kernel privilege escalation enumeration and exploitation framework - spencerdodd/kernelpop

Summary This is a security advisory for a bug that I discovered in Resolv::getaddresses that enabled me to bypass multiple Server-Side Request Forgery filters. Applications such as GitLab and HackerOne were affected by this bug. The disclosure of all reports…

WikiLeaks has resumed its CIA leaks and it has now started publishing source code and other files associated with tools allegedly developed by the intelligence agency.

Hackers attack small vulnerable websites in order to abuse server resources and spread SEO spam. Learn about steps you can take to protect your site.

During an analysis of different remote desktop trojans we came across an interesting attack-chain which leverages an RTF that exploits CVE-2017-8759 to deliver DarkVNC, a malicious version of the well-known VNC, designed to silently remote-control a victim.

<a href="http://lcamtuf.coredump.cx/afl/" target="_blank">American Fuzzy Lop (AFL)</a> is awesome. It’s easily the best thing out there for quickly doing cutting-edge fuzzing analysis on command line applications. But what about the situations where accessing…

iOS was updated to iOS 11.1.1 today. However, there will be iOS 11.1.1 jailbreak demo in POC2017 within 30 minutes!!

Nmap Cheat Sheet, learn Nmap commands, flags & real world exmaples allowing you to leverage the OG portscanner.

REDIRECTING TO THE NEW BLOG ... Hello Hunters,                         This time I am writing about a Vulnerability found in another ...

Hi phabricator,

I found an evil branch name of hg a repo can lead to arbitrary command injection on phabricator instance.

Here is the reproduction steps:
1. Monitor a remote mercurial repo with...

Geutebrueck_GCore_X64_RCE_BO
Metasploit module for Geutebrueck GCore "video management" system. Tested with version 1.3.8.42 and 1.4.2.37.
Full remote code execution with NT/System privileges on Wi...

one of videos I demonstrated on Code Blue 2017

the IDN: http://ebаy.com/

is a homograph for the latin ebay.com. if you click that first link, youm might think that you are going to ebay.com. in fact, you are going to a homograph url...