#enumeration — Public Fediverse posts

@da_667 it is civilized to proxy that shit (it is the vast majority of the traffic, mostly) and use your own certs, should you proxy through yacy and spider every site you visit? should you use squid proxy to speed up browsing? those options are left to the reader - they all work and you can get reports - are most smb going to do lots of threat hunting probably not but they may go hybrid #unknown binary #ntopng #top talkers #comp intel #enumeration #attribution

@da_667 it is civilized to proxy that shit (it is the vast majority of the traffic, mostly) and use your own certs, should you proxy through yacy and spider every site you visit? should you use squid proxy to speed up browsing? those options are left to the reader - they all work and you can get reports - are most smb going to do lots of threat hunting probably not but they may go hybrid #unknown binary #ntopng #top talkers #comp intel #enumeration #attribution

@da_667 it is civilized to proxy that shit (it is the vast majority of the traffic, mostly) and use your own certs, should you proxy through yacy and spider every site you visit? should you use squid proxy to speed up browsing? those options are left to the reader - they all work and you can get reports - are most smb going to do lots of threat hunting probably not but they may go hybrid #unknown binary #ntopng #top talkers #comp intel #enumeration #attribution

@da_667 it is civilized to proxy that shit (it is the vast majority of the traffic, mostly) and use your own certs, should you proxy through yacy and spider every site you visit? should you use squid proxy to speed up browsing? those options are left to the reader - they all work and you can get reports - are most smb going to do lots of threat hunting probably not but they may go hybrid #unknown binary #ntopng #top talkers #comp intel #enumeration #attribution

Recently, I wrote a write-up for the vulnerable machine from #VulNyx called Controler. It’s a medium-level #Windows machine. #Enumeration begins with the Kerberos account, which I use to gain initial system access. Through further Active Directory enumeration, I #exploit replication rights, ultimately extracting the Domain Administrator’s password hash and gaining full administrative control.

Solving this machine took me some time, but I learned a lot. I touched on new tools like #BloodHound, delved a bit deeper into Active Directory, and, in general, kept my #pentesting skills in check.

If you are starting in #cybersecurity, I would definitely recommend checking some VMs from VulNyx.

https://medium.com/@thecybercraft/vulnyx-controler-writeup-b9ada8e12fdd

Recently, I wrote a write-up for the vulnerable machine from #VulNyx called Controler. It’s a medium-level #Windows machine. #Enumeration begins with the Kerberos account, which I use to gain initial system access. Through further Active Directory enumeration, I #exploit replication rights, ultimately extracting the Domain Administrator’s password hash and gaining full administrative control.

Solving this machine took me some time, but I learned a lot. I touched on new tools like #BloodHound, delved a bit deeper into Active Directory, and, in general, kept my #pentesting skills in check.

If you are starting in #cybersecurity, I would definitely recommend checking some VMs from VulNyx.

https://medium.com/@thecybercraft/vulnyx-controler-writeup-b9ada8e12fdd

Recently, I wrote a write-up for the vulnerable machine from #VulNyx called Controler. It’s a medium-level #Windows machine. #Enumeration begins with the Kerberos account, which I use to gain initial system access. Through further Active Directory enumeration, I #exploit replication rights, ultimately extracting the Domain Administrator’s password hash and gaining full administrative control.

Solving this machine took me some time, but I learned a lot. I touched on new tools like #BloodHound, delved a bit deeper into Active Directory, and, in general, kept my #pentesting skills in check.

If you are starting in #cybersecurity, I would definitely recommend checking some VMs from VulNyx.

https://medium.com/@thecybercraft/vulnyx-controler-writeup-b9ada8e12fdd

Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts https://www.securityweek.com/vulnerability-allowed-scraping-of-3-5-billion-whatsapp-accounts/ #Vulnerabilities #DataProtection #enumeration #databreach #dataleak #WhatsApp

Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts https://www.securityweek.com/vulnerability-allowed-scraping-of-3-5-billion-whatsapp-accounts/ #Vulnerabilities #DataProtection #enumeration #databreach #dataleak #WhatsApp

Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts https://www.securityweek.com/vulnerability-allowed-scraping-of-3-5-billion-whatsapp-accounts/ #Vulnerabilities #DataProtection #enumeration #databreach #dataleak #WhatsApp

Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts https://www.securityweek.com/vulnerability-allowed-scraping-of-3-5-billion-whatsapp-accounts/ #Vulnerabilities #DataProtection #enumeration #databreach #dataleak #WhatsApp

STM32 Short #8 - Understanding USB Enumeration (re-enumeration)

In this videi we will cover the topic of USB Enumeration and how to trigger a USB Host to re-enumerate a STM32 USB Device (or Gadget).

