GLOBAL HACKERS

300TB Computer Courses

By Akram June 09, 2021 No comments

Found google drive with courses - total 300TB

https://drive.google.com/drive/folders/1oCMgJeBc55NuEasPcgwjx2FuPdQd8neu

Hacking related Telegram Groups

By Akram June 09, 2021 No comments

https://t.me/androidMalware

https://t.me/itsecalert

https://t.me/Cyber_Security_Channel

https://t.me/thehackernews

https://t.me/bug_bounty_channel

https://t.me/thebugbountyhunter

https://t.me/information_security_channel

https://t.me/VulnerabilityNews

https://t.me/BugCrowd

https://t.me/CoinBlockerLists

https://t.me/HackerOne

https://t.me/IncidentResponse

https://t.me/MalwareResearch

https://t.me/Osintlatestnews

https://t.me/SecLabNews

https://t.me/SecOpsChannel

https://t.me/ThreatIntelligence

https://t.me/blueteamzone

https://t.me/leaked_databases

https://t.me/zerodaylab

Web Application Penetration Testing All Tutorials

By Akram June 09, 2021 No comments

Phase 1 – History

1. History of Internet - https://www.youtube.com/watch?v=9hIQjrMHTv4

Phase 2 – Web and Server Technology

2. Basic concepts of web applications, how they work and the HTTP protocol - https://www.youtube.com/watch?v=RsQ1tFLwldY&t=7s

3. HTML basics part 1 - https://www.youtube.com/watch?v=p6fRBGI_BY0

4. HTML basics part 2 - https://www.youtube.com/watch?v=Zs6lzuBVK2w

5. Difference between static and dynamic website - https://www.youtube.com/watch?v=hlg6q6OFoxQ

6. HTTP protocol Understanding - https://www.youtube.com/watch?v=JFZMyhRTVt0

7. Parts of HTTP Request -https://www.youtube.com/watch?v=pHFWGN-upGM

8. Parts of HTTP Response - https://www.youtube.com/watch?v=c9sMNc2PrMU

9. Various HTTP Methods - https://www.youtube.com/watch?v=PO7D20HsFsY

10. Understanding URLS - https://www.youtube.com/watch?v=5Jr-_Za5yQM

11. Intro to REST - https://www.youtube.com/watch?v=YCcAE2SCQ6k

12. HTTP Request & Response Headers - https://www.youtube.com/watch?v=vAuZwirKjWs

13. What is a cookie - https://www.youtube.com/watch?v=I01XMRo2ESg

14. HTTP Status codes - https://www.youtube.com/watch?v=VLH3FMQ5BIQ

15. HTTP Proxy - https://www.youtube.com/watch?v=qU0PVSJCKcs

16. Authentication with HTTP - https://www.youtube.com/watch?v=GxiFXUFKo1M

17. HTTP basic and digest authentication - https://www.youtube.com/watch?v=GOnhCbDhMzk

18. What is “Server-Side” - https://www.youtube.com/watch?v=JnCLmLO9LhA

19. Server and client side with example - https://www.youtube.com/watch?v=DcBB2Fp8WNI

20. What is a session - https://www.youtube.com/watch?v=WV4DJ6b0jhg&t=202s

21. Introduction to UTF-8 and Unicode - https://www.youtube.com/watch?v=sqPTR_v4qFA

22. URL encoding - https://www.youtube.com/watch?v=Z3udiqgW1VA

23. HTML encoding - https://www.youtube.com/watch?v=IiAfCLWpgII&t=109s

24. Base64 encoding - https://www.youtube.com/watch?v=8qkxeZmKmOY

25. Hex encoding & ASCII - https://www.youtube.com/watch?v=WW2SaCMnHdU

Phase 3 – Setting up the lab with BurpSuite and bWAPP

MANISH AGRAWAL

26. Setup lab with bWAPP - https://www.youtube.com/watch?v=dwtUn3giwTk&index=1&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV

27. Set up Burp Suite - https://www.youtube.com/watch?v=hQsT4rSa_v0&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=2

28. Configure Firefox and add certificate - https://www.youtube.com/watch?v=hfsdJ69GSV4&index=3&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV

29. Mapping and scoping website - https://www.youtube.com/watch?v=H-_iVteMDRo&index=4&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV

30. Spidering - https://www.youtube.com/watch?v=97uMUQGIe14&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=5

31. Active and passive scanning - https://www.youtube.com/watch?v=1Mjom6AcFyU&index=6&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV

32. Scanner options and demo - https://www.youtube.com/watch?v=gANi4Kt7-ek&index=7&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV

33. Introduction to password security - https://www.youtube.com/watch?v=FwcUhcLO9iM&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=8

34. Intruder - https://www.youtube.com/watch?v=wtMg9oEMTa8&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=9

35. Intruder attack types - https://www.youtube.com/watch?v=N5ndYPwddkQ&index=10&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV

36. Payload settings - https://www.youtube.com/watch?v=5GpdlbtL-1Q&index=11&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV

37. Intruder settings - https://www.youtube.com/watch?v=B_Mu7jmOYnU&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=12

ÆTHER SECURITY LAB

38. No.1 Penetration testing tool - https://www.youtube.com/watch?v=AVzC7ETqpDo&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=1

39. Environment Setup - https://www.youtube.com/watch?v=yqnUOdr0eVk&index=2&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA

40. General concept - https://www.youtube.com/watch?v=udl4oqr_ylM&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=3

41. Proxy module - https://www.youtube.com/watch?v=PDTwYFkjQBE&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=4

42. Repeater module - https://www.youtube.com/watch?v=9Zh_7s5csCc&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=5

43. Target and spider module - https://www.youtube.com/watch?v=dCKPZUSOlr8&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=6

44. Sequencer and scanner module - https://www.youtube.com/watch?v=G-v581pXerE&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=7

Phase 4 – Mapping the application and attack surface

45. Spidering - https://www.youtube.com/watch?v=97uMUQGIe14&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=5

46. Mapping application using robots.txt - https://www.youtube.com/watch?v=akuzgZ75zrk

47. Discover hidden contents using dirbuster - https://www.youtube.com/watch?v=--nu9Jq07gA

48. Dirbuster in detail - https://www.youtube.com/watch?v=2tOQC68hAcQ

49. Discover hidden directories and files with intruder - https://www.youtube.com/watch?v=4Fz9mJeMNkI

50. Directory bruteforcing 1 - https://www.youtube.com/watch?v=ch2onB_LFoI

51. Directory bruteforcing 2 - https://www.youtube.com/watch?v=ASMW_oLbyIg

52. Identify application entry points - https://www.youtube.com/watch?v=IgJWPZ2OKO8&t=34s

53. Identify application entry points - https://www.owasp.org/index.php/Identify_application_entry_points_(OTG-INFO-006)

54. Identify client and server technology - https://www.youtube.com/watch?v=B8jN_iWjtyM

55. Identify server technology using banner grabbing (telnet) - https://www.youtube.com/watch?v=O67M-U2UOAg

56. Identify server technology using httprecon - https://www.youtube.com/watch?v=xBBHtS-dwsM

57. Pentesting with Google dorks Introduction - https://www.youtube.com/watch?v=NmdrKFwAw9U

58. Fingerprinting web server - https://www.youtube.com/watch?v=tw2VdG0t5kc&list=PLxLRoXCDIalcRS5Nb1I_HM_OzS10E6lqp&index=10

59. Use Nmap for fingerprinting web server - https://www.youtube.com/watch?v=VQV-y_-AN80

60. Review webs servers metafiles for information leakage - https://www.youtube.com/watch?v=sds3Zotf_ZY

61. Enumerate applications on web server - https://www.youtube.com/watch?v=lfhvvTLN60E

62. Identify application entry points - https://www.youtube.com/watch?v=97uMUQGIe14&list=PLDeogY2Qr-tGR2NL2X1AR5Zz9t1iaWwlM

63. Map execution path through application - https://www.youtube.com/watch?v=0I0NPiyo9UI

64. Fingerprint web application frameworks - https://www.youtube.com/watch?v=ASzG0kBoE4c

Phase 5 – Understanding and exploiting OWASP top 10 vulnerabilities

65. A closer look at all owasp top 10 vulnerabilities - https://www.youtube.com/watch?v=avFR_Af0KGk

IBM

66. Injection - https://www.youtube.com/watch?v=02mLrFVzIYU&index=1&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d

67. Broken authentication and session management - https://www.youtube.com/watch?v=iX49fqZ8HGA&index=2&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d

68. Cross-site scripting - https://www.youtube.com/watch?v=x6I5fCupLLU&index=3&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d

69. Insecure direct object reference - https://www.youtube.com/watch?v=-iCyp9Qz3CI&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d&index=4

70. Security misconfiguration - https://www.youtube.com/watch?v=cIplXL8idyo&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d&index=5

71. Sensitive data exposure - https://www.youtube.com/watch?v=rYlzTQlF8Ws&index=6&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d

72. Missing functional level access controls - https://www.youtube.com/watch?v=VMv_gyCNGpk&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d&index=7

73. Cross-site request forgery - https://www.youtube.com/watch?v=_xSFm3KGxh0&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d&index=8

74. Using components with known vulnerabilities - https://www.youtube.com/watch?v=bhJmVBJ-F-4&index=9&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d

75. Unvalidated redirects and forwards - https://www.youtube.com/watch?v=L6bYKiLtSL8&index=10&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d

F5 CENTRAL

76. Injection - https://www.youtube.com/watch?v=rWHvp7rUka8&index=1&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

77. Broken authentication and session management - https://www.youtube.com/watch?v=mruO75ONWy8&index=2&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

78. Insecure deserialisation - https://www.youtube.com/watch?v=nkTBwbnfesQ&index=8&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

79. Sensitive data exposure - https://www.youtube.com/watch?v=2RKbacrkUBU&index=3&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

80. Broken access control - https://www.youtube.com/watch?v=P38at6Tp8Ms&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD&index=5

81. Insufficient logging and monitoring - https://www.youtube.com/watch?v=IFF3tkUOF5E&index=10&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

82. XML external entities - https://www.youtube.com/watch?v=g2ey7ry8_CQ&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD&index=4

83. Using components with known vulnerabilities - https://www.youtube.com/watch?v=IGsNYVDKRV0&index=9&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

84. Cross-site scripting - https://www.youtube.com/watch?v=IuzU4y-UjLw&index=7&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

85. Security misconfiguration - https://www.youtube.com/watch?v=JuGSUMtKTPU&index=6&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

LUKE BRINER

86. Injection explained - https://www.youtube.com/watch?v=1qMggPJpRXM&index=1&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X

87. Broken authentication and session management - https://www.youtube.com/watch?v=fKnG15BL4AY&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=2

88. Cross-site scripting - https://www.youtube.com/watch?v=ksM-xXeDUNs&index=3&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X

89. Insecure direct object reference - https://www.youtube.com/watch?v=ZodA76-CB10&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=4

90. Security misconfiguration - https://www.youtube.com/watch?v=DfFPHKPCofY&index=5&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X

91. Sensitive data exposure - https://www.youtube.com/watch?v=Z7hafbGDVEE&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=6

92. Missing functional level access control - https://www.youtube.com/watch?v=RGN3w831Elo&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=7

93. Cross-site request forgery - https://www.youtube.com/watch?v=XRW_US5BCxk&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=8

94. Components with known vulnerabilities - https://www.youtube.com/watch?v=pbvDW9pJdng&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=9

95. Unvalidated redirects and forwards - https://www.youtube.com/watch?v=bHTglpgC5Qg&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=10

