Sekken-enum: tool for subdomain enumeration
A GitHub repo offering a tool to perform high-speed subdomain enumeration using wordlists, API integration, and recursive bruteforce.
#Enumeration
STM32 Short #8 - Understanding USB Enumeration (re-enumeration)
In this videi we will cover the topic of USB Enumeration and how to trigger a USB Host to re-enumerate a STM32 USB Device (or Gadget).
#STM32 #Tutorial #STM32CubeIDE #STM32CubeMX #USB #Enumeration #STM32World
🤔 Ever wonder how to escape from a container? Or how security tools know what permissions they have from inside that same container? It's nice to have a great script for #enumeration ... but what does it check for and why does it matter?
Who am I? - Let’s get oriented and figure out what we have in our container. (https://some-natalie.dev/container-escapes-whoami/)
Our shared kernel - #Containers are processes that share a kernel. What can we see about our host? (https://some-natalie.dev/container-escapes-shared-kernel/)
Are we capable? - What sort of capabilities do we have? (https://some-natalie.dev/container-escapes-capabilities/)
Seccomp is your friend - #Seccomp filters what a container can do. Let’s learn what’s been set for us. (https://some-natalie.dev/container-escapes-seccomp/)
Are we in a microVM? - With #microVM runtimes gaining popularity, how do you know if you’re in a container? (https://some-natalie.dev/blog/microvm-or-container/)
(or, I did a little editing and put my workshop from @appsec_village at #DEFCON33 up) :heart_cybre:
Subdomain enumeration is an essential OSINT technique. Amass and Subfinder are well-known enumeration tools, but they have limitations. Explore this comprehensive database with over 200 sources.
https://osintteam.com/passive-subdomain-enumeration-uncovering-more-subdomains-than-subfinder-amass/
Finally finished implementing the functionality of the PS function for #Enumeration that I've been working on since I saw some flaws in the currently existing tools while studying for #CRTE
It's focused on trying to show interesting ACLs without overwhelming you with lots of useless information. There's probably something out there that does that already (Find-InteterestingDomainAcl is supposed to do the trick but it's still too verbose for me). However, I needed an excuse to dive deeper into ACLs 😜
After cleaning the current monolith of PS scripting and allowing @maikel to peer review it, I'll publish it ☺️
In this week's Linux Update newsletter, Chris Binnie looks at the enumeration tools feroxbuster and ffuf for automating search during a cyberattack
https://www.linux-magazine.com/Issues/2025/290/Enumerating-Resources
#security #tools #feroxbuster #ffuf #enumeration #cyberattack #automation #fuzzing
Title of the day: "generatingfunctionology"
who spies on you more - ms, apple, google or amazon - ai surveillance content from rob braxman
https://www.youtube.com/watch?v=QwxaRPuJkyU
#tracking #capital surveillance #enumeration #ever cookie
Oh boy. A simple #enumeration #attack could be used to read credit offers at #CHECK24 and #verivox, two big German portal offering a lot of things around comparing credit offers, insurance contracts and other things.
This is such a trivial mistake, it nearly feels deliberate. This should never ever happend. And for sure this should have be a red flag in any #securityaudit. I wonder how they can state "No indications of miss use.". #cybersecurity
Article in German:
https://correctiv.org/aktuelles/datenschutz/2024/09/17/kreditvermittlung-bei-check24-und-verivox-kritische-datenlecks-entdeckt/
Did you know:
A large part of the hacker's workflow is done through open-source intelligence (OSINT) and enumeration.
Tools like Shodan can help map out your digital footprint.
#OSINT #CyberSecurity #cyber #osint #infosec #hacking #enumeration
TheHarvester - Your New Best Friend in Recon! This tool gathers emails, names, and other info from public sources. Perfect for beginners in reconnaissance. #TheHarvester #Recon #Infosec #osint #enumeration
I saw this passphrase wordlist project popup. Just like to remind folks that passphrase passwords (ex: correcthorsebatterystapler), even with character substitution, can be enumerated and that GPUs will eventually be able to bruteforce the inevitable password dumps from data breaches. In fact a certain someone wrote up a blog post two years ago showing how you could enumerate all permutations of passphrases using Ruby to build your own custom passphrase wordlists; which of course was met with immediate poo-pooing upon.
#wordlists #passphrase #enumeration #ruby
Does anyone have a directory enumeration wordlist that's optimized to find common directories quickly, and doesn't have junk in it like 490541629456ea9c7e1c31 or Oasis - The Complete Discography.
#dirbusting #enumeration #wordlist
https://youtu.be/1O_47ZZ_J_g?si=FJti3ds0KCeVUrZO
@blackpointus's CEO John Murchison talks about the surprising and uncommon approach #ALPHV #BlackCat #ransomware takes from initial #intrusion and #enumeration all the way to #exfiltration; namely, a decided reliance on the #networking and #IT tools available to them as opposed to a reliance on #malware. He covers how their approach is able to evade #EDR, the way they are similar to nation state actors in their level of sophistication, and notes what a large attack surface #microsoft365 has relative to the ability to properly #harden and #secure the environment. He also covers how quickly the #Rust ransomware #payload is able to take over.
Definitely worth a watch given the recent attack on #ChangeHealthcare.
🚨 New blog post: Preparing a National Sampling Frame: capacity strengthening in Cameroon
A report on our recent #preEA and #QGIS workshop with #ins_cameroun
Weekend project: try to solve some #combinatorics #enumeration problems by reduction to #SharpSAT. (Which, to be clear, I thought was unlikely to succeed!)
I picked c2d http://reasoning.cs.ucla.edu/c2d/ because it scored highly in the 2020 Model Counting Competition https://arxiv.org/abs/2012.01323 but I am not sure this is the same version. The one I got is dated 2005 and was 32-bit only. It ran out of memory on this 364-variable 942-clause instance (corresponding to 6 playing cards chosen from a standard 52-card deck.)
Looking at the 2023 competition instead, I think I should try SharpSAT-TD https://github.com/Laakeri/sharpsat-td but it is not as well documented. For example, I don't know if it supports the "eclauses" (exactly-one clauses) extension of the Dimacs CNF format.
Enumeration - I have just completed this room! Check it out: https://tryhackme.com/room/enumerationpe #tryhackme #security #enumeration #processes #services #post-exploitation #users #enumerationpe via @RealTryHackMe
All sets of integer lattice points symmetric along the X and Y axes, and connected allowing diagonals, of size 14 and 15.
Code here: https://gist.github.com/mgritter/8cfc41a7325f85b75c029f77915a2f44
Inspired by this Quora question, https://www.quora.com/On-an-XY-array-of-lattice-points-how-many-patterns-of-N-connected-points-are-mirror-symmetric-in-both-X-and-Y-Adjacency-connections-are-1-in-X-1-in-Y-or-1-1-in-X-Y-I-do-not-know-the-answer, although I misinterpreted what he was asking for. That was closer to all polyominoes, allowing diagonal connections, which are horizontally and vertically symmetric. But I don't allow the line of symmetry to run down a half-integer value.
Lista użytkowników Wordpress dostępna przez API ( https://nfsec.pl/pentest/6215 ) #wordpress #user #enumeration #badbot #twittermigration
Point-in-Time count shows homeless numbers up over 9% in Victoria, BC region
This year’s count identified 1,665 people who were experiencing homelessness, versus 1,523 in 2020
Homeless include many seniors, Indigenous and people with disabilities
#homeless #housing #AffordableHousing #enumeration #PointInTime #yyjpoli #bcpoli #buildhomes #buildjustice
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst