threat Intel Roundup: CrushFTP, CS2, Lazarus, Trigona
Week in Overview(5 Dec-12 Dec)

Читать полностью…

@Phantasm_Lab

What is Prometheus ?

Prometheus is an open-source systems monitoring and alerting toolkit originally built at SoundCloud. Since its inception in 2012, many companies and organizations have adopted Prometheus, and the project has a very active developer and user community

Prometheus collects and stores its metrics as time series data, i.e. metrics information is stored with the timestamp at which it was recorded, alongside optional key-value pairs called labels.

https://prometheus.io/docs/introduction/overview/

Читать полностью…

@Phantasm_Lab

iOS Pentesting Series
Learn how to work with useful tools and apps such as Frida, Objection, 3uTools, Cydia, Burp, fsmon, fridump, SSL bypass, reFlutter etc.
Part 1: https://kishorbalan.medium.com/start-your-first-ios-application-pentest-with-me-part-1-1692311f1902
Part 2: https://kishorbalan.medium.com/ios-pentesting-series-part-2-into-the-battlefield-f17ed2778890
Part 3: https://kishorbalan.medium.com/ios-pentesting-series-part-3-the-ceasefire-53fcea3bbd70

Читать полностью…

@Phantasm_Lab

FFuF - Fuzzing Tool

👨‍💻🛠​ In this week's episode of Hacker Tools, we will take a look at FFuF.

https://www.youtube.com/watch?v=UDaeS7455mU

Читать полностью…

@Phantasm_Lab

(Authenticated) Stored XSS - Simple Download Monitor 3.9.19 (Wordpress Plugin)

DreadPirateRobertt/stored-xss-simple-download-monitor-3-9-19-wordpress-plugin-cbef1564a44b" rel="nofollow">https://medium.com/@DreadPirateRobertt/stored-xss-simple-download-monitor-3-9-19-wordpress-plugin-cbef1564a44b

Читать полностью…

@Phantasm_Lab

NSA - Mitigating Web Shells

This repository houses a number of tools and signatures to help defend networks against web shell malware. More information about web shells and the analytics used by the tools here is available in NSA and ASD web shell mitigation guidance Detect and Prevent Web Shell Malware.

https://github.com/nsacyber/Mitigating-Web-Shells

Читать полностью…

@Phantasm_Lab

https://pi-hole.net/

Читать полностью…

@Phantasm_Lab

Getting started with the Red Team Guides

RedTeamGuides is a platform that provides red team tutorial and guidance along with cheatsheets. It is aimed at helping security professionals and enthusiasts to learn about red teaming and penetration testing techniques.

The platform provides a wide range of resources, including step-by-step tutorials, how-to guides, and cheat sheets, that cover different topics related to red teaming, such as reconnaissance, exploitation, post-exploitation, and privilege escalation. The guides are regularly updated to keep up with the latest techniques and tools in the field.

https://redteamguides.com/index.html

Читать полностью…

@Phantasm_Lab

https://www.udemy.com/course/cisco-simuladores-rapido-e-objetivo

Читать полностью…

@Phantasm_Lab

https://www.udemy.com/course/fundamentos-da-criptografia/?couponCode=REALDISCOUNT1G

Читать полностью…

@Phantasm_Lab

Bitbucket Monitoring Activity

Automation that sends automatic alerts when new repositories are created. Bitbucket provides features to notify repository members about specific activities, such as code pushes, pull requests, and other events, but does not notify about new repositories created across the organization.


https://github.com/u37-Luth1er/bitbucket-monitoring-activity

Читать полностью…

@Phantasm_Lab

The Greatest Video Game Pirate of All Time

EMPRESS is a renowned video game cracker known for their exceptional skills in bypassing digital rights management (DRM) protections. With a reputation for cracking the toughest security measures, EMPRESS has become a prominent figure in the gaming community, enabling players to access and play pirated versions of popular titles. Their contributions have sparked debates around piracy, copyright infringement, and the effectiveness of DRM in the gaming industry.

https://youtu.be/ZUioVa-wdDk?si=TKyx58h-k69KX60q

Читать полностью…

@Phantasm_Lab

https://www.udemy.com/course/the-redteam-blueprint/?Xx.xx&couponCode=7D99B7EDDEC44923439D

https://www.udemy.com/course/hacking-the-windows-api-with-python/?Xx.xx&couponCode=4113E9AF79AEE0B911DB

