A new shellcode injection technique. Given as C++ header or standalone Rust program. - GitHub - Idov31/FunctionStomping: A new shellcode injection technique. Given as C++ header or standalone Rust ...

Application security issues found by Assetnote

We explore the history of image unblurring and present a simple yet effective technique to get a high-resolution image from a pixelated video in order to recover redacted information (with no guessing involved).

In September '21, I came across this story  "Swiss Post Offers up to €230,000 for Critical Vulnerabilities in e-Voting System" while catchi...

Posted in r/netsec by u/k3nfr4 • 0 points and 1 comment

TrustedSec's blog is an expert source of information on information security trends and best practices for strategic risk management.

Posted in r/netsec by u/lormayna • 630 points and 166 comments

Posted in r/netsec by u/TheSwedishChef24 • 1 point and 0 comments

Exploit for CVE-2021-4034. Contribute to Ayrx/CVE-2021-4034 development by creating an account on GitHub.

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation - GitHub - ly4k/PwnKit: Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

a file-sharing tool that allows you to find the responsible person in case of a leakage - GitHub - utkusen/wholeaked: a file-sharing tool that allows you to find the responsible person in case of a...

Research and tooling development around the ESC7 attack at Active Directory Certificate Services (AD CS) for Red Team operations

Perfect wordlist for discovering directories and files on target site - GitHub - aels/subdirectories-discover: Perfect wordlist for discovering directories and files on target site

Little Snitch is a host-based firewall for macOS, used for monitoring and restricting egress network traffic.

Varonis has observed the ALPHV (BlackCat) ransomware, actively recruiting new affiliates and targeting organizations across multiple sectors worldwide.

Pwnkit is a vulnerability that uses a bug in polkit to elevate permissions to root. This write-up shows how to reproduce it using Ubuntu and what to do to check whether a system is vulnerable.
What went wrong? Quoting from the original researchers:
This…

With FaPro, you can create a virtual network and simulate several different devices in it with a single command.

$100,500 Apple Bug Bounty for hacking the webcam via a Safari Universal Cross-Site Scripting (UXSS) bug. CVE-2021-30861, CVE-2021-30975