Phase 6 – Session management testing

96. Bypass authentication using cookie manipulation - https://www.youtube.com/watch?v=mEbmturLljU

97. Cookie Security Via httponly and secure Flag - OWASP - https://www.youtube.com/watch?v=3aKA4RkAg78

98. Penetration testing Cookies basic - https://www.youtube.com/watch?v=_P7KN8T1boc

99. Session fixation 1 - https://www.youtube.com/watch?v=ucmgeHKtxaI

100. Session fixation 2 - https://www.youtube.com/watch?v=0Tu1qxysWOk

101. Session fixation 3 - https://www.youtube.com/watch?v=jxwgpWvRUSo

102. Session fixation 4 - https://www.youtube.com/watch?v=eUbtW0Z0W1g

103. CSRF - Cross site request forgery 1 - https://www.youtube.com/watch?v=m0EHlfTgGUU

104. CSRF - Cross site request forgery 2 - https://www.youtube.com/watch?v=H3iu0_ltcv4

105. CSRF - Cross site request forgery 3 - https://www.youtube.com/watch?v=1NO4I28J-0s

106. CSRF - Cross site request forgery 4 - https://www.youtube.com/watch?v=XdEJEUJ0Fr8

107. CSRF - Cross site request forgery 5 - https://www.youtube.com/watch?v=TwG0Rd0hr18

108. Session puzzling 1 - https://www.youtube.com/watch?v=YEOvmhTb8xA

109. Admin bypass using session hijacking - https://www.youtube.com/watch?v=1wp1o-1TfAc

Phase 7 – Bypassing client-side controls

110. What is hidden forms in HTML - https://www.youtube.com/watch?v=orUoGsgaYAE

111. Bypassing hidden form fields using tamper data - https://www.youtube.com/watch?v=NXkGX2sPw7I

112. Bypassing hidden form fields using Burp Suite (Purchase application) - https://www.youtube.com/watch?v=xahvJyUFTfM

113. Changing price on eCommerce website using parameter tampering - https://www.youtube.com/watch?v=A-ccNpP06Zg

114. Understanding cookie in detail - https://www.youtube.com/watch?v=_P7KN8T1boc&list=PLWPirh4EWFpESKWJmrgQwmsnTrL_K93Wi&index=18

115. Cookie tampering with tamper data- https://www.youtube.com/watch?v=NgKXm0lBecc

116. Cookie tamper part 2 - https://www.youtube.com/watch?v=dTCt_I2DWgo

117. Understanding referer header in depth using Cisco product - https://www.youtube.com/watch?v=GkQnBa3C7WI&t=35s

118. Introduction to ASP.NET viewstate - https://www.youtube.com/watch?v=L3p6Uw6SSXs

119. ASP.NET viewstate in depth - https://www.youtube.com/watch?v=Fn_08JLsrmY

120. Analyse sensitive data in ASP.NET viewstate - https://msdn.microsoft.com/en-us/library/ms972427.aspx?f=255&MSPPError=-2147217396

121. Cross-origin-resource-sharing explanation with example - https://www.youtube.com/watch?v=Ka8vG5miErk

122. CORS demo 1 - https://www.youtube.com/watch?v=wR8pjTWaEbs

123. CORS demo 2 - https://www.youtube.com/watch?v=lg31RYYG-T4

124. Security headers - https://www.youtube.com/watch?v=TNlcoYLIGFk

125. Security headers 2 - https://www.youtube.com/watch?v=ZZUvmVkkKu4

Phase 8 – Attacking authentication/login

126. Attacking login panel with bad password - Guess username password for the website and try different combinations

127. Brute-force login panel - https://www.youtube.com/watch?v=25cazx5D_vw

128. Username enumeration - https://www.youtube.com/watch?v=WCO7LnSlskE

129. Username enumeration with bruteforce password attack - https://www.youtube.com/watch?v=zf3-pYJU1c4

130. Authentication over insecure HTTP protocol - https://www.youtube.com/watch?v=ueSG7TUqoxk

131. Authentication over insecure HTTP protocol - https://www.youtube.com/watch?v=_WQe36pZ3mA

132. Forgot password vulnerability - case 1 - https://www.youtube.com/watch?v=FEUidWWnZwU

133. Forgot password vulnerability - case 2 - https://www.youtube.com/watch?v=j7-8YyYdWL4

134. Login page autocomplete feature enabled - https://www.youtube.com/watch?v=XNjUfwDmHGc&t=33s

135. Testing for weak password policy - https://www.owasp.org/index.php/Testing_for_Weak_password_policy_(OTG-AUTHN-007)

136. Insecure distribution of credentials - When you register in any website or you request for a password reset using forgot password feature, if the website sends your username and password over the email in cleartext without sending the password reset link, then it is a vulnerability.

137. Test for credentials transportation using SSL/TLS certificate - https://www.youtube.com/watch?v=21_IYz4npRs

138. Basics of MySQL - https://www.youtube.com/watch?v=yPu6qV5byu4

139. Testing browser cache - https://www.youtube.com/watch?v=2T_Xz3Humdc

140. Bypassing login panel -case 1 - https://www.youtube.com/watch?v=TSqXkkOt6oM

141. Bypass login panel - case 2 - https://www.youtube.com/watch?v=J6v_W-LFK1c

Phase 9 - Attacking access controls (IDOR, Priv esc, hidden files and directories)

Completely unprotected functionalities

142. Finding admin panel - https://www.youtube.com/watch?v=r1k2lgvK3s0

143. Finding admin panel and hidden files and directories - https://www.youtube.com/watch?v=Z0VAPbATy1A

144. Finding hidden webpages with dirbusater - https://www.youtube.com/watch?v=--nu9Jq07gA&t=5s

Insecure direct object reference

145. IDOR case 1 - https://www.youtube.com/watch?v=gci4R9Vkulc

146. IDOR case 2 - https://www.youtube.com/watch?v=4DTULwuLFS0

147. IDOR case 3 (zomato) - https://www.youtube.com/watch?v=tCJBLG5Mayo

Privilege escalation

148. What is privilege escalation - https://www.youtube.com/watch?v=80RzLSrczmc

149. Privilege escalation - Hackme bank - case 1 - https://www.youtube.com/watch?v=g3lv__87cWM

150. Privilege escalation - case 2 - https://www.youtube.com/watch?v=-i4O_hjc87Y

Phase 10 – Attacking Input validations (All injections, XSS and mics)

