Spoof extensions help cybercriminals target users on trading forums as 130 devices still infected at time of writing.

As vulnerability researchers, our primary mission is to find as many vulnerabilities as possible with the highest severity as possible. Finding vulnerabilities is usually challenging. But could...

A novel way to reverse Javanoscript minification using LLMs.

Introduction This is the second part of the “A Deep Dive into Penetration Testing of macOS Application” blog series. In the first part, we learned about macOS applications and their structure and...

Introduction In this blog, we will discuss innovative rootkit techniques on a non-traditional architecture, Windows 11 on ARM64. In the prior posts, we covered rootkit techniques applied to a...

Ivanti has recently published an advisory for CVE-2023-38035. The vulnerability has been added to CISA KEV and is described as an authentication bypass in the Ivanti Sentry administrator interface.

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers...

Learn how to effectively hunt for identity-based risks and threats in your Snowflake deployment to enhance security and protect your data with Rezonate.

Our security researchers recently discovered two critical vulnerabilities in Moodle that leverage the use of not impactful bugs.

A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representations in Go. - dwisiswant0/ipfuscator

Background Modern cybersecurity operation centers significantly depend on two key elements: agent-based security solutions operating on desktops, laptops, and server operating systems, and a threat analysis system, often referred to as a Security Information…

This class teaches you how to exploit a race condition vulnerability leading to a use-after-free in the Kernel Transaction Manager (KTM) component of the Windows kernel.

This class teaches you some core concepts on the Windows operating system both in user and kernel lands.

A nostalgic journey back to the era of retro RPGs with a cyber twist in the theme of Die Hard - milosilo/hack_hard

Encrypted binaries, DNS exfiltration, and sophisticated attack chains hidden among a benign email validation tool.

Microsoft Excel a powerful spreadsheet tool you are not using to it's full potential to find attackers in your data

As part of our Continuous Automated Red Teaming and Attack Surface Management technology - the watchTowr Platform - we're incredibly proud of our ability to discover nested, exploitable vulnerabilities across huge attack surfaces.

Through our rapid PoC process…

We introduce a hybrid digital signature scheme based on two building blocks: a classically-secure scheme, ECDSA, and a post-quantum secure one, Dilithium. Our hybrid scheme maintains the guarantees of each underlying building block even if the other one is…