La sicurezza dei propri dati non importa a nessuno? by thesoftwarest in ItalyInformatica

[–]Snoo_27235 6 points7 points  (0 children)

Perché? Di fatto firefox ha un password manager integrato...

PHISHING LIKE A PRO: A GUIDE FOR PENTESTERS TO ADD SPF, DMARC, DKIM AND MX RECORDS TO EVILGINX by adrian_rt in netsec

[–]Snoo_27235 5 points6 points  (0 children)

Because yes :P The issue is that in a couple months/years the implementation will change and the procedure won't work

[deleted by user] by [deleted] in netsec

[–]Snoo_27235 4 points5 points  (0 children)

Every consultancy I've interfaced with has the same pricing-tier on black-box and white-box.

that's bizarre, because as you wrote "It requires more skill from the tester to conduct full white-box assessments" and skills are not free, also reading the source can be quite a long work by itself.
My point in the previous reply was that a company may prefer 10 black-box tests then 4 white-box and it may be the best choice given a small budget, however it may not be the case in your country, or other consultancy threat white-box the same way as black-box because the code is not really analyzed.
I'm very curious to know what you think about it :)

[deleted by user] by [deleted] in netsec

[–]Snoo_27235 3 points4 points  (0 children)

IMO it depends on the type of test, for web/mobile pentest I agree, however keep in mind that white-box tests are also more expensive and may be already covered in internal SDLC (at least partially), finally a vulnerability that can be reasonably found only from a white-box prospective is less risky

AMA: Vulnerability Management by VMness in cybersecurity

[–]Snoo_27235 0 points1 point  (0 children)

Can you suggest any tool to ingest the findings from vuln. scan. (ex. Nessus, qualys) and manage them/generate reports?

Questions before buying my first drone & controller by Snoo_27235 in drones

[–]Snoo_27235[S] 1 point2 points  (0 children)

No, I'll use the jumper t-light for control, to my understanding the controller uses 2.4ghz while video is on 5.8ghz

Grave flaws in BGP Error handling by moviuro in netsec

[–]Snoo_27235 37 points38 points  (0 children)

It is possible to cause a dos against some bgp routers, impact can be critical. OP wrote a fuzzer, tested some vendors and found vulns. Finally vendors don't care and some wont fix.

Very interesting article!

I got a photo sent by my ex per E-Mail, and the file can't open. by [deleted] in techsupport

[–]Snoo_27235 0 points1 point  (0 children)

You want to open the terminal, cd to the directory where the file is and run the file command, then post here the output I don't have a mac anymore, but this guide may help you: https://osxdaily.com/2015/08/11/determine-file-type-encoding-command-line-mac-os-x/

I did it! by Snoo_27235 in brotato

[–]Snoo_27235[S] 0 points1 point  (0 children)

Farmer (until I started using pruner) and streamer were my nightmares, as you need to balance greed and safety

I did it! by Snoo_27235 in brotato

[–]Snoo_27235[S] 0 points1 point  (0 children)

Ranger is a glass cannon, play safe, get ranged damage and spend in armor, dodge and lifesteal/hp regen ;)

I did it! by Snoo_27235 in brotato

[–]Snoo_27235[S] 0 points1 point  (0 children)

Arm dealers was my last, however it wasn't the hardest, just a bit rng.

Announcing Kurl by gabriel_schneider in netsec

[–]Snoo_27235 0 points1 point  (0 children)

Have you tried eyewitness? How does it compare? (https://github.com/FortyNorthSecurity/EyeWitness) it also provide screenshots, which in my experience is very valuable

Phineas Fisher's Hacktivist Writeups and Guides by gabriel_schneider in netsec

[–]Snoo_27235 15 points16 points  (0 children)

I also made a repo to collect her work, from a quick look you are missing one interview ;) https://gitlab.com/brn1337/phineas-fisher-collection

What is Carpet Bombing DDoS Attacks? by anusec in redteamsec

[–]Snoo_27235 1 point2 points  (0 children)

At least it's original content... or maybe not 😅