HTTP verb tampering

151. Introduction HTTP verb tampering - https://www.youtube.com/watch?v=Wl0PrIeAnhs

152. HTTP verb tampering demo - https://www.youtube.com/watch?v=bZlkuiUkQzE

HTTP parameter pollution

153. Introduction HTTP parameter pollution - https://www.youtube.com/watch?v=Tosp-JyWVS4

154. HTTP parameter pollution demo 1 - https://www.youtube.com/watch?v=QVZBl8yxVX0&t=11s

155. HTTP parameter pollution demo 2 - https://www.youtube.com/watch?v=YRjxdw5BAM0

156. HTTP parameter pollution demo 3 - https://www.youtube.com/watch?v=kIVefiDrWUw

XSS - Cross site scripting

157. Introduction to XSS - https://www.youtube.com/watch?v=gkMl1suyj3M

158. What is XSS - https://www.youtube.com/watch?v=cbmBDiR6WaY

159. Reflected XSS demo - https://www.youtube.com/watch?v=r79ozjCL7DA

160. XSS attack method using burpsuite - https://www.youtube.com/watch?v=OLKBZNw3OjQ

161. XSS filter bypass with Xenotix - https://www.youtube.com/watch?v=loZSdedJnqc

162. Reflected XSS filter bypass 1 - https://www.youtube.com/watch?v=m5rlLgGrOVA

163. Reflected XSS filter bypass 2 - https://www.youtube.com/watch?v=LDiXveqQ0gg

164. Reflected XSS filter bypass 3 - https://www.youtube.com/watch?v=hb_qENFUdOk

165. Reflected XSS filter bypass 4 - https://www.youtube.com/watch?v=Fg1qqkedGUk

166. Reflected XSS filter bypass 5 - https://www.youtube.com/watch?v=NImym71f3Bc

167. Reflected XSS filter bypass 6 - https://www.youtube.com/watch?v=9eGzAym2a5Q

168. Reflected XSS filter bypass 7 - https://www.youtube.com/watch?v=ObfEI84_MtM

169. Reflected XSS filter bypass 8 - https://www.youtube.com/watch?v=2c9xMe3VZ9Q

170. Reflected XSS filter bypass 9 - https://www.youtube.com/watch?v=-48zknvo7LM

171. Introduction to Stored XSS - https://www.youtube.com/watch?v=SHmQ3sQFeLE

172. Stored XSS 1 - https://www.youtube.com/watch?v=oHIl_pCahsQ

173. Stored XSS 2 - https://www.youtube.com/watch?v=dBTuWzX8hd0

174. Stored XSS 3 - https://www.youtube.com/watch?v=PFG0lkMeYDc

175. Stored XSS 4 - https://www.youtube.com/watch?v=YPUBFklUWLc

176. Stored XSS 5 - https://www.youtube.com/watch?v=x9Zx44EV-Og

SQL injection

177. Part 1 - Install SQLi lab - https://www.youtube.com/watch?v=NJ9AA1_t1Ic&index=23&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

178. Part 2 - SQL lab series - https://www.youtube.com/watch?v=TA2h_kUqfhU&index=22&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

179. Part 3 - SQL lab series - https://www.youtube.com/watch?v=N0zAChmZIZU&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=21

180. Part 4 - SQL lab series - https://www.youtube.com/watch?v=6pVxm5mWBVU&index=20&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

181. Part 5 - SQL lab series - https://www.youtube.com/watch?v=0tyerVP9R98&index=19&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

182. Part 6 - Double query injection - https://www.youtube.com/watch?v=zaRlcPbfX4M&index=18&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

183. Part 7 - Double query injection cont.. - https://www.youtube.com/watch?v=9utdAPxmvaI&index=17&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

184. Part 8 - Blind injection boolean based - https://www.youtube.com/watch?v=u7Z7AIR6cMI&index=16&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

185. Part 9 - Blind injection time based - https://www.youtube.com/watch?v=gzU1YBu_838&index=15&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

186. Part 10 - Dumping DB using outfile - https://www.youtube.com/watch?v=ADW844OA6io&index=14&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

187. Part 11 - Post parameter injection error based - https://www.youtube.com/watch?v=6sQ23tqiTXY&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=13

188. Part 12 - POST parameter injection double query based - https://www.youtube.com/watch?v=tjFXWQY4LuA&index=12&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

189. Part 13 - POST parameter injection blind boolean and time based - https://www.youtube.com/watch?v=411G-4nH5jE&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=10

190. Part 14 - Post parameter injection in UPDATE query - https://www.youtube.com/watch?v=2FgLcPuU7Vw&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=11

191. Part 15 - Injection in insert query - https://www.youtube.com/watch?v=ZJiPsWxXYZs&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=9

192. Part 16 - Cookie based injection - https://www.youtube.com/watch?v=-A3vVqfP8pA&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=8

193. Part 17 - Second order injection -https://www.youtube.com/watch?v=e9pbC5BxiAE&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=7

194. Part 18 - Bypassing blacklist filters - 1 - https://www.youtube.com/watch?v=5P-knuYoDdw&index=6&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

195. Part 19 - Bypassing blacklist filters - 2 - https://www.youtube.com/watch?v=45BjuQFt55Y&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=5

196. Part 20 - Bypassing blacklist filters - 3 - https://www.youtube.com/watch?v=c-Pjb_zLpH0&index=4&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

197. Part 21 - Bypassing WAF - https://www.youtube.com/watch?v=uRDuCXFpHXc&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=2

198. Part 22 - Bypassing WAF - Impedance mismatch - https://www.youtube.com/watch?v=ygVUebdv_Ws&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=3

199. Part 23 - Bypassing addslashes - charset mismatch - https://www.youtube.com/watch?v=du-jkS6-sbo&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=1

NoSQL injection

200. Introduction to NoSQL injection - https://www.youtube.com/watch?v=h0h37-Dwd_A

201. Introduction to SQL vs NoSQL - Difference between MySQL and MongoDB with tutorial - https://www.youtube.com/watch?v=QwevGzVu_zk

