The ptrace() system call provides the unique functionality under many *nix systems allowing a process to examine the data, and control the execution of, another running process. This includes the a…

Browsing to a simple URL to an sftp URI allows bypasses socks proxy for DNS and browsing.
Tested on a clean install of Ubuntu 16.04 with TBB 7.0.2 (4097d43aa0be86ae3fe43ec8f3ac5394) download from...

Hi phabricator,

I found an evil branch name of hg a repo can lead to arbitrary command injection on phabricator instance.

Here is the reproduction steps:
1. Monitor a remote mercurial repo with...

Hi guys!

JSON POST parameter "docId" is vulnerable to Blind SQL Injection attack

PoC (Raw query)

POST /_vti_bin/RatingsCalculator/RatingsCalculator.asmx/CalculateRatings HTTP/1.1
User-Agent:...

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑 - We5ter/Scanners-Box

## Summary
The https://cn-sjc1.uber.com/rt/users/apply-clients-promotions customer endpoint used to apply Uber promotions does not implement multifactor authentication, IP address blacklisting for...

## Summary
The https://cn-sjc1.uber.com/rt/users/apply-clients-promotions customer endpoint used to apply Uber promotions does not implement multifactor authentication, IP address blacklisting for...

Security consulting and pentesting by proven security experts.

Leading source of Security Tools, Hacking Tools, CyberSecurity and Network Security ☣

Test your knowledge of cybersecurity terms and concepts with our crossword puzzle.

This week I took a break from SYSTEM chasing to review some anti-debugging techniques. With quite a few Bug Bounty programs available relying on client-side applications, I thought I'd share one of the techniques used by numerous security products (and apparently…

https://media.ccc.de/v/34c3-8936-1-day_exploit_development_for_cisco_ios



Year 2017 was rich in vulnerabilities discovered for Cisco networking devices. At least 3 vulnerabilities leading to a remote code execution were disclosed. This talk will give an…