Moodle remote code execution vulnerability.

Credit : https://github.com/HoangKien1020/

Vulnmachines - Learning Place for Security Enthusiast
Vulnmachines is online cyber security training platform with a massive number of labs, allowing individuals, students…

Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems. But roughly two week ago, VIP72's online storefront…

Code for NDSS' 19 paper: A Systematic Framework to Generate Invariants for Anomaly Detection in Industrial Control Systems - cfeng783/NDSS19_InvariantRuleAD

On July 30, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability that we discovered in Booster for WooCommerce, a WordPress plugin installed on over 80,000 sites. This flaw made it possible for an attacker…

A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability) - lntrx/CVE-2021-28663

PHP get_headers ssrf vulnerability : CVE-2020-7066

PHP could allow a remote attacker to obtain sensitive information, caused by an issue when the get_headers() silently truncates anything after a null byte in the URL it uses. By persuading a victim to visit…

Contribute to sans-blue-team/DeepBlueCLI development by creating an account on GitHub.

Almost four months after a ransomware attack on the Irish health service, disruption remains.

Posted by 5skandas - 1,585 votes and 316 comments

🧪 Get access to hands-on labs: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw


This video is an explanation of $7,500 vulnerability reported to Valve bug bounty program. The bug allowed…

In this video we walk through how a security researcher named Augusto Zanellato was able to discover a GitHub Personal Access Token (PAT) that had read/write access to private Shopify repositories, and earned them a $50,000USD bounty!

You can read the report…

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management - OWASP/Nettacker

Simple noscript to detect CVE-2021-40444 URLs using oletools - detect_CVE-2021-40444.py

Threat intel on court.docx (MD5 55998cb43459159a5ed4511f00ff3fc8)

LifeLong Medical Care and Queen Creek Medical Center were both hit with ransomware attacks over the past year.

Template Injection in Email Templates leads to code execution on Jira Service Management Server - PetrusViet/CVE-2021-39115