202. Abusing NoSQL databases - https://www.youtube.com/watch?v=lcO1BTNh8r8

203. Making cry - attacking NoSQL for pentesters - https://www.youtube.com/watch?v=NgsesuLpyOg

Xpath and XML injection

204. Introduction to Xpath injection - https://www.youtube.com/watch?v=2_UyM6Ea0Yk&t=3102s

205. Introduction to XML injection - https://www.youtube.com/watch?v=9ZokuRHo-eY

206. Practical 1 - bWAPP - https://www.youtube.com/watch?v=6tV8EuaHI9M

207. Practical 2 - Mutillidae - https://www.youtube.com/watch?v=fV0qsqcScI4

208. Practical 3 - webgoat - https://www.youtube.com/watch?v=5ZDSPVp1TpM

209. Hack admin panel using Xpath injection - https://www.youtube.com/watch?v=vvlyYlXuVxI

210. XXE demo - https://www.youtube.com/watch?v=3B8QhyrEXlU

211. XXE demo 2 - https://www.youtube.com/watch?v=UQjxvEwyUUw

212. XXE demo 3 - https://www.youtube.com/watch?v=JI0daBHq6fA

LDAP injection

213. Introduction and practical 1 - https://www.youtube.com/watch?v=-TXFlg7S9ks

214. Practical 2 - https://www.youtube.com/watch?v=wtahzm_R8e4

OS command injection

215. OS command injection in bWAPP - https://www.youtube.com/watch?v=qLIkGJrMY9k

216. bWAAP- OS command injection with Commiux (All levels) - https://www.youtube.com/watch?v=5-1QLbVa8YE

Local file inclusion

217. Detailed introduction - https://www.youtube.com/watch?v=kcojXEwolIs

218. LFI demo 1 - https://www.youtube.com/watch?v=54hSHpVoz7A

219. LFI demo 2 - https://www.youtube.com/watch?v=qPq9hIVtitI

Remote file inclusion

220. Detailed introduction - https://www.youtube.com/watch?v=MZjORTEwpaw

221. RFI demo 1 - https://www.youtube.com/watch?v=gWt9A6eOkq0

222. RFI introduction and demo 2 - https://www.youtube.com/watch?v=htTEfokaKsM

HTTP splitting/smuggling

223. Detailed introduction - https://www.youtube.com/watch?v=bVaZWHrfiPw

224. Demo 1 - https://www.youtube.com/watch?v=mOf4H1aLiiE

Phase 11 – Generating and testing error codes

225. Generating normal error codes by visiting files that may not exist on the server - for example visit chintan.php or chintan.aspx file on any website and it may redirect you to 404.php or 404.aspx or their customer error page. Check if an error page is generated by default web server or application framework or a custom page is displayed which does not display any sensitive information.

226. Use BurpSuite fuzzing techniques to generate stack trace error codes - https://www.youtube.com/watch?v=LDF6OkcvBzM

Phase 12 – Weak cryptography testing

227. SSL/TLS weak configuration explained - https://www.youtube.com/watch?v=Rp3iZUvXWlM

228. Testing weak SSL/TLS ciphers - https://www.youtube.com/watch?v=slbwCMHqCkc

229. Test SSL/TLS security with Qualys guard - https://www.youtube.com/watch?v=Na8KxqmETnw

230. Sensitive information sent via unencrypted channels - https://www.youtube.com/watch?v=21_IYz4npRs

Phase 12 – Business logic vulnerability

231. What is a business logic flaw - https://www.youtube.com/watch?v=ICbvQzva6lE&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI

232. The Difficulties Finding Business Logic Vulnerabilities with Traditional Security Tools - https://www.youtube.com/watch?v=JTMg0bhkUbo&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=2

233. How To Identify Business Logic Flaws - https://www.youtube.com/watch?v=FJcgfLM4SAY&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=3

234. Business Logic Flaws: Attacker Mindset - https://www.youtube.com/watch?v=Svxh9KSTL3Y&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=4

235. Business Logic Flaws: Dos Attack On Resource - https://www.youtube.com/watch?v=4S6HWzhmXQk&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=5

236. Business Logic Flaws: Abuse Cases: Information Disclosure - https://www.youtube.com/watch?v=HrHdUEUwMHk&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=6

237. Business Logic Flaws: Abuse Cases: iPod Repairman Dupes Apple - https://www.youtube.com/watch?v=8yB_ApVsdhA&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=7

238. Business Logic Flaws: Abuse Cases: Online Auction - https://www.youtube.com/watch?v=oa_UICCqfbY&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=8

239. Business Logic Flaws: How To Navigate Code Using ShiftLeft Ocular - https://www.youtube.com/watch?v=hz7IZu6H6oE&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=9

240. Business Logic Security Checks: Data Privacy Compliance - https://www.youtube.com/watch?v=qX2fyniKUIQ&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=10

241. Business Logic Security Checks: Encryption Compliance - https://www.youtube.com/watch?v=V8zphJbltDY&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=11

242. Business Logic Security: Enforcement Checks - https://www.youtube.com/watch?v=5e7qgY_L3UQ&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=12

243. Business Logic Exploits: SQL Injection - https://www.youtube.com/watch?v=hcIysfhA9AA&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=13

244. Business Logic Exploits: Security Misconfiguration - https://www.youtube.com/watch?v=ppLBtCQcYRk&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=15

245. Business Logic Exploits: Data Leakage - https://www.youtube.com/watch?v=qe0bEvguvbs&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=16

246. Demo 1 - https://www.youtube.com/watch?v=yV7O-QRyOao

247. Demo 2 - https://www.youtube.com/watch?v=mzjTG7pKmQI

248. Demo 3 - https://www.youtube.com/watch?v=A8V_58QZPMs

249. Demo 4 - https://www.youtube.com/watch?v=1pvrEKAFJyk

250. Demo 5 - https://hackerone.com/reports/145745

251. Demo 6 - https://hackerone.com/reports/430854

What is Stuxnet?

By Akram June 09, 2021 No comments

It’s been more than a decade since security researchers in Belarus first identified a virus that would come to be known as Stuxnet, a sophisticated cyber weapon used in a multi-campaign attack targeting a uranium enrichment facility in Natanz, Iran. Now, fresh infrastructure attacks in the volatile region are renewing the discussion about Stuxnet, its origins, its methods, and its contributions to the current compendium of ICS defenses.

Last month, Iranian authorities revealed a catastrophic explosion and power outage at the same Natanz facility once again aimed at disrupting nuclear production processes there. Israeli media reported that Mossad, the Israeli spy agency, was involved in most recent attack, part of that country’s ongoing shadow war with Iran. The latest salvo (while likely not cyber-related) drew immediate parallels to Stuxnet, with Iranian officials saying their nation had once again been subject to “an act of nuclear terrorism” and calling on the international community to confront the threat.
What did Stuxnet do?

