[ home / random / search / manage ] [ overboard ] [ tech / v / crime / sci ] [ mu / lit / vis / tv / a ] [ pol / his / classics / cn ] [ b / biz / sp / fa / test ]

Catalog (/tech/)

Sort by: Image size:
R: 4 / I: 0 / P: 1

Linux is repository slavery

Almost all Linux users are slaves to repositories meanwhile Windows users can download an .exe file and get the latest version, bleeding edge beta version, or an ancient version of whatever software then want if they have the .exe .

We literally have made habit of frequently changing OS's just to get software we find effective. Solutions have been offered such as distro agnostic pack managers like flatpak and snap, and tools like appimage. However they are primarily ignored in favor of ancient tools like apt-get and .deb.

In Debian/Ubuntu's case apt-get should continue to exist for people who want it and how it saves a lot of space. But developers should be encouraged to take advantage of flatpak and appimage and even tar.gz bundles to prevent software from being chained to particular distros.

R: 4 / I: 4 / P: 1

/ctf general/

I'm trying to do natas(a very basic ctf) on overthewire and I need to make some notes

R: 0 / I: 0 / P: 1

>Zip Slip is a widespread arbitrary file overwrite critical vulnerability, which typically results in remote command execution. It was discovered and responsibly disclosed by the Snyk Security team ahead of a public disclosure on 5th June 2018, and affects thousands of projects, including ones from HP, Amazon, Apache, Pivotal and many more (CVEs and full list here) . Of course, this type of vulnerability has existed before, but recently it has manifested itself in a much larger number of projects and libraries.

https://github.com/snyk/zip-slip-vulnerability

https://snyk.io/research/zip-slip-vulnerability

R: 3 / I: 0 / P: 1

Just saw this WiFi hacking tool on twitter and the creator said he would release the code some time later

Guess it’s just a weak password guessing thingy?

https://twitter.com/pwnagotchi

R: 12 / I: 0 / P: 1

let's say how many books in the chart have you finished yet

R: 28 / I: 18 / P: 1

Charts archive from halfchan

R: 2 / I: 2 / P: 1

Botnet history from botnets the killer webapp

R: 2 / I: 1 / P: 1

Putting together my Raspberry Pi 3 with a case and a screen, making it a functional skiddie tool. What should I do with it?

I’ve had this for some years but apparently after I invested in vps it has no use to me anymore.

Inb4 into the trash it goes

R: 1 / I: 0 / P: 1

What's the point of it if you still use this kind of captcha? I'm talking about endchan

R: 0 / I: 0 / P: 1

this site is really interesting

https://learn.adafruit.com/

and hackaday too but this is more about tutorials

R: 1 / I: 0 / P: 1

/wifi/ ESP8266 Deauther 2.0

anyone checked about this project?

https://github.com/spacehuhn/esp8266_deauther

>Scan for WiFi devices, block selected connections, create dozens of networks and confuse WiFi scanners

there are available devices made with screen that costs about $12-$30

and i found a video that demonstrates about how to flash the nodemcu board and make your own deauther: https://www.youtube.com/watch?v=wKhSlIYQ5jA

(only costs $3)

>It is not a frequency jammer as claimed falsely by many people. Its attack, its method and how to protect against it is described above. It uses valid Wi-Fi frames described in the IEEE 802.11 standard and doesn't block or disrupt any frequencies.

more info about the mechanism behind it can be found here: https://en.wikipedia.org/wiki/Wi-Fi_deauthentication_attack

and the project wiki should also be helpful: https://github.com/spacehuhn/esp8266_deauther/wiki/Installation

im thinking about making one by my own following with the video shown above

R: 2 / I: 0 / P: 1

/cyb/ + /sec/ - CYBERPUNK/CYBERSECURITY GENERAL

Previous threads: [ https://archive.rebeccablacktech.com/g/search/text/%2Fcyb%2F%20%2Fsec%2F/type/op/ ]

THE CYPHERPUNK MANIFESTO: [ https://www.activism.net/cypherpunk/manifesto.html ]

Last thread: [>>72405365]

- - - - - -

/cyb/erpunk [24 AUG 2019]

The Cyberpunk Manifesto: [ http://project.cyberpunk.ru/idb/cyberpunk_manifesto.html ]

The alt.cyberpunk FAQ (V5.27) [ ftp://50.31.112.231/pub/Alt_Cyberpunk_FAQ_V5_preview27.htm ]

What is cyberpunk?: [ https://pastebin.com/pmn9vzWZ ]

Cyberpunk directory (Communities/IRC and other resources): [ https://pastebin.com/AJYry5NH ]