#STM32 #Tutorial #STM32CubeIDE #STM32CubeMX #USB #Enumeration #STM32World

https://www.youtube.com/watch?v=osNf6gyF_zY

STM32 Short #8 - Understanding USB Enumeration (re-enumeration)

In this videi we will cover the topic of USB Enumeration and how to trigger a USB Host to re-enumerate a STM32 USB Device (or Gadget).

#STM32 #Tutorial #STM32CubeIDE #STM32CubeMX #USB #Enumeration #STM32World

https://www.youtube.com/watch?v=osNf6gyF_zY

STM32 Short #8 - Understanding USB Enumeration (re-enumeration)

In this videi we will cover the topic of USB Enumeration and how to trigger a USB Host to re-enumerate a STM32 USB Device (or Gadget).

#STM32 #Tutorial #STM32CubeIDE #STM32CubeMX #USB #Enumeration #STM32World

https://www.youtube.com/watch?v=osNf6gyF_zY

STM32 Short #8 - Understanding USB Enumeration (re-enumeration)

In this videi we will cover the topic of USB Enumeration and how to trigger a USB Host to re-enumerate a STM32 USB Device (or Gadget).

#STM32 #Tutorial #STM32CubeIDE #STM32CubeMX #USB #Enumeration #STM32World

https://www.youtube.com/watch?v=osNf6gyF_zY

🤔 Ever wonder how to escape from a container? Or how security tools know what permissions they have from inside that same container? It's nice to have a great script for #enumeration ... but what does it check for and why does it matter?

• Who am I? - Let’s get oriented and figure out what we have in our container. (https://some-natalie.dev/container-escapes-whoami/)

• Our shared kernel - #Containers are processes that share a kernel. What can we see about our host? (https://some-natalie.dev/container-escapes-shared-kernel/)

• Are we capable? - What sort of capabilities do we have? (https://some-natalie.dev/container-escapes-capabilities/)

• Seccomp is your friend - #Seccomp filters what a container can do. Let’s learn what’s been set for us. (https://some-natalie.dev/container-escapes-seccomp/)

• Are we in a microVM? - With #microVM runtimes gaining popularity, how do you know if you’re in a container? (https://some-natalie.dev/blog/microvm-or-container/)

(or, I did a little editing and put my workshop from @appsec_village at #DEFCON33 up) :heart_cybre:

🤔 Ever wonder how to escape from a container? Or how security tools know what permissions they have from inside that same container? It's nice to have a great script for #enumeration ... but what does it check for and why does it matter?

• Who am I? - Let’s get oriented and figure out what we have in our container. (https://some-natalie.dev/container-escapes-whoami/)

• Our shared kernel - #Containers are processes that share a kernel. What can we see about our host? (https://some-natalie.dev/container-escapes-shared-kernel/)

• Are we capable? - What sort of capabilities do we have? (https://some-natalie.dev/container-escapes-capabilities/)

• Seccomp is your friend - #Seccomp filters what a container can do. Let’s learn what’s been set for us. (https://some-natalie.dev/container-escapes-seccomp/)

• Are we in a microVM? - With #microVM runtimes gaining popularity, how do you know if you’re in a container? (https://some-natalie.dev/blog/microvm-or-container/)

(or, I did a little editing and put my workshop from @appsec_village at #DEFCON33 up) :heart_cybre:

🤔 Ever wonder how to escape from a container? Or how security tools know what permissions they have from inside that same container? It's nice to have a great script for #enumeration ... but what does it check for and why does it matter?

