A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark. - GitHub - karimhabush/cis-vsphere: A tool to assess the compliance of a VMware vSphere environment agains...

Posted in r/netsec by u/gquere • 15 points and 1 comment

Improving software memory safety is a key security objective for engineering teams across the industry. Here we begin a journey into the XNU kernel at the core of iOS and explore the intricate work our engineering teams have done to harden the memory allocator…

One of the things I like to do on this blog is write about new research that has a practical angle. Most of the time (I swear) this involves writing about other folks’ research: it’s no…

An Analysis of Remote Code Execution Vulnerability CVE-2022–34718

Spartacus DLL Hijacking Discovery Tool. Contribute to Accenture/Spartacus development by creating an account on GitHub.

EDR or Endpoint Detection and Response refers to an integrated endpoint security solution which continuously monitors end-point user's devices and try to prevent anomalies like Malware, Ransomware by using automated rule based response method.

Introducing Dastardly - a free, lightweight web application security scanner for your CI/CD pipeline, from the makers of Burp Suite. Secure web development ain't easy Ensuring your code is written sec

Table of Contents

TL;DR A vulnerability in the Galaxy Store allows attackers through an XSS to cause the store to install and/or launch an application, allowing […]

Preparing for increasing cyber attacks and enhanced regulatory obligations

With the release of iOS 16 and MacOS Ventura, we are now in the age of passkeys. This is happening through WebAuthn, a specification written by the W3C and FIDO with the involvement of all of the major vendors such as Google, Mozilla, etc. The basic premise…

By James Forshaw, Project Zero I've been spending a lot of time researching Windows authentication implementations, specifically Kerberos. I...

Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets - GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across a...

A critical vulnerability has been discovered in current versions of OpenSSL and will need to be patched immediately.

Automated pentest reporting with custom Word templates, project tracking, and client management tools. Streamline your security workflows effortlessly! - APTRS/APTRS

Watch the latest awesome security talks around the globe - GitHub - TalEliyahu/awesome-cybersecurity-conferences: Watch the latest awesome security talks around the globe

PrologueIn the last blog post, we understood what it is a callback routine, how to get basic information from user mode and for the finale created a driver t...