Learn how to use Burp Suite's web scanner and crawler tools for identifying vulnerabilities and mapping web applications now.

In this stream I went through the process of C# source code modification, and reflective loading of C# Assemblies from Powershell. Afterwards, two public reflective PE-Loaders and the use-case with examples were shown. In the very end unhooking + ETW patching…

#ESETresearch discovered a trojanized IDA Pro installer, distributed by the #Lazarus APT group. Attackers bundled the original IDA Pro 7.5 software developed by @HexRaysSA with two malicious components. @cherepanov74 1/5

Golden Guide. Contribute to 0xCGonzalo/Golden-Guide-for-Pentesting development by creating an account on GitHub.

CVE-2021-35042: Potential SQL injection via unsanitized QuerySet.order_by() input. Unsanitized user input passed to QuerySet.order_by() could bypass intended column reference validation in path marked for deprecation resulting in a potential SQL injection…

مرجع دانلود دوره های تست نفوذ و امنیت

## Summary:
`customerAccessTokenCreate` mutation in the Storefront API does not correctly throttle login attempts. An issue in similar report https://hackerone.com/reports/708013 was already fixed,...

Video walk-through for the Web Challenge called "Naughty or Nice" from Day 5 of the HTB "Cyber Santa is Coming to Town" Capture The Flag event that was going on from December 1st to December 5th 2021.
#hackthebox #CTF #SANTA #santa #cyber #web #challenges…

sudo grep -r '${jndi:ldap://' /var/log sudo egrep -i -r '\$\{jndi:(ldap[s]?|rmi)://' /var/log #log4j #log_4jrce #RCE #apache

Restricts access to LDAP via JNDI.

[Bad news] Ransomware has landed on #log4j2 RCE

Background JFrog security research team (formerly Vdoo) has recently disclosed a code injection issue in one of the utilities shipped with TensorFlow, a popular Machine Learning platform that’s widely used in the industry. The issue has been assigned to CVE…

A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0. - icyguider/DumpNParse