• Who am I? - Let’s get oriented and figure out what we have in our container. (https://some-natalie.dev/container-escapes-whoami/)

• Our shared kernel - #Containers are processes that share a kernel. What can we see about our host? (https://some-natalie.dev/container-escapes-shared-kernel/)

• Are we capable? - What sort of capabilities do we have? (https://some-natalie.dev/container-escapes-capabilities/)

• Seccomp is your friend - #Seccomp filters what a container can do. Let’s learn what’s been set for us. (https://some-natalie.dev/container-escapes-seccomp/)

• Are we in a microVM? - With #microVM runtimes gaining popularity, how do you know if you’re in a container? (https://some-natalie.dev/blog/microvm-or-container/)

(or, I did a little editing and put my workshop from @appsec_village at #DEFCON33 up) :heart_cybre:

🤔 Ever wonder how to escape from a container? Or how security tools know what permissions they have from inside that same container? It's nice to have a great script for #enumeration ... but what does it check for and why does it matter?

• Who am I? - Let’s get oriented and figure out what we have in our container. (https://some-natalie.dev/container-escapes-whoami/)

• Our shared kernel - #Containers are processes that share a kernel. What can we see about our host? (https://some-natalie.dev/container-escapes-shared-kernel/)

• Are we capable? - What sort of capabilities do we have? (https://some-natalie.dev/container-escapes-capabilities/)

• Seccomp is your friend - #Seccomp filters what a container can do. Let’s learn what’s been set for us. (https://some-natalie.dev/container-escapes-seccomp/)

• Are we in a microVM? - With #microVM runtimes gaining popularity, how do you know if you’re in a container? (https://some-natalie.dev/blog/microvm-or-container/)

(or, I did a little editing and put my workshop from @appsec_village at #DEFCON33 up) :heart_cybre:

🤔 Ever wonder how to escape from a container? Or how security tools know what permissions they have from inside that same container? It's nice to have a great script for #enumeration ... but what does it check for and why does it matter?

• Who am I? - Let’s get oriented and figure out what we have in our container. (https://some-natalie.dev/container-escapes-whoami/)
• Our shared kernel - #Containers are processes that share a kernel. What can we see about our host? (https://some-natalie.dev/container-escapes-shared-kernel/)
• Are we capable? - What sort of capabilities do we have? (https://some-natalie.dev/container-escapes-capabilities/)
• Seccomp is your friend - #Seccomp filters what a container can do. Let’s learn what’s been set for us. (https://some-natalie.dev/container-escapes-seccomp/)
• Are we in a microVM? - With #microVM runtimes gaining popularity, how do you know if you’re in a container? (https://some-natalie.dev/blog/microvm-or-container/)

(or, I did a little editing and put my workshop from @appsec_village at #DEFCON33 up) :heart_cybre:

Subdomain enumeration is an essential OSINT technique. Amass and Subfinder are well-known enumeration tools, but they have limitations. Explore this comprehensive database with over 200 sources.

https://osintteam.com/passive-subdomain-enumeration-uncovering-more-subdomains-than-subfinder-amass/

#OSINT #Subdomains #Domains #DNS #enumeration

In this week's Linux Update newsletter, Chris Binnie looks at the enumeration tools feroxbuster and ffuf for automating search during a cyberattack
https://www.linux-magazine.com/Issues/2025/290/Enumerating-Resources
#security #tools #feroxbuster #ffuf #enumeration #cyberattack #automation #fuzzing

In this week's Linux Update newsletter, Chris Binnie looks at the enumeration tools feroxbuster and ffuf for automating search during a cyberattack
https://www.linux-magazine.com/Issues/2025/290/Enumerating-Resources
#security #tools #feroxbuster #ffuf #enumeration #cyberattack #automation #fuzzing

In this week's Linux Update newsletter, Chris Binnie looks at the enumeration tools feroxbuster and ffuf for automating search during a cyberattack
https://www.linux-magazine.com/Issues/2025/290/Enumerating-Resources
#security #tools #feroxbuster #ffuf #enumeration #cyberattack #automation #fuzzing

In this week's Linux Update newsletter, Chris Binnie looks at the enumeration tools feroxbuster and ffuf for automating search during a cyberattack
https://www.linux-magazine.com/Issues/2025/290/Enumerating-Resources
#security #tools #feroxbuster #ffuf #enumeration #cyberattack #automation #fuzzing

