I want to start with article by saying I set out to learn Kerberos in greater detail and I figured that writing this would help cement my existing knowledge and give me reason to learn along the way, I am no Kerberos expert I am simply learning as I go along…

Amazon's Live Hacking Event with HackerOneAt Amazon, ensuring security is essential for earning customers’ trust. As part of Amazon’s ongoing public Vulnerability Research Program (VRP), Amazon expanded its support of security and education programs to tap…

Most people think that Honeypots are used to understand how attackers attack systems and networks. This is only one aspect of honeypots. Honeypots are actually an excellent method for intrusion detection and, when properly implemented, significantly reduce…

Unveiling a scheme flooding vulnerability across major browsers. Learn how it threatens anonymous browsing.

Executes position independent shellcode from an encrypted zip - GitHub - jfmaes/SharpZipRunner: Executes position independent shellcode from an encrypted zip

Yara rules. Contribute to ruppde/yara_rules development by creating an account on GitHub.

I found *files.slack.com* domain will honor the **X-Forwarded-Host** header, instead of host header. Although file.slack.com has host validation to return 500 Internal server error when host is not...

Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls on their behalf. - BC-SECURITY/Invoke-ZeroLogon

Automatically add headers to all Burp requests to bypass basic WAF rules

DiVA portal is a finding tool for research publications and student theses written at the following 50 universities and research institutions.

In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Kc Udonsi and Yazhi Wang of the Trend Micro Research Team detail a recent code execution vulnerability in the Microsoft Internet Information Services (IIS) for Windows.…

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️ - bee-san/pyWhat

Hello everyone, today I will be talking about one of the critical bug which I found on the BBC website which is bypassing the admin portal…