danielbrown78<p><a href="https://blackhatus.com/darksky-ddos-loader-bot-cracked-2025/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blackhatus.com/darksky-ddos-lo</span><span class="invisible">ader-bot-cracked-2025/</span></a><br>DarkSky DDoS Loader Bot (DDoS) attacks persist as a significant threat to the cybersecurity landscape, disrupting services, extorting businesses, and resulting in substantial financial losses. Attackers often rely on powerful botnet tools to amplify their attacks, and one such tool, DarkSky DDoS Loader Bot Cracked 2025, has gained notoriety for its effectiveness and accessibility.<br><a href="https://mastodon.social/tags/DarkSkyBotnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DarkSkyBotnet</span></a>, <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a>, <a href="https://mastodon.social/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenTesting</span></a>,</p>
veganism.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Veganism Social is a welcoming space on the internet for vegans to connect and engage with the broader decentralized social media community.
Administered by:
Server stats:
296active users
veganism.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0-alpha.5
#pentesting
3 posts · 3 participants · 1 post today
danielbrown78<p><a href="https://blackhatus.com/ez-dork-gen-deluxe-edition-2025/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blackhatus.com/ez-dork-gen-del</span><span class="invisible">uxe-edition-2025/</span></a><br>Ez Dork Gen DELUXE also known as Google hacking, is a widely used technique for uncovering hidden vulnerabilities, exposed databases, and misconfigured web applications. Advanced threat generation tools streamline this process by automating the creation of targeted search queries, allowing both attackers and security professionals to identify exploitable targets quickly.<br><a href="https://mastodon.social/tags/EzDorkGen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EzDorkGen</span></a>,<a href="https://mastodon.social/tags/SecurityTools" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityTools</span></a>,<a href="https://mastodon.social/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenTesting</span></a></p>
OWASP Foundation<p>🔍 Ready to level up your offensive security skills?</p><p>Join Dawid Czagan on November 3–5 at OWASP Global AppSec USA 2025 for a 100% hands-on training: "Full-Stack Pentesting Laboratory"</p><p>👉 REGISTER: <a href="https://owasp.glueup.com/event/131624/register/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">owasp.glueup.com/event/131624/</span><span class="invisible">register/</span></a></p><p><a href="https://infosec.exchange/tags/OWASP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OWASP</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevSecOps</span></a> <a href="https://infosec.exchange/tags/InfosecTraining" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfosecTraining</span></a> <a href="https://infosec.exchange/tags/EthicalHacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EthicalHacking</span></a> <a href="https://infosec.exchange/tags/RedTeam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RedTeam</span></a> <a href="https://infosec.exchange/tags/OWASP2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OWASP2025</span></a> <a href="https://infosec.exchange/tags/WashingtonDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WashingtonDC</span></a></p>
Michael Garweg<p>Learned more about session management and the different attacks that can be performed against insecure implementations.</p><p>Completed the Session Management room on <a href="https://mastodon.online/tags/tryhackme" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tryhackme</span></a>.</p><p><a href="https://mastodon.online/tags/sessionmanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sessionmanagement</span></a> <a href="https://mastodon.online/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a></p><p> </p><p><a href="https://tryhackme.com/room/sessionmanagement?utm_source=linkedin&utm_medium=social&utm_campaign=social_share&utm_content=room" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tryhackme.com/room/sessionmana</span><span class="invisible">gement?utm_source=linkedin&utm_medium=social&utm_campaign=social_share&utm_content=room</span></a></p>
DEF CON<p>🚨 Swag alert! 🚨 </p><p>Final preparations are underway for <a href="https://defcon.social/tags/DEFCONTraining" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DEFCONTraining</span></a> Las Vegas 2025! Take a look below for a sneak preview of this year’s training swag, provided exclusively to students and instructors.</p><p>It’s not too late to sign up. Browse the course offerings and secure your spot today: <a href="https://training.defcon.org/collections/def-con-training-las-vegas-2025" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">training.defcon.org/collection</span><span class="invisible">s/def-con-training-las-vegas-2025</span></a> </p><p><a href="https://defcon.social/tags/defcon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>defcon</span></a> <a href="https://defcon.social/tags/defcon33" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>defcon33</span></a> <a href="https://defcon.social/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://defcon.social/tags/cybertraining" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybertraining</span></a> <a href="https://defcon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://defcon.social/tags/offensivecyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>offensivecyber</span></a> <a href="https://defcon.social/tags/cyberdefense" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberdefense</span></a> <a href="https://defcon.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> <a href="https://defcon.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a></p>
