Linux is repository slavery
Almost all Linux users are slaves to repositories meanwhile Windows users can download an .exe file and get the latest version, bleeding edge beta version, or an ancient version of whatever software then want if they have the .exe .
We literally have made habit of frequently changing OS's just to get software we find effective. Solutions have been offered such as distro agnostic pack managers like flatpak and snap, and tools like appimage. However they are primarily ignored in favor of ancient tools like apt-get and .deb.
In Debian/Ubuntu's case apt-get should continue to exist for people who want it and how it saves a lot of space. But developers should be encouraged to take advantage of flatpak and appimage and even tar.gz bundles to prevent software from being chained to particular distros.
>Zip Slip is a widespread arbitrary file overwrite critical vulnerability, which typically results in remote command execution. It was discovered and responsibly disclosed by the Snyk Security team ahead of a public disclosure on 5th June 2018, and affects thousands of projects, including ones from HP, Amazon, Apache, Pivotal and many more (CVEs and full list here) . Of course, this type of vulnerability has existed before, but recently it has manifested itself in a much larger number of projects and libraries.
some useful resource i saw frequently posted in some discord server
Just saw this WiFi hacking tool on twitter and the creator said he would release the code some time later
Guess it’s just a weak password guessing thingy?
very nice articles about CORS
this site is really interesting
and hackaday too but this is more about tutorials
/wifi/ ESP8266 Deauther 2.0
anyone checked about this project?
>Scan for WiFi devices, block selected connections, create dozens of networks and confuse WiFi scanners
there are available devices made with screen that costs about $12-$30
and i found a video that demonstrates about how to flash the nodemcu board and make your own deauther: https://www.youtube.com/watch?v=wKhSlIYQ5jA
(only costs $3)
>It is not a frequency jammer as claimed falsely by many people. Its attack, its method and how to protect against it is described above. It uses valid Wi-Fi frames described in the IEEE 802.11 standard and doesn't block or disrupt any frequencies.
more info about the mechanism behind it can be found here: https://en.wikipedia.org/wiki/Wi-Fi_deauthentication_attack
and the project wiki should also be helpful: https://github.com/spacehuhn/esp8266_deauther/wiki/Installation
im thinking about making one by my own following with the video shown above
/cyb/ + /sec/ - CYBERPUNK/CYBERSECURITY GENERAL
Previous threads: [ https://archive.rebeccablacktech.com/g/search/text/%2Fcyb%2F%20%2Fsec%2F/type/op/ ]
THE CYPHERPUNK MANIFESTO: [ https://www.activism.net/cypherpunk/manifesto.html ]
Last thread: [>>72405365]
- - - - - -
/cyb/erpunk [24 AUG 2019]
The Cyberpunk Manifesto: [ http://project.cyberpunk.ru/idb/cyberpunk_manifesto.html ]
The alt.cyberpunk FAQ (V5.27) [ ftp://220.127.116.11/pub/Alt_Cyberpunk_FAQ_V5_preview27.htm ]
What is cyberpunk?: [ https://pastebin.com/pmn9vzWZ ]
Cyberpunk directory (Communities/IRC and other resources): [ https://pastebin.com/AJYry5NH ]
Cyberpunk media (Recommended cyberpunk fiction): [ https://pastebin.com/Dqfa6uXx ]
The cyberdeck: [ https://pastebin.com/7fE4BVBg ]
- - - - - -
/sec/urity [24 AUG 2019]
The Crypto Anarchist Manifesto: [ https://www.activism.net/cypherpunk/crypto-anarchy.html ]
The Hacker Manifesto: [ http://phrack.org/issues/7/3.html ]
The Guerilla Open Access Manifesto: [ https://archive.org/stream/GuerillaOpenAccessManifesto/Goamjuly2008_djvu.txt ]
The /sec/ Career FAQ (V1.11) [ ftp://18.104.22.168/pub/sec_FAQ_V1_Preview11.htm ]
Why Privacy Matters: [ https://www.youtube.com/watch?v=pcSlowAhvUk ]
"Shit just got real": [ https://pastebin.com/rqrLK6X0 ]
Cybersecurity basics and armory: [ https://pastebin.com/v8Mr2k95 ]
Endware: [ https://endchan.xyz/os/res/32.html ]
BBS archives: [ http://textfiles.com/index.html ]
Reference books (PW: ABD52oM8T1fghmY0): [ https://mega.nz/#F!YigVhZCZ!RznVxTiA0iN-N6Ps01pEJw ]
/sec/ PDFs: [ https://mega.nz/#F!zGJT1QQQ!O-8yiH845GN26ajAvkoLkA ]
Learning/News/CTFs: [ https://pastebin.com/WQhRYB59 ]
FTP Backup: ftp://22.214.171.124/pub
thegrugq OPSEC: [ https://grugq.github.io/ ]
#! sec guide [ https://pastebin.com/aPr5R1pj ]
EFF anti-surveillance [ https://ssd.eff.org/en ]
- - - - - -
Thread challenge: write a program to find credentials in local files. /bin/sh, powershell, WSH, python, perl, .net, C/C++, doesn't matter. Post source.
>Emotet Botnet Is Back, Servers Active Across the World
>With QRGen, hackers can embed payloads into QR codes that attack mobile phones and other scanners.
>iOS 11 bug lets QR codes trick you into visiting malicious websites
>How Hackers Use Hidden Data on Airline Boarding Passes to Hack Flights
>Researcher banned from Valve's bug bounty program publishes 2nd Steam Local Privilege Escalation 0-day
so i gotta dump some good .onion sites i saved
>dark.fail: Is a darknet site online?
>The Undernet Directory
>Index of /library/
(grabbed from https://greysec.net/showthread.php?tid=857)
>From the creators of DeepPaste, here comes DeepLink.
>random .onion function on this site
i searched deeplink on google books and found this book
"The Cyphernomicon" is a document written by Timothy C. May in 1994 for the Cypherpunks electronic mailing list. In a FAQ format, the document outlines some of the ideas behind, and the effects of, crypto-anarchism. It is one of the philosophy's founding documents, advocating electronic privacy and anonymous digital currency. It also touches on more esoteric topics, such as assassination markets. It also contains May's 1992 essay "The Crypto Anarchist Manifesto" in its entirety.
>some useful links:
>Assassination Politics by Jim Bell
>Lost in Cyburbia
hardware online shops
>shomer-tec (a huge collection of tools that can be used in escape/evasion/spy/lockpicking/irl security)
my tech&infosec related reading resource collection backup (Chinese edition)
>乌云 Drops 文章在线浏览
gotta drop some useful project links as a reminder for myself here:
>simple python script to understand how cryptocurrency works
>i need to take a look at this to recall some good tricks
>scrape things w/ python and tor
protonmail vulnerabilities: https://medium.com/@ChandSingh/protonmail-xss-stored-b733031ac3b5
ok im gonna read this book about internet security anyone wanna read together? uploaded on discord here you go: https://cdn.discordapp.com/attachments/475191027687358487/540463187506757632/Bruce_Schneier_-_Click_Here_to_Kill_Everybody__Security_and_Survival_in_a_Hyper-connected_World-W._W.epub