Telegram-Trilateration
PayloadsAllTheThings
Telegram-Trilateration | PayloadsAllTheThings | |
---|---|---|
9 | 34 | |
541 | 56,831 | |
- | - | |
0.0 | 8.5 | |
about 2 years ago | 5 days ago | |
Python | Python | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Telegram-Trilateration
- Telegram Trilateration
- Telegram Trilateration: Abusing “People Near Me” and tracking people's location
-
Hacker News top posts: Mar 13, 2022
Telegram Trilateration: Abusing “People Near Me” and tracking people's location\ (18 comments)
- Telegram Trilateration: PoC abusing “People Near Me” & tracking people location
- POC for abusing Telegram “People Near Me” feature and tracking people's location
- Proof of concept for abusing Telegram's "People Near Me" feature and tracking people's location
-
Security Analysis of Telegram (Symmetric Part)
Besides cryptographic issues they are also other issues compared to Signal Mtproto seems like the old man out in terms of cryptographic protocols also Mtproto dosen't seem to scale for multiple users. In earlier iterations of Mtproto there key-things missing like MAC, and etc. To be fair the paper does show in some sense the Mtproto is "secure" at protocol level (assuming your using the official client and the server is trusted) still it looks like it's fragile and pretty bad. Linked below are some more serious holes found in Mtproto's game.
PayloadsAllTheThings
-
php shell not executed in wordpress
Also https://github.com/swisskyrepo/PayloadsAllTheThings I'm sure there's a few test php files in here for filter bypasses too
-
XXE-XML External Entities Attacks
An alternative display version is available at PayloadsAllTheThingsWeb.
-
Becoming a security researcher. Help with a realistic timeline?
- https://github.com/swisskyrepo/PayloadsAllTheThings - https://book.hacktricks.xyz/welcome/readme
-
Want to hack school laptop? Any tips or applications that I can download?
If it's windows - oofta-may. Start here: https://github.com/swisskyrepo/PayloadsAllTheThings
- Where do I start on this journey?
-
How important is webtesting in the exam?
It is a method for initial access so it is possible that it could appear in one of the exam machines Payload all the things has a lot of useful resources for sql injection https://swisskyrepo.github.io/PayloadsAllTheThings/
- GitHub (or any website) page with good scripts for social media tools
- cómo empezar en seguridad informática
-
It's official: BlackLotus malware can bypass secure boot
> If you run as a user who doesn't have admin access you should be protected,
That's not very reassuring. Privilege escalation on Windows is a well studied subject:
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/mas...
-
you think that hack the box is the best way to start a career in CiberSecurity speaking about hacking?
Payloadallthethings github
What are some alternatives?
Vulnnr - Vulnnr - Vulnerability Scanner And Mass Exploiter, created for pentesting.
sql-injection-payload-list - 🎯 SQL Injection Payload List
bleachbit - BleachBit system cleaner for Windows and Linux
nuclei-templates - Community curated list of templates for the nuclei engine to find security vulnerabilities.
hosts - 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
CVE-2021-44228-PoC-log4j-bypass-words - 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
breaking-telegram - Simple PoC script that allows you to exploit telegram's "send with timer" feature by saving any media sent with this functionality.
OWASP-Testing-Checklist - OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
avatar - Self-hosted service for creating random avatars
IPRotate_Burp_Extension - Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
VulnWhisperer - Create actionable data from your Vulnerability Scans
web-pentesting-checklist - checklist for testing the web applications