A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient. - OTRF/ThreatHunter-Playbook

List of awesome reverse engineering resources. Contribute to wtsxDev/reverse-engineering development by creating an account on GitHub.

PoC for CVE-2019-19844(https://www.djangoproject.com/weblog/2019/dec/18/security-releases/) - ryu22e/django_cve_2019_19844_poc

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, pas...

Proof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588) - Matheus-Garbelini/esp32_esp8266_attacks

Detection RCE technique with Burp suite.
I am useing regex for detection vulns and errors in response.
Regex: https://github.com/ghsec/webHunt/blob/master/ErrorsAndVulnsDetect.md
Payloads: https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/C…

A bug chain of HTTP Request Smuggling that led to account takeover

Iran’s retaliation for the United States' targeted killing of general Qassem Soleimani is likely to include cyberattacks, security experts warned.

US Government fears a new wave of cyber attacks as retaliation for the airstrike that killed Maj. Gen. Qassim Suleimani at the Baghdad airport in Iraq.

In emails and WhatsApp messages, Iranian telecom official tried to recruit US researcher.

Blogpost about Fuzzing JavaScript WebAssembly APIs using Dharma/Domato and example with Fuzzing V8 engine by Patrick Ventuzelo - Fuzzing Labs.

Ultimate Internet of Things/Industrial Control Systems reconnaissance tool. - woj-ciech/Kamerka-GUI

lateral movement techniques that can be used during red team exercises - Mr-Un1k0d3r/PoisonHandler