When a malware analyst gets a new malware sample to analyze, one of the first questions they might have, is what functions are called during the execution of the sample. To solve this problem, we can use any old debugger to walk through the sample manually…

Writeup of a tool for creating bitcoin stealing phishing clones of onion services on large scale

Given my interest in SCM and CI systems I was a little keen to see how this is done at Mozilla as part of their bug bounty program. Thanks to freddy I was granted Level 1 access to Mozilla’s SCM at hg.mozilla.org in late 2022. As Mozilla is a pretty transparent…

Summary A vulnerability in Roundcube’s markasjunk plugin allows attackers that send a specially crafted identity email address to cause the plugin to execute arbitrary code. Credit An independent security researcher, Selim Enes Karaduman, working with SSD…

A vulnerable password reset API made it possible to take over any account and gain admin-level access to the platform. In addition, broken/missing access controls made it possible to access all data on the platform.

Put yourself to the test with our unique CTF challenge and boost your AWS IAM knowledge. Do you have what it takes to win The Big IAM Challenge?

Posted by hack__dojo - 46 votes and 5 comments

A robust information gathering tool for large scale reconnaissance on Internet Relay Chat servers 🛰️ - internet-relay-chat/IRCP

In this detailed blog post, explore our in-depth analysis of H1 2023 vulnerabilities from various vendors, their impact, and the threat actors exploiting them.

2 patch bypasses found for severe MLflow LFI/RFI vulnerability
All patched in MLflow version 2.2.3
Protect AI’s vulnerability scanning and exploit tools updated with bypasses

Explore the intricacies of the OPC UA protocol in Part 3 of Team82's Deep Dive series. Understand the protocol's layers, messaging types, security features, and more in this comprehensive guide to OPC UA for unified OT communication.

# THIS DOC IS OLD, WE HAVE MOVED AGAIN Old doc, further conversation is happening at github due to l

In this post, the malware analysis process, as well as attacker activities and Indicators of Compromise (IoCs) are presented.

Weaponized HellsGate/SigFlip. Contribute to florylsk/SignatureGate development by creating an account on GitHub.

Contribute to nullsection/SharpETW-Patch development by creating an account on GitHub.

A mysterious user agent string in some Microsoft 365 audit logs offers clues for how to detect logins from legacy authentication protocols.

New technique to gather passwords from MSSQL by abusing linked servers through the ADSI provider

A multi-stage adversary-in-the-middle (AiTM) and business email compromise (BEC) attack targets banking and financial services organizations.

Hello, You may already be aware of this, but HiCA is injecting arbitrary code/commands into the certificate obtaining process and acme.sh is running them on the client machine. I am not sure if thi...