Vulnerable version of WordPress that is provided monthly. - GitHub - onhexgroup/Vulnerable-WordPress: Vulnerable version of WordPress that is provided monthly.

a tool to help operate in EDRs' blind spots. Contribute to naksyn/Pyramid development by creating an account on GitHub.

Learn to monitor, detect and enforce the runtime security using eBPF-based Cilium Tetragon in the Kubernetes Clusters - Kubernetes Goat Scenario 🚀

Use Kyverno policy engine to validate, mutate, generate the Kubernetes cluster resources. We create policies to prevent insecure patterns and build secure guardrails - Kubernetes Goat Scenario 🚀

In this post we will discuss how to set up honeypots to catch some nasty Threat Actors!

Programs that can collect the user credentials for Google Chrome, Mozilla Firefox and Microsoft Edge and decrypt them then save the decrypted output to .txt files - Lukey J

Why Do I Need an Implant?

Trustwave SpiderLabs uncovered a new strain of malware that it dubbed Rilide, which targets Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and Opera.

New Golang-based malware we have dubbed GoBruteforcer targets web servers. Golang is becoming popular with malware programmers due to its versatility.

The document, part of a cache of leaks recently circulated on the internet, suggests the hackers had the ability to cause an explosion and sought instruction from the FSB.

Last year, we published a blog post discussing an attack where a malicious actor hijacks Arch User Repository (AUR) vulnerable packages by registering expired domains.

This post provides an overview of hacking play-to-earn blockchain games and common security pitfalls affecting P2E. It explains in detail how several vulnerabilities were discovered in a P2E game named Manarium.

SourceGPT - prompt manager and source code analyzer built on top of ChatGPT as the oracle - SourceGPT/use_cases at main · NightmareLab/SourceGPT

👻Stowaway -- Multi-hop Proxy Tool for pentesters. Contribute to ph4ntonn/Stowaway development by creating an account on GitHub.

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more - GitHub - edoardottt/awesome-hacker-search-engi...

Microsoft analyzes a threat group tracked as DEV-0196, the actor’s iOS malware “KingsPawn”, and their link to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infrastructure…

Running An Adversary Emulation Exercise Adversary emulation can take many forms, but it will always have the same end goal. Helping companies come away knowing how to defend themselves better. You can bypass every defense and find every flaw but if they don’t…

Besides conducting penetration tests, we also attend to maintenance tasks of our internal infrastructure in order to have all systems being involved in our everyday work meet our specified requirements. One of these systems is the printer that we use …