DevTo VN Bot<p>Top 10 công cụ kiểm thử xâm nhập ứng dụng web hàng đầu. Các công cụ này giúp phát hiện lỗ hổng, mô phỏng tấn công & bảo vệ hệ thống. <a href="https://mastodon.maobui.com/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> <a href="https://mastodon.maobui.com/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.maobui.com/tags/%E1%BB%A9ngd%E1%BB%A5ngweb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ứngdụngweb</span></a> <a href="https://mastodon.maobui.com/tags/b%E1%BA%A3om%E1%BA%ADt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bảomật</span></a></p><p><a href="https://dev.to/markcontent/top-10-web-application-penetration-testing-tools-162j" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dev.to/markcontent/top-10-web-</span><span class="invisible">application-penetration-testing-tools-162j</span></a></p>
Chema Alonso :verified:<p>El lado del mal - Hacking & Pentesting con Inteligencia Artificial. Nuestro nuevo libro en 0xWord <a href="https://www.elladodelmal.com/2025/07/hacking-pentesting-con-inteligencia.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">elladodelmal.com/2025/07/hacki</span><span class="invisible">ng-pentesting-con-inteligencia.html</span></a> <a href="https://ioc.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://ioc.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> <a href="https://ioc.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentest</span></a> <a href="https://ioc.exchange/tags/IA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IA</span></a> <a href="https://ioc.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://ioc.exchange/tags/libro" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>libro</span></a> <a href="https://ioc.exchange/tags/0xWord" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>0xWord</span></a></p>
dan_nanni<p>Cross-site scripting is a security flaw where attackers inject malicious scripts into trusted websites. When users visit the site, their browsers run the script as if it came from the site itself, letting attackers steal data like cookies or session tokens 😎👇 <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> </p><p>Find high-res pdf books with all my <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> related infographics at <a href="https://study-notes.org" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">study-notes.org</span><span class="invisible"></span></a></p>
Bill<p>A benefit to having a business major who is trained in application development do your vulnerability assessment is that we tend to take things like marketing and vision into account when doing the test. Sometimes, perceptions are an extremely important part of results, and how an attacker will approach a site is driven by those perceptions. </p><p>If you are not a business major, quick tip: Spend 30 minutes doing deep searches on the company name, the owner's names, the type of business they're in, and any unique phrases so that you get an idea of what people are saying. Use a tool. Get a subscription to the Wall Street Journal or FT. Dig through their databases. Hit the Wayback Machine. </p><p>Look on TOR! Set up a couple of accounts on some of the forums on there (obviously don't connect them to your real identity). Do searches before a test - just see what people are saying. Sometimes it's a big deal.</p><p><a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/business" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>business</span></a></p>
Finite State<p>Hidden threats often lurk in unseen places.</p><p>Full-scope <a href="https://mastodon.social/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenTesting</span></a> uncovers missing controls, insecure ops, or debug features—whether 1st- or 3rd-party.</p><p>At Finite State, we believe security demands a holistic view. Are you looking deep enough?</p><p><a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/ProductSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ProductSecurity</span></a></p>
christian mock<p>pentesters -- is there a service/database where I can search by CVE and see whether there's POC code out there? <a href="https://chaos.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> </p><p>:BoostOK:</p>
christian mock<p>oida, wer stellt seinen console-serial-port auf 921600 baud? (immerhiin weiß ich jetzt, daß man mit einem esp32-modul einen logic-analyzer bauen kann, der sauber mit 10 MHz samplen kann). <a href="https://chaos.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a></p>
Jarrod<p>I just pwned Jigsaw on Hack The Box! <a href="https://labs.hackthebox.com/achievement/challenge/335130/934" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">labs.hackthebox.com/achievemen</span><span class="invisible">t/challenge/335130/934</span></a> <a href="https://infosec.exchange/tags/HackTheBox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackTheBox</span></a> <a href="https://infosec.exchange/tags/htb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>htb</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/EthicalHacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EthicalHacking</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenTesting</span></a></p>
Parrot Security<p>ParrotOS 6.4 is out now! 🔔</p><p>This release sets the stage for Parrot 7 with upgraded tools, security fixes, and system improvements 🐦💻</p><p>Upgrade via sudo parrot-upgrade or grab a fresh install from the official site 💡</p><p>Click the link down below and read more on the changelog 🔗</p><p><a href="https://parrotsec.org/blog/2025-07-07-parrot-6.4-release-notes" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">parrotsec.org/blog/2025-07-07-</span><span class="invisible">parrot-6.4-release-notes</span></a></p><p><a href="https://mastodon.social/tags/ParrotSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ParrotSec</span></a> <a href="https://mastodon.social/tags/ParrotOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ParrotOS</span></a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/CybersecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CybersecurityNews</span></a> <a href="https://mastodon.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://mastodon.social/tags/PenTest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenTest</span></a> <a href="https://mastodon.social/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://mastodon.social/tags/linuxdistro" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linuxdistro</span></a></p>