Cyberpunk media (Recommended cyberpunk fiction): [ https://pastebin.com/Dqfa6uXx ]

The cyberdeck: [ https://pastebin.com/7fE4BVBg ]

- - - - - -

/sec/urity [24 AUG 2019]

The Crypto Anarchist Manifesto: [ https://www.activism.net/cypherpunk/crypto-anarchy.html ]

The Hacker Manifesto: [ http://phrack.org/issues/7/3.html ]

The Guerilla Open Access Manifesto: [ https://archive.org/stream/GuerillaOpenAccessManifesto/Goamjuly2008_djvu.txt ]

The /sec/ Career FAQ (V1.11) [ ftp://50.31.112.231/pub/sec_FAQ_V1_Preview11.htm ]

Why Privacy Matters: [ https://www.youtube.com/watch?v=pcSlowAhvUk ]

"Shit just got real": [ https://pastebin.com/rqrLK6X0 ]

Cybersecurity basics and armory: [ https://pastebin.com/v8Mr2k95 ]

Endware: [ https://endchan.xyz/os/res/32.html ]

BBS archives: [ http://textfiles.com/index.html ]

Reference books (PW: ABD52oM8T1fghmY0): [ https://mega.nz/#F!YigVhZCZ!RznVxTiA0iN-N6Ps01pEJw ]

/sec/ PDFs: [ https://mega.nz/#F!zGJT1QQQ!O-8yiH845GN26ajAvkoLkA ]

Learning/News/CTFs: [ https://pastebin.com/WQhRYB59 ]

FTP Backup: ftp://50.31.112.231/pub

thegrugq OPSEC: [ https://grugq.github.io/ ]

#! sec guide [ https://pastebin.com/aPr5R1pj ]

EFF anti-surveillance [ https://ssd.eff.org/en ]

- - - - - -

Thread challenge: write a program to find credentials in local files. /bin/sh, powershell, WSH, python, perl, .net, C/C++, doesn't matter. Post source.

R: 0 / I: 0 / P: 2

/infosec/

>Emotet Botnet Is Back, Servers Active Across the World

https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/#.XWFMfEtMPcU.twitter

R: 1 / I: 0 / P: 2

>With QRGen, hackers can embed payloads into QR codes that attack mobile phones and other scanners.

https://null-byte.wonderhowto.com/how-to/create-malicious-qr-codes-hack-phones-other-scanners-0197416/

>iOS 11 bug lets QR codes trick you into visiting malicious websites

https://www.cultofmac.com/537319/ios-11s-qr-code-reader-can-trick-you-into-visiting-malicious-sites/

>How Hackers Use Hidden Data on Airline Boarding Passes to Hack Flights

https://null-byte.wonderhowto.com/how-to/hackers-use-hidden-data-airline-boarding-passes-hack-flights-0180728/

R: 0 / I: 0 / P: 2

>Researcher banned from Valve's bug bounty program publishes 2nd Steam Local Privilege Escalation 0-day

https://amonitoring.ru/article/onemore_steam_eop_0day/

R: 0 / I: 0 / P: 2

mirror of hacking zines

https://github.com/fdiskyou/Zines

R: 3 / I: 0 / P: 2

so i gotta dump some good .onion sites i saved

>search engine

https://ahmia.fi/

>dark.fail: Is a darknet site online?

darkfailllnkf4vf.onion

>doxbin

doxbinjs77uawbbl.onion

>torum

torum6uvof666pzw.onion

>hidden answers

answerszuvs3gg2l64e6hmnryudl5zgrmwm3vh65hzszdghblddvfiqd.onion

>Imperial Library

xfmro77i3lixucja.onion

>The Undernet Directory

underdj5ziov3ic7.onion

>Index of /library/

libraryqtlpitkix.onion/library

(grabbed from https://greysec.net/showthread.php?tid=857)

>Intel Repository

intel2iy3ky6hegf.onion

R: 0 / I: 0 / P: 2

>From the creators of DeepPaste, here comes DeepLink.

deeplinkdeatbml7.onion/index.php

>random .onion function on this site

deeplinkdeatbml7.onion/random.php

i searched deeplink on google books and found this book

https://books.google.com/books?id=df-JDwAAQBAJ&pg=PT101&lpg=PT101&dq=http://deeplinkdeatbml7.onion&source=bl&ots=ToIdGnquer&sig=ACfU3U2oDmJT3uKfCoa9L0h_pcTGoWo1NQ&hl=en&sa=X&ved=2ahUKEwio7cubnoPkAhXQIDQIHanbDhgQ6AEwBXoECAkQAQ#v=onepage&q=http%3A%2F%2Fdeeplinkdeatbml7.onion&f=false

R: 0 / I: 0 / P: 2

"The Cyphernomicon" is a document written by Timothy C. May in 1994 for the Cypherpunks electronic mailing list. In a FAQ format, the document outlines some of the ideas behind, and the effects of, crypto-anarchism.[1] It is one of the philosophy's founding documents, advocating electronic privacy and anonymous digital currency. It also touches on more esoteric topics, such as assassination markets. It also contains May's 1992 essay "The Crypto Anarchist Manifesto" in its entirety.

