Introduction Several vulnerabilities with the popular ASP.NET web application add-on Telerik UI for ASP.NET AJAX have become a frequent source of “easy-wins” for operators at BLS. Discovery and exploitation are usually straightforward, and they result in…

Introduction In this blog series, we will cover the topic of rootkits — how they are built and the basics of kernel driver analysis — specifically on the Windows platform. In this first part, we...

Every week, almost without fail, I come across one thing that confuses, entertains, or most commonly infuriates me. I’ve decided to keep a…

This blog post will untangle the question of 'who has access to what' in an Azure Active Directory environment. A PowerShell tool will also be released to automatically enumerate this.

An Evil OIDC Server. Contribute to doyensec/oidc-ssrf development by creating an account on GitHub.

Some time ago I was using Logic Pro to record some of my music and I needed a way to start and stop the recording from an iPhone, so I found about Logic Remote and was quite happy with it.After the se

FullHunt released an update to Log4J-Scan to detect Apache Commons Text RCE (CVE-2022-42889).Detecting Apache Commons Text RCE (CVE-2022-42889)The Apache Com...

A framework for OAuth 2.0 device code authentication grant flow phishing.

Source code and examples for Antignis. Contribute to huntandhackett/Antignis development by creating an account on GitHub.

IBM Security X-Force Red analyzed the Google Cloud Platform (GCP) and found a potential method an attacker could use to persist in GCP via the Google Cloud Shell. Unpack the findings.

IntroductionBack in April, I found a 0-day vulnerability in the Linux kernel and exploited it on Google’s kCTF platform.I reported the bug to Linux kernel security team and helped them fix the vulnera

The configuration of supported groups in TLS servers is important to limit
the resource consumption of the TLS handshakes performed by the server. …

Automation to assess the state of your M365 tenant against CISA's baselines - GitHub - cisagov/ScubaGear: Automation to assess the state of your M365 tenant against CISA's baselines

Collect information of internet-connected sandboxes, no backend needed.

JFrog's new Xray Secrets Detection uncovered active access tokens in some of the most common open-source software registries, like Docker and PyPl. Get the findings.

Web browsers, our extensive gateway to the internet. Browsers today play a vital role in modern organizations as more and more software applications are delivered to users via a web browser in the form of web applications. Pretty much everything you might…

FIDO2 (WebAuthn) and FIDO U2F platform library for Linux written in Rust; includes a proposal for a new D-Bus Portal interface for FIDO2, accessible from Flatpak apps and Snaps 🔑 - GitHub - AlfioEm...

Python3 terminal application that contains 260+ Neo4j cyphers for BloodHound data sets - GitHub - fin3ss3g0d/cypherhound: Python3 terminal application that contains 260+ Neo4j cyphers for BloodHoun...

Legitimate remote access tools are more and more part of threat actors toolbox: in order to gain remote access on targets, keep persistence, deploy malicious payload as well as leveraging trusted conn