-
https://nvd.nist.gov/vuln/detail/CVE-2019-17495:
> A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) tech…
-
Happy to see python in Excel :-)
I get a ProxyError when trying to make https requests using the requests library. Is this by design?
`import requests`
`URL = "https://www.geeksforgeeks.org/dat…
-
After one week exploitation agent in the wild (corporate network with proxies and firewalls) I think it would be useful if proxy has auto-start option so tunnel will automatically start when agent joi…
-
Recently, the IETF released [RFC9449](https://datatracker.ietf.org/doc/html/rfc9449), a proposed internet standard that describes a method for constraining access tokens to devices through the use of …
-
This one "https://github.com/nocomp/Flipper_Zero_Badusb_hack5_payloads/tree/main/exfiltration/rickroll_terminal_payload" does not work. Getting errors each time.
-
Evolving list of things we need:
- [x] #347
- [x] #348
- [x] #350
- [x] #363
- [ ] infra on the saga login nodes, notably a user + directory for files + directory for lock files + privileges t…
-
hi there,
curl -O https://github.com/elastic/examples/blob/master/Machine%20Learning/Security%20Analytics%20Recipes/dns_data_exfiltration/machine_learning/data_feed.json
curl -O https://github…
-
Can you stop attacking the Common Crawl CDX API?
-
We should add the ability to capture the beaconing/callout/C2 Domains used by a malware instance, either as part of a Capability or a separate structure.
-
Hi
I logged this pull request in the beats repo a while ago.
Add dns.string.length to improve detection's of dns exfil and tunnelling - Enhancement #20669
https://github.com/elastic/beats/pul…