This is the fifth and final installment about designing a WiFi router into a phone charger for security, pentesting and red teaming; (part…

I thought I was out of the security game for a while now and that my interests have moved on to other fields. Last week I came back from an…

Find out how a vulnerability in macOS Finder system allows remote attackers to trick users into running arbitrary commands.

In this section, we'll build on the concepts you've learned so far and teach you some more advanced HTTP request smuggling techniques. We'll also cover a ...

How I Cracked 70% of Tel Aviv’s Wifi Networks (from a Sample of 5,000 Gathered WiFi). In the past seven years that I’ve lived in Tel Aviv, I’ve changed apartments four times. Every time I...

Gain robust hacking skills with these courses.

This reverse engineering challenge is about obtaining the password of the targetapplication.Download the the bundle (Windows / Linux / MacOS): https://cytres.com/re_mmxi.zipIf you solved the challenge, apply your solution to info@cytres.comHall of fame:1.…

On why It's not possible to isolate Python code when running it in the same interpreter

Calling all Cyber Defenders. Enter our Cybersecurity Giveaway now for your chance to win a training and exam bundle to get you ready for either Cisco Certified CyberOps Associate, CyberOps Professional or CCNP Security certifications.

How to exploit a double free vulnerability in 2021. 'Use After Free for Dummies' - GitHub - stong/how-to-exploit-a-double-free: How to exploit a double free vulnerability in 2021. &...

Container security best practices include the full component stack used for building, distributing, and specifically executing the container.

We recently discovered critical security issues in the popular CI/CD solution GoCD that can be exploited by unauthenticated attackers

Home of the Advanced Persistent Tortellini - aka APTortellini, an Italian collective of hackers publishing technical research regarding offensive security.

Posted by James Forshaw, Project Zero This blog post is a summary of some research I've been doing into relaying Kerberos authentica...

This article has been written for a technical audience.

We found a new Java gadget chain in the Mojarra library, one of the most used implementation of the JSF specification.

Here at SecureAuth, we’re excited to announce the release of the latest version of Impacket, our collection of Python classes for working with network protocols, and much more.  Impacket release 0.9.24 is available today and includes a lot of new features…

Here's a deep dive into what high severity alert known as CVE-2021-25742 really is and what it means for today’s organizations.

Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks.

Microsoft found a vulnerability (CVE-2021-30892) that could allow an attacker to bypass System Integrity Protection (SIP) in macOS. We shared our findings with Apple via coordinated vulnerability disclosure, and a fix was released October 26.