toolkit for python reverse engineering. Contribute to Fadi002/de4py development by creating an account on GitHub.

CVE-2023-5043, CVE-2023-5044 and CVE-2022-4886 can be exploited by attacker to steal secret credentials from the cluster. Read all about it!

While poking around Parallels Desktop I found a noscript which is invoked by a setuid-root binary, which has the following snippet: local prl_dir="${usr_home}/Library/Parallels" if [ -e "$prl_dir" -a ! -d "$prl_dir" ]; then log warning "'${prl_dir}' is not…

Uncover the steps to hack WiFi passwords using Hashcat. This guide provides a comprehensive walkthrough, from dictionary attacks to brute-force attack

Latest: 4/02/24 version: 0.9.9 First published 10/26/23. Shiny new things Inverting DNN models with a framework A threat intelligence update to the ML Pipeline Attacks on Ray Updates to repeated tok…

One interesting thing about the contrast between infrastructure and security is the expectation of open-source software. When a common problem arises we all experience, a company will launch a product to solve this problem. In infrastructure, typically the…

Personal blog of Julien (jvoisin) Voisin

At HackerOne, we are combining human intelligence with artificial intelligence at scale to improve the efficiency of people and unlock entirely new capabilities.

NetSupport Manager is one of the oldest third-party remote access tools still currently on the market with over 33 years of history. This is the first time we will report on a NetSupport RAT intrus…

Specter Insight ACHIEVE YOUR OBJECTIVES SpecterInsight is a cross-platform, post-exploitation command and control framework based on .NET for red team engagements, threat emulation, and training. F…

Red Teaming, one of the best ways to accurately determine your organization's cyber resiliency. But at what cost?

Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. The amount of effort that went into creating the framework is truly remarkable, and its disclosure was…

Disclaimer All projects mentioned in this blog post have been contacted, and I confirmed that the behavior described in this article is either working as intended, already fixed, or will not be fixed.
TL;DR The browser loads elements in the HTML from top…

Ever wanted to hack your Wi-Fi network, but your internal adapter doesn’t support monitor mode and you don’t have external adapter? Without switching your Wi-Fi adapter in to monitor mode, WPS attacks allows you to perform various attacks on wireless access…

Convert little-endian to big-endian and vice-versa - r0075h3ll/Endomorph

Discover John the Ripper's password-cracking prowess. Crack Windows 10, 8, and 7 passwords and extract hashes with ease.

Throughout our extensive OPC UA Deep Dive Series, we researched the OPC UA protocol and its different functions and importance within operational technology (OT) environments. The centerpiece tool of our work is an advanced OPC UA Exploit Framework we built…