Читать полностью…

@Phantasm_Lab

Curso Práctico de Python 3 de cero a EXPERTO +50 EJERCICIOS
https://www.udemy.com/course/curso-practico-de-python-3-de-cero-a-experto-50-ejercicios/?Xx.xx&couponCode=29D94C14BD2B069BB24B

OWASP TOP 10 - Pentesting Web, Bug Bounty Hunting
https://www.udemy.com/course/owasp-top10-web/?Xx.xx&couponCode=F72B213DC48E1ABE8CD2

Web Scraping con Python - Extracción y Automatización Web
https://www.udemy.com/course/curso-web-scraping-con-python/?Xx.xx&couponCode=5E3654B2793D56E98ED8

Master en Burp Suite para Web, Pentest y Bug Bounty!
https://www.udemy.com/course/master-de-burp-suite/?Xx.xx&couponCode=8146B04B54F233D70900

Master JavaScript para Pentesters - XSS de 0 a 100
https://www.udemy.com/course/javascript-para-hackers-pentesters/?Xx.xx&couponCode=64DCCADEF22FCC9EAA8F

Читать полностью…

@Phantasm_Lab

https://www.udemy.com/course/ethical-hacking-full-red-team-el-lado-oscuro-de-la-fuerza/?couponCode=FEB2024

Читать полностью…

@Phantasm_Lab

Vuln Research in VIDEO GAMES?!?!

Our adventure with FreeDroid RPG began when we were perusing the National Vulnerability Database (NVD) for video game-related bugs and discovered two CVEs from 2020 related to this game: CVE-2020-14938 and CVE-2020-14939. Both CVEs involved ways to maliciously manipulate the save game data—each fascinating in their own right. As we looked into the technical details of this original research from LogicalTrust, we noticed anomalies in the patches that were meant to address these vulnerabilities, sparking a deeper investigation

https://youtu.be/vHocemqpOuo?si=x7Et0MJdhwMdHTIv

Читать полностью…

@Phantasm_Lab

Alien Vault - The World’s First Truly Open Threat Intelligence Community

https://otx.alienvault.com/

Читать полностью…

@Phantasm_Lab

Leveraging a Hooking Framework to Expand Malware Detection Coverage on the Android Platform
https://unit42.paloaltonetworks.com/hooking-framework-in-sandbox-to-analyze-android-apk/

Читать полностью…

@Phantasm_Lab

SSRFire - An automated SSRF finder

aswinchandran274/ssrfire-an-automated-ssrf-finder-798f3ee8a38" rel="nofollow">https://medium.com/@aswinchandran274/ssrfire-an-automated-ssrf-finder-798f3ee8a38

Читать полностью…

@Phantasm_Lab

File Shared < 1.6.48 (Wordpress Plugin) — Sensitive Data Exposure Mysql version, enviroment..

When we try upload an unauthorized file, The plugin core stored Database sensitive informations like Mysql Version, Enviroment informations, userid, user_session, ip,(browser informations).

DreadPirateRobertt/file-shared-1-6-48-wordpress-plugin-sensitive-data-exposure-mysql-version-enviroment-343356762353" rel="nofollow">https://medium.com/@DreadPirateRobertt/file-shared-1-6-48-wordpress-plugin-sensitive-data-exposure-mysql-version-enviroment-343356762353

Читать полностью…

@Phantasm_Lab

Linux Directories Explained in 100 Seconds

https://youtu.be/42iQKuQodW4?si=xx_zFeH_l2xwygYV

Читать полностью…

@Phantasm_Lab

OTP Bypass via Source Page Inspection

katmaca2014/otp-bypass-via-source-page-inspection-3c6ac90a0fb5" rel="nofollow">https://medium.com/@katmaca2014/otp-bypass-via-source-page-inspection-3c6ac90a0fb5

Читать полностью…

@Phantasm_Lab

https://www.udemy.com/course/curso-de-javascript-de-0-a-heroe/?couponCode=5AFF53FD65CDC4E4F976

Читать полностью…

@Phantasm_Lab

https://www.udemy.com/course/desenvolvedor-megazord-bootcamp/?referralCode=5A1BF30FC11E45F8932A

Читать полностью…

@Phantasm_Lab

Awesome Cloud PenTest

https://github.com/CyberSecurityUP/Awesome-Cloud-PenTest

Читать полностью…
Subscribe to a channel