In this week's Linux Update newsletter, Chris Binnie looks at the enumeration tools feroxbuster and ffuf for automating search during a cyberattack
https://www.linux-magazine.com/Issues/2025/290/Enumerating-Resources
#security #tools #feroxbuster #ffuf #enumeration #cyberattack #automation #fuzzing

who spies on you more - ms, apple, google or amazon - ai surveillance content from rob braxman
https://www.youtube.com/watch?v=QwxaRPuJkyU
#tracking #capital surveillance #enumeration #ever cookie

who spies on you more - ms, apple, google or amazon - ai surveillance content from rob braxman
https://www.youtube.com/watch?v=QwxaRPuJkyU
#tracking #capital surveillance #enumeration #ever cookie

who spies on you more - ms, apple, google or amazon - ai surveillance content from rob braxman
https://www.youtube.com/watch?v=QwxaRPuJkyU
#tracking #capital surveillance #enumeration #ever cookie

Oh boy. A simple #enumeration #attack could be used to read credit offers at #CHECK24 and #verivox, two big German portal offering a lot of things around comparing credit offers, insurance contracts and other things.

This is such a trivial mistake, it nearly feels deliberate. This should never ever happend. And for sure this should have be a red flag in any #securityaudit. I wonder how they can state "No indications of miss use.". #cybersecurity

Article in German:
https://correctiv.org/aktuelles/datenschutz/2024/09/17/kreditvermittlung-bei-check24-und-verivox-kritische-datenlecks-entdeckt/

Oh boy. A simple #enumeration #attack could be used to read credit offers at #CHECK24 and #verivox, two big German portal offering a lot of things around comparing credit offers, insurance contracts and other things.

This is such a trivial mistake, it nearly feels deliberate. This should never ever happend. And for sure this should have be a red flag in any #securityaudit. I wonder how they can state "No indications of miss use.". #cybersecurity

Article in German:
https://correctiv.org/aktuelles/datenschutz/2024/09/17/kreditvermittlung-bei-check24-und-verivox-kritische-datenlecks-entdeckt/

Oh boy. A simple #enumeration #attack could be used to read credit offers at #CHECK24 and #verivox, two big German portal offering a lot of things around comparing credit offers, insurance contracts and other things.

This is such a trivial mistake, it nearly feels deliberate. This should never ever happend. And for sure this should have be a red flag in any #securityaudit. I wonder how they can state "No indications of miss use.". #cybersecurity

Article in German:
https://correctiv.org/aktuelles/datenschutz/2024/09/17/kreditvermittlung-bei-check24-und-verivox-kritische-datenlecks-entdeckt/

🚨 New blog post: Preparing a National Sampling Frame: capacity strengthening in Cameroon

A report on our recent #preEA and #QGIS workshop with #ins_cameroun

#geospatial #census #statistics #Enumeration #MINRESI_CM

https://www.worldpop.org/blog/preparing-a-national-sampling-frame-capacity-strengthening-in-cameroon/

🚨 New blog post: Preparing a National Sampling Frame: capacity strengthening in Cameroon

A report on our recent #preEA and #QGIS workshop with #ins_cameroun

#geospatial #census #statistics #Enumeration #MINRESI_CM

https://www.worldpop.org/blog/preparing-a-national-sampling-frame-capacity-strengthening-in-cameroon/

🚨 New blog post: Preparing a National Sampling Frame: capacity strengthening in Cameroon

A report on our recent #preEA and #QGIS workshop with #ins_cameroun

#geospatial #census #statistics #Enumeration #MINRESI_CM

https://www.worldpop.org/blog/preparing-a-national-sampling-frame-capacity-strengthening-in-cameroon/

🚨 New blog post: Preparing a National Sampling Frame: capacity strengthening in Cameroon

A report on our recent #preEA and #QGIS workshop with #ins_cameroun

#geospatial #census #statistics #Enumeration #MINRESI_CM

https://www.worldpop.org/blog/preparing-a-national-sampling-frame-capacity-strengthening-in-cameroon/

Weekend project: try to solve some #combinatorics #enumeration problems by reduction to #SharpSAT. (Which, to be clear, I thought was unlikely to succeed!)

