convert secret patterns to gf compatible. Contribute to dwisiswant0/secpat2gf development by creating an account on GitHub.

Find Writable Shares. Contribute to oldboy21/RSMBI development by creating an account on GitHub.

This blog post details a technique for breaking Apache Commons Lang's RandomStringUtils and Java's random.nextInt(bound) when the bound is odd. A tool is released which demonstrates the practicality of the attack.

A brief analysis of the new loader malware distributed by Qakbot

These days, it seems that hardly a week goes by without at least one report of a data breach. A store may have had their credit card data stolen. A health insurance company may have lost the record…

Introduction NTFS is a filesystem developed by Microsoft that was introduced in 1993. Since then, it has become the primary filesystem for Windows. In recent years, the need for an NTFS...

This is a vulnerability I reported back in April, 2022

Here we are again with our new *potato flavor, the LocalPotato! This was a cool finding so we decided to create this dedicated website ;)

Black box fuzzer for web applications. Contribute to Brum3ns/firefly development by creating an account on GitHub.

Phylum discovers over 451 unique malicious packages targeting popular PyPI packages like Selenium.

Part 1: Linux auditd for Threat Detection [Part 1]

A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom. - GitHub - dwisiswant0/gfx: A wrapper around grep, to help you grep for things! - Improved version of gf ...

Small embedded cores have little area to spare for security features and yet must often run code written in unsafe languages and, increasingly, are exposed to the hostile Internet. CHERIoT  (Capability Hardware Extension to RISC-V for Internet of Things)…

HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP. - GitHub - Dec0ne/HWSyscalls: HWSyscalls is a new method to execute i...

Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory t...

Antivirus on Windows systems seems to be an essential since the beginning of time. Perhaps due to the large adoption of using Windows…

RCE with a plot twist.

Verified Security Tests. Contribute to preludeorg/test development by creating an account on GitHub.

TLDR; Red Team Engagement for a telecom company. Got a foothold on the company’s Network Monitoring System (NMS). Sorted reverse shell…

More than a month after the attack, the hospital apologized to patients whose data may have been stolen.