First unleashed in 2009, the Stuxnet virus had multiple components including an aggressive malware tuned to find and corrupt processes run by Siemens STEP7-based PLCs. Its objective was to stealthily manipulate the speed of the sensitive enrichment centrifuges — causing attrition rather than blatant physical destruction. The Stuxnet worm reportedly infected more than 200,000 machines in 14 Iranian facilities and may have ruined up to 10% of the 9,000 centrifuges in Natanz.

A second Stuxnet variant released several months after the first contained multiple Windows zero-day vulnerabilities, used stolen certificates, and exploited known simulation functionality in the Siemens PLCs. The more aggressive Stuxnet variation found its way into non-Iranian environments, but, thankfully, did not result in much damage.

From a historical perspective, the Stuxnet worm signaled that well-equipped, nation-state-sponsored actors possessed advanced capabilities that would set the stage for more serious cyber-physical attacks such as those in Ukraine, Estonia, and Saudi Arabia.

In the real world, advanced nation-state attacks are rare compared to common, opportunistic disruptions caused by things like ransomware. But Stuxnet demonstrates the importance of a well-engineered environment complete with adequate ICS cybersecurity. Such an environment requires a thorough understanding of asset inventory and security posture, Windows system hardening, network segmentation and monitoring, isolated process monitoring, adequate process instrumentation, supply-chain and third-party risk management, properly trained operators, and decent operational security (OPSEC).
How Stuxnet works: The air gap myth

Back in 2010, Iran’s Natanz nuclear facility, like many others before and since, relied on the concept of non-connected and isolated networks as a form of cyber security. Proponents of this approach — dubbed an air gap because it implies physical space between the organization’s networked assets and the outside world — believe it provides sufficient protection for facilities that don’t require Internet access or ubiquitous IT/enterprise services.

They’re wrong.

Relying on air gaps as a single form of defense remains but one in a list of unfortunate fallacies used to justify a lackadaisical approach to ICS security. Others include oft-debunked beliefs like:

Attackers lack sufficient knowledge and incentive to target ICS and SCADA systems.
Cyber security is important mostly for IT and enterprise systems.
Proven security strategies don’t apply to the majority of operational technology systems because the risk of disruption is too high in OT.

Events such as those at Natanz demonstrate that once an ICS perimeter, even an air-gapped one, is breached (cue Maginot line), attackers enjoy nearly free rein within such soft environments.

While not much is publicly known about how Stuxnet and its variants made their way into the facilities at Natanz, it’s widely speculated that the malware entered through infected removable media such as a USB stick, via a laptop used by a contractor, an outside vendor, or concealed in an infected file like a corrupt .pdf version of a technical manual.

These well-understood attack vectors are a known risk to almost any facility and, in themselves, are not overly sophisticated. Transient assets such as technicians’ laptops, third parties coming onsite, infected installers, and auto-play exploits on removable media are hardly novel. The salient point in the Stuxnet case is that a determined actor managed to infiltrate a purportedly secure facility, delivering malware that ultimately found its designated target.
How did Stuxnet spread?

Stuxnet came in two waves. Less is known about the first wave, which was more of a slow burn and less noisy, making it less likely to be discovered. The second wave was the one that made international headlines with its more demonstrative and decidedly less surgical approach.

This second Stuxnet variant likely did not propagate from an initial infection on a susceptible PLC or controller, but rather gained access to one commodity Windows system through the use of zero-day exploits. From that one infected commodity Windows host, the malware moved laterally from one Windows box to another across the unsegmented network.

In particular, the second Stuxnet wave:

Noisily pivoted through the environment via Windows Remote Procedure Calls (RPC), Server Message Block (SMB), and MS SQL protocols.
Leveraged a Windows Shortcut (.lnk) zero-day vulnerability that thwarted the disabling USB and removable media auto-play.
Used stolen code signing certificates to make its malicious payloads appear as legitimate drivers that were recognized by the operating system and ignored by anti-virus and policy enforcement controls.
Leveraged vulnerabilities in Windows print spooling network services (usually on by default) hosts where infection was not possible through RPC/SMB/SQL and USB insertion. This included privilege escalation.
Possessed the ability to leverage the OPC protocol to traverse segments.
Infected Siemens STEP7 project files, replacing legitimate STEP7 DLLs with modified malicious ones, and using hard-coded credentials to log in to the Siemens WinCC SCADA database to identify specific targets.
Rendered itself dormant if appropriate criteria were not met.

Through the successful compromise of the facility, the malware found its targets presumably by identifying matching project files, identifiers, strings, or some other criteria. Once it had done so, it inserted malicious STEP7 logic into the PLC to quietly increase failure rates of the operating centrifuges. The malware also contained command and control capabilities designed to provide updates manage exfiltrated data, though using such noisy functionality almost certainly would have tipped off the victims to the attack in progress.
How to prevent Stuxnet

It’s unlikely Stuxnet could have been entirely averted given the skill and motivation of the parties responsible. Let’s face it, if you attract the ire of highly skilled and well-funded nation-state attackers, not much can be done to avoid compromise. Still, there are some lessons to be learned from the Stuxnet scenario. ICS/OT defenders today can glean prescriptive insights on what didn’t work including:

Reliance on an air gap as a stand-alone security measure was an absolute failure.
Traditional anti-virus would not have found this type of malware.
Updated host OS may have helped with some of the exploits, but again, unlikely given the attackers’ skill level.

So, what would have helped?

Application whitelisting and host integrity checking probably would have detected the replaced STEP7 DLLs and altered project files.
Strict removable media policies and enforcement (potentially even hot glue) could have prevented an initial infection or, at least, made it much harder.
Sufficient host hardening to include disabling unnecessary services like the Windows printer spooling service would have made lateral movement more difficult.
Sufficient network segmentation might have stopped the attackers from pivoting across the environment while better monitoring might have alerted defenders to anomalous traffic.
Diligent application of security policy could have isolated and contained the malware as it beaconed across network zones and layers where it did not belong.
Most importantly, better-trained resources and appropriate out-of-band (OOB) monitoring for anomalies within the centrifuge halls could have contained the damage early on in the attack.

