Security by Obscurity is Underrated Security News & Discussion

---

• Security by Obscurity is Underrated
• h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)
• CVE-2020-1013: Windows Local Privilege Escalation (LPE) with PoC
• TryHackMe - Crack The Hash Walkthrough Level 2 - Only using MDXFind
• Axiom: It Kinda Feels Like Cheating
• Abusing dynamic groups in Azure AD for privilege escalation
• Twistrs — Domain name enumeration library in Rust
• Security Group (SG) and Network Access Control List (NACL) configurations for EKS
• Capture the Flag @ BsidesBoston 09/26/2020
• CVE-2020-24553 (Demo): XSS in Gitea Caused by Bug in Go Standard Library
• Real time stream of files uploaded to VirusTotal
• XSS->Fix->Bypass: 10000$ bounty in Google Maps

Security by Obscurity is Underrated Posted: 08 Sep 2020 10:24 AM PDT submitted by /u/utku1337 [link] [comments]

h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c) Posted: 08 Sep 2020 05:21 AM PDT submitted by /u/theBumbleSec [link] [comments]

CVE-2020-1013: Windows Local Privilege Escalation (LPE) with PoC Posted: 08 Sep 2020 01:08 PM PDT submitted by /u/obilodeau [link] [comments]

TryHackMe - Crack The Hash Walkthrough Level 2 - Only using MDXFind Posted: 08 Sep 2020 01:55 AM PDT submitted by /u/0xln_ [link] [comments]

Axiom: It Kinda Feels Like Cheating Posted: 08 Sep 2020 04:53 AM PDT submitted by /u/Evil1337 [link] [comments]

Abusing dynamic groups in Azure AD for privilege escalation Posted: 08 Sep 2020 07:29 AM PDT submitted by /u/x101y [link] [comments]

Twistrs — Domain name enumeration library in Rust Posted: 07 Sep 2020 11:01 PM PDT submitted by /u/JDBHub [link] [comments]

Security Group (SG) and Network Access Control List (NACL) configurations for EKS Posted: 08 Sep 2020 06:30 AM PDT submitted by /u/cle-ops [link] [comments]

Capture the Flag @ BsidesBoston 09/26/2020 Posted: 08 Sep 2020 12:58 PM PDT submitted by /u/johnhammond010 [link] [comments]

CVE-2020-24553 (Demo): XSS in Gitea Caused by Bug in Go Standard Library Posted: 08 Sep 2020 07:32 AM PDT submitted by /u/RedTeamPentesting [link] [comments]

Real time stream of files uploaded to VirusTotal Posted: 08 Sep 2020 08:23 AM PDT submitted by /u/eth0izzle [link] [comments]

XSS->Fix->Bypass: 10000$ bounty in Google Maps Posted: 07 Sep 2020 02:10 AM PDT submitted by /u/zoh4rs [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States