🔐 A CLI tool to extract server certificates. Contribute to Hakky54/certificate-ripper development by creating an account on GitHub.

Demonstrates why it's not safe to download random save files from the Internet - swoops/video-game-save-file-trojans

Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations - GitHub - mlcsec/ASRenum-BOF: Cobalt Strike BOF that identifies Attack Surface Reduction (A...

(A Script that Solicits GPT-3 for Comments on Decompiled Code)

I was recently rewarded a total of $107,500 by Google for responsibly disclosing security issues in the Google Home smart speaker that allowed an attacker within wireless proximity to install a “backdoor” account on the device, enabling them to send commands…

A tool to monitor for potential spear phishing domains and send to Slack. - GitHub - hazcod/dnstwist: A tool to monitor for potential spear phishing domains and send to Slack.

We recently discovered a new ransomware variant, which performs MSDTC service DLL Hijacking to silently execute its payload. We have named this ransomware CatB, based on the contact email and performed an analysis on how it works.

Redirecting….

We're excited to announce that Matano now supports managed log sources from

Pwning the source prompts of Notion AI, 7 techniques for Reverse Prompt Engineering... and why everyone is *wrong* about prompt injection

Introduction This post, as indicated by the noscript, will cover the topic of writing Windows kernel drivers for advanced persistence. Because the subject matte...

Information and PoC about the ENLBufferPwn vulnerability - GitHub - PabloMK7/ENLBufferPwn: Information and PoC about the ENLBufferPwn vulnerability

Years ago, entrepreneurs and innovators predicated that “software would eat the world”. And to little surprise, year after year, the world has become more and more reliant on software solutions. Often times, that software is (or indirectly depends on) some…

Welcome to the third and final installment of the “Chrome Browser Exploitation” series. The main objective of this series has been to provide an introduction to browser internals and delve into the topic of Chrome browser exploitation on Windows in greater…

computer security evaluation tool

Join the Architecture Notes CTF and test your system design skills against participants from around the world. Solve challenges in distributed systems, web security, and more. Open to all skill levels.

Happy holidays 🕎/🎅 and (almost) happy new year!
This week I presented my LuaJIT journey at the DEFCON-Groups meetup(@dc9723):

Yesterday I shared my LuaJIT journey at @dc9723 group. Thanks for everyone who attended :DCurrently working on the last blogpost…

An open source machine learning framework that accelerates the path from research prototyping to production deployment.

Utility to find hidden Linux kernel modules. Contribute to jafarlihi/modreveal development by creating an account on GitHub.