Read Excel Spreadsheets (XLS/XLSX) using Cobalt Strike's Execute-Assembly - GitHub - OG-Sadpanda/SharpExcelibur: Read Excel Spreadsheets (XLS/XLSX) using Cobalt Strike's Execute-Assembly

Read the contents of DOCX files using Cobalt Strike's Execute-Assembly - GitHub - OG-Sadpanda/SharpSword: Read the contents of DOCX files using Cobalt Strike's Execute-Assembly

Inject JavaScript to explore native apps on Windows, macOS, GNU/Linux, iOS, Android, and QNX

Penetration Tester | Ethical Hacker | Web Application Security

CNT hit by RansomEXX ransomware. Customer and corporate data compromised and hosted on the breached website. 190 GB of data supposedly stolen...

Q&A with one of the richest bug bounty hunters in the world, Cosmin who made over $2M in bug bounties. What is his advice for the new bug bounty hunters?

NSO Group claims that its Pegasus spyware is only used to “investigate terrorism and crime” and “leaves no traces whatsoever”. This Forensic Methodology Report shows that neither of these statements are true. This report accompanies the release of the Pegasus…

Advisories, proof of concept files and exploits that have been made public by @pedrib. - PoC/tibco_tdv_rce.md at master · pedrib/PoC

free cyber resources from around the internet

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise. - mvt-project/mvt

NSO Group’s spyware has been used to commit human rights violations around the world on a massive scale, according to a major investigation into the leak of 50,000 phone numbers of potential surveillance targets. These include heads of state, activists, civilians…

HelloKitty group targeting "a known, previously patched, vulnerability" SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware reported by CISA...

ETS5 Password Recovery Tool is a PoC for CVE-2021-36799 - robertguetzkow/ets5-password-recovery

Amnesty International said its analysis indicates all current iPhone models and iOS versions are vulnerable to attack by NSO Group's software.

Artwork Archives 421GB data including names, email, & sales agreements were compromised after IT security researchers from WizCase discovered a misconfigured AWS S3 Bucket affecting 7K customers...

Http request smuggling vulnerability scanner. Contribute to Sh1Yo/request_smuggler development by creating an account on GitHub.

This blog introduces a new information stealer, written in Rust and interestingly named FickerStealer. In this blog post, we provide an in-depth analysis of this new threat and its obfuscation...

This is the third part of a blog about putting a WiFi router into a phone charger; (see part zero here, see part one here) and feel free to…

A beacon generator using Cobalt Strike and a variety of tools. - GitHub - capt-meelo/Beaconator: A beacon generator using Cobalt Strike and a variety of tools.