A python script to help red teamers discover KeePass instances and extract secrets.

It follows best practices :)

1. Dehashed—View leaked credentials.
2. SecurityTrails—Extensive DNS data.
3. DorkSearch—Really fast Google dorking.
4. ExploitDB—Archive of various exploits.
5. ZoomEye—Gather information about targets.
6. Pulsedive—Search for threat intelligence.
7. GrayHatWarfare—Search public S3 buckets.
8. PolySwarm—Scan files and URLs for threats.
9. Fofa—Search for various threat intelligence.
10. LeakIX—Search publicly indexed information.
11. DNSDumpster—Search for DNS records quickly.
12. FullHunt—Search and discovery attack surfaces.
13. AlienVault—Extensive threat intelligence feed.
14. ONYPHE—Collects cyber-threat intelligence data.
15. Grep App—Search across a half million git repos.
16. URL Scan—Free service to scan and analyse websites.
17. Vulners—Search vulnerabilities in a large database.
18. WayBackMachine—View content from deleted websites.
19. Shodan—Search for devices connected to the internet.
20. Netlas—Search and monitor internet connected assets.
21. CRT sh—Search for certs that have been logged by CT.
22. Wigle—Database of wireless networks, with statistics.
23. PublicWWW—Marketing and affiliate marketing research.
24. Binary Edge—Scans the internet for threat intelligence.
25. GreyNoise—Search for devices connected to the internet.
26. Hunter—Search for email addresses belonging to a website.
27. Censys—Assessing attack surface for internet connected devices.
28. IntelligenceX—Search Tor, I2P, data leaks, domains, and emails.
29. Packet Storm Security—Browse latest vulnerabilities and exploits.
30. SearchCode—Search 75 billion lines of code from 40 million projects.

Contre toute attente, chaque ligne de commentaire se termine soit par un "\n" ou un "\r".
En détaillant le contenu du PDF, les 5083 commentaires sont en fait 130 lignes de commentaires répété plusieurs fois au sein du fichier.

Quel est la cible?

A song is resonating at the same frequency of a 5400 HDD x)
It's listed as CVE-2022-38392

Messages sent through the window object can be intercepted by every source, and every source can emit messages.

Fixes:

1. No more HTML injection: The talk bubble no longer allows injecting HTML code.
2. Check origin: The synchronization script checks message origin and rejects messages coming from other websites.
3. Restrict message range effect : The messages allowed by the synchronization script have been restricted to things like “Change hat,” no longer allowing changing arbitrary settings.

Stats about security flaws in the linux kernel

Quelles sont les failles de sécurité de GNU/Linux ?
Exemples et statistiques à l'appui !

To test he new "this probably should be an f string" checker, they generated a list of the most popular python repositories on Github by using Github's topic search API [with this script].

With the rule:

GIVEN a string does not have an f prefix
WHEN the string contains {foo}
AND foo is in scope
THEN it’s probably missing an f prefix

And minimizing the false positive such as

• The string is later used in an str.format(…) call or str.format_map(…)
• The string is used in behave style test `@when('{user} accesses {url}.')

A big one !

... de

La Cour estime en outre que les avantages mis en avant dans l’évaluation préalable du contrat public-privé « ne se sont pas matérialisés, tandis que la préfecture de police a dû faire face à des surcoûts », relevant à ce titre ce type d'incongruité :

« À titre d’exemple, la livraison des travaux en retard n’a pas eu pour effet d’infliger une pénalité au prestataire mais, au contraire, de lui verser une indemnité de 1,4 M€. »

De plus, et « pendant plus de dix ans, la réalisation du PVPP n’a pas donné lieu aux mises en concurrence qui, en principe, permettent de réduire les coûts ».

en tant qu'utilisateur des services numériques

Oh boy... that's pretty scary.
To deliberately introduce security holes, sometimes minor changes are enough. For example replace "==" (comparison sign) by "=" (assignment). These "attacks" are visible to a trained eye.

But what happens if the eye can't see anymore? With Unicode, it is possible to use characters that look like our Latin alphabet, but are not, or worse change the writing order (left-right) so that the text is displayed one way in the text editor, while the compiler will interpret it differently. This opens up the possibility of inserting security holes that are almost impossible to see, even if you have the source code in front of you in your text editor.
(For an example of left-right inversion, go to this page: https://sebsauvage.net/wiki/ and look for my email address in the page: It shows up normally, but if you look at the html source, it shows up as a different text).

I think it would be interesting if text editors had an option to display in a particular color everything that is not purely "Latin text" (0000-024F), as well as Unicode characters that cause changes (backspace, change of direction).

Proof-of-concept of this attack in different languages can be seen here: https://github.com/nickboucher/trojan-source

(from https://sebsauvage.net/links/?QRVnDw)

We can develop an extension for each editor that highlights these characters easily !

With Authelia you can login once and get access to all your web apps safely from the Web thanks to two-factor authentication.

Authelia is an open source authentication and authorization server protecting modern web applications by collaborating with reverse proxies such as NGINX, Traefik and HAProxy. Consequently, no code is required to protect your apps.

Une faille de sécurité concernant ZeroBin et la suppression d'un document via un token dans l'URL.

• I bet he's thinking about other women
• log4j log4j log4j log4j log4j log4j log4j log4j log4j log4j log4j log4j