User enumeration with Microsoft Teams API. Contribute to immunIT/TeamsUserEnum development by creating an account on GitHub.

In this aerial photograph taken on October 10, 2005, the GCHQ of Government Communications Headquarters is located in a house and parking lot. David Goddard | Getty Images London — A lesser-known British company called Arqit is quietly preparing companies…

Risk Assessment of GitHub Copilot. GitHub Gist: instantly share code, notes, and snippets.

Practical Bypasses for MFA with Poor Implementations

Contribute to Piosec/Golconda development by creating an account on GitHub.

It looks like authentication, but is it really?

How BLS approaches Threat Matrices and how we’re improving their effectiveness within the community

A Golang tool to whitelist ASN's based on organization name - GitHub - jordanpotti/goAllowOrgs: A Golang tool to whitelist ASN's based on organization name

Join us two days before the conference for some pre-con training. Thats right! We are offering two in-person training courses this year; offensive and defensive.

This blog is an introduction for my newly released post exploitation / privilege escalation tool SharpImpersonation. The code base makes heavy use of Tokenva...

Network Analysis Tool. Contribute to odedshimon/BruteShark development by creating an account on GitHub.

This Powershell noscript is designed to be run on a supported (by Microsoft) Windows host. It checks for the most common issues that will prevent successful credentialed scans by Nessus.

This article explains the pre-auth remote code execution exploit against Kaseya VSA that was used in the recent REvil ransomware attack.

Sloth 🦥 is a coverage guided fuzzing framework for fuzzing Android Native libraries that makes use of libFuzzer and QEMU user-mode emulation - GitHub - ant4g0nist/Sloth: Sloth 🦥 is a coverage guide...

An online platform for learning and teaching cyber security, all through your browser.

This article on email security demonstrates how administrators can protect email from attackers impersonating its domain

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more - GitHub - aquasecurity/trivy: Find vulnerabilities, misconfigurations, secrets,...

The Schneider Electric electric car charging stations product line "EVlink" is affected by two vulnerabilities that allow a remote attacker to execute arbitrary commands on the system. Attackers can change the charging station configuration arbitrarily, charge…