nickbearded<p>Same hardware. Same day.</p><p>🐘 Kali:<br>– 91MB+ to fetch repos<br>– 312 packages to upgrade<br>– “Conflicting distribution” warning</p><p>🐚 BashCoreX:<br>– 100KB update<br>– 27 packages<br>– Zero warnings</p><p>Not replacing Kali, just showing how clarity and control feel.</p><p><a href="https://bashcore.org" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">bashcore.org</span><span class="invisible"></span></a></p><p><a href="https://mastodon.social/tags/bashcorex" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bashcorex</span></a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://mastodon.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> <a href="https://mastodon.social/tags/minimalism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>minimalism</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>NetExec (formerly CrackMapExec) is a Python-based tool for network enumeration and exploitation, tailored to Active Directory environments. Fully open-source, it's designed for red teams and pentesters tackling complex security contexts. <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/Pennyw0rth/NetExec" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/Pennyw0rth/NetExec</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴☠️</p>
Konstantin :C_H:<p>CVE Crowd's Top 3 Vulnerabilities from June!</p><p>These stood out among the 528 CVEs actively discussed across the Fediverse.</p><p>For each CVE, I’ve included a standout post from the community.</p><p>Enjoy exploring! 👇</p><p><a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/BugBounty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BugBounty</span></a> <a href="https://infosec.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://infosec.exchange/tags/CVECrowd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVECrowd</span></a></p>
Konstantin :C_H:<p>I recently ran into an interesting discrepancy:</p><p>What you see below are 120-bit Session IDs, one printed as hex and one in the format of a <a href="https://infosec.exchange/tags/UUIDv4" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UUIDv4</span></a>.</p><p>After validating their randomness, I would classify the first as secure but raise concerns about the second.</p><p>Why?</p><p>Well, according to RFC 4122:</p><p>"Do not assume that UUIDs are hard to guess; they should not be used as security capabilities (identifiers whose mere possession grants access), for example."</p><p>And that's exactly what a session ID is: an identifier whose possession grants access. As such, UUIDs should not be used in such a case.</p><p>What do you think? Is this nitpicking? Or a valid security nuance?</p><p>Does the format in which data is displayed have an impact on its security?</p><p>I'd love to hear your thoughts.</p><p><a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/BugBounty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BugBounty</span></a> <a href="https://infosec.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a></p>
Stephan<p>My Proxmark3 Easy came with two Magic Cards… nice <a href="https://mastodon.social/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> <a href="https://mastodon.social/tags/rfid" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rfid</span></a> <a href="https://mastodon.social/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.social/tags/proxmark" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxmark</span></a></p>
LMG Security<p>Hundreds of Brother printer models are affected by a critical, unpatchable vulnerability (CVE-2024-51978) that allows attackers to generate the default admin password using the device’s serial number—information that’s easily discoverable via other flaws.</p><p>748 total models across Brother, Fujifilm, Ricoh, Toshiba, and Konica Minolta are impacted, with millions of devices at risk globally.</p><p>Attackers can:<br>• Gain unauthenticated admin access<br>• Pivot to full remote code execution<br>• Exfiltrate credentials for LDAP, FTP, and more<br>• Move laterally through your network</p><p>Brother says the vulnerability cannot be fixed in firmware and requires a change in manufacturing. For now, mitigation = change the default admin password immediately.</p><p>Our pentest team regularly highlights printer security as a critical path to system compromise—and today’s news is another example that underscores this risk. This is your reminder: Printers are not “set-and-forget” devices. Treat them like any other endpoint—monitor, patch, and lock them down.</p><p>Need help testing your network for exploitable print devices? Contact us and our pentest team can help!</p><p>Read the Dark Reading article for more details on the Brother Printers vulnerability: <a href="https://www.darkreading.com/endpoint-security/millions-brother-printers-critical-unpatchable-bug" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">darkreading.com/endpoint-secur</span><span class="invisible">ity/millions-brother-printers-critical-unpatchable-bug</span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/PenetrationTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenetrationTesting</span></a> <a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentest</span></a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/PrinterSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrinterSecurity</span></a> <a href="https://infosec.exchange/tags/BrotherPrinters" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BrotherPrinters</span></a> <a href="https://infosec.exchange/tags/CVE202451978" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE202451978</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://infosec.exchange/tags/SMB" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SMB</span></a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISO</span></a> <a href="https://infosec.exchange/tags/Cyberaware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cyberaware</span></a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/ITSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITSecurity</span></a> <a href="https://infosec.exchange/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://infosec.exchange/tags/PatchNow" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PatchNow</span></a> <a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentest</span></a></p>
VegansExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload