POC for CVE-2022-1388. Contribute to horizon3ai/CVE-2022-1388 development by creating an account on GitHub.

CVE-2022-1388 is a critical vulnerability (CVSS 9.8) in the management interface of F5 Networks’ BIG-IP solution.

Microsoft coined the term “human-operated ransomware” to clearly define a class of attack driven by expert human intelligence at every step of the attack chain and culminate in intentional business disruption and extortion. In this blog, we explain the ransomware…

Go on a journey with Oddvar Moe as he uses his legacy knowledge to abuse pre-created computer accounts that could potentially let you escalate privileges.

Continuing to walk down Linux Kernel exploitation lane. This time around with an unanticipated topic: DirtyPipe as it actually nicely fits the series as an example.

In this blog post, we’ll dive into a recently patched Active Directory Domain Privilege Escalation vulnerability that I reported through…

A new underground phishing-as-a-service (PaaS) called "Frappo" has been detected on the dark web by security researchers at Resecurity Hunter.

SaaS vanity URLs can be spoofed and used for phishing campaigns and other attacks. In this article, we’ll showcase two Box link types, two Zoom link types, and two Google Docs link type that we were able to spoof.

Comprehensive Performance Testing Platform. Available on CLI, Self-Hosted, and Cloud - https://ddosify.com 🚀 - GitHub - ddosify/ddosify: Comprehensive Performance Testing Platform. Available on CLI...

Rapid7 discovered and reported a vulnerability that affects Zyxel firewalls supporting Zero Touch Provisioning (ZTP), identified as CVE-2022-30525.

Do you ever wonder about the vulnerabilities you've missed? Why didn't they show themselves - and will they be discovered by somebody else later? Certain vulnerabilities have a knack for evading audit

Three major trends, Kubernetes security, cloud security, and supply chain attacks, keep on the rise and on everyone's radar at Blackhat.

Posted in r/netsec by u/CyberMasterV • 59 points and 0 comments

Flutter Reverse Engineering Framework. Contribute to Impact-I/reFlutter development by creating an account on GitHub.

A while ago I was browsing the Python bug tracker, and I stumbled upon this bug - “memoryview to freed memory can cause segfault”. It was created in 2012, originally present in Python 2.7, but remains open to this day, 10 years later. This piqued my interest…

A Hacker's Blog of Unintended Use and Insomnia.

A little bit less hackish way to intercept and modify non-HTTP protocols through Burp & others. - GitHub - cyberark/MITM_Intercept: A little bit less hackish way to intercept and modify non...

How to work with stolen IAM credentials and things to consider.

NCC Group has developed a tool for conducting a new type of BLE relay attack operating at the link layer, for which added latency is within the range of normal GATT response timing variation, and which is capable of relaying encrypted link layer communications.…