I picked c2d http://reasoning.cs.ucla.edu/c2d/ because it scored highly in the 2020 Model Counting Competition https://arxiv.org/abs/2012.01323 but I am not sure this is the same version. The one I got is dated 2005 and was 32-bit only. It ran out of memory on this 364-variable 942-clause instance (corresponding to 6 playing cards chosen from a standard 52-card deck.)

Looking at the 2023 competition instead, I think I should try SharpSAT-TD https://github.com/Laakeri/sharpsat-td but it is not as well documented. For example, I don't know if it supports the "eclauses" (exactly-one clauses) extension of the Dimacs CNF format.

#Satisfiability

Weekend project: try to solve some #combinatorics #enumeration problems by reduction to #SharpSAT. (Which, to be clear, I thought was unlikely to succeed!)

I picked c2d http://reasoning.cs.ucla.edu/c2d/ because it scored highly in the 2020 Model Counting Competition https://arxiv.org/abs/2012.01323 but I am not sure this is the same version. The one I got is dated 2005 and was 32-bit only. It ran out of memory on this 364-variable 942-clause instance (corresponding to 6 playing cards chosen from a standard 52-card deck.)

Looking at the 2023 competition instead, I think I should try SharpSAT-TD https://github.com/Laakeri/sharpsat-td but it is not as well documented. For example, I don't know if it supports the "eclauses" (exactly-one clauses) extension of the Dimacs CNF format.

#Satisfiability

Weekend project: try to solve some #combinatorics #enumeration problems by reduction to #SharpSAT. (Which, to be clear, I thought was unlikely to succeed!)

I picked c2d http://reasoning.cs.ucla.edu/c2d/ because it scored highly in the 2020 Model Counting Competition https://arxiv.org/abs/2012.01323 but I am not sure this is the same version. The one I got is dated 2005 and was 32-bit only. It ran out of memory on this 364-variable 942-clause instance (corresponding to 6 playing cards chosen from a standard 52-card deck.)

Looking at the 2023 competition instead, I think I should try SharpSAT-TD https://github.com/Laakeri/sharpsat-td but it is not as well documented. For example, I don't know if it supports the "eclauses" (exactly-one clauses) extension of the Dimacs CNF format.

#Satisfiability

Weekend project: try to solve some #combinatorics #enumeration problems by reduction to #SharpSAT. (Which, to be clear, I thought was unlikely to succeed!)

I picked c2d http://reasoning.cs.ucla.edu/c2d/ because it scored highly in the 2020 Model Counting Competition https://arxiv.org/abs/2012.01323 but I am not sure this is the same version. The one I got is dated 2005 and was 32-bit only. It ran out of memory on this 364-variable 942-clause instance (corresponding to 6 playing cards chosen from a standard 52-card deck.)

Looking at the 2023 competition instead, I think I should try SharpSAT-TD https://github.com/Laakeri/sharpsat-td but it is not as well documented. For example, I don't know if it supports the "eclauses" (exactly-one clauses) extension of the Dimacs CNF format.

#Satisfiability

All sets of integer lattice points symmetric along the X and Y axes, and connected allowing diagonals, of size 14 and 15.

Code here: https://gist.github.com/mgritter/8cfc41a7325f85b75c029f77915a2f44

Inspired by this Quora question, https://www.quora.com/On-an-XY-array-of-lattice-points-how-many-patterns-of-N-connected-points-are-mirror-symmetric-in-both-X-and-Y-Adjacency-connections-are-1-in-X-1-in-Y-or-1-1-in-X-Y-I-do-not-know-the-answer, although I misinterpreted what he was asking for. That was closer to all polyominoes, allowing diagonal connections, which are horizontally and vertically symmetric. But I don't allow the line of symmetry to run down a half-integer value.

#enumeration #integer_lattice #polyominoes

All sets of integer lattice points symmetric along the X and Y axes, and connected allowing diagonals, of size 14 and 15.

