In this blog post, we will be operating under the assumption that you have retrieved a Windows kernel rootkit sample and want to breakpoint…

mx-takeover focuses DNS MX records and detects misconfigured MX records. - GitHub - musana/mx-takeover: mx-takeover focuses DNS MX records and detects misconfigured MX records.

My new friend Gundiuc Oleg reached out to me regarding an older blog post I wrote about permanently changing MAC addresses on NICs. Gundiuc was targeting the AX88772B chipset on USB ethernet adapters. If you’re interested in following along, I used this USB…

The Mosque-Cathedral of Córdoba is a chronicle of

This article looks at modifying Tailscale clients to disable inbound firewalling, and an interesting environment variable leakage through a built in API.

A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container.
This vulnerability exists because the health check RPM opens TCP port…

Check if your provider is blocking you! Contribute to Peco602/findwall development by creating an account on GitHub.

Bonita Web 2021.2 is affected by an authentication/authorization bypass vulnerability in the API authorization filters.

Take domains on stdin and output them on stdout if they get resolved - thelicato/fire

Finding vulnerabilities in Windows drivers was always a highly sought-after prize by sophisticated threat actors, game cheat writers and red teamers. As you probably know, every bug in a driver...

Network printers have been featured for the first time at Pwn2Own competition in Austin 2021.

Story background CTO of cloud-native security company Isovalent announced that their eBPF-based Security Observability and Runtime Enforcement solution Tetragon (WayBackMachine 20220516) become open source after years of development in May 16 2022.

In this section, we'll look at how design issues and flawed handling of JSON web tokens (JWTs) can leave websites vulnerable to a variety of high-severity ...

Tenable has discovered a privilege escalation flaw that allows a user to escalate privileges to that of the root user in Azure Synapse.

CSRF (Cross-Side-Request-Forgery) vulnerabilities are with us since the beginning of the web. However, things are highly changed since…

The difficult relationship between nihilism, cybersecurity professionals and Being-A-Dick behaviour

bevigil-cli provides a unified command line interface and python library for using BeVigil OSINT API. - GitHub - Bevigil/BeVigil-OSINT-CLI: bevigil-cli provides a unified command line interface and...

NGINX is the most popular web server in the planet and in this post, we will analyse their error logging in detail.

Browser extension to spoof timezone, geolocation, locale and user agent. - GitHub - vytal-io/vytal-extension: Browser extension to spoof timezone, geolocation, locale and user agent.

The use of an unconventional programming language, multiple target devices and possible entry points, and affiliation with prolific threat activity groups have made the BlackCat ransomware a prevalent threat and a prime example of the growing ransomware-as…