Trust describes his methodology for auditing smart contracts.
An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In this conversation, we delve into Trust's background as a security researcher and exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security.
Full Podcast: https://www.youtube.com/watch?v=NC4uzV-syIw
...
https://www.youtube.com/watch?v=wflaydJVMSQ
An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In just under a year, Trust has rocketed to the top of the code4rena leaderboard, and has made waves on both code4rena and Immunefi.
In this conversation, we delve into Trust's background as an exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security. Trust discusses his work performing audits on code4rena, participating in bug bounties on Immunefi, and shares with us his methodology and mindset around bounty hunting and security research.
Full Podcast: https://www.youtube.com/watch?v=NC4uzV-syIw
...
https://www.youtube.com/watch?v=6-O-cnQRzJg
CVE-2021-34527
PrintNightmare is a 0day vulnerability, not to be confused with CVE-2021-1675.
CVE-2021-1675 has been patched on June 8.
PrintNightmare is a 0day - CVE-2021-34527
They are both print spooler vulnerabilities which was what caused the confusion.
We have a new way to remediate this issue now using ACLs, as opposed to just disabling the print spooler, see blog post from Huntress:
https://www.huntress.com/blog/critica...
New powershell PoC has dropped, this is using the PowerSploit module from PowerShellMafia.
https://github.com/calebstewart/CVE-2...
Detect exploitation using powershell:
Get-WinEvent -LogName 'Microsoft-Windows-PrintService/Admin' | Select-String -InputObject {$_.message} -Pattern 'The print spooler failed to load a plug-in module'
Windows Print Spooler Remote Code Execution Vulnerability - Print Nightmare
...
https://www.youtube.com/watch?v=OdfYXsxULo4
Why Johnny Time started his YouTube channel.
JohnnyTime is blockchain security researcher, educator and content creator with over 10 years of experience working in tech and cybersecurity.
Full Podcast: https://www.youtube.com/watch?v=YCsfUrzrcgQ
...
https://www.youtube.com/watch?v=k5wDsx_8hz8
I will be releasing all the code I used to max my account in OSRS in this video series.
This video covers mouse path randomization and the release of the woodcutting script that I used for 99 woodcutting.
install simba:
https://wizzup.org/simba/
code from this video:
https://github.com/AndyFeiLi/osrsBottedtoMax_SimbaScripts/tree/master/episode%202
#OSRS #Botting #Simba #Scripts #AHK
...
https://www.youtube.com/watch?v=sHssTXpHKlc
Walkthrough of the Reaper challenge from Unhacked CTF where we recreate the 1.7M Reaper Farm hack that occurred in Aug 2022.
https://unhackedctf.substack.com/p/welcome
https://github.com/andyfeili/reaper
...
https://www.youtube.com/watch?v=1xnMxdfYOG0