The fear with the release of a capability like Stuxnet is that other nations will be emboldened to try similar ICS attacks. So far, there have been few real assaults targeting ICS — most have been collateral to enterprise/IT systems being compromised and would have benefited by adequate application of cybersecurity basics and well-thought-out engineering principles.

Time will tell if Stuxnet remains an outlier — an example of an exotic ICS attack limited to the rarified air of nation-states in conflict. In the meantime, the lessons Stuxnet continues to demonstrate about fundamental ICS security controls remain relevant to defenders of every size and stripe.

Severe Vulnerability in Internet Information Services (IIS)

By Akram June 09, 2021 No comments

Many security experts and security companies have claimed that this vulnerability is one of the most critical security flaws that have been detected and fixed by Microsoft this month.

HTTP Protocol Stack RCE Vulnerability

This critical flaw (CVE-2021-31166) is akin to corruption of information in the memory of the HTTP protocol stack (HTTP.sys) that is already included in all the recent versions of Windows.

CVE ID: CVE-2021-31166
Assigning CNA: Microsoft
Released: May 11, 2021
CVSS: 3.0 (9.8 out of 10)

In general, this HTTP Protocol Stack is used by the Windows IIS (Internet Information Services) server, so, the security expert, Axel Souchet, who used to work for Microsoft has explained that if this server is active, then an attacker can easily send it a specially crafted packet to execute malicious code at the OS kernel level.

This security flaw is quite similar to another Microsoft vulnerability that was detected in the HTTP network stack. It was tracked as CVE-2015-1635 and detected or reported by the security experts in 2015.

Moreover, it becomes worse when Microsoft warned that this RCE vulnerability has the potential of a worm, as it can be used by the threat actors to create malware that spreads itself from server to server.
PoC for CVE-2021-31166 triggers Blue Screen of Death (BSOD)

To show the flaw in action the former Microsoft security researcher, Axel Suchet published a PoC exploit for CVE-2021-31166 (“HTTP Protocol Stack Remote Code Execution Vulnerability”).

From the above image, you can see the flaw in action, and how this critical flaw triggers the Blue Screen of Death (BSOD). Here, Axel explains that where the function has a local LIST_ENTRY, this bug happens itself in the “http!UlpParseContentCoding” and then it affix the item to it.

And here the interesting thing is that it does not NULL out the local list (LIST_ENTRY) after it moves it into the Request structure when it is done.

It means that an attacker can easily leave all the entries of the local list in a hanging state in the Request object by triggering the code path that unlocks all the entries of the local list.
Possible targets are safe from attacks

Axel Suchet claimed since the capabilities of the HTTP Protocol Stack RCE flaw are artificially limited, so, it is likely that most of the potential targets are safe from such attacks.

While this security flaw only affects the newest OS versions like Windows 10 2004 and 20H2, as well as Windows Server 2004 and 20H2, and all these versions are not yet very widespread.

Moreover, the vulnerability CVE-2021-31166 does not allow the formulation of a full-fledged worm, and it only leads to a “crash” (DoS) of unpatched Windows versions that are running the IIS server.

But, apart from all these things, the security team at Microsoft has strongly recommended all its users to install all the security updates published on an immediate basis.

2020 Hacks & Data Breaches

By Akram June 09, 2021 No comments

JANUARY:

• Travelex: Travelex services were pulled offline following a malware infection. The company itself and businesses using the platform to provide currency exchange services were all affected.
• IRS tax refunds: A US resident was jailed for using information leaked through data breaches to file fraudulent tax returns worth $12 million.
• Manor Independent School District: The Texas school district lost $2.3 million during a phishing scam.
• Wawa: 30 million records containing customers' details were made available for sale online.
• Microsoft: The Redmond giant disclosed that five servers used to store anonymized user analytics were exposed and open on the Internet without adequate protection.
• Medical marijuana: A database backing point-of-sale systems used in medical and recreational marijuana dispensaries was compromised, impacting an estimated 30,000 US users.

FEBRUARY:
• Estée Lauder: 440 million internal records were reportedly exposed due to middleware security failures.
• Denmark's government tax portal: The taxpayer-identification numbers of 1.26 million Danish citizens were accidentally exposed.
• DOD DISA: The Defense Information Systems Agency (DISA), which handles IT for the White House, admitted to a data breach potentially compromising employee records.
• UK Financial Conduct Authority (FCA): The FCA released sensitive information belonging to roughly 1,600 consumers by accident as part of an FOIA request.
• Clearview: Clearview AI's entire client list was stolen due to a software vulnerability.
• General Electric: GE warned workers that an unauthorized individual was able to access information belonging to them due to security failures with supplier Canon Business Process Service.

MARCH:
• T-Mobile: A hacker gained access to employee email accounts, compromising data belonging to customers and employees.
• Marriott: The hotel chain suffered a cyberattack in which email accounts were infiltrated. 5.2 million hotel guests were impacted.
• Whisper: The anonymous secret-sharing app exposed millions of users' private profiles and datasets online.
• UK Home Office: GDPR was breached 100 times in the handling of the Home Office's EU Settlement Scheme.
• SIM-swap hacking rings: Europol made arrests across Europe, taking out SIM-swap hackers responsible for the theft of over €3 million.
• Virgin Media: The company exposed the data of 900,000 users through an open marketing database.
• Whisper: Millions of users' private profiles and datasets were left, exposed and online, for the world to see.
• MCA Wizard: 425GB in sensitive documents belonging to financial companies was publicly accessible through a database linked to the MCA Wizard app.
• NutriBullet: NutriBullet became a victim of a Magecart attack, with payment card skimming code infecting the firm's e-commerce store.
• Marriott: Marriott disclosed a new data breach impacting 5.2 million hotel guests.

