Rusty Robison’s Post

View profile for Rusty Robison, graphic

Senior Offensive Cyber Operator at SIXGEN

Check out the latest blog Beyviel David and I put together for SIXGEN covering all of the #cybersecurity and #pentesting news, techniques, write-ups, and tools released from 07/15-07/22. Highlights: - A bad CrowdStrike update caused a global meltdown - Cisco had two vulnerabilities, an arbitrary file write vuln and a vuln where any users' password could be changed - Andrew Lemon at Red Threat details his journey hacking traffic light controllers and dealing with a hostile manufacturer - Paolo Arnolfo, Guillermo Gregorio, and one other researcher wrote a guest blog for Bugcrowd detailing a novel class of HTTP Request Smuggling that let them hack thousands of Google Cloud websites - Sonar's Stefan Schiller wrote a post on how different being able to change the encoding charset can lead to XSS - The folks at Sprocket Security released a tool called Gigaproxy, a tool similar to fireprox except it allows you to target multiple hosts - Daniel Cooper of Tanto Security released a tool called OneShell that runs an encrypted reverse shell using only the echo and chmod commands - And many more tools, techniques, and write-ups!

Last Week in Security - 2024-07-22

Last Week in Security - 2024-07-22

sixgen.io

To view or add a comment, sign in

Explore topics