TL;DR:  Several ColdFusion/CFML tags and functions can process URLs as file path arguments -- including some tags and and functions that you...

Salesforce object access auditor. Contribute to nccgroup/raccoon development by creating an account on GitHub.

Humble Book Bundle: Cybersecurity 2021 from Packt

Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent - irsl/gcp-dhcp-takeover-code-exec

Standalone client for proxies of Windscribe browser extension - Snawoot/windscribe-proxy

Secure Vault for Customer PII/PHI/PCI/KYC Records. Contribute to securitybunker/databunker development by creating an account on GitHub.

This repository contains policy packs which can be used by system management software to configure device platforms (such as Windows 10 and iOS) in accordance with NCSC device security guidance. Th...

A simple guide explaining how to beat applicative-layer DDoS attacks using CrowdSec and Cloudflare.

A second massive LinkedIn breach reportedly exposes the data of 700M users, which is more than 92% of the total 756M users. The database ...

Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM - GitHub - ant4g0nist/ManuFuzzer: Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM

A lot has been written on the topic of detecting SSH honeypots in the past, usually using their canned responses against them, SSH protocol quirks, them accepting every password, etc. While experim…

Today we are excited to release oramfs, a simple, flexible, Free Software ORAM implementation for Linux written in Rust. It is designed to support different ORAM schemes and encryption ciphers. It …

A new large-scale attack targets Kubeflow and TensorFlow to mine Monero cryptocurrency in Kubernetes cluster environments.

Advisories, proof of concept files and exploits that have been made public by @pedrib. - PoC/cisco_ise_rce.md at master · pedrib/PoC

Proof-of-concept exploit code was published on Github on June 29, 2021 for a vulnerability (CVE-2021-1675) in Print Spooler.

This article is in no way affiliated, sponsored, or endorsed with/by Fidelis Cybersecurity. All graphics are being displayed under fair use for the purposes of this article.

Operation Eagle Eye
Who remembers that movie about 15 years ago called Eagle…

Posted in r/netsec by u/0xdea • 332 points and 49 comments

Hello . In this writeup, i will show you how i found a potential remote code execution (CVE-2019–13561) in the dlink dir-615 firmware.

On this episode we begin to talk about the difference between zero trust and zero knowledge, ransomware groups going dark for the moment and recent tactics and techniques.Eric Taylor | LinkedInTwitter: barricadecyberwww.barricadecyber.comShiva Maharaj | …