Jump to content

tester1337

Members
  • Content Count

    8
  • Joined

  • Last visited

Community Reputation

2,131 Excellent

About tester1337

  • Rank
    Junior Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. please share Hacking and Pentesting Android Applications (2020 Edition). it looks like a really nice and interesting course and i am sure many people here can benefit a lot from it. if you find it somewhere, please share it so we can learn new cool stuff. thank you very much. course link(link to official site, putting it as hidden just so it won't pop in google searches and people won't hopefuly ask to remove the files from filehosts when shared): [hide][Hidden Content]]
  2. please also share the videos and the labs, it can really help us
  3. thank you for sharing, but the link you posted redirects to that raid forums site, i suggest you to edit it and other to copy paste instead of clicking (even though it just seems to redirect to that forums redirection page). in addition, in the link he posted, there is a facebook group that claims it has more private courses, can someone check it please?
  4. not all, it doesn't have the new ptx, malware analysis, threat hunting professional v2 and maybe others. it's mostly older stuff that had been shared around
  5. i think this is very old stuff from 2014... the had cool concepts and promotions, but the material they offered was nothing special and lacked behind other companies in my opinion
  6. videos can be helpful, but i have not seen them anywhere yet
  7. guys, you are security professionals, what's up with you. if you can take a mp4 file, inject some stuff into it and when it is loaded by say bs player it can achieve arbitrary code execution, then you can inject a payload that will allow the attacker to do malicious things, such as reverse tcp, multi staged attack and so on. same goes for pdfs, word objects(easier because of .com and macros), playlist files and similar. come on people, you download very expensive courses just to keep on the hard disk? they have a lot of value in them that can teach you tactics in understanding how to attack and how to (and from what) to protect. what i tried to say is that because the source from where it's imported can sometimes be shady, it's better to check twice. i didn't want to scare you, just wanted to tell you that if you go to that site and for instance post here cool software they cracked, it can be "equipped" with some shady additions. and again, i don't try to scare anyone, just wanted to remind you of dangers that might happen when you install a cool software or download stuff from untrusted places. by the way the course is great and you can get a lot from it, even though the number of attack vectors is kinda small in my opinion. they talk about different architectures, crypto systems and nice ideas for bypasses and how to think of security at a whole. thanks again for importing and sharing it man :)
  8. please also upload the lab and if available any new videos. this such a good material!
  9. no mate, i wish. maybe one day someone will share the videos(i think that they said they'll make even 760 an ondemand course because of the covid if i am not mistaken)
  10. can someone please tell me the level of the course? is this a beginner, intermediate or advanced course on red team stuff? are there any special techniques or concepts to take from them or is it just another copy paste course with different rewording?
  11. 2019 :) someone also shared the pdfs
  12. hey, saw this link and wanted to share to help other people here learning this course. the materials were shared already by seanway (hope i didn't misspell his nick). please upload it to mega/gdrive/similar so that other people could enjoy this course as well this is the usb from the 2019 version of the course [hide][Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content]] enjoy people
  13. i didn't mean to scare people, what i meant was mostly for applications, but i tried to shed light and say that it is possible to exploit pdf and movie(mp4,webm) and other types of files to gain execution, which could potentially allow bad people to share stuff, but take advantage of systems of people who opened the files. again, i didn't try to scare people, all i tried to say is be extremely careful with binaries/java and know that it is possible to abuse other type of files, such as movie and documents
  14. interested in that as well, please share if you have (videos and lab guides mostly help the most)
  15. luckily, i really really hope that my computer is safe and i am ok. what i try to do is run problematic stuff on cuckoo, i try to search with strings to find malicious intentions(though doesn't help with obfuscation and anti reversing things) and i try to get md5 hashes of files and then check them with virustotal to see if a threat had been already recognized. however, it still doesn't guarantee anything. some people there are very experienced hackers and crackers, but unlike us that we only look for study material because we cannot afford it, in order to learn and advance, they deal with money, and sometimes a lot of it. they can give you a software and a crack, and a few other additions you wouldn't have believed they succeed implementing in a stealthy way. some of them should really write security courses(without viruses!) to help us get better. regarding vm escaping: [Hidden Content] , though it's really hard and you need to be very skilled to catch and abuse a bug to get that result pdf and videos are easier, but they require knowledge of operating systems, common defense mechanisms and the software being used. the goal for the bad guys is that you run your file and nothing breaks, so you don't suspect anything, and when looking for handles or using procmon or similar, you won't see something strange. basically it's exploit development, but being an asshole and using it in an offensive way against people instead of reporting a vulnerability or participating in some kind of bug bounty. my point is if they can crack $$$$ software with their eyes closed, have access to ""confidential" things as they claim and trade/sell modern security courses/software(that they probably got by hacking someone who participated in those lol), they have no "computational limitation" to abuse the people who download their stuff. i think that infosec should be used to help other people, not to *** other people.
×
×
  • Create New...