APRIL:
• US Small Business Administration (SBA): Up to 8,000 applicants for emergency loans were embroiled in a PII data leak.
• Nintendo: 160,000 users were affected by a mass account hijacking campaign.
• Email.it: The Italian email provider failed to protect the data of 600,000 users, leading to its sale on the Dark Web.
• Nintendo: Nintendo said 160,000 users were impacted by a mass account hijacking account caused by the NNID legacy login system.
• US Small Business Administration (SBA): The SBA revealed as many as 8,000 business emergency loan applicants were involved in a data breach.

MAY:
• EasyJet: The budget airline revealed a data breach exposing data belonging to nine million customers, including some financial records.
• Blackbaud: The cloud service provider was hit by ransomware operators who hijacked customer systems. The company later paid a ransom to stop client data from being leaked online.
• Mitsubishi: A data breach suffered by the company potentially also resulted in confidential missile design data being stolen.
• Toll Group: The logistics giant was hit by a second ransomware attack in three months.
• Pakistani mobile users: Data belonging to 44 million Pakistani mobile users was leaked online.
• Illinois: The Illinois Department of Employment Security (IDES) leaked records concerning citizens applying for unemployment benefits.
• Wishbone: 40 million user records were published online by the ShinyHunters hacking group.
• EasyJet: An £18 billion class-action lawsuit was launched to compensate customers impacted by a data breach in the same month.

JUNE:
• Amtrak: Customer PII was leaked and some Amtrak Guest Rewards accounts were accessed by hackers.
• University of California SF: The university paid a $1.14 million ransom to hackers in order to save COVID-19 research.
• AWS: AWS mitigated a massive 2.3 Tbps DDoS attack.
• Postbank: A rogue employee at the South African bank obtained a master key and stole $3.2 million.
• NASA: The DopplePaymer ransomware gang claimed to have breached a NASA IT contractor's networks.
• Claire's: The accessories company fell prey to a card-skimming Magecart infection.

JULY:
• CouchSurfing: 17 million records belonging to CouchSurfing were found on an underground forum.
• University of York: The UK university disclosed a data breach caused by Blackbaud. Staff and student records were stolen.
• MyCastingFile: A US casting platform for actors exposed the PII of 260,000 users.
• SigRed: Microsoft patched a 17-year-old exploit that could be used to hijack Microsoft Windows Servers.
• MGM Resorts: A hacker put the records of 142 million MGM guests online for sale.
• V Shred: The PII of 99,000 customers and trainers was exposed online and V Shred only partially resolved the problem.
• BlueLeaks: Law enforcement closed down a portal used to host 269 GB in stolen files belonging to US police departments.
• EDP: The energy provider confirmed a Ragnar Locker ransomware incident. Over 10TB in business records were apparently stolen.
• MongoDB: A hacker attempted to ransom 23,000 MongoDB databases.

AUGUST:
• Cisco: A former engineer pleaded guilty to causing massive amounts of damage to Cisco networks, costing the company $2.4 million to fix.
• Canon: The photography giant was struck by ransomware gang Maze.
• LG, Xerox: Maze struck again, publishing data belonging to these companies after failing to secure blackmail payments.
• Intel: 20GB of sensitive, corporate data belonging to Intel was published online.
• The Ritz, London: Fraudsters posed as staff in a clever phishing scam against Ritz clients.
• Freepik: The free photos platform disclosed a data breach impacting 8.3 million users.
• University of Utah: The university gave in to cybercriminals and paid a $457,000 ransom to stop the group from publishing student information.
• Experian, South Africa: Experian's South African branch disclosed a data breach impacting 24 million customers.
• Carnival: The cruise operator disclosed a ransomware attack and subsequent data breach.

SEPTEMBER:
• Nevada: A Nevada school, suffering a ransomware attack, refused to pay the cybercriminals -- and so student data was published online in retaliation.
• German hospital ransomware: A hospital patient passed away after being redirected away from a hospital suffering an active ransomware infection.
• Belarus law enforcement: The private information of 1,000 high-ranking police officers was leaked.
• NS8: The CEO of the cyberfraud startup was accused of defrauding investors out of $123 million.
• Satellites: Iranian hackers were charged for compromising US satellites.
• Cerberus: The developers of the Cerberus banking Trojan released the malware's source code after failing to sell it privately.
• BancoEstado: The Chilean bank was forced to close down branches due to ransomware.

OCTOBER:
• Barnes & Noble: The bookseller experienced a cyberattack, believed to be the handiwork of the ransomware group Egregor. Stolen records were leaked online as proof.
• UN IMO: The United Nations International Maritime Organization (UN IMO) disclosed a security breach affecting public systems.
• Boom! Mobile: The telecom service provider became the victim of a Magecart card-skimming attack.
• Google: Google said it mitigated a 2.54 Tbps DDoS attack, one of the largest ever recorded.
• Dickey's: The US barbeque restaurant chain suffered a point-of-sale attack between July 2019 and August 2020. Three million customers had their card details later posted online.
• Ubisoft, Crytek: Sensitive information belonging to the gaming giants was released online by the Egregor ransomware gang.
• Amazon insider trading: A former Amazon finance manager and their family were charged for running a $1.4 million insider trading scam.

NOVEMBER:
• Manchester United: Manchester United football club said it was investigating a security incident impacting internal systems.
• Vertafore: 27.7 million Texas drivers' PII was compromised due to "human error."
• Campari: Campari was knocked offline following a ransomware attack.
• $100 million botnet: A Russian hacker was jailed for operating a botnet responsible for draining $100 million from victim bank accounts.
• Mashable: A hacker published a copy of a Mashable database online.
• Capcom: Capcom became a victim of the Ragnar Locker ransomware, disrupting internal systems.
• Home Depot: The US retailer agreed to a $17.5 million settlement after a PoS malware infection impacted millions of shoppers.

GLOBAL HACKERS

This is default featured slide 1 title

This is default featured slide 2 title

This is default featured slide 3 title

This is default featured slide 4 title

This is default featured slide 5 title

300TB Computer Courses

Hacking related Telegram Groups

Web Application Penetration Testing All Tutorials

Top Onion links of DarkWeb - 9th June 2021

What is Stuxnet?

Severe Vulnerability in Internet Information Services (IIS)

2020 Hacks & Data Breaches

Blog Archive

BTemplates.com

Blogroll

About

Social Profiles

Blog Archive

BTemplates.com

Blogroll

About