Security code reviews is a task that I do on a daily basis, and have been doing for the last thirteen and a half years. In this time, I have reviewed several hundred code bases, and have come acros…

LAST UPDATE: 2021-09-15

WARNING: this is a DIY-POC just for fun and the code is pure crap x-), btw my english sucks and I am a hardware noob.

This is the official post to ask about this project.

my evill mass storage its a USB DEVICE with the following…

During one of our engagements we were investigating a Microsoft 365 environment. My colleague Rik discovered that many SharePoint sites...

First steps with Flask and Static Code Analysis with Semgrep

Zerotier - Multiple vulnerabilities leading to identity hijacking and unauthorised private network access.

Describe the Bug The Bitwarden Desktop app automatically downloads updates and replaces its own code with those updates, without user intervention, which is then executed on the next launch of the ...

Find out how a vulnerability in macOS Finder system allows remote attackers to trick users into running arbitrary commands.

im an AOL hacker historian. no doubt about it. i remember intimate details about most of the major breaches that occurred between the mid 90s and 2000s. i was there and actively participating in most of it. america onlines security was being compromised nonstop.…

Examining a case when an AS experiences network degradation, we want to answer the following question: “How many AS’s in the same region would lose connectivity with Tier-1 operators and their global availability along with it?”

VMware vCenter Server updates address multiple security vulnerabilities