>some useful links:

https://github.com/drwasho/Cyphernomicon

>Assassination Politics by Jim Bell

http://www.outpost-of-freedom.com/jimbellap.htm

https://en.wikipedia.org/wiki/Assassination_market

>Lost in Cyburbia

https://books.google.com/books?id=KG07Ka0p19AC&pg=PA110&lpg=PA110&dq=Lost+in+Cyburbia:+How+Life+on+the+Net+Has+Created+a+Life+of+Its+Own&source=bl&ots=cHl6TpXCLU&sig=ACfU3U3vjBpfvR2vVgDXjSDs0PqQN9_RHw&hl=en&sa=X&ved=2ahUKEwjrv6DQw4TiAhVHTt8KHZu6D_UQ6AEwCHoECAoQAQ#v=onepage&q=Lost%20in%20Cyburbia%3A%20How%20Life%20on%20the%20Net%20Has%20Created%20a%20Life%20of%20Its%20Own&f=false

R: 0 / I: 0 / P: 2

books about bombs, guns, anonymity and more hosted on hidden web

b2fxrnttdue72ntq.onion

R: 0 / I: 0 / P: 2

hardware online shops

>hacker warehouse

https://hackerwarehouse.com/shop/

>lab401

https://lab401.com/

>hak5

https://shop.hak5.org/

>rtl-sdr

https://www.rtl-sdr.com/buy-rtl-sdr-dvb-t-dongles/

>southord (lockpicking)

https://www.southord.com/

>KeyGrabber

http://www.keelog.com/

>Hidden Cameras

https://spyassociates.com/hidden-cameras-by-type/

>shomer-tec (a huge collection of tools that can be used in escape/evasion/spy/lockpicking/irl security)

http://www.shomer-tec.com/all-products.html

R: 0 / I: 0 / P: 2

my tech&infosec related reading resource collection backup (Chinese edition)

>渗透测试文章

https://github.com/Micropoor/Micro8

>乌云漏洞库镜像

https://shuimugan.com/bug/index

>乌云 Drops 文章在线浏览

https://wooyun.js.org/

>awesome-malware-analysis 病毒分析awesome列表

https://github.com/rshipp/awesome-malware-analysis/blob/master/%E6%81%B6%E6%84%8F%E8%BD%AF%E4%BB%B6%E5%88%86%E6%9E%90%E5%A4%A7%E5%90%88%E9%9B%86.md

>FREEBUF

https://www.freebuf.com

>知乎黑产厕所读物

https://zhuanlan.zhihu.com/simaziyu

>知乎Paper安全技术精粹

https://zhuanlan.zhihu.com/seebug

>知乎黑客娱乐圈

https://zhuanlan.zhihu.com/joke-hacker

>吾爱破解

https://www.52pojie.cn/

>大量中文教程

https://legacy.gitbook.com/@wizardforcel

>SecNew 安全文摘

http://wiki.ioin.in/

>私人博客

https://lorexxar.cn/

https://www.leavesongs.com/list/

https://www.uedbox.com/

R: 3 / I: 2 / P: 2

Currently reading Kingpin by Kevin Poulsen, decided to stream on this thread so I can make use of this site

R: 0 / I: 0 / P: 2

gotta drop some useful project links as a reminder for myself here:

>simple python script to understand how cryptocurrency works

https://github.com/cosme12/SimpleCoin

>i need to take a look at this to recall some good tricks

https://github.com/satwikkansal/wtfpython

>scrape things w/ python and tor

https://github.com/erdiaker/torrequest

R: 0 / I: 0 / P: 2

protonmail vulnerabilities: https://medium.com/@ChandSingh/protonmail-xss-stored-b733031ac3b5

R: 0 / I: 0 / P: 2

ok im gonna read this book about internet security anyone wanna read together? uploaded on discord here you go: https://cdn.discordapp.com/attachments/475191027687358487/540463187506757632/Bruce_Schneier_-_Click_Here_to_Kill_Everybody__Security_and_Survival_in_a_Hyper-connected_World-W._W.epub