Code here: https://gist.github.com/mgritter/8cfc41a7325f85b75c029f77915a2f44

Inspired by this Quora question, https://www.quora.com/On-an-XY-array-of-lattice-points-how-many-patterns-of-N-connected-points-are-mirror-symmetric-in-both-X-and-Y-Adjacency-connections-are-1-in-X-1-in-Y-or-1-1-in-X-Y-I-do-not-know-the-answer, although I misinterpreted what he was asking for. That was closer to all polyominoes, allowing diagonal connections, which are horizontally and vertically symmetric. But I don't allow the line of symmetry to run down a half-integer value.

#enumeration #integer_lattice #polyominoes

All sets of integer lattice points symmetric along the X and Y axes, and connected allowing diagonals, of size 14 and 15.

Code here: https://gist.github.com/mgritter/8cfc41a7325f85b75c029f77915a2f44

Inspired by this Quora question, https://www.quora.com/On-an-XY-array-of-lattice-points-how-many-patterns-of-N-connected-points-are-mirror-symmetric-in-both-X-and-Y-Adjacency-connections-are-1-in-X-1-in-Y-or-1-1-in-X-Y-I-do-not-know-the-answer, although I misinterpreted what he was asking for. That was closer to all polyominoes, allowing diagonal connections, which are horizontally and vertically symmetric. But I don't allow the line of symmetry to run down a half-integer value.

#enumeration #integer_lattice #polyominoes

All sets of integer lattice points symmetric along the X and Y axes, and connected allowing diagonals, of size 14 and 15.

Code here: https://gist.github.com/mgritter/8cfc41a7325f85b75c029f77915a2f44

Inspired by this Quora question, https://www.quora.com/On-an-XY-array-of-lattice-points-how-many-patterns-of-N-connected-points-are-mirror-symmetric-in-both-X-and-Y-Adjacency-connections-are-1-in-X-1-in-Y-or-1-1-in-X-Y-I-do-not-know-the-answer, although I misinterpreted what he was asking for. That was closer to all polyominoes, allowing diagonal connections, which are horizontally and vertically symmetric. But I don't allow the line of symmetry to run down a half-integer value.

#enumeration #integer_lattice #polyominoes

Point-in-Time count shows homeless numbers up over 9% in Victoria, BC region

This year’s count identified 1,665 people who were experiencing homelessness, versus 1,523 in 2020

Homeless include many seniors, Indigenous and people with disabilities

https://www.timescolonist.com/local-news/point-in-time-count-shows-homeless-numbers-up-slightly-7366592

#homeless #housing #AffordableHousing #enumeration #PointInTime #yyjpoli #bcpoli #buildhomes #buildjustice

Point-in-Time count shows homeless numbers up over 9% in Victoria, BC region

This year’s count identified 1,665 people who were experiencing homelessness, versus 1,523 in 2020

Homeless include many seniors, Indigenous and people with disabilities

https://www.timescolonist.com/local-news/point-in-time-count-shows-homeless-numbers-up-slightly-7366592

#homeless #housing #AffordableHousing #enumeration #PointInTime #yyjpoli #bcpoli #buildhomes #buildjustice

Point-in-Time count shows homeless numbers up over 9% in Victoria, BC region

This year’s count identified 1,665 people who were experiencing homelessness, versus 1,523 in 2020

Homeless include many seniors, Indigenous and people with disabilities

https://www.timescolonist.com/local-news/point-in-time-count-shows-homeless-numbers-up-slightly-7366592

#homeless #housing #AffordableHousing #enumeration #PointInTime #yyjpoli #bcpoli #buildhomes #buildjustice

Point-in-Time count shows homeless numbers up over 9% in Victoria, BC region

This year’s count identified 1,665 people who were experiencing homelessness, versus 1,523 in 2020

Homeless include many seniors, Indigenous and people with disabilities

https://www.timescolonist.com/local-news/point-in-time-count-shows-homeless-numbers-up-slightly-7366592

#homeless #housing #AffordableHousing #enumeration #PointInTime #yyjpoli #bcpoli #buildhomes #buildjustice

There has to be a better way, right? Brute force can’t be the best way to enumerate zones of subdomains. #pentesting #hacking #dns #zone #enumeration #hackthebox

There has to be a better way, right? Brute force can’t be the best way to enumerate zones of subdomains. #pentesting #hacking #dns #zone #enumeration #hackthebox