So slimy it belongs in the slime tree

/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to provide value to security practitioners, students, researchers, and hackers everywhere.
‎

Before starting, I would like to point out - I'm no expert. As far as I know, there isn't a

Reversing ESP8266 firmware for fun and secrets!

This article will give an overview of the basic Linux privilege escalation techniques. Different scopes will be explained like the kernel, the permission file...

Follow me on Twitter for more coming.
http://twitter.com/intent/follow/user?screen_name=vbarraquito

With the release of iOS 12.1 on October 30, Apple left NOT PROTECTED by passcode, easily accessible, YOUR CONTACT INFORMATION (your personal phone numbers…

Hi folks, It’s always pleasure to share some good stuff with you guys. The heading of the story may give you an idea that today I’m going…

Recorded at AppSecUSA 2016 in Washington, DC
https://2016.appsecusa.org/

Exploiting CORS Misconfigurations for Bitcoins and Bounties

Hear the story of how a specification’s innocent intentions toward security and simplicity mingled with Real World Code…

Red Alert 2.0 :New Android Banking Trojan .

HELLO FRIENDS

Dosto aaj m aapko iss video m btaonga ki "RED ALERT 2.0" kya hai.

Friends red alert ek trah ka maleware hai. ye hmaare bank ki saari information ko steal krke apne developer ko send kr deta hai.…

After a short twitter questionaire, I’m excited to announce a Remote Windows Kernel Programming class to be scheduled for the end of January 2019 (28 to 31). If you want to learn how to write…

Tool to make in memory man in the middle. Contribute to AMOSSYS/MemITM development by creating an account on GitHub.

Introduction

The document discusses various techniques for bypassing Web Application Firewalls (WAFs) using HTTP standards and web server behaviors, focusing on methods such as HTTP smuggling, payload mutations, and request encoding challenges. It highlights the effectiveness…

An attacker can deface various pages on catalog.data.gov, leading to them executing malicious JavaScript when visited by a normal user.

The root problem is that the server trusts the...

Hello Everyone,

Master passwords and faulty standards implementations allow attackers access to encrypted data without needing to know the user-chosen password.

WiFi HID Injector - An USB Rubberducky / BadUSB On Steroids. - whid-injector/WHID