Grab a copy of Mscan, and launch it on the air-gapped Windows machine. Mscan is a simple VirusTotal lookup tool,
with a pretty unusual feature: it supports malware checks on air-gapped computers, through the use of high-density QR codes.
It requires no…

Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.

Userland API Unhooker Project. Contribute to frkngksl/Celeborn development by creating an account on GitHub.

In this article, we'll examine how effective CET is at mitigating real-world exploits that make use of ROP or stack based buffer overflow vulnerabilities.

Hi, I’m stypr (@stereotype32) from Flatt Security Inc. As I mentioned earlier in the previous article「Flatt Securityは“自分のやりたいことが実現できる”場所／セキュリティエンジニア stypr - Fla…

Libraries and tools to perform fully homomorphic encryption operations on an encrypted data set. - GitHub - google/fully-homomorphic-encryption: Libraries and tools to perform fully homomorphic enc...

When self study for OSCP certification,I stumble upon HTB machine that have CVE-2019-17420 vulnerability. I look for public exploit and there was one written in python. As challenge for me self was to recreate this exploit in golang. So lets get started.

Penetration testing, one of the great aspects of cybersecurity, working in different projects will increase your contact with large and…

iosiro identified a critical bug in the fixed-interest-rate lending protocol 88mph. The bug was reported to 88mph through Immunefi for a bounty of $42,069. This blog post details the bug and the disclosure process.

Threat investigation methods the SOC can use to deal with stolen AWS credential, Okta SuperHuman activity, phishing attempts and malicious email alerts.

At Elastic, we’ve been working closely with the team at Prelude to help security teams of all skill levels, arming all analysts and red teams alike. Learn how teams can use Prelude Operator in conjunc...

This is the second part of a blog about putting a WiFi router into a phone charger; please see part zero here and feel free to join our…

Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.

Posted in r/netsec by u/0xdea • 1 point and 0 comments

Posted in r/netsec by u/root_at_remote_host • 1 point and 0 comments

Active Directory Certificate Services (ADCS) have never really been under security scrutiny until a few years ago (by C. Falta and later Q&D Security). We will therefore focus today on how similar techniques can be used to gain Domain Admins privileges.

In this article we will dive into Network Traffic visualization using the Python programming language, Wireshark and Google Maps. This…

CVE/Research Publications. Contribute to 1d8/publications development by creating an account on GitHub.