What does a malicious package actually look like in practice? We'll walk through some hypothetical exercises to see how malware generally works, and what sort of functions we might expect, from relatively simple and temporary, to complex.

Anomaly detection engineering based on ubiquitous Zipfian distribution in enterprise security telemetry.

Redeye is a tool intended to help you manage your data during a pentest operation - redeye-framework/Redeye

The Internet of Gas Station Tank Gauges:

I thought I knew all the ways to call functions without parentheses: alert`1337` throw onerror=alert,1337 Function`x${'alert\x281337\x29'}x``` 'alert\x281337\x29'instanceof{[Symbol['hasInstance']]:eva

Massayo is a small proof-of-concept Rust library which removes AV/EDR hooks in a given system DLL - GitHub - thiagopeixoto/massayo: Massayo is a small proof-of-concept Rust library which removes AV...

This month, Let’s Encrypt is turning on new infrastructure to support revoking certificates via Certificate Revocation Lists. Despite having been largely supplanted by the Online Certificate Status Protocol for over a decade now, CRLs are gaining new life…

Linux kernel Under x86/amd64 architecture, Linux kernel is usually packed into bzImage format, which contains a partially-filled data structure for boot parameter, and multiple entry points of stages for 16-bit real mode, 32-bit protected mode, and 64-bit…

Introducing CloudFox, a command line security tool created to help offensive security professionals find exploitable attack paths in cloud infrastructure.

Cymulate recently uncovered an abuse risk in Google Cloud Platform's 'google-guest-agent'. Here is the roadmap to that discovery.

In my last post I talked about a way I found to execute arbitrary code in Unity using no custom noscripts, only built-in components. This allowed potential attacks against Unity games that load AssetBundles from untrusted sources since, although AssetBundles…

In this post I describe a somewhat unique Android kernel exploit, which utilizes the TrustZone in order to compromise the kernel.

Brute-force protections – designed to protect against attacks like password guessing – need to be carefully pitched and have associated pros and cons. Many popular protections these days rely upon monitoring and blocking malicious activity based on source…

If it was possible to nominate a command-line utility for an award, PsExec would definitively win the most useful category. This tool allows

Contribute to Accenture/Codecepticon development by creating an account on GitHub.

By Fredrik Dahlgren, Staff Security Engineer In October 2019, a security researcher found a devastating vulnerability in Tornado.cash, a decentralized, non-custodial mixer on the Ethereum network. …

A real ninja leaves no traces.

Get more information about the detailed vulnerability analysis - Read latest Advisory!